You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@commons.apache.org by Brian Martin <br...@opensecurityfoundation.org> on 2013/03/24 22:10:33 UTC
[Codec] Question about security implication of CODEC-113 issue in
tracker
Apache Commons project;
Gary, the ticket reporter, indicated I should email the list to ask my
question.
I am not familiar with Java or the Commons project in detail, but was
hoping someone could briefly explain this ticket in the context of
security:
https://issues.apache.org/jira/browse/CODEC-113
I am trying to determine if this warrants an entry in our vulnerability
database, but need to better understand the impact first.
Thanks for any help you can provide,
Brian Martin
OSF / OSVDB.org
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@commons.apache.org
For additional commands, e-mail: dev-help@commons.apache.org
Re: [Codec] Question about security implication of CODEC-113 issue in tracker
Posted by sebb <se...@gmail.com>.
On 25 March 2013 03:16, Gary Gregory <ga...@gmail.com> wrote:
> I thik it's up to you to decide what
> http://findbugs.sourceforge.net/bugDescriptions.html#MS_PKGPROTECT means
> for your customers.
Also (as per the ticket) the issue was fixed in 1.5. The current release is 1.7.
> Gary
>
>
> On Sun, Mar 24, 2013 at 5:10 PM, Brian Martin <
> brian@opensecurityfoundation.org> wrote:
>
>>
>> Apache Commons project;
>>
>> Gary, the ticket reporter, indicated I should email the list to ask my
>> question.
>>
>> I am not familiar with Java or the Commons project in detail, but was
>> hoping someone could briefly explain this ticket in the context of security:
>>
>> https://issues.apache.org/**jira/browse/CODEC-113<https://issues.apache.org/jira/browse/CODEC-113>
>>
>> I am trying to determine if this warrants an entry in our vulnerability
>> database, but need to better understand the impact first.
>>
>> Thanks for any help you can provide,
>>
>> Brian Martin
>> OSF / OSVDB.org
>>
>>
>>
>>
>> ------------------------------**------------------------------**---------
>> To unsubscribe, e-mail: dev-unsubscribe@commons.**apache.org<de...@commons.apache.org>
>> For additional commands, e-mail: dev-help@commons.apache.org
>>
>>
>
>
> --
> E-Mail: garydgregory@gmail.com | ggregory@apache.org
> JUnit in Action, 2nd Ed: <http://goog_1249600977>http://bit.ly/ECvg0
> Spring Batch in Action: <http://s.apache.org/HOq>http://bit.ly/bqpbCK
> Blog: http://garygregory.wordpress.com
> Home: http://garygregory.com/
> Tweet! http://twitter.com/GaryGregory
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@commons.apache.org
For additional commands, e-mail: dev-help@commons.apache.org
Re: [Codec] Question about security implication of CODEC-113 issue in tracker
Posted by Gary Gregory <ga...@gmail.com>.
I thik it's up to you to decide what
http://findbugs.sourceforge.net/bugDescriptions.html#MS_PKGPROTECT means
for your customers.
Gary
On Sun, Mar 24, 2013 at 5:10 PM, Brian Martin <
brian@opensecurityfoundation.org> wrote:
>
> Apache Commons project;
>
> Gary, the ticket reporter, indicated I should email the list to ask my
> question.
>
> I am not familiar with Java or the Commons project in detail, but was
> hoping someone could briefly explain this ticket in the context of security:
>
> https://issues.apache.org/**jira/browse/CODEC-113<https://issues.apache.org/jira/browse/CODEC-113>
>
> I am trying to determine if this warrants an entry in our vulnerability
> database, but need to better understand the impact first.
>
> Thanks for any help you can provide,
>
> Brian Martin
> OSF / OSVDB.org
>
>
>
>
> ------------------------------**------------------------------**---------
> To unsubscribe, e-mail: dev-unsubscribe@commons.**apache.org<de...@commons.apache.org>
> For additional commands, e-mail: dev-help@commons.apache.org
>
>
--
E-Mail: garydgregory@gmail.com | ggregory@apache.org
JUnit in Action, 2nd Ed: <http://goog_1249600977>http://bit.ly/ECvg0
Spring Batch in Action: <http://s.apache.org/HOq>http://bit.ly/bqpbCK
Blog: http://garygregory.wordpress.com
Home: http://garygregory.com/
Tweet! http://twitter.com/GaryGregory