You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@ofbiz.apache.org by "Shi Yusen (JIRA)" <ji...@apache.org> on 2008/07/29 10:14:31 UTC
[jira] Created: (OFBIZ-1900) Fortify Open Source Security Report
mentioned OFBiz
Fortify Open Source Security Report mentioned OFBiz
---------------------------------------------------
Key: OFBIZ-1900
URL: https://issues.apache.org/jira/browse/OFBIZ-1900
Project: OFBiz
Issue Type: Bug
Affects Versions: Release Branch 4.0
Reporter: Shi Yusen
Fix For: Release Branch 4.0
Though the evalution is positive, I think it would be better if somebody can contact them to make sure what security weeknesses exist in OFBiz.
http://www.fortify.com/news-events/releases/2008/2008-07-21.jsp
You can get the brief report after registrition:
http://www.fortify.com/l/oss/oss_report.html
Thanks,
Shi Yusen/Beijing Langhua Ltd.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Closed: (OFBIZ-1900) Fortify Open Source Security Report
mentioned OFBiz
Posted by "Jacques Le Roux (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/OFBIZ-1900?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Jacques Le Roux closed OFBIZ-1900.
----------------------------------
Resolution: Fixed
Fix Version/s: (was: Release Branch 4.0)
SVN trunk
Assignee: David E. Jones
I asked for an account did not receive anything. Anyway we look good in the page Scott posted.
> Fortify Open Source Security Report mentioned OFBiz
> ---------------------------------------------------
>
> Key: OFBIZ-1900
> URL: https://issues.apache.org/jira/browse/OFBIZ-1900
> Project: OFBiz
> Issue Type: Bug
> Affects Versions: Release Branch 4.0
> Reporter: Shi Yusen
> Assignee: David E. Jones
> Fix For: SVN trunk
>
> Attachments: OpenSource_Security_WP_v5.pdf
>
>
> Though the evalution is positive, I think it would be better if somebody can contact them to make sure what security weeknesses exist in OFBiz.
> http://www.fortify.com/news-events/releases/2008/2008-07-21.jsp
> You can get the brief report after registrition:
> http://www.fortify.com/l/oss/oss_report.html
> Thanks,
> Shi Yusen/Beijing Langhua Ltd.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
Re: [jira] Commented: (OFBIZ-1900) Fortify Open Source Security Report mentioned OFBiz
Posted by Scott Gray <le...@gmail.com>.
I did chuckle to myself when it wouldn't load.
2008/7/29 Jacopo Cappellato <ja...@gmail.com>:
> Speaking about security... maybe their website was brought down by an hacker
> :-)
>
>
> On Jul 29, 2008, at 10:28 AM, Scott Gray (JIRA) wrote:
>
>>
>> [
>> https://issues.apache.org/jira/browse/OFBIZ-1900?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12617739#action_12617739
>> ]
>>
>> Scott Gray commented on OFBIZ-1900:
>> -----------------------------------
>>
>> Hi Shi
>>
>> I did go to their Java Open Review website
>> (http://opensource.fortify.com/) with the intention of registering but the
>> register link was pointing to a login screen so I gave up. Right now I
>> can't even get their website to load. I'll probably send them an email at
>> some point to see if I can get access to the details.
>>
>>> Fortify Open Source Security Report mentioned OFBiz
>>> ---------------------------------------------------
>>>
>>> Key: OFBIZ-1900
>>> URL: https://issues.apache.org/jira/browse/OFBIZ-1900
>>> Project: OFBiz
>>> Issue Type: Bug
>>> Affects Versions: Release Branch 4.0
>>> Reporter: Shi Yusen
>>> Fix For: Release Branch 4.0
>>>
>>>
>>> Though the evalution is positive, I think it would be better if somebody
>>> can contact them to make sure what security weeknesses exist in OFBiz.
>>> http://www.fortify.com/news-events/releases/2008/2008-07-21.jsp
>>> You can get the brief report after registrition:
>>> http://www.fortify.com/l/oss/oss_report.html
>>> Thanks,
>>> Shi Yusen/Beijing Langhua Ltd.
>>
>> --
>> This message is automatically generated by JIRA.
>> -
>> You can reply to this email to add a comment to the issue online.
>>
>
>
Re: [jira] Commented: (OFBIZ-1900) Fortify Open Source Security Report mentioned OFBiz
Posted by Jacopo Cappellato <ja...@gmail.com>.
Speaking about security... maybe their website was brought down by an
hacker :-)
On Jul 29, 2008, at 10:28 AM, Scott Gray (JIRA) wrote:
>
> [ https://issues.apache.org/jira/browse/OFBIZ-1900?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12617739
> #action_12617739 ]
>
> Scott Gray commented on OFBIZ-1900:
> -----------------------------------
>
> Hi Shi
>
> I did go to their Java Open Review website (http://opensource.fortify.com/
> ) with the intention of registering but the register link was
> pointing to a login screen so I gave up. Right now I can't even get
> their website to load. I'll probably send them an email at some
> point to see if I can get access to the details.
>
>> Fortify Open Source Security Report mentioned OFBiz
>> ---------------------------------------------------
>>
>> Key: OFBIZ-1900
>> URL: https://issues.apache.org/jira/browse/OFBIZ-1900
>> Project: OFBiz
>> Issue Type: Bug
>> Affects Versions: Release Branch 4.0
>> Reporter: Shi Yusen
>> Fix For: Release Branch 4.0
>>
>>
>> Though the evalution is positive, I think it would be better if
>> somebody can contact them to make sure what security weeknesses
>> exist in OFBiz.
>> http://www.fortify.com/news-events/releases/2008/2008-07-21.jsp
>> You can get the brief report after registrition:
>> http://www.fortify.com/l/oss/oss_report.html
>> Thanks,
>> Shi Yusen/Beijing Langhua Ltd.
>
> --
> This message is automatically generated by JIRA.
> -
> You can reply to this email to add a comment to the issue online.
>
[jira] Commented: (OFBIZ-1900) Fortify Open Source Security Report
mentioned OFBiz
Posted by "Scott Gray (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/OFBIZ-1900?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12617739#action_12617739 ]
Scott Gray commented on OFBIZ-1900:
-----------------------------------
Hi Shi
I did go to their Java Open Review website (http://opensource.fortify.com/) with the intention of registering but the register link was pointing to a login screen so I gave up. Right now I can't even get their website to load. I'll probably send them an email at some point to see if I can get access to the details.
> Fortify Open Source Security Report mentioned OFBiz
> ---------------------------------------------------
>
> Key: OFBIZ-1900
> URL: https://issues.apache.org/jira/browse/OFBIZ-1900
> Project: OFBiz
> Issue Type: Bug
> Affects Versions: Release Branch 4.0
> Reporter: Shi Yusen
> Fix For: Release Branch 4.0
>
>
> Though the evalution is positive, I think it would be better if somebody can contact them to make sure what security weeknesses exist in OFBiz.
> http://www.fortify.com/news-events/releases/2008/2008-07-21.jsp
> You can get the brief report after registrition:
> http://www.fortify.com/l/oss/oss_report.html
> Thanks,
> Shi Yusen/Beijing Langhua Ltd.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Updated: (OFBIZ-1900) Fortify Open Source Security Report
mentioned OFBiz
Posted by "Shi Yusen (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/OFBIZ-1900?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Shi Yusen updated OFBIZ-1900:
-----------------------------
Attachment: OpenSource_Security_WP_v5.pdf
Please see the attachment. I'm not sure whether this is legal. Anyway, please read it first.:)
> Fortify Open Source Security Report mentioned OFBiz
> ---------------------------------------------------
>
> Key: OFBIZ-1900
> URL: https://issues.apache.org/jira/browse/OFBIZ-1900
> Project: OFBiz
> Issue Type: Bug
> Affects Versions: Release Branch 4.0
> Reporter: Shi Yusen
> Fix For: Release Branch 4.0
>
> Attachments: OpenSource_Security_WP_v5.pdf
>
>
> Though the evalution is positive, I think it would be better if somebody can contact them to make sure what security weeknesses exist in OFBiz.
> http://www.fortify.com/news-events/releases/2008/2008-07-21.jsp
> You can get the brief report after registrition:
> http://www.fortify.com/l/oss/oss_report.html
> Thanks,
> Shi Yusen/Beijing Langhua Ltd.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.