Secure Coding mailing list archives
Re: Security in open source components
From: Grant Murphy <gmurphy () redhat com>
Date: Sun, 28 Oct 2012 13:50:25 +1000
Hi Christian, Thanks for the additional info I'll definitely be in touch with the author of this project. We are currently having a bit of a rethink about our approach so input from somebody that has tackled things from a different angle will be really useful. Cheers, Grant. On 10/28/2012 11:51 AM, Christian Heinrich wrote:
... and I found https://github.com/jeremylong/DependencyCheck#readme today (i.e. Sunday 28 October 2012) via GitHub. On Fri, Oct 26, 2012 at 10:34 AM, Christian Heinrich < christian.heinrich () cmlh id au> wrote:Grant, ... and http://www.scmagazine.com.au/News/320617,redhat-project-fights-java-vulnerabilities.aspx was published yesterday (25 Oct). On Mon, Oct 1, 2012 at 3:19 PM, Christian Heinrich <christian.heinrich () cmlh id au> wrote:Grant, Below are the discussions related to Maven and the paper referenced: 1. http://krvw.com/pipermail/sc-l/2012/002786.html 2. http://krvw.com/pipermail/sc-l/2012/002788.html On Fri, Sep 28, 2012 at 9:10 AM, Grant Murphy <gmurphy () redhat com>wrote:I don't have the original mail but some time ago a thread on this list mentioned this article:http://www.sonatype.com/Products/Why-Sonatype/Reduce-Security-Risk/Security-Brief -- Regards, Christian Heinrich http://cmlh.id.au/contact
Attachment:
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Secure Coding mailing list (SC-L) SC-L () securecoding org List information, subscriptions, etc - http://krvw.com/mailman/listinfo/sc-l List charter available at - http://www.securecoding.org/list/charter.php SC-L is hosted and moderated by KRvW Associates, LLC (http://www.KRvW.com) as a free, non-commercial service to the software security community. Follow KRvW Associates on Twitter at: http://twitter.com/KRvW_Associates _______________________________________________
Current thread:
- Re: Security in open source components Christian Heinrich (Oct 02)
- Re: Security in open source components Christian Heinrich (Oct 26)
- Re: Security in open source components Christian Heinrich (Oct 28)
- Re: Security in open source components Grant Murphy (Oct 28)
- Re: Security in open source components Christian Heinrich (Oct 28)
- Re: Security in open source components Christian Heinrich (Oct 26)