I'm currently using an older version of GeoServer (2.2). We ran security
scanning software and it came up with a vulnerability against Jetty. The
vulnerability # is CVE-2009-1523, which is "Jetty is prone to a cross-site
scripting vulnerability and an information-disclosure vulnerability." I was
inquiring if this has been fixed in a later version of GeoServer. Our
implementation of GeoServer is stable so I'd only like to upgrade at this time
if it fixes this vulnerability. Any insight is appreciated. Thanks.
==================================================
Tom Plummer, CISSP
Manager, Architecture and Security
Office: 856-722-4984
Cell: 856-397-5735
------------------------------------------------------------------------------
Flow-based real-time traffic analytics software. Cisco certified tool.
Monitor traffic, SLAs, QoS, Medianet, WAAS etc. with NetFlow Analyzer
Customize your own dashboards, set traffic alerts and generate reports.
Network behavioral analysis & security monitoring. All-in-one tool.
http://pubads.g.doubleclick.net/gampad/clk?id=126839071&iu=/4140/ostg.clktrk
_______________________________________________
Geoserver-users mailing list
Geoserver-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/geoserver-users
