Google already mentioned in another thread <https://groups.google.com/forum/#!topic/google-appengine/-2FdrrnXo5A> that they've been working on it internally prior to Dec. 9.
On Friday, December 12, 2014 1:11:32 PM UTC-6, husayt wrote: > > Actually, i see it as positive news. Someone tested GAE boxes, found some > issues and reported it to Google. I am sure team at Google will deal with > this as a matter of urgency. > > I would advise Google to actually to contract that team to do full > vulnerability test. > > > > On Friday, December 12, 2014 9:44:49 AM UTC, Drew Spencer wrote: >> >> I'm not usually the kind of person to shout "Fire!" too quickly, but I >> have to admit this is worrying me. I wonder how serious these flaws are? >> Getting out of the sandbox seems pretty big, but then I don't know much >> about JVMs. >> >> >> http://www.computerworld.com.au/article/562168/over-30-vulnerabilities-found-google-app-engine/ >> > -- You received this message because you are subscribed to the Google Groups "Google App Engine" group. To unsubscribe from this group and stop receiving emails from it, send an email to google-appengine+unsubscr...@googlegroups.com. To post to this group, send email to google-appengine@googlegroups.com. Visit this group at http://groups.google.com/group/google-appengine. For more options, visit https://groups.google.com/d/optout.
