t.net" <
> e...@zusammenkunft.net>; Gabriel Lawrence <gabriel.lawre...@gmail.com>;
> Commons Developers List <dev@commons.apache.org>
> Sent: Monday, November 9, 2015 6:42 PM
> Subject: RE: Blog post "commons" vulnerability
>
> #yiv5799872531 #yiv5799872
xtending
>>> your patch similarly
>>> to these if it’s not too difficult.
>>>
>>> $ grep -ER -e "lang.reflect.(Method|Constructor)" src/main
>>> --include=*.java -l | grep -v InvokerTransformer | xargs -n1 grep -l
>>> Serializable
>>>
huda...@yahoo.com]
Sent: Monday, November 09, 2015 3:15 PM
To: Sally Khudairi; e...@zusammenkunft.net; Frohoff, Chris; Gabriel Lawrence;
Commons Developers List
Subject: Re: Blog post "commons" vulnerability Just to clarify re: PMC
affiliation, may I suggest it appear as: > Authors: Bernd Eck
- Reply message -
>> From: "Frohoff, Chris" <cfroh...@qualcomm.com>
>> To: "Sally Khudairi" <sallykhuda...@yahoo.com>, "e...@zusammenkunft.net" <
>> e...@zusammenkunft.net>, "Gabriel Lawrence" <gabriel.lawre...@gmail.com&
On Tue, Nov 10, 2015 at 10:51 AM, Mark Thomas
> You only need a CVE ID if there is a vulnerability.
>
> I would argue (and the OPs appear to agree with me) that this is NOT a
> vulnerability in Apache Commons Collections. The vulnerability lies in
> applications that are
On 10/11/2015 10:17, Jochen Wiedmann wrote:
> On Tue, Nov 10, 2015 at 10:51 AM, Mark Thomas
>
>> You only need a CVE ID if there is a vulnerability.
>>
>> I would argue (and the OPs appear to agree with me) that this is NOT a
>> vulnerability in Apache Commons Collections. The
My name is spelled Gary Gregory BTW ;-)
Gary
On Nov 9, 2015 2:45 AM, "Bernd Eckenfels" wrote:
> Hello Sally,
>
> currently there is a security vulnerability doing the rounds which uses
> as an example Apache Commons Collection. It is not really a bug in
> Commons
: "Frohoff, Chris" <cfroh...@qualcomm.com>
To: Gabriel Lawrence <gabriel.lawre...@gmail.com>; Commons Developers List
<dev@commons.apache.org>
Cc: Sally Khudairi <s...@haloworldwide.com>
Sent: Monday, November 9, 2015 12:31 PM
Subject: RE: Blog pos
;Gary Gregory" <garydgreg...@gmail.com>
To: "Commons Developers List" <dev@commons.apache.org>
Cc: <secur...@apache.org>, "Benedikt Ritter" <brit...@apache.org>, "Sally
Khudairi" <s...@apache.org>
Subject: Blog post "commons"
To: "Commons Developers List" <dev@commons.apache.org>
> > Cc: <secur...@apache.org>, "Benedikt Ritter" <brit...@apache.org>,
> "Sally Khudairi" <s...@apache.org>
> > Subject: Blog post "commons" vulnerability
> > Date: M
gt; To: "Commons Developers List" <dev@commons.apache.org>
> Cc: <secur...@apache.org>, "Benedikt Ritter" <brit...@apache.org>, "Sally
> Khudairi" <s...@apache.org>
> Subject: Blog post "commons" vulnerability
> Date: Mon, Nov 9
" <sallykhuda...@yahoo.com>, "e...@zusammenkunft.net" <
> e...@zusammenkunft.net>, "Gabriel Lawrence" <gabriel.lawre...@gmail.com>,
> "Commons Developers List" <dev@commons.apache.org>
> Subject: Blog post "commons" v
lt;cfroh...@qualcomm.com>, Gabriel Lawrence
<gabriel.lawre...@gmail.com>, Commons Developers List <dev@commons.apache.org>
Sent: Mo., 09 Nov. 2015 22:36
Subject: Re: Blog post "commons" vulnerability
Thanks, Chris. I'll include your edits.
Status-wise, I'm uploading
rg>
Sent: Mo., 09 Nov. 2015 22:36
Subject: Re: Blog post "commons" vulnerability
Thanks, Chris. I'll include your edits.
Status-wise, I'm uploading the copy to blogs.apache.org. I noticed that the
"screenshot" referenced at https://twitter.com/gebl/status/66278660142508032
Hello Sally,
currently there is a security vulnerability doing the rounds which uses
as an example Apache Commons Collection. It is not really a bug in
Commons Collection, but there is a lot of fuzz. So since we are doing
somethign in the Apache Commons team against the problem we wanted to
make
actory.java
Thanks,
-Chris
From: Sally Khudairi [mailto:sallykhuda...@yahoo.com]
Sent: Monday, November 09, 2015 3:15 PM
To: Sally Khudairi; e...@zusammenkunft.net; Frohoff, Chris; Gabriel Lawrence;
Commons Developers List
Subject: Re: Blog post "commons" vulnerability
Just
lawre...@gmail.com>, "Commons Developers List"
<dev@commons.apache.org>, "Sally Khudairi" <sallykhuda...@yahoo.com>
Subject: Blog post "commons" vulnerability
Date: Mon, Nov 9, 2015 17:24
Hello Sally,
Yes it is just a screenshot of a tweet, I could
..@qualcomm.com>; Gabriel
Lawrence <gabriel.lawre...@gmail.com>; Commons Developers List
<dev@commons.apache.org>
Sent: Monday, November 9, 2015 5:29 PM
Subject: Re: Blog post "commons" vulnerability
Thanks so much, Bernd.
Personally, I prefer mentioning PMC affiliation,
18 matches
Mail list logo