Re: [Geoserver-devel] Reporting back on CVE-2023-35042 "update" via GitHub database

Indeed, I am not sure about working with MITRE after our initial poor experience. Maybe if we can push up a link to the project issue or something which we control? Still the goal of GSIP-220 proposal is to use the GitHub security advisory database to request new CVE numbers. I think it is a

Re: [Geoserver-devel] Reporting back on CVE-2023-35042 "update" via GitHub database

Op 20-09-2023 om 03:39 schreef Jody Garnett: Follow up to this week's meeting. As research for GSIP-220 I have made second attempt to update CVE-2023-35042 via a pull request to GitHub advisory database. As part of the pull-request

Re: [Geoserver-devel] Add Java 17 JDK to build.geoserver.org?

Hi Torben and Jody, thanks for the insights, and sorry for the slow turnaround, it caught me on vacation. Unfortunately I can't add it myself. I get a "groldan is missing the Overall/Administer permission" error. So please add it at your earliest convenience. TIA, *camptocamp* INNOVATIVE

Re: [Geoserver-devel] Proposal [GSIP 220] - Revised Security Policy and CVE handling

That's a lot easier to follow, thanks. Cheers, Torben On Wed, Sep 20, 2023 at 3:45 AM Jody Garnett wrote: > Thanks, the GSIP has been revised with "volunteer", "researcher", > "National CVE Numbering Authority" and the exchanges separated for clarity. > -- > Jody Garnett > > > On Sep 15, 2023

Re: [Geoserver-devel] Add Java 17 JDK to build.geoserver.org?

Alright, I've added it. It should show up in the JDK list as "OpenJDK 17.0.2 (build 18+36)" Let me know if you run into any errors when running a build on the new JDK - I haven't tested it yet. Cheers, Torben On Wed, Sep 20, 2023 at 8:40 AM Gabriel Roldan < gabriel.rol...@camptocamp.com> wrote: