Secure Coding mailing list archives
OWASP ESAPI for Java v2.0 rc10
From: "Jim Manico" <jim.manico () owasp org>
Date: Mon, 18 Oct 2010 21:26:08 +0530
The OWASP ESAPI (Enterprise Security API) Library version 2.0 rc10 for Java 1.5+ and above is now live! You may download the complete zip file here: http://owasp-esapi-java.googlecode.com/files/esapi-2.0_rc10.zip You may browse the ESAPI 2.0 rc10 Javadocs here: http://owasp-esapi-java.googlecode.com/svn/trunk_doc/latest/index.html Major enhancements include: 1) First official release to maven central 2) Provided ability to disable automatic canonicalization for validation + disabled canonicalization for AntiSamy validation 3) Fixed deadlock issues in the DefaultExecutor 4) Multiple enhancements to the Encryptor implementation and documentation 5) Multiple fixes to ensure Java 1.5 compatibility 6) Added an implementation of EncryptedProperties that extends java.util.Properties 7) Added new command-line utility to create, read and write EncryptedProperties files. A special thanks to Chris Schmidt for automating our build processes and registering the ESAPI project with Maven central. Way to go, Chris! Additional thanks go to Kevin Wall, August Detlefsen, Ed Schaller, Patrick Higgins and John Melton for their contributions in this release. ESAPI 2.0 rc10 is a giant milestone for our project. We are very close to promoting ESAPI to general availability. The NSA has completed their review of the ESAPI encryptor reference implementation and will be publishing those results soon. This report, if positive, will give us the assurance we need to promote ESAPI 2.0 to GA. Malama Pono Aloha, -- Jim Manico OWASP Podcast Host/Producer OWASP ESAPI Project Manager http://www.manico.net
_______________________________________________ Secure Coding mailing list (SC-L) SC-L () securecoding org List information, subscriptions, etc - http://krvw.com/mailman/listinfo/sc-l List charter available at - http://www.securecoding.org/list/charter.php SC-L is hosted and moderated by KRvW Associates, LLC (http://www.KRvW.com) as a free, non-commercial service to the software security community. Follow KRvW Associates on Twitter at: http://twitter.com/KRvW_Associates _______________________________________________
Current thread:
- OWASP ESAPI for Java v2.0 rc10 Jim Manico (Oct 18)