Secure Coding mailing list archives

Previous By Date Next
Previous By Thread Next

OWASP ESAPI for Java v2.0 rc10

From: "Jim Manico" <jim.manico () owasp org>
Date: Mon, 18 Oct 2010 21:26:08 +0530
The OWASP ESAPI (Enterprise Security API) Library version 2.0 rc10 for Java
1.5+ and above is now live!
 
You may download the complete zip file here:
 
http://owasp-esapi-java.googlecode.com/files/esapi-2.0_rc10.zip 
 
You may browse the ESAPI 2.0 rc10 Javadocs here:
 
http://owasp-esapi-java.googlecode.com/svn/trunk_doc/latest/index.html 
 
Major enhancements include:
 
1)      First official release to maven central
2)      Provided ability to disable automatic canonicalization for
validation + disabled canonicalization for AntiSamy validation
3)      Fixed deadlock issues in the DefaultExecutor
4)      Multiple enhancements to the Encryptor implementation and
documentation
5)      Multiple fixes to ensure Java 1.5 compatibility
6)      Added an implementation of EncryptedProperties that extends
java.util.Properties
7)      Added new command-line utility to create, read and write
EncryptedProperties files.
 
A special thanks to Chris Schmidt for automating our build processes and
registering the ESAPI project with Maven central. Way to go, Chris! 
 
Additional thanks go to Kevin Wall, August Detlefsen, Ed Schaller, Patrick
Higgins and John Melton for their contributions in this release.
 
ESAPI 2.0 rc10 is a giant milestone for our project.  We are very close to
promoting ESAPI to general availability. The NSA has completed their review
of the ESAPI encryptor reference implementation and will be publishing those
results soon. This report, if positive, will give us the assurance we need
to promote ESAPI 2.0 to GA.
 
Malama Pono Aloha,
 
-- 
Jim Manico
OWASP Podcast Host/Producer
OWASP ESAPI Project Manager
http://www.manico.net

 

 

 


_______________________________________________
Secure Coding mailing list (SC-L) SC-L () securecoding org
List information, subscriptions, etc - http://krvw.com/mailman/listinfo/sc-l
List charter available at - http://www.securecoding.org/list/charter.php
SC-L is hosted and moderated by KRvW Associates, LLC (http://www.KRvW.com)
as a free, non-commercial service to the software security community.
Follow KRvW Associates on Twitter at: http://twitter.com/KRvW_Associates
_______________________________________________
Previous By Date Next
Previous By Thread Next

Current thread: