Secure Coding mailing list archives

Re: Security in open source components

From: Grant Murphy <gmurphy () redhat com>
Date: Sun, 28 Oct 2012 13:50:25 +1000

Hi Christian,

Thanks for the additional info I'll definitely be in touch with the
author of this project. We are currently having a bit of a rethink about
our approach so input from somebody that has tackled things from a
different angle will be really useful.

Cheers,

Grant.


On 10/28/2012 11:51 AM, Christian Heinrich wrote:

... and I found https://github.com/jeremylong/DependencyCheck#readme today
(i.e. Sunday 28 October 2012) via GitHub.

On Fri, Oct 26, 2012 at 10:34 AM, Christian Heinrich <
christian.heinrich () cmlh id au> wrote:

Grant,

... and
http://www.scmagazine.com.au/News/320617,redhat-project-fights-java-vulnerabilities.aspx
was published yesterday (25 Oct).

On Mon, Oct 1, 2012 at 3:19 PM, Christian Heinrich
<christian.heinrich () cmlh id au> wrote:

Grant,

Below are the discussions related to Maven and the paper referenced:
1. http://krvw.com/pipermail/sc-l/2012/002786.html
2. http://krvw.com/pipermail/sc-l/2012/002788.html

On Fri, Sep 28, 2012 at 9:10 AM, Grant Murphy <gmurphy () redhat com>

wrote:

I don't have the original mail but some time ago a thread on this list
mentioned this article:

http://www.sonatype.com/Products/Why-Sonatype/Reduce-Security-Risk/Security-Brief


--
Regards,
Christian Heinrich

http://cmlh.id.au/contact

Attachment: signature.asc
Description: OpenPGP digital signature

_______________________________________________
Secure Coding mailing list (SC-L) SC-L () securecoding org
List information, subscriptions, etc - http://krvw.com/mailman/listinfo/sc-l
List charter available at - http://www.securecoding.org/list/charter.php
SC-L is hosted and moderated by KRvW Associates, LLC (http://www.KRvW.com)
as a free, non-commercial service to the software security community.
Follow KRvW Associates on Twitter at: http://twitter.com/KRvW_Associates
_______________________________________________

Current thread:

Re: Security in open source components Christian Heinrich (Oct 02)
- Re: Security in open source components Christian Heinrich (Oct 26)
  - Re: Security in open source components Christian Heinrich (Oct 28)
    - Re: Security in open source components Grant Murphy (Oct 28)