accumulo-notifications mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Christopher Tubbs (JIRA)" <j...@apache.org>
Subject [jira] [Created] (ACCUMULO-2720) [FindBugs] HTTP response splitting vulnerabilities in the OperationServlet
Date Tue, 22 Apr 2014 19:42:15 GMT
Christopher Tubbs created ACCUMULO-2720:
-------------------------------------------

             Summary: [FindBugs] HTTP response splitting vulnerabilities in the OperationServlet
                 Key: ACCUMULO-2720
                 URL: https://issues.apache.org/jira/browse/ACCUMULO-2720
             Project: Accumulo
          Issue Type: Sub-task
          Components: monitor
            Reporter: Christopher Tubbs
            Assignee: Christopher Tubbs
             Fix For: 1.6.1, 1.7.0


FindBugs rank 5 bugs found [HTTP response splitting|https://en.wikipedia.org/wiki/HTTP_response_splitting]
vulnerabilities in OperationServlet. FindBugs explicitly notes that it does only minimal checking
for these bugs, so if it finds them, there are almost certainly more that it did not find.
This ticket will fix those it found. Any others will have to be found by another, more comprehensive
tool.

This takes us up through rank 6 findbugs validation in the build.



--
This message was sent by Atlassian JIRA
(v6.2#6252)

Mime
View raw message