community-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Mark Thomas <>
Subject Re: Are Apache projects affected by the informations leaked by the NSA hack ?
Date Fri, 26 Aug 2016 09:43:57 GMT
On 26/08/2016 10:13, Marco Esser wrote:
> Hello All,
> i hope I´m posting my question to the right mailing list. I searched a long time for
as better place but din´t find one.
> Does somebody analyze the available information from the NSA Hack regarding influence
on software developed in the apache projects ?

I assume you mean the leaks by Edward Snowden. I don't recall seeing
anything in the news regarding the NSA being hacked.

I'm involved in the Apache security team and the Apache Tomcat project.
I'm not aware of any analysis of the Snowden leak w.r.t. vulnerabilities
in / back-doors in / influence on Apache software.

> My special interest is to get knowledge about NSA hack tools or the try to implement
backdoors, etc in the following software used by my customers:
> Apache HTTP
> Tomcat applicationserver
> popular modules for both servers

I've only investigated the Tomcat vulnerabilities in any depth. None of
the issues I have seen in my long involvement in the Apache Tomcat
project has been suggestive of a deliberate back door being placed in
the code.


To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message