geronimo-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Jim Jagielski <...@jaguNET.com>
Subject Re: Merge GERONIMO-2313 into 1.1.1??
Date Fri, 18 Aug 2006 13:14:06 GMT
Will there be a summary of the IRC discussion posted onlist?

On Aug 16, 2006, at 12:31 PM, Matt Hogstrom wrote:

> After agonizing over this on IRC let's put in 2313.  Close the door  
> and start testing.
>
> David Jencks wrote:
>> GERONIMO-2313 is a fairly serious security problem: basically ejb  
>> security is totally broken when the ejb is called from a web app.
>> I think this could be merged easily from the 1.1 branch into  
>> 1.1.1, however it requires openejb changes as well.
>> Alan suggested that since 1.1.1 is already delayed for security  
>> problems we might want to  include this fix as well.
>> I think this is a good idea but wait for Matt the release  
>> manager's approval.
>> thanks
>> david jencks
>


Mime
View raw message