roller-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Matt Raible <mrai...@gmail.com>
Subject Re: Security bug report
Date Wed, 26 Mar 2008 02:47:09 GMT
I saw one with:

C:/dev/projects/apache/Roller/apps/weblogger/src/java/org/apache/ 
roller/weblogger/webservices/adminprotocol/BasicAuthenticator.java

On Mar 25, 2008, at 7:44 PM, Craig L Russell wrote:
> On Mar 25, 2008, at 7:36 PM, Nick Lothian wrote:
>
>> I sent the report though last week - just checking if it has been  
>> received?
>>
> Nope. Nothing from your email address in the last week received by  
> me at private at roller.
>
> Craig
>
>> Nick
>>
>> -----Original Message-----
>> From: Craig.Russell@Sun.COM [mailto:Craig.Russell@Sun.COM]
>> Sent: Thursday, 20 March 2008 4:13 AM
>> To: dev@roller.apache.org
>> Subject: Re: Security bug report
>>
>> Hi Nick,
>>
>> Send the details to the Roller PMC at private@roller.apache.org. You
>> won't see your message but an evaluation will be made and you'll get
>> the results.
>>
>> Thanks,
>>
>> Craig
>>
>> On Mar 18, 2008, at 9:52 PM, Nick Lothian wrote:
>>
>>> I've got a bug report and a patch for security issue. I'm reluctant
>>> to disclose the problem on this list (at least until a roller expert
>>> can evaluate the impact).
>>>
>>> What's the best way to handle this?
>>>
>>> Regards
>>> Nick Lothian
>>>
>>> IMPORTANT: This e-mail, including any attachments, may contain
>>> private or confidential information. If you think you may not be the
>>> intended recipient, or if you have received this e-mail in error,
>>> please contact the sender immediately and delete all copies of this
>>> e-mail. If you are not the intended recipient, you must not
>>> reproduce any part of this e-mail or disclose its contents to any
>>> other party. This email represents the views of the individual
>>> sender, which do not necessarily reflect those of education.au
>>> limited except where the sender expressly states otherwise. It is
>>> your responsibility to scan this email and any files transmitted
>>> with it for viruses or any other defects. education.au limited will
>>> not be liable for any loss, damage or consequence caused directly or
>>> indirectly by this email.
>>
>> Craig Russell
>> Architect, Sun Java Enterprise System http://java.sun.com/products/ 
>> jdo
>> 408 276-5638 mailto:Craig.Russell@sun.com
>> P.S. A good JDO? O, Gasp!
>>
>>
>> IMPORTANT: This e-mail, including any attachments, may contain  
>> private or confidential information. If you think you may not be  
>> the intended recipient, or if you have received this e-mail in  
>> error, please contact the sender immediately and delete all copies  
>> of this e-mail. If you are not the intended recipient, you must  
>> not reproduce any part of this e-mail or disclose its contents to  
>> any other party. This email represents the views of the individual  
>> sender, which do not necessarily reflect those of education.au  
>> limited except where the sender expressly states otherwise. It is  
>> your responsibility to scan this email and any files transmitted  
>> with it for viruses or any other defects. education.au limited  
>> will not be liable for any loss, damage or consequence caused  
>> directly or indirectly by this email.
>
> Craig Russell
> Architect, Sun Java Enterprise System http://java.sun.com/products/jdo
> 408 276-5638 mailto:Craig.Russell@sun.com
> P.S. A good JDO? O, Gasp!
>


Mime
View raw message