Hi, before this conversation goes any further, we have a system to deal with
bug reports, and we take them very seriously. Please submit a detailed bug
report, including steps to reproduce the error, to
https://jira.duraspace.org/browse/DS
Thanks!
PS, I would be very surprised if any JDBC-based webapp ever contained an SQL
injection error, as there is very good protection from that in those libraries.
Sent from my NOOK
Koh Kim Boon <[email protected]> wrote:
Hi
As we are a government related agency, our IT agency does a regular security
scan to check for weakness or vulnerabilities.
Koh Kim Boon
Department of Information and Digital Technology (Library Solutions)
500 Dover Road, Singapore 139651
DID: 67721129
Tel: 67721160
Fax: 61121969
Email: [email protected]<mailto:[email protected]>
From: Hilton Gibson [mailto:[email protected]]
Sent: Friday, 30 May 2014 4:10 PM
To: Koh Kim Boon
Cc: [email protected]
Subject: Re: [Dspace-tech] Security vulnerability - Blind SQL injection
On 30 May 2014 03:32, Koh Kim Boon
<[email protected]<mailto:[email protected]>> wrote:
Recent my dspace server had a security scan and one of the vulnerabilities
listed in blind sql injection.
Hi Koh
Can you tell us exactly the nature of the "security scan"
Thanks.
Hilton Gibson
Ubuntu Linux Systems Administrator
JS Gericke Library
Room 1025D
Stellenbosch University
Private Bag X5036
Stellenbosch
7599
South Africa
Tel: +27 21 808 4100 | Cell: +27 84 646 4758
http://scholar.sun.ac.za
http://bit.ly/goodir
http://library.sun.ac.za
http://za.linkedin.com/in/hiltongibson
------------------------------------------------------------------------------
Time is money. Stop wasting it! Get your web API in 5 minutes.
www.restlet.com/download
http://p.sf.net/sfu/restlet
_______________________________________________
DSpace-tech mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/dspace-tech
List Etiquette: https://wiki.duraspace.org/display/DSPACE/Mailing+List+Etiquette
