[jira] [Resolved] (ACCUMULO-2720) [FindBugs] HTTP response splitting vulnerabilities in the OperationServlet

Christopher Tubbs (JIRA) Wed, 23 Apr 2014 14:12:33 -0700

     [ 
https://issues.apache.org/jira/browse/ACCUMULO-2720?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]


Christopher Tubbs resolved ACCUMULO-2720.
-----------------------------------------

       Resolution: Fixed
    Fix Version/s:     (was: 1.6.1)
                       (was: 1.7.0)
                   1.6.0

> [FindBugs] HTTP response splitting vulnerabilities in the OperationServlet
> --------------------------------------------------------------------------
>
>                 Key: ACCUMULO-2720
>                 URL: https://issues.apache.org/jira/browse/ACCUMULO-2720
>             Project: Accumulo
>          Issue Type: Sub-task
>          Components: monitor
>            Reporter: Christopher Tubbs
>            Assignee: Christopher Tubbs
>              Labels: findbugs
>             Fix For: 1.6.0
>
>
> FindBugs rank 5 bugs found [HTTP response 
> splitting|https://en.wikipedia.org/wiki/HTTP_response_splitting] 
> vulnerabilities in OperationServlet. FindBugs explicitly notes that it does 
> only minimal checking for these bugs, so if it finds them, there are almost 
> certainly more that it did not find. This ticket will fix those it found. Any 
> others will have to be found by another, more comprehensive tool.
> This takes us up through rank 6 findbugs validation in the build.



--
This message was sent by Atlassian JIRA
(v6.2#6252)

[jira] [Resolved] (ACCUMULO-2720) [FindBugs] HTTP response splitting vulnerabilities in the OperationServlet

Reply via email to