[onap-tsc] Known vulnerability analysis for AAI

Stephen Terrill Mon, 02 Apr 2018 01:02:35 -0700

Hi Jimmy,

Thank-you for the impressive known vulnerability analysis of AAI.  You have 
informed me that a lot of the vulnerabilities are associated with components 
that you are upgrading/replacing.  Can you please inform me when that is done.


I note that aai/gizmo (org.apache.httpcomponents) (row 38) is still under 
investigation, it would be good to know when that is complete.  The same for 
rows 48, 212.

The ones that you have marked as false positive seem OK to me.

Best Regards,

Steve


[Ericsson]<http://www.ericsson.com/>

STEPHEN TERRILL
Technology Specialist
POA Architecture and Solutions
Business Unit Digital Services

Ericsson
Ericsson R&D Center, via de los Poblados 13
28033, Madrid, Spain
Phone +34 339 3005
Mobile +34 609 168 515
[email protected]
www.ericsson.com


[http://www.ericsson.com/current_campaign]<http://www.ericsson.com/current_campaign>

Legal entity: Ericsson España S.A, compay registration number ESA288568603. 
This Communication is Confidential. We only send and receive email on the basis 
of the terms set out at 
www.ericsson.com/email_disclaimer<http://www.ericsson.com/email_disclaimer>

_______________________________________________
ONAP-TSC mailing list
[email protected]
https://lists.onap.org/mailman/listinfo/onap-tsc

[onap-tsc] Known vulnerability analysis for AAI

Reply via email to