Hi Christian, Thanks for the additional info I'll definitely be in touch with the author of this project. We are currently having a bit of a rethink about our approach so input from somebody that has tackled things from a different angle will be really useful.
Cheers, Grant. On 10/28/2012 11:51 AM, Christian Heinrich wrote: > ... and I found https://github.com/jeremylong/DependencyCheck#readme today > (i.e. Sunday 28 October 2012) via GitHub. > > On Fri, Oct 26, 2012 at 10:34 AM, Christian Heinrich < > christian.heinr...@cmlh.id.au> wrote: > >> Grant, >> >> ... and >> http://www.scmagazine.com.au/News/320617,redhat-project-fights-java-vulnerabilities.aspx >> was published yesterday (25 Oct). >> >> On Mon, Oct 1, 2012 at 3:19 PM, Christian Heinrich >> <christian.heinr...@cmlh.id.au> wrote: >>> Grant, >>> >>> Below are the discussions related to Maven and the paper referenced: >>> 1. http://krvw.com/pipermail/sc-l/2012/002786.html >>> 2. http://krvw.com/pipermail/sc-l/2012/002788.html >>> >>> On Fri, Sep 28, 2012 at 9:10 AM, Grant Murphy <gmur...@redhat.com> >> wrote: >>>> I don't have the original mail but some time ago a thread on this list >>>> mentioned this article: >>>> >>>> >> http://www.sonatype.com/Products/Why-Sonatype/Reduce-Security-Risk/Security-Brief >> >> >> -- >> Regards, >> Christian Heinrich >> >> http://cmlh.id.au/contact >> > > >
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Secure Coding mailing list (SC-L) SC-L@securecoding.org List information, subscriptions, etc - http://krvw.com/mailman/listinfo/sc-l List charter available at - http://www.securecoding.org/list/charter.php SC-L is hosted and moderated by KRvW Associates, LLC (http://www.KRvW.com) as a free, non-commercial service to the software security community. Follow KRvW Associates on Twitter at: http://twitter.com/KRvW_Associates _______________________________________________