> Apparently your announcement was not accepted to the annou...@apache.org
> list
It was, see
http://mail-archives.us.apache.org/mod_mbox/www-announce/201910.mbox/%3CCACqpLwJGBRp9cpyhVwxvc0SSrTbUoDxAr%2BYnywXjj%3DBRFhiyPw%40mail.gmail.com%3E
On 2019/10/16 08:19:54, Myrle Krantz wrote:
> Hey Vishwas,
>
> Apparently your announcement was not accepted to the annou...@apache.org
> list. If you've received an explanation for why, I'd be curious to know
> what it is. I assume you are working on formulating a mail that is
> accepted?
>
> If you need help with anything, let me know.
>
> Also if you want examples of successful announcements, you can use:
> https://lists.apache.org/list.html?annou...@apache.org Go to advanced
> search and look for mails with CVE in the subject line.
>
> Best Regards,
> Myrle
>
>
> On Wed, Oct 16, 2019 at 8:26 AM Vishwas Babu (Apache) <
> vishwasb...@apache.org> wrote:
>
> > Hello,
> >
> > The Apache Fineract project would like to hereby disclose that our 1.3.0
> >
> > release includes a fix for CVE-2016-4977 : A known vulnerability in spring
> >
> > security upstream dependencies allowed malicious users to trigger remote
> > code
> >
> > execution. See https://nvd.nist.gov/vuln/detail/CVE-2016-4977 for details of
> >
> > the upstream CVE.
> >
> > We would like to thank Roberto (extranewb...@gmail.com) for reporting
> >
> > this issue and the Apache Security team for their assistance.
> >
> > Additional details at
> > https://cwiki.apache.org/confluence/display/FINERACT/Apache+Fineract+Security+Report.
> >
> > Regards,
> > Vishwas
> >
> >
>
