Re: COTS : [urgent] : Information required on security-related patches under APACHE GROUP

2020-08-05 Thread Daniel Shahaf 
Subscribe to the announce@ mailing list. 
https://subversion.apache.org/mailing-lists

Re: COTS : [urgent] : Information required on security-related patches under APACHE GROUP

2020-08-05 Thread Andreas Stieger 
Hello Nandiraju,

 

You can't really assign action items to open source projects like that.

That being said, see http://subversion.apache.org/security/ and http://subversion.apache.org/docs/release-notes/

 

Andreas

 
 

Gesendet: Mittwoch, 05. August 2020 um 13:41 Uhr
Von: "Tanmayi, Nandiraju Sai" 
An: "users@subversion.apache.org" 
Cc: "B_VulnerabilityManagement" , "DL-INTVULMGMT" 
Betreff: COTS : [urgent] : Information required on security-related patches under APACHE GROUP




Hi Team,

 

We are from Vulnerability Management Team of Honeywell, We keep on track on applications those are running in Honeywell environment and ensure that they are running on secure version to avoid any security breach.

We contact to vendor of the application and if we get any information regarding security enhancement or fixes in higher version that Honeywell used version then we notify the application user for an upgrade.

 

We recognize your time is valuable so tell us the best way to learn about and obtain the latest security patches or software revisions/upgrades of your product :

 

Option #1: On a monthly basis, Honeywell can send an email inquiring if new security patches are available. 

Option #2: Provide Honeywell with an annual release schedule and we will contact you upon each release date.

Option #3: Notify Honeywell with the information related to the patch/version when such becomes available.

Option #4: Suggest alternate methods that your company uses to inform customers about software patches or revisions.

Option # 5: Provide us the website URL from where we can get the new version release information as well as release notes as a monthly basis.

 

 

Your action ::

· Please revert us with an option#

· Please fill up the table with the latest information available

· Inform us - Is there any security fixes/enhancements/updates available in any version between Latest Version and Honeywell used version or we can consider the HON version as secured ?

 


	
		
			
			Product Name
			
			
			Honeywell installed version
			
			
			Latest Market version
			
			
			Release Date of Latest Market version
			
			
			Website URL

			(where vendor publishes versions & release notes)
			
			
			End Of Support

			 (Honeywell having valid contract/ license with the vendor)
			
			
			End of Life

			(Of Honeywell installed version)
			
		
		
			
			AERO SVN RESTRICTED
			
			
			SVN 1.9.12
			
			
			?
			
			
			?
			
			
			?
			
			
			?
			
			
			?
			
		
	


 

We want to stay in touch to obtain new security patches or software revisions that Honeywell can implement accordingly. Keeping Honeywell systems secure and up to date are a major priority for the Honeywell Information Technology organization. 



 




Thanks & Stay Secure,

Nandiraju Sai Tanmayi

Vulnerability Management
Tata Consultancy Services | Contracted to Honeywell
Email:  nandirajusai.tanm...@honeywell.com
Disclaimer Notice
Please do not email any confidential or privileged information that may violate export control rules as I'm NOT authorized to view Export Controlled Data.

COTS : [urgent] : Information required on security-related patches under APACHE GROUP

2020-08-05 Thread Tanmayi, Nandiraju Sai 
Hi Team,


We are from Vulnerability Management Team of Honeywell, We keep on track on 
applications those are running in Honeywell environment and ensure that they 
are running on secure version to avoid any security breach.

We contact to vendor of the application and if we get any information regarding 
security enhancement or fixes in higher version that Honeywell used version 
then we notify the application user for an upgrade.



We recognize your time is valuable so tell us the best way to learn about and 
obtain the latest security patches or software revisions/upgrades of your 
product :



Option #1: On a monthly basis, Honeywell can send an email inquiring if new 
security patches are available.

Option #2: Provide Honeywell with an annual release schedule and we will 
contact you upon each release date.

Option #3: Notify Honeywell with the information related to the patch/version 
when such becomes available.

Option #4: Suggest alternate methods that your company uses to inform customers 
about software patches or revisions.

Option # 5: Provide us the website URL from where we can get the new version 
release information as well as release notes as a monthly basis.





Your action ::

· Please revert us with an option#

· Please fill up the table with the latest information available

· Inform us - Is there any security fixes/enhancements/updates 
available in any version between Latest Version and Honeywell used version or 
we can consider the HON version as secured ?



Product Name

Honeywell installed version

Latest Market version

Release Date of Latest Market version

Website URL

(where vendor publishes versions & release notes)

End Of Support

 (Honeywell having valid contract/ license with the vendor)

End of Life

(Of Honeywell installed version)

AERO SVN RESTRICTED

SVN 1.9.12

?

?

?

?

?



We want to stay in touch to obtain new security patches or software revisions 
that Honeywell can implement accordingly. Keeping Honeywell systems secure and 
up to date are a major priority for the Honeywell Information Technology 
organization.


Thanks & Stay Secure,

Nandiraju Sai Tanmayi

Vulnerability Management
Tata Consultancy Services | Contracted to Honeywell
Email:  
nandirajusai.tanm...@honeywell.com
Disclaimer Notice
Please do not email any confidential or privileged information that may violate 
export control rules as I'm NOT authorized to view Export Controlled Data.