: what they were). Solr had cross-site scripting issues in its JSP
: pages, which I think are now all fixed (?).
SOLR-74, just resolved.
I don't know if i'd really call them XSS issues: they are on the admin
pages; if a malicious user has access to them, you've got bigger problems
then them
On Dec 16, 2006, at 3:44 AM, Chris Hostetter wrote:
: what they were). Solr had cross-site scripting issues in its JSP
: pages, which I think are now all fixed (?).
SOLR-74, just resolved.
I don't know if i'd really call them XSS issues: they are on the admin
pages; if a malicious user has
: Re: Lucene code review
Hi Erik, thanks for the intro. I'd be happy to set up an account
for anyone
involved with the projects who'd like to take a look. (Because we're
checking for security problems, we don't share specific findings
with the
general public.)
Erik is right, from Lucene
[EMAIL PROTECTED], Gary McGraw [EMAIL PROTECTED]
Subject: Re: Lucene code review
On Dec 13, 2006, at 1:00 AM, Otis Gospodnetic wrote:
Just spotted this on Slashdot: http://
opensource.fortifysoftware.com/welcome.html
I wonder what the 3 defects they found and reviewed are... I don't
see
]
Subject: Re: Lucene code review
On Dec 13, 2006, at 1:00 AM, Otis Gospodnetic wrote:
Just spotted this on Slashdot: http://
opensource.fortifysoftware.com/welcome.html
I wonder what the 3 defects they found and reviewed are... I don't
see a way to see them from their site.
I had an early peek
Erik Hatcher wrote:
I have an account and I recommend at least a couple of the really active
committers sign on as well. Yonik for sure! ;) Doug, of course (if he
wants). Anyone else?
I am interested check out Nutch.
--
Sami Siren
Brian Chess wrote:
I'd be happy to set up an account for anyone
involved with the projects who'd like to take a look. (Because we're
checking for security problems, we don't share specific findings with the
general public.)
Thanks for doing this, Brian.
One possibility would be to generate
On Dec 13, 2006, at 1:00 AM, Otis Gospodnetic wrote:
Just spotted this on Slashdot: http://
opensource.fortifysoftware.com/welcome.html
I wonder what the 3 defects they found and reviewed are... I don't
see a way to see them from their site.
I had an early peek at the Fortify analysis of
Just spotted this on Slashdot:
http://opensource.fortifysoftware.com/welcome.html
I wonder what the 3 defects they found and reviewed are... I don't see a way to
see them from their site.
Otis
-
To unsubscribe, e-mail:
Hi,
Indeed, I am very impressed by the fact that both the Nutch and Lucene
scored best of all considered project in the survey.
Congratulations to the community!
Lukas
On 12/13/06, Otis Gospodnetic [EMAIL PROTECTED] wrote:
Just spotted this on Slashdot:
10 matches
Mail list logo