|
Chris, > Or am I missing something? You've overlooked the uPortal community practice of addressing security vulnerability concerns to [EMAIL PROTECTED] to be discreetly addressed before it becomes public knowledge, and to the JA-SIG Board if for whatever reason the security contact group drops the ball. Please forward your concerns there and you can work with the SCG to see how they relate to security patches that may be in progress and or that need to be put into progress ASAP in response to these concerns. Andrew ... This could be used to retrieve sensitive information or forward requests containing any number of remote exploit attempts.Or am I missing something? -- You are currently subscribed to [email protected] as: [EMAIL PROTECTED] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/uportal-dev |
- [uportal-dev] HttpProxyServlet Security Chris Hubick
- [uportal-dev] On handling concerns about security vulner... Andrew Petro
- Re: [uportal-dev] HttpProxyServlet Security Brad Johnson
