Skip to main content
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [List Home]
Re: [cft-dev] Security Vulnerabilities in Eclipse CloudFoundry 1.2.3.v201805291812
  • From: Nieraj Singh <nierajsingh@xxxxxxxxxx>
  • Date: Wed, 10 Mar 2021 23:27:06 +0000
  • Accept-language: en-US
  • Arc-authentication-results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=vmware.com; dmarc=pass action=none header.from=vmware.com; dkim=pass header.d=vmware.com; arc=none
  • Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=2t77bzG5soo4Xy/y0frbRQ7gvjLq2GSw1ZgzxqF6lG8=; b=Xel4W7a8+Avr1KBr47m+pH16WW6hgD5jdPX60Fy+uuULRSQ6jy6KJ4AliP4sdnPhTVGaa+utT1yCWlKc10sra4za5RDYZ4oiDNBq5suPJXThoKwdX2nO95rclqVnF4LBdnXi34v8a+2vyATbFhFOnAV0fa/1gUikxFJOwPmIjJo/t3D58fDk9PmyjyZ5xJcqbB94iwz2VCfXbbcCFywZ8LE3QY+RjLs/zqfU2ETlWxdpKwLUAWp49uVic4AwKy7KmyZR8Or+vG11LQlnNHxFn8cAyHCdHkUUo4NzRWuXsbb2PFxes8BkDs/2QI0rDWuQRXaFXhYH6b6PJ6KfF3qKpg==
  • Arc-seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=Pae/UITzqVxgYx2jHq6zkrXoEl3+PUV6YMsqzGe41z3S4RUnTHHt+C1BWRhx8mzXdz2kYYma1PTrD1cWtP090ioj8g8N7kQQed0tcLmKtnASdakcc4frxYdQ5OkuiYbd1ecuSyudtXwbS0gxbh5hhhU82GlN3c617T3dhIcv1l1adsP+rV8KRsplXfuq9zWw/ZMII1EQlYZB0qShyFm3/CZcf/MLxKmkTeippEvtBAhZsKzhCbREFiZ6P03KhRK1m3sdsG2iTgKBo4oKq7VPCIxKTP9ACsbwLrutS7oqlNpf07Y2t3nvKuKvx31IZsYX+CUzizbjgwucW0Rmo0SQsg==
  • Delivered-to: cft-dev@xxxxxxxxxxx
  • List-archive: <https://www.eclipse.org/mailman/private/cft-dev/>
  • List-help: <mailto:cft-dev-request@eclipse.org?subject=help>
  • List-subscribe: <https://www.eclipse.org/mailman/listinfo/cft-dev>, <mailto:cft-dev-request@eclipse.org?subject=subscribe>
  • List-unsubscribe: <https://www.eclipse.org/mailman/options/cft-dev>, <mailto:cft-dev-request@eclipse.org?subject=unsubscribe>
  • Thread-index: AdcOzvwCtF32Buh9QLGowqMmTFjHBwHNJ8Z7
  • Thread-topic: Security Vulnerabilities in Eclipse CloudFoundry 1.2.3.v201805291812
Hi,

Thanks for your message regarding the security vulnerabilities in CFT. Unfortunately, the product is no longer supported and it is no longer part of the Eclipse release train. 

However, I am still a committer for the project and can merge Pull Requests, and make changes available in a CFT snapshot build:


If you can let me know which jars have vulnerabilities, or alternately if you like to submit a PR with the changes,  I can make sure the changes are available in a snapshot build.

Thank you very much for let me know about this issue,

-Nieraj
From: cft-dev <cft-dev-bounces@xxxxxxxxxxx> on behalf of Jaime Barragan <jaime.barragan@xxxxxxx>
Sent: Monday, March 1, 2021 11:20 AM
To: cft-dev@xxxxxxxxxxx <cft-dev@xxxxxxxxxxx>
Cc: Manuel Sebastian Parrao Alcntara <ManuelSebasti.Parra@xxxxxxx>; Kalena Blue <kalena.blue@xxxxxxx>
Subject: [cft-dev] Security Vulnerabilities in Eclipse CloudFoundry 1.2.3.v201805291812
 

Hello CFT Team, I am Jaime Villasenor I am part of the HCL Rational Application Developer Team I am contacting you because we are seeing multiples vulnerabilities in the latest version of Eclipse CloudFoundry, the security issue are related with some JAR that are included into the product.

Are you still supporting the product? Or do you know who is the correct guy to contact?

Regards

Jaime Villasenor

::DISCLAIMER::
The contents of this e-mail and any attachment(s) are confidential and intended for the named recipient(s) only. E-mail transmission is not guaranteed to be secure or error-free as information could be intercepted, corrupted, lost, destroyed, arrive late or incomplete, or may contain viruses in transmission. The e mail and its contents (with or without referred errors) shall therefore not attach any liability on the originator or HCL or its affiliates. Views or opinions, if any, presented in this email are solely those of the author and may not necessarily reflect the views or opinions of HCL or its affiliates. Any form of reproduction, dissemination, copying, disclosure, modification, distribution and / or publication of this message without the prior written consent of authorized representative of HCL is strictly prohibited. If you have received this email in error please delete it and notify the sender immediately. Before opening any email and/or attachments, please check them for viruses and other defects.

Back to the top