Re: [milo-dev] Eclipse-Milo security report with JFROG

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [List Home]

Re: [milo-dev] Eclipse-Milo security report with JFROG

From: Kevin Herron <kevinherron@xxxxxxxxx>
Date: Tue, 10 May 2022 05:58:51 -0700
Delivered-to: milo-dev@xxxxxxxxxxx
List-archive: <https://www.eclipse.org/mailman/private/milo-dev/>
List-help: <mailto:milo-dev-request@eclipse.org?subject=help>
List-subscribe: <https://www.eclipse.org/mailman/listinfo/milo-dev>, <mailto:milo-dev-request@eclipse.org?subject=subscribe>
List-unsubscribe: <https://www.eclipse.org/mailman/options/milo-dev>, <mailto:milo-dev-request@eclipse.org?subject=unsubscribe>

None of those affect Milo directly, but regardless Netty was upgraded to 4.1.75.Final in Milo version 0.6.5.

On Tue, May 10, 2022 at 12:57 AM RB, Pramod Kumar <pramodkumar.rb@xxxxxxxxxxxxxxxx> wrote:

Hello milo dev team, Kevin Herron,

We got few critical, high and medium security issue after performing security scan on the milo sdk, can we get support/upgrades to fix the versions as mentioned in attached security scan report.

Regards,

Pramod

From: Chakraborty, Debapriyo <debapriyo.chakraborty@xxxxxxxxxxxxxxxx>
Date: Thursday, 5 May 2022 at 4:59 PM
To: milo-dev@xxxxxxxxxxx <milo-dev@xxxxxxxxxxx>
Cc: PAUL, SOURAV <sourav.paul2@xxxxxxxxxxxxxxxx>, Ganeshan, Ashwini <ashwini.ganeshan@xxxxxxxxxxxxxxxx>, RB, Pramod Kumar <pramodkumar.rb@xxxxxxxxxxxxxxxx>, S, Shyamsundar <shyamsundar.s@xxxxxxxxxxxxxxxx>
Subject: FW: Eclipse-Milo security report with JFROG

Hi,

Forwarding the mail after creating the account in eclipse.org

We are using 0.6.3 version of Eclipse-milo in our project.

During the report generation with JFROG we found some critical, high and medium Security issue.

PFA for more information of the components and the version we are using.

Kindly suggest the solution / upgrades that we can perform from our end if possible.

If there is anything that needs to be done from your end please do the needful and keep us informed.

Thanks and Regards

Debapriyo Chakraborty

Email id: debapriyo.chakraborty@xxxxxxxxxxxxxxxx

Thermo Fisher Scientific

From: Chakraborty, Debapriyo <debapriyo.chakraborty@xxxxxxxxxxxxxxxx>
Date: Thursday, 5 May 2022 at 4:54 PM
To: milo-dev@xxxxxxxxxxx <milo-dev@xxxxxxxxxxx>
Cc: PAUL, SOURAV <sourav.paul2@xxxxxxxxxxxxxxxx>, RB, Pramod Kumar <pramodkumar.rb@xxxxxxxxxxxxxxxx>, S, Shyamsundar <shyamsundar.s@xxxxxxxxxxxxxxxx>, Ganeshan, Ashwini <ashwini.ganeshan@xxxxxxxxxxxxxxxx>
Subject: Eclipse-Milo security report with JFROG

Hi,

We are using 0.6.3 version of Eclipse-milo in our project.

During the report generation with JFROG we found some critical, high and medium Security issue.

PFA for more information of the components and the version we are using.

Kindly suggest the solution / upgrades that we can perform from our end if possible.

If there is anything that needs to be done from your end please do the needful and keep us informed.

Thanks and Regards

Debapriyo Chakraborty

Email id: debapriyo.chakraborty@xxxxxxxxxxxxxxxx

Thermo Fisher Scientific

Follow-Ups:
- Re: [milo-dev] Eclipse-Milo security report with JFROG
  - From: RB, Pramod Kumar

References:
- Re: [milo-dev] Eclipse-Milo security report with JFROG
  - From: RB, Pramod Kumar

Prev by Date: Re: [milo-dev] Eclipse-Milo security report with JFROG
Next by Date: Re: [milo-dev] Eclipse-Milo security report with JFROG
Previous by thread: Re: [milo-dev] Eclipse-Milo security report with JFROG
Next by thread: Re: [milo-dev] Eclipse-Milo security report with JFROG
Index(es):
- Date
- Thread

Breadcrumbs