On 1 September 2014 04:53, Stefan Bodewig <bode...@apache.org> wrote: > On 2014-09-01, sebb wrote: > >> Might be useful to add a link to the security page under "General >> Information". > > Right. > > >> The page mentions denial of service - not sure that applies to any of >> the Commons components? > > The one issue with Compress could be used for a DoS attack.
I think that would require that Compress was being used as part of a service, e.g. in Tomcat. It it was part of a stand-alone app this would not be classed as a DOS. I'm not insisting that this phrase be removed, but it seems out of place to me for library components. > Stefan > > --------------------------------------------------------------------- > To unsubscribe, e-mail: dev-unsubscr...@commons.apache.org > For additional commands, e-mail: dev-h...@commons.apache.org > --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@commons.apache.org For additional commands, e-mail: dev-h...@commons.apache.org
