Absolutely. We should be proactive about stuff like that. Be sure to cc
Sally with whatever you do.

On 07/18/2016 10:14 AM, William A Rowe Jr wrote:
> In response to https://httpoxy.org/ (which has no actual ASF
> vulnerability we are aware of) the HTTP, Tomcat and ATS projects
> collected feedback, along with validation from the Perl project;
> 
> https://www.apache.org/security/asf-httpoxy-response.txt
> 
> Does it make sense to blog this, or at least R/T from @TheASF?
> 


-- 
Rich Bowen - rbo...@rcbowen.com - @rbowen
http://apachecon.com/ - @apachecon

Attachment: signature.asc
Description: OpenPGP digital signature

Reply via email to