Absolutely. We should be proactive about stuff like that. Be sure to cc Sally with whatever you do.
On 07/18/2016 10:14 AM, William A Rowe Jr wrote: > In response to https://httpoxy.org/ (which has no actual ASF > vulnerability we are aware of) the HTTP, Tomcat and ATS projects > collected feedback, along with validation from the Perl project; > > https://www.apache.org/security/asf-httpoxy-response.txt > > Does it make sense to blog this, or at least R/T from @TheASF? > -- Rich Bowen - rbo...@rcbowen.com - @rbowen http://apachecon.com/ - @apachecon
signature.asc
Description: OpenPGP digital signature