In response to https://httpoxy.org/ (which has no actual ASF
vulnerability we are aware of) the HTTP, Tomcat and ATS projects
collected feedback, along with validation from the Perl project;
https://www.apache.org/security/asf-httpoxy-response.txt
Does it make sense to blog this, or at least R/T
Absolutely. We should be proactive about stuff like that. Be sure to cc
Sally with whatever you do.
On 07/18/2016 10:14 AM, William A Rowe Jr wrote:
> In response to https://httpoxy.org/ (which has no actual ASF
> vulnerability we are aware of) the HTTP, Tomcat and ATS projects
> collected feedbac
I'm happy to do this, but if someone is already set up with blogs.apache.org,
please feel free to beat me to it, I am not set up at the moment
On Jul 18, 2016 11:03 AM, "Rich Bowen" wrote:
Absolutely. We should be proactive about stuff like that. Be sure to cc
Sally with whatever you do.
On 07/
Oh, I see. I misunderstood. You want to post it as is, or did you want to
add commentary? I have access.
On Jul 18, 2016 2:40 PM, "William A Rowe Jr" wrote:
> I'm happy to do this, but if someone is already set up with
> blogs.apache.org,
> please feel free to beat me to it, I am not set up at
No commentary required, but feel free to edit (including the source text
under www.a.o/security/) and add commentary as you see fit.
On Jul 18, 2016 4:57 PM, "Rich Bowen" wrote:
> Oh, I see. I misunderstood. You want to post it as is, or did you want to
> add commentary? I have access.
>
> On J
