There is an interesting paper on the Sonotype site. http://www.sonatype.com/Products/Sonatype-Insight/Why-Insight/Mitigate-Security-Risks/Security-Brief
Tapestry is listed in the top open source downloads with a security vulnerability. Unfortunately they don't say what version or what the vulnerability is but it does have an interesting chart with download numbers. Personally I'm not too worried about this because I think every piece of software has problems so you fix them and move on. One point I'd agree with using old versions with known issues is a problem. -- View this message in context: http://tapestry.1045711.n5.nabble.com/Sonotype-Security-Brief-tp5606474p5606474.html Sent from the Tapestry - User mailing list archive at Nabble.com. --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tapestry.apache.org For additional commands, e-mail: users-h...@tapestry.apache.org
