[Esapi-user] ESAPI 2.0 rc10
jim.manico at owasp.org
Mon Oct 18 11:52:54 EDT 2010
The OWASP ESAPI (Enterprise Security API) Library version 2.0 rc10 for Java
1.5+ and above is now live!
You may download the complete zip file here:
You may browse the ESAPI 2.0 rc10 Javadocs here:
Major enhancements include:
1) First official release to maven central
2) Provided ability to disable automatic canonicalization for
validation + disabled canonicalization for AntiSamy validation
3) Fixed deadlock issues in the DefaultExecutor
4) Multiple enhancements to the Encryptor implementation and
5) Multiple fixes to ensure Java 1.5 compatibility
6) Added an implementation of EncryptedProperties that extends
7) Added new command-line utility to create, read and write
A special thanks to Chris Schmidt for automating our build processes and
registering the ESAPI project with Maven central. Way to go, Chris!
Additional thanks go to Kevin Wall, August Detlefsen, Ed Schaller, Patrick
Higgins and John Melton for their contributions in this release.
ESAPI 2.0 rc10 is a giant milestone for our project. We are very close to
promoting ESAPI to general availability. The NSA has completed their review
of the ESAPI encryptor reference implementation and will be publishing those
results soon. This report, if positive, will give us the assurance we need
to promote ESAPI 2.0 to General Availability.
Malama Pono Aloha,
OWASP Podcast Host/Producer
OWASP ESAPI Project Manager
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Esapi-user