[Esapi-user] State of affairs

Sverre Aleksandersen sverre.aleksandersen at gmail.com
Thu Nov 6 16:23:43 UTC 2014


I’m looking at ESAPI as part of a school project.
After reading Kevin Walls blog post (http://off-the-wall-security.blogspot.no/2014/03/esapi-no-longer-owasp-flagship-project.html <http://off-the-wall-security.blogspot.no/2014/03/esapi-no-longer-owasp-flagship-project.html>) and stackoverflow post (http://stackoverflow.com/questions/23396171/to-wrap-or-not-to-wrap-esapi/23575210#23575210 <http://stackoverflow.com/questions/23396171/to-wrap-or-not-to-wrap-esapi/23575210#23575210>) I’m wondering of ESAPIs state of affairs.
Has it or will it be removed as a OWASP flagship project?
Looking at the latest commit’s on github, it seems that theres at least some activity.
What about CVE-2013-5960 and CVE-2013-5679? Have they been resolved? 
Any new releases planned?

I’m struggling to find up-to-date information about ESAPI and it’s future.

Best regards,
Sverre Aleksandersen

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/esapi-user/attachments/20141106/04aa29fd/attachment.html>

More information about the Esapi-user mailing list