[Esapi-user] State of affairs
chrisisbeef at gmail.com
Thu Nov 6 17:48:17 UTC 2014
The ESAPI project is still kicking - we are in active development for ESAPI
3.0 currently ( https://github.com/ESAPI/esapi-java ) and the 2.x code from
Google Code has been moved to GitHub (
Kevin is working with some folks on fixing bugs in the 2.x branch and we
are in the process of spinning up a new Confluence and JIRA on Atlassian
On-Demand. We also have our CI hosted at cloudbees (
AFAIK (Kevin can verify) CVE-2013-5960 and CVE-2013-5679 are fixed in
source, and we were awaiting a few final bug-fixes to issue a new release.
Thanks! Let us know if you have additional questions!
On Thu, Nov 6, 2014 at 9:23 AM, Sverre Aleksandersen <
sverre.aleksandersen at gmail.com> wrote:
> I’m looking at ESAPI as part of a school project.
> After reading Kevin Walls blog post (
> and stackoverflow post (
> I’m wondering of ESAPIs state of affairs.
> Has it or will it be removed as a OWASP flagship project?
> Looking at the latest commit’s on github, it seems that theres at least
> some activity.
> What about CVE-2013-5960 and CVE-2013-5679? Have they been resolved?
> Any new releases planned?
> I’m struggling to find up-to-date information about ESAPI and it’s future.
> Best regards,
> Sverre Aleksandersen
> Esapi-user mailing list
> Esapi-user at lists.owasp.org
OWASP ESAPI Developer
Check out OWASP ESAPI for Java
Yet Another Developers Blog
Bio and Resume
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Esapi-user