[Owasp-codereview] Code Review Guide 2.0 alpha release

Larry Conklin larry.conklin at owasp.org
Fri Jun 10 12:36:16 UTC 2016


Leopold,
In this release nginX will not be covered. As far as vulnerabilities in
nginx goes you can refer to http://nginx.org/en/security_advisories.html

Apache Wicket news page does describe two vulnerabilities.
https://wicket.apache.org/#news

Larry Conklin, CISSP



On Fri, Jun 10, 2016 at 4:56 AM, Zyka Leopold <Leopold.Zyka at ama.gv.at>
wrote:

> Dear code review team,
>
>
>
> I am not sure if this ist he right place for my questions.
>
> In our Javaapplication we use Wicket as the webframework.
>
>
>
> I have two questions:
>
>
>
> 1)      Apache Wicket
> Using Checkmarx for static code analysis brought up the question how
> secure is Apache Wicket ?
>
> 2)      NginX
>
>                We moved from Tomcat to Jetty which is covered in the
> document.
>                We also moved from IIS (in front) to NginX
>
> ð  Will there be a chapter about NginX ?
>
>
>
> regards,
>
> Leopold
>
>
>
> Der Austausch von Nachrichten mit o.a. Absender via E-Mail dient
> ausschließlich Informationszwecken und ist rechtlich nicht bindend.
>
>
>
> _______________________________________________
> Owasp-codereview mailing list
> Owasp-codereview at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-codereview
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-codereview/attachments/20160610/1f5ee856/attachment.html>


More information about the Owasp-codereview mailing list