[Owasp-japan] Fwd: [Owasp-leaders] OWASP dependency-check 1.2.10 released!​

Riotaro OKADA riotaro @ gmail.com
2015年 4月 14日 (火) 01:55:59 UTC


---------- Forwarded message ----------
From: "Jeremy Long" <jeremy.long at owasp.org>
Date: Tue, Apr 14, 2015 at 7:39 AM
Subject: [Owasp-leaders] OWASP dependency-check 1.2.10 released!
To: "owasp-leaders" <owasp-leaders at lists.owasp.org>

> All,
> The OWASP dependency-check team is pleased to announce the release of
> version 1.2.10! Please visit the documentation site
> <http://jeremylong.github.io/DependencyCheck/> for information on obtaining
> the new version (CLI
> <http://jeremylong.github.io/DependencyCheck/dependency-check-cli/installation.html>
> , Maven Plugin
> <http://jeremylong.github.io/DependencyCheck/dependency-check-maven/usage.html>
> , Ant Task
> <http://jeremylong.github.io/DependencyCheck/dependency-check-ant/installation.html>
> , Jenkins Plugin
> <https://wiki.jenkins-ci.org/display/JENKINS/OWASP+Dependency-Check+Plugin>
> ).
> Summary of changes:
>    - New logo thanks to Hugo Costa!!!
>    - Fixed issue 210 that caused a different number of findings to be
>    identified under Java 7 vs. Java 8. The issue was JAXB parsing of the POM
>    works better under Java 8 - to avoid this and other JAXB issues the POM.xml
>    parser was written using a SAX handler to only extract the needed elements.
>    - Resolved issue #206 - the Evidence comparison had some incorrect logic
>    that caused the hint analyzer to think some JAR files were related to the
>    Spring Framework.
>    - Resolved issues with Nexus APIs including ensuring that the SHA1
>    hashes were lower case (issue 202) and the redirects from a local Nexus
>    will be correctly followed so that the POM.xml file can be correctly
>    downloaded.
>    - Added an update only option to the CLI and Ant Task and added an
>    update-only goal to the Maven plugin.
> Again, thanks for the PRs and please open a github issue if you find any
> false positives or false negatives.
> Best Regards,
> The OWASP dependency-check team
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-japan/attachments/20150413/3f432a7e/attachment-0001.html>


More information about the Owasp-japan mailing list