[Owasp-portland] FLOSSHack/Ushahidi meet up

Tim tim.morgan at owasp.org
Thu Jul 12 22:28:56 UTC 2012


And after that, I will be sure to follow up with the full details of
all flaws found.  

Keep in mind that these issues are very real vulnerabilities in an
application deployed in the real world by third-parties.  A
responsible disclosure process typically involves keeping details of
flaws under wraps at least until patches are released.  While
FLOSSHack is a semi-public event, I certainly don't want to post all
of the vulnerability details on this mailing list yet.  Besides, it's
just a lot easier for me to wait on sending since the info on a lot of
flaws will continue to evolve.

tim



On Thu, Jul 12, 2012 at 02:33:08PM -0700, Wil Clouser wrote:
> The issues were sent to the Ushahidi team who is digesting them and
> fixing them.  I expect them to come out on security.ushahidi.com as
> the fixes come out in the code.
> 
> Wil
> 
> On Thu, Jul 12, 2012 at 2:28 PM, David Pirolo
> <webmaster at warnerpacific.edu> wrote:
> > Did I miss the email with the issues that were found?
> > -David
> >
> > On Thu, 2012-07-12 at 14:18 -0700, Wil Clouser wrote:
> >> Hi folks,
> >>
> >> I've spoken with some people from Ushahidi and they appreciate the
> >> work that went into the FLOSSHack - thanks to everyone that
> >> participated.  A few of them will be in town next week for OSCON and
> >> wanted to connect with the local community.  They are planning a
> >> casual meet up next Friday (July 20th).  Time and location are still
> >> getting sorted out but the meetup page is
> >> http://www.meetup.com/Ushahidi-Community/ and you're invited.  If you
> >> know people who came to the FLOSSHack but aren't on this list please
> >> forward this on.
> >>
> >> Cheers,
> >>
> >> Wil
> >> _______________________________________________
> >> Owasp-portland mailing list
> >> Owasp-portland at lists.owasp.org
> >> https://lists.owasp.org/mailman/listinfo/owasp-portland
> >
> >
> _______________________________________________
> Owasp-portland mailing list
> Owasp-portland at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-portland


More information about the Owasp-portland mailing list