Hi,
I just want to make sure that all security mailing group users have received Riyaz’s letter (twice now) about security vulnerabilities and maybe some of them are goiing to be addressed? He said in the last letter, that those will be disclosed on November 15. So, is someone doing anything about this or has replied to Riyaz at least?
One who did receive them may want to either create a private discussion or a private JIRA issue. I usually don’t use my email client so I’m not on this mailing list. I’d prefer to get these issues posted in a private space/group ( similar to my WEB-17 comment).
Hi wroot,
Yes indeed. His note just expands on the current CVE open for openfire.
daryl