Hi Team,
We have run vulnerability checks on DHIS dependencies using the
dependency-check maven plugin. This plugin wraps the OWASP Dependency Check
utility which uses NIST’s National Vulnerability Database (NVD) to identify
the vulnerable dependencies.
Please find the report attached. Did anyone run this kind of vulnerability
scan earlier. Any comments please?
Thanks
Aamer.
Where is the report ?
On Thu, Oct 27, 2016 at 2:30 PM, Aamer Mohammed aamerm@thoughtworks.com wrote:
Hi Team,
We have run vulnerability checks on DHIS dependencies using the
dependency-check maven plugin. This plugin wraps the OWASP Dependency Check
utility which uses NIST’s National Vulnerability Database (NVD) to identify
the vulnerable dependencies.
Please find the report attached. Did anyone run this kind of vulnerability
scan earlier. Any comments please?
Thanks
Aamer.
Mailing list: https://launchpad.net/~dhis2-devs
Post to : dhis2-devs@lists.launchpad.net
Unsubscribe : https://launchpad.net/~dhis2-devs
More help : https://help.launchpad.net/ListHelp
–
Best Regards,
Brajesh Murari,
Postgraduate, Dept of CSE,
Chaudhary Devi Lal University, Sirsa,
India.
The three basic dimensions of human development: a long and healthy life, access to knowledge, and a decent standard of living.
There is no attachment.
On Thu, Oct 27, 2016 at 11:00 AM, Aamer Mohammed aamerm@thoughtworks.com wrote:
Hi Team,
We have run vulnerability checks on DHIS dependencies using the
dependency-check maven plugin. This plugin wraps the OWASP Dependency Check
utility which uses NIST’s National Vulnerability Database (NVD) to identify
the vulnerable dependencies.
Please find the report attached. Did anyone run this kind of vulnerability
scan earlier. Any comments please?
Thanks
Aamer.
Mailing list: https://launchpad.net/~dhis2-devs
Post to : dhis2-devs@lists.launchpad.net
Unsubscribe : https://launchpad.net/~dhis2-devs
More help : https://help.launchpad.net/ListHelp
–
Halvdan Hoem Grelland
Software developer, DHIS 2
University of Oslo
Please find the attached file.
dependency-check-report.html.zip (342 KB)
On Thu, Oct 27, 2016 at 4:34 PM, Halvdan Hoem Grelland halvdan@dhis2.org wrote:
There is no attachment.
–
On Thu, Oct 27, 2016 at 11:00 AM, Aamer Mohammed aamerm@thoughtworks.com wrote:
Hi Team,
We have run vulnerability checks on DHIS dependencies using the
dependency-check maven plugin. This plugin wraps the OWASP Dependency Check
utility which uses NIST’s National Vulnerability Database (NVD) to identify
the vulnerable dependencies.
Please find the report attached. Did anyone run this kind of vulnerability
scan earlier. Any comments please?
Thanks
Aamer.
Mailing list: https://launchpad.net/~dhis2-devs
Post to : dhis2-devs@lists.launchpad.net
Unsubscribe : https://launchpad.net/~dhis2-devs
More help : https://help.launchpad.net/ListHelp
Halvdan Hoem Grelland
Software developer, DHIS 2
University of Oslo
–
Thanks & Regards,
Nalinikanth M
Quality Analyst
Email
nalinim@thoughtworks.com
Telephone
+91 9052234588
Yes, I have been running regular AppScans against DHIS2 and sharing the results with the core team.
Greg
On Oct 27, 2016 6:14 AM, “Aamer Mohammed” aamerm@thoughtworks.com wrote:
Hi Team,
We have run vulnerability checks on DHIS dependencies using the
dependency-check maven plugin. This plugin wraps the OWASP Dependency Check
utility which uses NIST’s National Vulnerability Database (NVD) to identify
the vulnerable dependencies.
Please find the report attached. Did anyone run this kind of vulnerability
scan earlier. Any comments please?
Thanks
Aamer.
Mailing list: https://launchpad.net/~dhis2-devs
Post to : dhis2-devs@lists.launchpad.net
Unsubscribe : https://launchpad.net/~dhis2-devs
More help : https://help.launchpad.net/ListHelp
Could you provide us some details, how you generated this report ?
Regards,
On Thu, Oct 27, 2016 at 4:36 PM, Nalinikanth Meesala nalinim@thoughtworks.com wrote:
Please find the attached file.
Mailing list: https://launchpad.net/~dhis2-users
Post to : dhis2-users@lists.launchpad.net
Unsubscribe : https://launchpad.net/~dhis2-users
More help : https://help.launchpad.net/ListHelp
–
On Thu, Oct 27, 2016 at 4:34 PM, Halvdan Hoem Grelland halvdan@dhis2.org wrote:
There is no attachment.
Thanks & Regards,
Nalinikanth M
Quality Analyst
Email
nalinim@thoughtworks.com
Telephone
+91 9052234588
–
On Thu, Oct 27, 2016 at 11:00 AM, Aamer Mohammed aamerm@thoughtworks.com wrote:
Hi Team,
We have run vulnerability checks on DHIS dependencies using the
dependency-check maven plugin. This plugin wraps the OWASP Dependency Check
utility which uses NIST’s National Vulnerability Database (NVD) to identify
the vulnerable dependencies.
Please find the report attached. Did anyone run this kind of vulnerability
scan earlier. Any comments please?
Thanks
Aamer.
Mailing list: https://launchpad.net/~dhis2-devs
Post to : dhis2-devs@lists.launchpad.net
Unsubscribe : https://launchpad.net/~dhis2-devs
More help : https://help.launchpad.net/ListHelp
Halvdan Hoem Grelland
Software developer, DHIS 2
University of Oslo
–
Best Regards,
Brajesh Murari,
Postgraduate, Dept of CSE,
Chaudhary Devi Lal University, Sirsa,
India.
The three basic dimensions of human development: a long and healthy life, access to knowledge, and a decent standard of living.
It seems more like a system generated report, Perhaps, it would be nice if you could share us some concrete plan for doing some testing on DHIS2.25 like manual testing, automation testing, regression testing, load testing, black box and white box functional testing etc. and that should be very appreciable much required to all the developers working actively on DHIS2.
thank you.
On Thu, Oct 27, 2016 at 4:40 PM, Greg Wilson gwilson@baosystems.com wrote:
Yes, I have been running regular AppScans against DHIS2 and sharing the results with the core team.
Greg
Mailing list: https://launchpad.net/~dhis2-devs
Post to : dhis2-devs@lists.launchpad.net
Unsubscribe : https://launchpad.net/~dhis2-devs
More help : https://help.launchpad.net/ListHelp
–
On Oct 27, 2016 6:14 AM, “Aamer Mohammed” aamerm@thoughtworks.com wrote:
Hi Team,
We have run vulnerability checks on DHIS dependencies using the
dependency-check maven plugin. This plugin wraps the OWASP Dependency Check
utility which uses NIST’s National Vulnerability Database (NVD) to identify
the vulnerable dependencies.
Please find the report attached. Did anyone run this kind of vulnerability
scan earlier. Any comments please?
Thanks
Aamer.
Mailing list: https://launchpad.net/~dhis2-devs
Post to : dhis2-devs@lists.launchpad.net
Unsubscribe : https://launchpad.net/~dhis2-devs
More help : https://help.launchpad.net/ListHelp
Best Regards,
Brajesh Murari,
Postgraduate, Dept of CSE,
Chaudhary Devi Lal University, Sirsa,
India.
The three basic dimensions of human development: a long and healthy life, access to knowledge, and a decent standard of living.