Open mohanramakrishna opened 5 years ago
luigidellaquila
commented
5 years ago Hi @mohanramakrishna
V 2.1.16 is no longer supported (for a long time), so we cannot execlude security problems. My advice is to upgrade to v 3.0.x as soon as possible
Thanks
Luigi
mohanramakrishna
commented
5 years ago Hi Luigi, Thanks for getting back on this issue. Could you also let us know the security patches/fixes that were done after 2.1.16 ? if you can provide that documentation, that will be really helpful.
Thanks
From: luigidellaquila notifications@github.com Sent: Tuesday, August 13, 2019 1:41 AM To: orientechnologies/prjhub prjhub@noreply.github.com Cc: Ramakrishna, Mohan X mohan.x.ramakrishna@ampf.com; Mention mention@noreply.github.com Subject: [EXTERNAL] Re: [orientechnologies/prjhub] Security concerns on Orient version 2.1.16 (#101)
CAUTION: This email is from outside the organization. DO NOT CLICK a link or open an attachment unless you know the content is safe and are expecting it from the sender. If in doubt, contact the sender separately to verify the content.
Hi @mohanramakrishnahttps://github.com/mohanramakrishna
V 2.1.16 is no longer supported (for a long time), so we cannot execlude security problems. My advice is to upgrade to v 3.0.x as soon as possible
Thanks
Luigi
— You are receiving this because you were mentioned. Reply to this email directly, view it on GitHubhttps://github.com/orientechnologies/prjhub/issues/101?email_source=notifications&email_token=AFZPDWZSZYLSW6MVDG66IVDQEJJQBA5CNFSM4ILHANM2YY3PNVWWK3TUL52HS4DFVREXG43VMVBW63LNMVXHJKTDN5WW2ZLOORPWSZGOD4EWKPQ#issuecomment-520709438, or mute the threadhttps://github.com/notifications/unsubscribe-auth/AFZPDW2ZL2BFJJLVYUVT2MTQEJJQBANCNFSM4ILHANMQ.
** "This message and any attachments are solely for the intended recipient and may contain confidential or privileged information. If you are not the intended recipient, any disclosure, copying, use, or distribution of the information included in this message and any attachments is prohibited. If you have received this communication in error, please notify us by reply e-mail and immediately and permanently delete this message and any attachments. Thank you." **
mohanramakrishna
commented
5 years ago To be specific, we are looking for any security flaws identified for version 2.1.16 and if yes, details of the patch(es). Please detail out if the patch was combined in an elevated version instead of just a stand alone patch. Thanks.
Vijay Kumar Raghu Software Engineer, Digital Technologies - Data & Services .................................. O: 612.671.5046 Ameriprise Financial 2085, Ameriprise Financial Center, Minneapolis, MN 55474 [Website]http://www.ameriprise.com/[Facebook]http://www.facebook.com/ameriprise[YouTube]http://www.youtube.com/ameriprise [LOGO]http://www.ameriprise.com/
From: Ramakrishna, Mohan X mohan.x.ramakrishna@ampf.com Sent: Tuesday, August 13, 2019 10:34 PM To: orientechnologies/prjhub reply@reply.github.com; orientechnologies/prjhub prjhub@noreply.github.com Cc: Mention mention@noreply.github.com; Shreve, Romy romy.shreve@ampf.com; Raghu, Vijay Vijay.Raghu@ampf.com; Chandra, Kailash Kailash.Chandra@ampf.com; Shukla, Jay Jay.Shukla@ampf.com Subject: RE: [EXTERNAL] Re: [orientechnologies/prjhub] Security concerns on Orient version 2.1.16 (#101)
Hi Luigi, Thanks for getting back on this issue. Could you also let us know the security patches/fixes that were done after 2.1.16 ? if you can provide that documentation, that will be really helpful.
Thanks
From: luigidellaquila notifications@github.com<mailto:notifications@github.com> Sent: Tuesday, August 13, 2019 1:41 AM To: orientechnologies/prjhub prjhub@noreply.github.com<mailto:prjhub@noreply.github.com> Cc: Ramakrishna, Mohan X mohan.x.ramakrishna@ampf.com<mailto:mohan.x.ramakrishna@ampf.com>; Mention mention@noreply.github.com<mailto:mention@noreply.github.com> Subject: [EXTERNAL] Re: [orientechnologies/prjhub] Security concerns on Orient version 2.1.16 (#101)
CAUTION: This email is from outside the organization. DO NOT CLICK a link or open an attachment unless you know the content is safe and are expecting it from the sender. If in doubt, contact the sender separately to verify the content.
Hi @mohanramakrishnahttps://github.com/mohanramakrishna
V 2.1.16 is no longer supported (for a long time), so we cannot execlude security problems. My advice is to upgrade to v 3.0.x as soon as possible
Thanks
Luigi
— You are receiving this because you were mentioned. Reply to this email directly, view it on GitHubhttps://github.com/orientechnologies/prjhub/issues/101?email_source=notifications&email_token=AFZPDWZSZYLSW6MVDG66IVDQEJJQBA5CNFSM4ILHANM2YY3PNVWWK3TUL52HS4DFVREXG43VMVBW63LNMVXHJKTDN5WW2ZLOORPWSZGOD4EWKPQ#issuecomment-520709438, or mute the threadhttps://github.com/notifications/unsubscribe-auth/AFZPDW2ZL2BFJJLVYUVT2MTQEJJQBANCNFSM4ILHANMQ.
** "This message and any attachments are solely for the intended recipient and may contain confidential or privileged information. If you are not the intended recipient, any disclosure, copying, use, or distribution of the information included in this message and any attachments is prohibited. If you have received this communication in error, please notify us by reply e-mail and immediately and permanently delete this message and any attachments. Thank you." **
Hi, We are currently using old version of orient (2.1.16). We would like to know if we have any security concern on this version ? Please let us know.