[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[THREDDS #OJG-162986]: RE: Potential vulnerability - item #2

Subject: [THREDDS #OJG-162986]: RE: Potential vulnerability - item #2
Date: Wed, 20 Dec 2023 14:28:01 -0700

Hello,

I was able to reproduce both vulnerabilities that you reported using the
latest version of the TDS. I'm working on fixes now and will send an update
when they are complete. Thanks again for providing this info!

Megan

On Wed, Dec 20, 2023 at 1:00 PM Brown, Mitchell E (Mitch) CIV USARMY
CEERD-CHL (USA) <address@hidden> wrote:

> New Client Reply: RE: Potential vulnerability - item #2
>
> Thanks.  I downloaded and have been using the Snapshot for a while, but I
> never know if there has been a newer Snapshot since there is no date.  Is
> the Snapshot for 5.5 updated regularly?
>
> Mitch
>
> -----Original Message-----
> From: Unidata THREDDS Support <address@hidden>
> Sent: Wednesday, December 20, 2023 2:37 PM
> address@hidden>
> Cc: address@hidden
> Subject: [Non-DoD Source] [THREDDS #OJG-162986]: RE: Potential
> vulnerability - item #2
>
> Hello Mitchell,
>
> Thank you for sending us this information!  We've opened a ticket
> regarding this issue that was reported in both of your emails.  To report
> further information about this particular issue, or to ask questions,
> please respond to this email and it will be logged in our ticketing system
> with the rest of the information you provided.
>
> While the team is examining the specifics of the issues you reported, we
> encourage you to download and use the TDS 5.5-SNAPSHOT release, which
> receives regular security updates:
>
> Blockedhttps://downloads.unidata.ucar.edu/tds/5.5/thredds-5.5-SNAPSHOT.war
>
> Please let us know if you have any questions!
>
> Best,
> THREDDS Support
>
>
> Ticket Details
> ===================
> Ticket ID: OJG-162986
> Department: Support THREDDS
> Priority: Normal
> Status: Open
> ===================
> NOTE: All email exchanges with NSF Unidata User Support are recorded in
> the Unidata inquiry tracking system and then made publicly available
> through the web.  If you do not want to have your interactions made
> available in this way, you must let us know in each email you send to us.
>
>
>
>
>
> Ticket Details
> ===================
> Ticket ID: OJG-162986
> Department: Support THREDDS
> Priority: Normal
> Status: Open
> Link:
> https://andy.unidata.ucar.edu/staff/index.php?_m=tickets&_a=viewticket&ticketid=34633
>
>



Ticket Details
===================
Ticket ID: OJG-162986
Department: Support THREDDS
Priority: Normal
Status: Open
===================
NOTE: All email exchanges with NSF Unidata User Support are recorded in the 
Unidata inquiry tracking system and then made publicly available through the 
web.  If you do not want to have your interactions made available in this way, 
you must let us know in each email you send to us.

Prev by Date: [THREDDS #OJG-162986]: RE: Potential vulnerability - item #2
Next by Date: [THREDDS #OJG-162986]: RE: Potential vulnerability - item #2
Previous by thread: [THREDDS #OJG-162986]: RE: Potential vulnerability - item #2
Next by thread: [THREDDS #OJG-162986]: RE: Potential vulnerability - item #2
Index(es):
- Date
- Thread