[Fortify Open Review Project] Fortify Open Review Project - Freeplane 1.3.15

classic Classic list List threaded Threaded
1 message Options
Reply | Threaded
Open this post in threaded view
|

[Fortify Open Review Project] Fortify Open Review Project - Freeplane 1.3.15

Felix Natter
Administrator
hello Freeplane devs,

I reveived this mail from HP (why me?). I think there are some things we
should consider.

Best Regards,
Felix


Dear Project Manager,

 

 

History of Fortify Open Source Review

 

Since 2001, HP Fortify, the leader in application security testing, has dedicated our market leading Source Code Analyzer (SCA) solution to the advancement and security of Open Source security projects.  Today, as HP Fortify continues its journey, the HP Fortify Open Review team is providing open source project owners a no-cost assessment.  Contributors are provided every opportunity to not only provide the community with great software, but secure software.

 

 

Open Source Project / Application Name and release version: Freeplane 1.3.15

 

 

The HP Fortify Open Review team has assessed Freeplane 1.3.15 for possible security vulnerabilities and the results of your assessment is attached.  It is HP’s policy to make all results public on our Fortify on Demand website within 60 days from the date of this notification. Based on the findings, we would encourage your team to remediate any of the security vulnerabilities in this report or challenge any finding as a “false positive” by contacting our team with an explanation of why you believe the finding to be false.

 

To contact to a member of our team, please email us at [hidden email].  

 

Additional information about Hewlett-Packard’s Fortify Open Review program is available here: 

 

https://hpfod.com/open-source-review-project

 

 

 

What is Fortify on Demand?

 

HP Fortify on Demand is a managed application security testing service that makes it simple to  initiate security tests on a few applications or launch a comprehensive security program without  upfront investment of technology  and resources. Combining advanced dynamic and static  testing technologies (HP Fortify) with HP’s experience in evaluating software security, Fortify on  Demand brings professional-level software security expertise to organizations of any size.

 

Regards,

 

The Fortify on Demand Team

© 2015 Hewlett-Packard Development Company, L.P.

 

 

 

 

 

 

 




--
Felix Natter

Fortify Open Review_ Freeplane 1315.pdf (697K) Download Attachment