Veracode static analysis results

Chris Wysopal cwysopal at
Wed Dec 5 16:06:22 EST 2012


Thank you for the response. Some issues are minor and some may not need fixes but I wanted to send everything we found.  Totally understand release schedules as we are a software company.


-----Original Message-----
From: Ethan Blanton [mailto:elb at] 
Sent: Wednesday, December 05, 2012 4:04 PM
To: Chris Wysopal
Cc: Eion Robb; Richard Laager; security at
Subject: Re: Veracode static analysis results

Chris Wysopal spake unto us the following wisdom:
> Let me try one more time. Should be an attachment.

Yes, thank you.  Let us take a look at this and get back with you.

In general, we are very keen to address security issues.  Our release schedule and compatability requirements sometimes dictate that changes are not immediate.  We will try to get some time frames laid out and you can decide if they meet your needs.  This is a large number of issues.


More information about the security mailing list