Veracode static analysis results
cwysopal at Veracode.com
Wed Dec 5 16:06:22 EST 2012
Thank you for the response. Some issues are minor and some may not need fixes but I wanted to send everything we found. Totally understand release schedules as we are a software company.
From: Ethan Blanton [mailto:elb at pidgin.im]
Sent: Wednesday, December 05, 2012 4:04 PM
To: Chris Wysopal
Cc: Eion Robb; Richard Laager; security at pidgin.im
Subject: Re: Veracode static analysis results
Chris Wysopal spake unto us the following wisdom:
> Let me try one more time. Should be an attachment.
Yes, thank you. Let us take a look at this and get back with you.
In general, we are very keen to address security issues. Our release schedule and compatability requirements sometimes dictate that changes are not immediate. We will try to get some time frames laid out and you can decide if they meet your needs. This is a large number of issues.
More information about the security