[Cubicweb] Fortify Open Review Project - Cubicweb 3.20.6

Fortify Open Review Project fortify-open-review at hp.com
Tue May 26 20:11:14 CEST 2015

Dear Project Manager,

History of Fortify Open Source Review

Since 2001, HP Fortify, the leader in application security testing, has dedicated our market leading Source Code Analyzer (SCA) solution to the advancement and security of Open Source security projects.  Today, as HP Fortify continues its journey, the HP Fortify Open Review team is providing open source project owners a no-cost assessment.  Contributors are provided every opportunity to not only provide the community with great software, but secure software.

Open Source Project / Application Name and release version:  Cubicweb 3.20.6

The HP Fortify Open Review team has assessed Cubicweb 3.20.6 for possible security vulnerabilities and the results of your assessment is attached.  It is HP's policy to make all results public on our Fortify on Demand website within 60 days from the date of this notification. Based on the findings, we would encourage your team to remediate any of the security vulnerabilities in this report or challenge any finding as a "false positive" by contacting our team with an explanation of why you believe the finding to be false.

To contact to a member of our team, please email us at Fortify-Open-Review at hp.com<mailto:Fortify-Open-Review at hp.com>.

Additional information about Hewlett-Packard's Fortify Open Review program is available here:


What is Fortify on Demand?

HP Fortify on Demand is a managed application security testing service that makes it simple to  initiate security tests on a few applications or launch a comprehensive security program without  upfront investment of technology  and resources. Combining advanced dynamic and static  testing technologies (HP Fortify) with HP's experience in evaluating software security, Fortify on  Demand brings professional-level software security expertise to organizations of any size.


The Fortify on Demand Team

(c) 2015 Hewlett-Packard Development Company, L.P.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.cubicweb.org/pipermail/cubicweb/attachments/20150526/5c6f6a2f/attachment-0185.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: Cubicweb 3206.pdf
Type: application/pdf
Size: 357365 bytes
Desc: Cubicweb 3206.pdf
URL: <http://lists.cubicweb.org/pipermail/cubicweb/attachments/20150526/5c6f6a2f/attachment-0272.pdf>

More information about the Cubicweb mailing list