Summary: | Should we enable gzip compression on the HTTP server instances? | ||
---|---|---|---|
Product: | [IoT] Kapua | Reporter: | Claudio Mezzasalma <claudio.mezzasalma> |
Component: | General | Assignee: | Project inbox <kapua-inbox> |
Status: | NEW --- | QA Contact: | |
Severity: | normal | ||
Priority: | P3 | CC: | alberto.codutti, contact, wayne.beaton |
Version: | unspecified | Keywords: | security |
Target Milestone: | --- | ||
Hardware: | All | ||
OS: | All | ||
Whiteboard: |
Description
Claudio Mezzasalma
2017-03-14 05:48:36 EDT
Any progress? FYI, advice regarding how to handle vulnerabilities is provided by the handbook. https://www.eclipse.org/projects/handbook/#vulnerability Can we please get a response from the project team? Hi Wayne, at the end we decided to not enable it for now since we didn't found any quick, easy and final solution. The issue was discovered and fixed[1] when the project was on incubation and the first release was not yet done, so we didn't see the need of opening a CVE and follow the procedures defined by the handbook[2]. If that is fine, we can close this issue. Regards, - Alberto [1] https://github.com/eclipse/kapua/commit/023a0ba18e20a27878eff9648429957ed1b9d72d [2] https://www.eclipse.org/projects/handbook/#vulnerability |