https://connect.hyland.com/t5/alfresco-archive/unpatched-security-vulnerabilities-in-activiti/m-p/228710#M181840 <HTML><HEAD></HEAD><BODY><SPAN>Hi Brendan,</SPAN><BR /><BR /><SPAN>Thanks for letting us know.&nbsp; I can only assume that someone assumed that as Activiti Explorer is not supported in the Enterprise version, that this would be dealt with through Community channels.&nbsp; I will investigate to understand where the lapse came, as the Activiti team are very committed to the Activiti Community and would not want to expose anyone to security risks.</SPAN><BR /><BR /><SPAN>Best regards</SPAN><BR /><SPAN>Paul.</SPAN></BODY></HTML> Tue, 31 May 2016 09:41:02 GMT paulhh1 2016-05-31T09:41:02Z https://connect.hyland.com/t5/alfresco-archive/unpatched-security-vulnerabilities-in-activiti/m-p/228707#M181837 Hi AllOne of my colleagues recently discovered two security vulnerabilities in Activiti, but was unable to get a response from Alfreso and posted details on the oss-security list:http://www.openwall.com/lists/oss-security/2016/04/29/2I am making this post in the hope that someone in the development Wed, 18 May 2016 01:31:53 GMT https://connect.hyland.com/t5/alfresco-archive/unpatched-security-vulnerabilities-in-activiti/m-p/228707#M181837 dfj 2016-05-18T01:31:53Z https://connect.hyland.com/t5/alfresco-archive/unpatched-security-vulnerabilities-in-activiti/m-p/228708#M181838 <HTML><HEAD></HEAD><BODY><SPAN>Hi David, who did you contact on the Alfresco side? I haven't seen anything coming in …</SPAN><BR /></BODY></HTML> Thu, 19 May 2016 10:02:20 GMT https://connect.hyland.com/t5/alfresco-archive/unpatched-security-vulnerabilities-in-activiti/m-p/228708#M181838 jbarrez 2016-05-19T10:02:20Z https://connect.hyland.com/t5/alfresco-archive/unpatched-security-vulnerabilities-in-activiti/m-p/228709#M181839 <HTML><HEAD></HEAD><BODY><SPAN>Hey there,</SPAN><BR /><BR /><SPAN>I made several attempts using the Alfrecso contact form reaching out for someone to contact me privately so I could forward on the security details. I received a number of confirmation emails, but nobody ever responded to the emails.</SPAN><BR /><BR /><SPAN>Thanks,</SPAN><BR /><BR /><SPAN>Brendan</SPAN></BODY></HTML> Thu, 19 May 2016 23:26:44 GMT https://connect.hyland.com/t5/alfresco-archive/unpatched-security-vulnerabilities-in-activiti/m-p/228709#M181839 bscarvell 2016-05-19T23:26:44Z https://connect.hyland.com/t5/alfresco-archive/unpatched-security-vulnerabilities-in-activiti/m-p/228710#M181840 <HTML><HEAD></HEAD><BODY><SPAN>Hi Brendan,</SPAN><BR /><BR /><SPAN>Thanks for letting us know.&nbsp; I can only assume that someone assumed that as Activiti Explorer is not supported in the Enterprise version, that this would be dealt with through Community channels.&nbsp; I will investigate to understand where the lapse came, as the Activiti team are very committed to the Activiti Community and would not want to expose anyone to security risks.</SPAN><BR /><BR /><SPAN>Best regards</SPAN><BR /><SPAN>Paul.</SPAN></BODY></HTML> Tue, 31 May 2016 09:41:02 GMT https://connect.hyland.com/t5/alfresco-archive/unpatched-security-vulnerabilities-in-activiti/m-p/228710#M181840 paulhh1 2016-05-31T09:41:02Z