PenTestIT RSS Feed
My first post about this open source OWASP project was about an older version. This post discusses the changes made to the open source software composition analysis utility in the latest release yesterday. This is the OWASP Dependency-Check 2.1.1! This release contains a few known threading issues that can affect the Jenkins implementation; these have not been fixed in this release and are planned for the next release.
In addition to general bug fixes and false positive reductions the following enhancements were made:
Interestingly, a persistent cross-site scripting vulnerability in the OWASP Dependency-Check Jenkins plugin aka CVE-2017-1000109 was also fixed with this release.
Download OWASP Dependency-Check 2.1.1 (DependencyCheck-2.1.1.zip) and other related plugins here.
The post UPDATE: OWASP Dependency-Check 2.1.1! appeared first on PenTestIT.