Tripwire Console Orchestrator 5.1.0 - Third Party Libraries

Total Page:16

File Type:pdf, Size:1020Kb

Tripwire Console Orchestrator 5.1.0 - Third Party Libraries Tripwire Console Orchestrator 5.1.0 - Third Party Libraries Name Selected License antlr 2.7.7 (ANTLR 2 Public Domain License) ANTLR Software Rights Notice jdom2 2.0.6 (JDOM License) Apache License 1.1 apache-el 8.0.9.M3 (Apache-2.0) Apache License 2.0 apache-jsp 8.0.9.M3 (Apache-2.0) Apache License 2.0 apache-jsp 9.2.14 (Apache-2.0) Apache License 2.0 atmosphere-runtime 2.4.30.vaadin1 (Apache-2.0) Apache License 2.0 axis 1.4 (Apache 2.0) Apache License 2.0 axis-jaxrpc 1.4 (Apache v2.0) Apache License 2.0 axis-saaj 1.4 (Apache v2.0) Apache License 2.0 buttongroup 2.3 (Apache v2.0) Apache License 2.0 byte-buddy 1.9.5 (Apache-2.0) Apache License 2.0 classmate 1.3.4 (Apache-2.0) Apache License 2.0 commons-beanutils 1.9.3 (Apache-2.0) Apache License 2.0 commons-codec 1.12 (Apache-2.0) Apache License 2.0 commons-collections 20040616 (Apache-2.0) Apache License 2.0 commons-collections4 4.3 (Apache-2.0) Apache License 2.0 commons-compress 1.18 (Apache-2.0) Apache License 2.0 commons-discovery 0.5 (Apache 2.0) Apache License 2.0 commons-id 0.1-dev (Apache v2.0) Apache License 2.0 commons-io 2.6 (Apache-2.0) Apache License 2.0 commons-lang3 3.8.1 (Apache-2.0) Apache License 2.0 commons-logging 1.2 (Apache-2.0) Apache License 2.0 commons-math3 3.6.1 (Apache-2.0) Apache License 2.0 commons-net 3.6.0 (Apache-2.0) Apache License 2.0 commons-text 1.4 (Apache-2.0) Apache License 2.0 cssparser 0.9.24 (Apache-2.0) Apache License 2.0 fastinfoset 1.2.15 (Apache-2.0) Apache License 2.0 gentyref 1.2.0.vaadin1 (Apache 2.0) Apache License 2.0 gson 2.6.2 (Apache-2.0) Apache License 2.0 guava 27.1-jre (Apache-2.0) Apache License 2.0 gwt-dev 2.8.2 (Apache-2) Apache License 2.0 gwt-elemental 2.8.2 (Apache 2.0) Apache License 2.0 htmlunit 2.19 (Apache-2.0) Apache License 2.0 httpasyncclient 4.1.4 (Apache-2.0) Apache License 2.0 httpclient 4.5.7 (Apache-2.0) Apache License 2.0 Tripwire Console Orchestrator 1 License Agreements Name Selected License httpcore 4.4.11 (Apache-2.0) Apache License 2.0 httpcore-nio 4.4.11 (Apache-2.0) Apache License 2.0 httpmime 4.5.7 (Apache-2.0) Apache License 2.0 jackson-annotations 2.9.8 (Apache-2.0) Apache License 2.0 jackson-core 2.9.8 (Apache-2.0) Apache License 2.0 jackson-databind 2.9.8 (Apache-2.0) Apache License 2.0 jandex 2.0.5 (Apache-2.0) Apache License 2.0 jansi 1.17.1 (Apache-2.0) Apache License 2.0 jasypt 1.9.2 (Apache-2.0) Apache License 2.0 javassist 3.24.0-GA (Apache-2.0) Apache License 2.0 jboss-logging 3.3.2 (Apache v2.0) Apache License 2.0 jetty-annotations 9.2.14 (Apache v2.0) Apache License 2.0 jetty-continuation 9.2.14 (Apache-2.0) Apache License 2.0 jetty-http 9.2.14 (Apache-2.0) Apache License 2.0 jetty-io 9.2.14 (Apache-2.0) Apache License 2.0 jetty-jndi 9.2.14 (Apache-2.0) Apache License 2.0 jetty-plus 9.2.14 (Apache-2.0) Apache License 2.0 jetty-security 9.2.14 (Apache-2.0) Apache License 2.0 jetty-server 9.2.14 (Apache-2.0) Apache License 2.0 jetty-servlet 9.2.14 (Apache-2.0) Apache License 2.0 jetty-servlets 9.2.14 (Apache-2.0) Apache License 2.0 jetty-util 9.2.14 (Apache-2.0) Apache License 2.0 jetty-webapp 9.2.14 (Apache-2.0) Apache License 2.0 jetty-xml 9.2.14 (Apache-2.0) Apache License 2.0 jpacontainer 4.0.0 (Apache 2.0) Apache License 2.0 jsinterop-annotations 1.0.2 (Apache 2.0) Apache License 2.0 maven-artifact 3.6.0 (Apache-2.0) Apache License 2.0 nekohtml 1.9.22 (Apache-2.0) Apache License 2.0 opencsv 4.5 (Apache-2.0) Apache License 2.0 plexus-utils 3.1.0 (Apache-2.0) Apache License 2.0 poi/poi-ooxml/poi-ooxml-schemas 4.0.1 (Apache-2.0) Apache License 2.0 serializer 2.7.2 (Apache-2.0) Apache License 2.0 shiro-core 1.3.2 (Apache-2.0) Apache License 2.0 shiro-web 1.3.2 (Apache-2.0) Apache License 2.0 switch 3.0.0 (Apache-2.0) Apache License 2.0 tika-core 1.20 (Apache-2.0) Apache License 2.0 vaadin-client 8.7.0 (Apache-2.0) Apache License 2.0 vaadin-client-compiler 8.7.0 (Apache-2.0) Apache License 2.0 vaadin-compatibility-client 8.7.0 (Apache-2.0) Apache License 2.0 Tripwire Console Orchestrator 2 License Agreements Name Selected License vaadin-compatibility-client-compiled 8.7.0 (Apache-2.0) Apache License 2.0 vaadin-compatibility-server 8.7.0 (Apache-2.0) Apache License 2.0 vaadin-compatibility-shared 8.7.0 (Apache-2.0) Apache License 2.0 vaadin-compatibility-themes 8.7.0 (Apache-2.0) Apache License 2.0 vaadin-icons 3.0.2 (Apache-2.0) Apache License 2.0 vaadin-push 8.7.0 (Apache-2.0) Apache License 2.0 vaadin-sass-compiler 0.9.13 (Apache-2.0) Apache License 2.0 vaadin-server 8.7.0 (Apache-2.0) Apache License 2.0 vaadin-shared 8.7.0 (Apache-2.0) Apache License 2.0 vaadin-themes 8.7.0 (Apache-2.0) Apache License 2.0 validation-api 1.0.0 (Apache-2.0) Apache License 2.0 validation-api 2.0.1.Final (Apache-2.0) Apache License 2.0 vt-password 3.1.2 (Apache 2.0) Apache License 2.0 websocket-api 9.2.13 (Apache-2.0) Apache License 2.0 wizards-for-vaadin 2.0.1 (Apache v2.0) Apache License 2.0 xalan 2.7.2 (Apache-2.0) Apache License 2.0 xercesImpl 2.11.0 (Apache 2.0) Apache License 2.0 xml-apis 1.4.01 (Apache-2.0) Apache License 2.0 xmlbeans 3.0.2 (Apache 2.0) Apache License 2.0 jaxen 1.1.6 (BSD-3) BSD 3-clause "New" or "Revised" License asm 5.0.3 (BSD) BSD Style/Attribution asm-commons 5.0.3 (BSD) BSD-Style License asm-tree 5.0.3 (BSD) BSD-Style License asm-util 5.0.3 (BSD) BSD-Style License curvesapi 1.05 (BSD) BSD-Style License yuicompressor 2.4.8 (BSD) BSD-Style License colt 1.2.0 (COLT License) Colt License Agreement jboss-transaction-api_1.2_spec 1.1.1.Final (CDDL v1.0) Common Development and Distribution License jetty-schemas 3.1.M0 (CDDL 1.0) Common Development and Distribution License jsr311-api 1.1.1 (CDDL 1.0) Common Development and Distribution License javax.annotation-api 1.3.2 (CDDL-1.0) Common Development and Distribution License 1.0 istack-commons-runtime 3.0.7 (CDDL 1.1) Common Development and Distribution License 1.1 javax.activation-api 1.2.0 (CDDL 1.1) Common Development and Distribution License 1.1 Tripwire Console Orchestrator 3 License Agreements Name Selected License javax.mail 1.5.6 (CDDL v1.1) Common Development and Distribution License 1.1 jaxb-api 2.4.0-b180830.0359 (CDDL 1.1) Common Development and Distribution License 1.1 jaxb-runtime 2.3.1 (CDDL v1.1) Common Development and Distribution License 1.1 stax-ex 1.8 (CDDL v1.1) Common Development and Distribution License 1.1 txw2 2.3.1 [bundled with jaxb-runtime 2.3.1] (CDDL v1.1) Common Development and Distribution License 1.1 axis-wsdl4j 1.5.1 (CPL 1.0) Common Public License wsdl4J 1.6.3 (CPL 1.0) Common Public License Code based on stack_overflow article 4987327 "How do I Creative Commons Attribution Share check if a string is unicode or ascii?" (CC-by-SA 3.0) Alike 3.0 c3p0 0.9.5.2 (EPL-1.0) Eclipse Public License 1.0 javax.persistence-api 2.2 (EPL-1.0) Eclipse Public License 1.0 logback-classic 1.2.3 (EPL-1.0) Eclipse Public License 1.0 logback-core 1.2.3 (EPL-1.0) Eclipse Public License 1.0 mchange-commons-java 0.2.11 (EPL v1.0) Eclipse Public License 1.0 jakarta.persistence-api 2.2.1 (EPL-2.0) Eclipse Public License 2.0 hibernate-commons-annotations 5.1.0 (LGPL-2.1) GNU Lesser General Public License v2.1 unboundid-ldapsdk 4.0.10 (LGPL-2.1) GNU Lesser General Public License v2.1 hibernate-core 5.4.1.Final (LGPL v2.1) GNU Lesser General Public License v2.1 or later redstone 1.1.1 (LGPL-2.1) GNU Lesser General Public License v2.1 or later icu4j 50.1.1 (ICU License) ICU License bc-fips 3.0.1 (Legion Of The Bouncy Castle License) Legion Of The Bouncy Castle License bcpkix-jdk15on 1.53 (Legion Of The Bouncy Castle License) Legion Of The Bouncy Castle License jsoup 1.11.2 (MIT) MIT License (also X11) jsoup 1.11.3 (MIT) MIT License (also X11) slf4j-api 1.7.25 (MIT) MIT License (also X11) slf4j-simple 1.7.5 (MIT) MIT License (also X11) vaadin-chartjs 1.4.0 (MIT) MIT License (also X11) vaadin-slf4j-jdk14 1.6.1 (MIT) MIT License (also X11) jsonrpc4j 1.5.3 (MIT) MIT-Style License Tripwire Console Orchestrator 4 License Agreements Name Selected License unirest-java 2.2.04 (MIT) MIT-Style License h2 1.4.199 (MPL 2.0) Mozilla Public License 2.0 htmlunit-core-js 2.17 (MPL-2.0) Mozilla Public License 2.0 js 1.7R2 (MPL-1.1) Mozilla Public License 2.0 gwt-user 2.8.2 (Apache-2.0) None Selected hibernate-c3p0 5.4.1.Final (LGPL v2.1) None Selected hibernate-jpa-2.1-api 1.0.2 (EPL-1.0) None Selected tapestry 4.0.2 (Apache-2) None Selected websocket-client 9.2.13 (Apache-2.0) None Selected websocket-common 9.2.13 (Apache-2.0) None Selected base64 2.3.9 (Public Domain) Public Domain json 20180130 (The JSON License) The JSON License flute 1.3.0.gg2 (W3C Software Copyright Notice and W3C Software Notice and License (1998- License) 07-20) sac 1.3 (W3C License) W3C Software Notice and License (1998- 07-20) dom4j 2.1.1 (DOM4J License) dom4j License Tripwire Console Orchestrator 5.1.0 - Third-Party Notices [antlr 2.7.7 (ANTLR 2 Public Domain License)] Copyright Statements ANTLR 1989-2006 Developed by Terence Parr Partially supported by University of San Francisco & jGuru.com License Text (http://spdx.org/licenses/ANTLR-PD) ANTLR SOFTWARE RIGHTS ANTLR 1989-2006 Developed by Terence Parr Partially supported by University of San Francisco & jGuru.com We reserve no legal rights to the ANTLR--it is fully in the public domain.
Recommended publications
  • Commonjavajars - a Package with Useful Libraries for Java Guis
    CommonJavaJars - A package with useful libraries for Java GUIs To reduce the package size of other R packages with Java GUIs and to reduce jar file conflicts, this package provides a few commonly used Java libraries. You should be able to load them by calling the rJava .jpackage function (a good place is most likely the .onLoad function of your package): .jpackage("CommonJavaJars", jars=c("forms-1.2.0.jar", "iText-2.1.4.jar")) We provide the following Java libraries: Apache Commons Logging under the Apache License, Version 2.0, January 2004, http://commons. apache.org/logging/, Copyright 2001-2007 The Apache Software Foundation Apache jog4j under Apache License 2.0, http://logging.apache.org/log4j/, Copyright 2007 The Apache Software Foundation Apache Commons Lang under Apache License 2.0, http://commons.apache.org/lang/, Copyright 2001-2011 The Apache Software Foundation Apache POI under Apache License 2.0, http://poi.apache.org/, Copyright 2001-2007 The Apache Software Foundation Apache Commons Collections under the Apache License, Version 2.0, January 2004, http://commons. apache.org/collections/, Copyright 2001-2008 The Apache Software Foundation Apache Commons Validator under the Apache License, Version 2.0, January 2004, http://commons. apache.org/validator/, Copyright 2001-2010 The Apache Software Foundation JLaTeXMath under GPL >= 2.0, http://forge.scilab.org/index.php/p/jlatexmath/, Copyright 2004-2007, 2009 Calixte, Coolsaet, Cleemput, Vermeulen and Universiteit Gent iText 2.1.4 under LGPL, http://itextpdf.com/, Copyright
    [Show full text]
  • Webroot Brightcloud® SDK for C and C++ Sdks Apache License 2.0
    Webroot BrightCloud® SDK For C and C++ SDKs Apache License 2.0 • Apache Portable Runtime Utilities (APR-util) Copyright © 2008-2018, The Apache Software Foundation • Apache Portable Runtime Utilities 1.2.12 (APR-util) Copyright © 2008-2018, The Apache Software Foundation • X Delta 3.0.3 Copyright (C) 2001, 2002, 2003, 2004, 2005, 2006, 2007, 2008, 2009, 2010, 2011, 2012, 2013, 2014, 2015 [email protected] Apache License Version 2.0, January 2004 http://www.apache.org/licenses/ TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION 1. Definitions. “License” shall mean the terms and conditions for use, reproduction, and distribution as defined by Sections 1 through 9 of this document. “Licensor” shall mean the copyright owner or entity authorized by the copyright owner that is granting the License. “Legal Entity” shall mean the union of the acting entity and all other entities that control, are controlled by, or are under common control with that entity. For the purposes of this definition, “control” means (i) the power, direct or indirect, to cause the direction or management of such entity, whether by contract or otherwise, or (ii) ownership of fifty percent (50%) or more of the outstanding shares, or (iii) beneficial ownership of such entity. “You” (or “Your”) shall mean an individual or Legal Entity exercising permissions granted by this License. “Source” form shall mean the preferred form for making modifications, including but not limited to software source code, documentation source, and configuration files. “Object” form shall mean any form resulting from mechanical transformation or translation of a Source form, including but not limited to compiled object code, generated documentation, and conversions to other media types.
    [Show full text]
  • Merchandise Planning and Optimization Licensing Information
    Oracle® Retail Merchandise Planning and Optimization Licensing Information July 2009 This document provides licensing information for all the third-party applications used by the following Oracle Retail applications: ■ Oracle Retail Clearance Optimization Engine ■ Oracle Retail Markdown Optimization ■ Oracle Retail Place ■ Oracle Retail Plan ■ Oracle Retail Promote (PPO and PI) Prerequisite Softwares and Licenses Oracle Retail products depend on the installation of certain essential products (with commercial licenses), but the company does not bundle these third-party products within its own installation media. Acquisition of licenses for these products should be handled directly with the vendor. The following products are not distributed along with the Oracle Retail product installation media: ® ■ BEA WebLogic Server (http://www.bea.com) ™ ■ MicroStrategy Desktop (http://www.microstrategy.com) ■ MicroStrategy Intelligence Server™ and Web Universal (http://www.microstrategy.com) ® ■ Oracle Database 10g (http://www.oracle.com) ® ■ Oracle Application Server 10g (http://www.oracle.com) ® ■ Oracle Business Intelligence Suite Enterprise Edition Version 10 (http://www.oracle.com) ■ rsync (http://samba.anu.edu.au/rsync/). See rsync License. 1 Softwares and Licenses Bundled with Oracle Retail Products The following third party products are bundled along with the Oracle Retail product code and Oracle has acquired the necessary licenses to bundle the software along with the Oracle Retail product: ■ addObject.com NLSTree Professional version 2.3
    [Show full text]
  • The Pentaho Big Data Guide This Document Supports Pentaho Business Analytics Suite 4.8 GA and Pentaho Data Integration 4.4 GA, Documentation Revision October 31, 2012
    The Pentaho Big Data Guide This document supports Pentaho Business Analytics Suite 4.8 GA and Pentaho Data Integration 4.4 GA, documentation revision October 31, 2012. This document is copyright © 2012 Pentaho Corporation. No part may be reprinted without written permission from Pentaho Corporation. All trademarks are the property of their respective owners. Help and Support Resources If you have questions that are not covered in this guide, or if you would like to report errors in the documentation, please contact your Pentaho technical support representative. Support-related questions should be submitted through the Pentaho Customer Support Portal at http://support.pentaho.com. For information about how to purchase support or enable an additional named support contact, please contact your sales representative, or send an email to [email protected]. For information about instructor-led training on the topics covered in this guide, visit http://www.pentaho.com/training. Limits of Liability and Disclaimer of Warranty The author(s) of this document have used their best efforts in preparing the content and the programs contained in it. These efforts include the development, research, and testing of the theories and programs to determine their effectiveness. The author and publisher make no warranty of any kind, express or implied, with regard to these programs or the documentation contained in this book. The author(s) and Pentaho shall not be liable in the event of incidental or consequential damages in connection with, or arising out of, the furnishing, performance, or use of the programs, associated instructions, and/or claims. Trademarks Pentaho (TM) and the Pentaho logo are registered trademarks of Pentaho Corporation.
    [Show full text]
  • Coldfusion Server and Performance Management Suite 2018
    ColdFusion Server and Performance Management Suite 2018 Third Party Software Notices and/or Additional Terms and Conditions Date Generated: 2018/09/10 LibJPEG ID: 54 Thomas G. Lane This software is based in part on the work of the Independent JPEG Group. _________________________________________________________________________________________________________ Adobe modified Zlib ID: 823 Jean-loup Gailly and Mark Adler Portions include technology used under license from Jean-loup Gailly and Mark Adler, and are copyrighted. _________________________________________________________________________________________________________ Apache Commons Collections ID: 306 Apache Foundation and Contributors This product includes software licensed under the Apache License, Version 2.0 http://www.apache.org/licenses/LICENSE-2.0 _________________________________________________________________________________________________________ Apache Commons Collections ID: 1132 The Apache Software Foundation The Apache Software License, Version 1.1 Copyright (c) 1999-2001, 1999-2003 The Apache Software Foundation. All rights reserved. Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: 1. Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer. 2. Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other
    [Show full text]
  • Modern Web Application Frameworks
    MASARYKOVA UNIVERZITA FAKULTA INFORMATIKY Û¡¢£¤¥¦§¨ª«¬­Æ°±²³´µ·¸¹º»¼½¾¿Ý Modern Web Application Frameworks MASTER’S THESIS Bc. Jan Pater Brno, autumn 2015 Declaration Hereby I declare, that this paper is my original authorial work, which I have worked out by my own. All sources, references and literature used or ex- cerpted during elaboration of this work are properly cited and listed in complete reference to the due source. Bc. Jan Pater Advisor: doc. RNDr. Petr Sojka, Ph.D. i Abstract The aim of this paper was the analysis of major web application frameworks and the design and implementation of applications for website content ma- nagement of Laboratory of Multimedia Electronic Applications and Film festival organized by Faculty of Informatics. The paper introduces readers into web application development problematic and focuses on characte- ristics and specifics of ten selected modern web application frameworks, which were described and compared on the basis of relevant criteria. Practi- cal part of the paper includes the selection of a suitable framework for im- plementation of both applications and describes their design, development process and deployment within the laboratory. ii Keywords Web application, Framework, PHP,Java, Ruby, Python, Laravel, Nette, Phal- con, Rails, Padrino, Django, Flask, Grails, Vaadin, Play, LEMMA, Film fes- tival iii Acknowledgement I would like to show my gratitude to my supervisor doc. RNDr. Petr So- jka, Ph.D. for his advice and comments on this thesis as well as to RNDr. Lukáš Hejtmánek, Ph.D. for his assistance with application deployment and server setup. Many thanks also go to OndˇrejTom for his valuable help and advice during application development.
    [Show full text]
  • Alfresco ACSCE-5X Exam
    Alfresco ACSCE-5X Exam Volume: 60 Questions Question: 1 What is the class.org.alfresco.model.ContentModel used for? A. Transforming document content into a different format. B. Validating the content of the document follows a certain template. C. Referencing out of the box content model types in your code. D. Trigger automatic metadata extraction from the content. E. Moving content in the repository between folders. Answer: C Question: 2 When would you consider developing your custom server code in Java in place of JavaScript? (Choose three.) A. When a web script needs to be executed inside a transaction. B. When I need to execute part of my code as system user. C. When developing a custom scheduled process. D. When developing a content rule. E. When developing a behavior/policy. Answer: B,C,D Question: 3 Which file is required in order for an AMP file to be valid? A. module.properties B. service-context.xml Leading the way in IT testing and certification tools, www.examkiller.net Alfresco ACSCE-5X Exam C. file-mapping.properties D. web.xml Answer: A Question: 4 An Alfresco Webscript is called via a POST request to the URL /example/mycontent/item1, relative to the Alfresco Content Services REST API base URL. Based on RESTful principles and standards, what will be the result of this call? A. The existing resource ‘item1’ is updated. B. The existing resource ‘item1’ is updated. C. The content of the resource ‘item1’ is returned to the user. D. A new resource ‘item1’ is added. Answer: D Question: 5 How can we modify what data is shown in each row of the Alfresco Share document library, using the supported extension points? A.
    [Show full text]
  • Open Source Used in Cisco Unity Connection 11.5 SU 1
    Open Source Used In Cisco Unity Connection 11.5 SU 1 Cisco Systems, Inc. www.cisco.com Cisco has more than 200 offices worldwide. Addresses, phone numbers, and fax numbers are listed on the Cisco website at www.cisco.com/go/offices. Text Part Number: 78EE117C99-132949842 Open Source Used In Cisco Unity Connection 11.5 SU 1 1 This document contains licenses and notices for open source software used in this product. With respect to the free/open source software listed in this document, if you have any questions or wish to receive a copy of any source code to which you may be entitled under the applicable free/open source license(s) (such as the GNU Lesser/General Public License), please contact us at [email protected]. In your requests please include the following reference number 78EE117C99-132949842 Contents 1.1 ace 5.3.5 1.1.1 Available under license 1.2 Apache Commons Beanutils 1.6 1.2.1 Notifications 1.2.2 Available under license 1.3 Apache Derby 10.8.1.2 1.3.1 Available under license 1.4 Apache Mina 2.0.0-RC1 1.4.1 Available under license 1.5 Apache Standards Taglibs 1.1.2 1.5.1 Available under license 1.6 Apache STRUTS 1.2.4. 1.6.1 Available under license 1.7 Apache Struts 1.2.9 1.7.1 Available under license 1.8 Apache Xerces 2.6.2. 1.8.1 Notifications 1.8.2 Available under license 1.9 axis2 1.3 1.9.1 Available under license 1.10 axis2/cddl 1.3 1.10.1 Available under license 1.11 axis2/cpl 1.3 1.11.1 Available under license 1.12 BeanUtils(duplicate) 1.6.1 1.12.1 Notifications Open Source Used In Cisco Unity Connection
    [Show full text]
  • Tracking Known Security Vulnerabilities in Third-Party Components
    Tracking known security vulnerabilities in third-party components Master’s Thesis Mircea Cadariu Tracking known security vulnerabilities in third-party components THESIS submitted in partial fulfillment of the requirements for the degree of MASTER OF SCIENCE in COMPUTER SCIENCE by Mircea Cadariu born in Brasov, Romania Software Engineering Research Group Software Improvement Group Department of Software Technology Rembrandt Tower, 15th floor Faculty EEMCS, Delft University of Technology Amstelplein 1 - 1096HA Delft, the Netherlands Amsterdam, the Netherlands www.ewi.tudelft.nl www.sig.eu c 2014 Mircea Cadariu. All rights reserved. Tracking known security vulnerabilities in third-party components Author: Mircea Cadariu Student id: 4252373 Email: [email protected] Abstract Known security vulnerabilities are introduced in software systems as a result of de- pending on third-party components. These documented software weaknesses are hiding in plain sight and represent the lowest hanging fruit for attackers. Despite the risk they introduce for software systems, it has been shown that developers consistently download vulnerable components from public repositories. We show that these downloads indeed find their way in many industrial and open-source software systems. In order to improve the status quo, we introduce the Vulnerability Alert Service, a tool-based process to track known vulnerabilities in software projects throughout the development process. Its usefulness has been empirically validated in the context of the external software product quality monitoring service offered by the Software Improvement Group, a software consultancy company based in Amsterdam, the Netherlands. Thesis Committee: Chair: Prof. Dr. A. van Deursen, Faculty EEMCS, TU Delft University supervisor: Prof. Dr. A.
    [Show full text]
  • Unravel Data Systems Version 4.5
    UNRAVEL DATA SYSTEMS VERSION 4.5 Component name Component version name License names jQuery 1.8.2 MIT License Apache Tomcat 5.5.23 Apache License 2.0 Tachyon Project POM 0.8.2 Apache License 2.0 Apache Directory LDAP API Model 1.0.0-M20 Apache License 2.0 apache/incubator-heron 0.16.5.1 Apache License 2.0 Maven Plugin API 3.0.4 Apache License 2.0 ApacheDS Authentication Interceptor 2.0.0-M15 Apache License 2.0 Apache Directory LDAP API Extras ACI 1.0.0-M20 Apache License 2.0 Apache HttpComponents Core 4.3.3 Apache License 2.0 Spark Project Tags 2.0.0-preview Apache License 2.0 Curator Testing 3.3.0 Apache License 2.0 Apache HttpComponents Core 4.4.5 Apache License 2.0 Apache Commons Daemon 1.0.15 Apache License 2.0 classworlds 2.4 Apache License 2.0 abego TreeLayout Core 1.0.1 BSD 3-clause "New" or "Revised" License jackson-core 2.8.6 Apache License 2.0 Lucene Join 6.6.1 Apache License 2.0 Apache Commons CLI 1.3-cloudera-pre-r1439998 Apache License 2.0 hive-apache 0.5 Apache License 2.0 scala-parser-combinators 1.0.4 BSD 3-clause "New" or "Revised" License com.springsource.javax.xml.bind 2.1.7 Common Development and Distribution License 1.0 SnakeYAML 1.15 Apache License 2.0 JUnit 4.12 Common Public License 1.0 ApacheDS Protocol Kerberos 2.0.0-M12 Apache License 2.0 Apache Groovy 2.4.6 Apache License 2.0 JGraphT - Core 1.2.0 (GNU Lesser General Public License v2.1 or later AND Eclipse Public License 1.0) chill-java 0.5.0 Apache License 2.0 Apache Commons Logging 1.2 Apache License 2.0 OpenCensus 0.12.3 Apache License 2.0 ApacheDS Protocol
    [Show full text]
  • Cross-Domain Embedding for Vaadin Applications
    Cross-Domain Embedding for Vaadin Applications Janne Lautamäki and Tommi Mikkonen Department of Software Systems, Tampere University of Technology, Korkeakoulunkatu 1, FI-33720 Tampere, Finland {janne.lautamaki,tommi.mikkonen}@tut.fi Abstract. Although the design goals of the browser were originally not at running applications or at displaying a number of small widgets on a single web page, today many web pages considerably benefit from being able to host small embedded applications as components. While the web is full such applications, they cannot be easily reused because of the same origin policy restrictions that were introduced to protect web content from potentially malicious use. In this paper, we describe a generic design for cross domain embedding of web applications in a fashion that enables loading of applications from different domains as well as communication between the client and server. As the proof- of-concept implementation environment, we use web development framework Vaadin, a Google Web Toolkit based system that uses Java for application development. Keywords: Vaadin, JSONP, cross-domain applications. 1 Introduction Web applications – systems that resemble desktop applications in their behavior but are run inside the browser – are becoming increasingly common. The current trend is that web pages have dynamic components side by side with the traditional web content, such as static text and images. These dynamic components can be small widgets that for instance display current weather information or stock exchange data, or even full-fledged web applications that offer a service related to the theme of the web page where they are located [1]. Creating dynamic web pages is much more complex than building plain old web pages.
    [Show full text]
  • The Dzone Guide to Volume Ii
    THE D ZONE GUIDE TO MODERN JAVA VOLUME II BROUGHT TO YOU IN PARTNERSHIP WITH DZONE.COM/GUIDES DZONE’S 2016 GUIDE TO MODERN JAVA Dear Reader, TABLE OF CONTENTS 3 EXECUTIVE SUMMARY Why isn’t Java dead after more than two decades? A few guesses: Java is (still) uniquely portable, readable to 4 KEY RESEARCH FINDINGS fresh eyes, constantly improving its automatic memory management, provides good full-stack support for high- 10 THE JAVA 8 API DESIGN PRINCIPLES load web services, and enjoys a diverse and enthusiastic BY PER MINBORG community, mature toolchain, and vigorous dependency 13 PROJECT JIGSAW IS COMING ecosystem. BY NICOLAI PARLOG Java is growing with us, and we’re growing with Java. Java 18 REACTIVE MICROSERVICES: DRIVING APPLICATION 8 just expanded our programming paradigm horizons (add MODERNIZATION EFFORTS Church and Curry to Kay and Gosling) and we’re still learning BY MARKUS EISELE how to mix functional and object-oriented code. Early next 21 CHECKLIST: 7 HABITS OF SUPER PRODUCTIVE JAVA DEVELOPERS year Java 9 will add a wealth of bigger-picture upgrades. 22 THE ELEMENTS OF MODERN JAVA STYLE But Java remains vibrant for many more reasons than the BY MICHAEL TOFINETTI robustness of the language and the comprehensiveness of the platform. JVM languages keep multiplying (Kotlin went 28 12 FACTORS AND BEYOND IN JAVA GA this year!), Android keeps increasing market share, and BY PIETER HUMPHREY AND MARK HECKLER demand for Java developers (measuring by both new job 31 DIVING DEEPER INTO JAVA DEVELOPMENT posting frequency and average salary) remains high. The key to the modernization of Java is not a laundry-list of JSRs, but 34 INFOGRAPHIC: JAVA'S IMPACT ON THE MODERN WORLD rather the energy of the Java developer community at large.
    [Show full text]