<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
</head>
<body>
<p>JavaSceneAuthoringInterfaceLibrary (not X3DJSAIL) repository has
been updated to log4j-2.16.0. I am aware that there are build
errors, but unless someone steps forward and says they are using
it, I will not make an effort to patch (nagasena.jar not in
standard maven repositories).</p>
<p>John<br>
</p>
<div class="moz-cite-prefix">On 12/10/21 13:51, Brutzman, Donald
(Don) (CIV) wrote:<br>
</div>
<blockquote type="cite"
cite="mid:BY3PR13MB48840A13BE43C79F1369E10AC4719@BY3PR13MB4884.namprd13.prod.outlook.com">
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<meta name="Generator" content="Microsoft Word 15 (filtered
medium)">
<style>@font-face
{font-family:Wingdings;
panose-1:5 0 0 0 0 0 0 0 0 0;}@font-face
{font-family:"Cambria Math";
panose-1:2 4 5 3 5 4 6 3 2 4;}@font-face
{font-family:Calibri;
panose-1:2 15 5 2 2 2 4 3 2 4;}p.MsoNormal, li.MsoNormal, div.MsoNormal
{margin:0in;
font-size:11.0pt;
font-family:"Calibri",sans-serif;}a:link, span.MsoHyperlink
{mso-style-priority:99;
color:blue;
text-decoration:underline;}p.MsoListParagraph, li.MsoListParagraph, div.MsoListParagraph
{mso-style-priority:34;
margin-top:0in;
margin-right:0in;
margin-bottom:0in;
margin-left:.5in;
font-size:11.0pt;
font-family:"Calibri",sans-serif;}span.EmailStyle21
{mso-style-type:personal-compose;
font-family:"Calibri",sans-serif;
color:windowtext;}.MsoChpDefault
{mso-style-type:export-only;
font-family:"Calibri",sans-serif;}div.WordSection1
{page:WordSection1;}ol
{margin-bottom:0in;}ul
{margin-bottom:0in;}</style>
<div class="WordSection1">
<p class="MsoNormal">Not in use by X3DJSAIL, which is
standalone. Your code, your call.<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal">Thanks for sensitivity to security, agreed
important, we try to be very explicit about X3D Security and
known vulnerabilities.<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<ul style="margin-top:0in" type="disc">
<li class="MsoListParagraph"
style="margin-left:0in;mso-list:l0 level1 lfo1">X3D
Resources: Security, Vulnerabilities<o:p></o:p></li>
<li class="MsoListParagraph"
style="margin-left:0in;mso-list:l0 level1 lfo1"><a class="moz-txt-link-freetext" href="https://www.web3d.org/x3d/content/examples/X3dResources.html#Vulnerabilities">https://www.web3d.org/x3d/content/examples/X3dResources.html#Vulnerabilities</a><o:p></o:p></li>
</ul>
<p class="MsoNormal"><span
style="font-size:10.0pt;font-family:"Courier New""><o:p> </o:p></span></p>
<p class="MsoNormal"><span
style="font-size:10.0pt;font-family:"Courier New"">all
the best, Don<o:p></o:p></span></p>
<p class="MsoNormal"><span
style="font-size:10.0pt;font-family:"Courier New"">--
<o:p>
</o:p></span></p>
<p class="MsoNormal"><span
style="font-size:10.0pt;font-family:"Courier New"">Don
Brutzman Naval Postgraduate School, Code USW/Br
<a class="moz-txt-link-abbreviated" href="mailto:brutzman@nps.edu">brutzman@nps.edu</a><o:p></o:p></span></p>
<p class="MsoNormal"><span
style="font-size:10.0pt;font-family:"Courier New"">Watkins
270, MOVES Institute, Monterey CA 93943-5000 USA
+1.831.656.2149<o:p></o:p></span></p>
<p class="MsoNormal"><span
style="font-size:10.0pt;font-family:"Courier New"">X3D
graphics, virtual worlds, navy robotics https://</span>
<span style="font-size:10.0pt;font-family:"Courier
New"">faculty.nps.edu/brutzman<o:p></o:p></span></p>
<p class="MsoNormal"><o:p> </o:p></p>
<div style="border:none;border-top:solid #E1E1E1
1.0pt;padding:3.0pt 0in 0in 0in">
<p class="MsoNormal"><b>From:</b> x3d-public
<a class="moz-txt-link-rfc2396E" href="mailto:x3d-public-bounces@web3d.org"><x3d-public-bounces@web3d.org></a> <b>On Behalf Of
</b>John Carlson<br>
<b>Sent:</b> Thursday, December 9, 2021 5:39 PM<br>
<b>To:</b> X3D Graphics public mailing list
<a class="moz-txt-link-rfc2396E" href="mailto:x3d-public@web3d.org"><x3d-public@web3d.org></a><br>
<b>Subject:</b> [x3d-public]
<a class="moz-txt-link-freetext" href="https://github.com/coderextreme/JavaSceneAuthoringInterfaceLibrary">https://github.com/coderextreme/JavaSceneAuthoringInterfaceLibrary</a><o:p></o:p></p>
</div>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal">Multiple security vulnerabilities have
showed up by way of GitHub dependabot in repository<o:p></o:p></p>
<div>
<p class="MsoNormal"><o:p> </o:p></p>
<div>
<p class="MsoNormal"><a
href="https://nam10.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgithub.com%2Fcoderextreme%2FJavaSceneAuthoringInterfaceLibrary&data=04%7C01%7Cbrutzman%40nps.edu%7C80263a38dece4ac754bb08d9bb7de7cd%7C6d936231a51740ea9199f7578963378e%7C0%7C0%7C637746972160889140%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C2000&sdata=tWvbUgg5vkLDfMQ9oe5iLYEtFt8KNDr1%2FzEBkBBx1FQ%3D&reserved=0"
moz-do-not-send="true">https://github.com/coderextreme/JavaSceneAuthoringInterfaceLibrary</a><o:p></o:p></p>
</div>
<div>
<p class="MsoNormal"><o:p> </o:p></p>
</div>
<div>
<p class="MsoNormal">I hope this isn’t currently used. I
will try to make patches, but this repository is really
out of date, and worthy of deletion.<o:p></o:p></p>
</div>
<div>
<p class="MsoNormal"><o:p> </o:p></p>
</div>
<div>
<p class="MsoNormal">I’m guessing everyone is scrambling
about now.<o:p></o:p></p>
</div>
<div>
<p class="MsoNormal"><o:p> </o:p></p>
</div>
<div>
<p class="MsoNormal">Your thoughts?<o:p></o:p></p>
</div>
<div>
<p class="MsoNormal"><o:p> </o:p></p>
</div>
<div>
<p class="MsoNormal"><o:p> </o:p></p>
</div>
<div>
<p class="MsoNormal">John<o:p></o:p></p>
</div>
<p class="MsoNormal"> <o:p></o:p></p>
</div>
</div>
</blockquote>
</body>
</html>