cocoon-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Vincent Neyt <vincent.n...@gmail.com>
Subject using cocoon 2.1 in the long-term, security concerns
Date Mon, 19 Jul 2021 12:03:14 GMT
Hi Cocoon users,

I'd like to ask your opinion on the long-term security risks of running
Cocoon on a server. The colleague responsible for the servers at my
university is inquiring if the software I'm using for my website is up to
date and is concerned that I'm using outdated software that could in the
future pose a security risk.

I'm using cocoon 2.1.11, which I could probably upgrade to 2.1.13 without
many problems. But I'm concerned about the long-term, and wondering if it
would perhaps be better to reprogram the website I've been working on for
10 years into eXist DB (which would be a huge time investment). I like
cocoon very much and would love to continue using it if it's possible.

I'm curious to hear your thoughts about using Cocoon 2.1 for the long term:
will it still work well inside future versions of servlet containers like
Tomcat? What about the java dependencies? And will cocoon 2.1 continue to
put out updates when security risks are identified?

thanks very much,
Vincent

Mime
View raw message