OWASPBWA Project Update - May 2015
116 views
Skip to first unread message
Chuck Willis
May 19, 2015, 10:40:04 PM5/19/15
to owaspbwa
Hello all,
I know that it has been a while since I have put out a release to the OWASPBWA VM, so I wanted to provide an update on what is happening behind the scenes currently and what I have planned going forward. I am currently working on version 1.2 of the VM that I hope to have out in June. There are no major changes in the works for this version, it's mostly an update to the various applications that are included on the VM. If anyone has bugs that they would like to see fixed in version 1.2, please let me know right away.
After 1.2 is out, I plan to start work on the next VM that I am tentatively calling version 1.5. The major change in that version will be the required migration away from Google Code for the project (documentation, source code, and issue tracking). I'm not sure where the project will end up being hosted... GitHub seems to be the place to go for active users, but the project already has a presence on SourceForge since they host our downloads. If we moved to GitHub, would people contribute to the VM itself or it's documentation?
The goal will be to get that "version 1.5" out prior to Google Code shutting down commits on August 24th.
The goal will be to get that "version 1.5" out prior to Google Code shutting down commits on August 24th.
Looking out beyond version 1.5, I think we are going to soon run into versioning issues with the version of Ubuntu that the VM runs on (it is Ubuntu 10.04LTS under the hood). More modern applications are going to require libraries and other supporting files that are not available on that platform. Also, making significant updates on the OS will result in some of the old, real applications no longer working.
Therefore, my current thought is that I will start development on a brand new "2.0" version of the VM after version 1.5 is released. This may be based on Debian 8 or may wait and use Ubuntu 16.04LTS. I do not plan to spend much time trying to get the old, real applications to run on that platform. If they work, that will be great, but if not, the beauty of virtualization is that people can run both the version 1.5 and version 2.0 VM in parallel if desired.
Therefore, my current thought is that I will start development on a brand new "2.0" version of the VM after version 1.5 is released. This may be based on Debian 8 or may wait and use Ubuntu 16.04LTS. I do not plan to spend much time trying to get the old, real applications to run on that platform. If they work, that will be great, but if not, the beauty of virtualization is that people can run both the version 1.5 and version 2.0 VM in parallel if desired.
Thoughts or suggestions? Please send them along!
john clarke
May 22, 2015, 9:46:55 AM5/22/15
to owas...@googlegroups.com
Hi Chuck,
I tried emailing your OWASP account with an idea I had. Keeps getting returned.
Reply all
Reply to author
Forward
0 new messages