Difference between revisions of "ORG (OWASP Report Generator)"

From OWASP
Jump to: navigation, search
(TODO)
(45 intermediate revisions by 4 users not shown)
Line 1: Line 1:
The ORG (Owasp Report Generator) is a tool for Security Consultants that supports the documentation and reporting of security vulnerabilities discovered during security audits.
+
==== Main ====
 +
 
 +
The ORG (OWASP Report Generator) is a tool for Security Consultants that supports the documentation and reporting of security vulnerabilities discovered during security audits.
 +
 
 +
Currently [[:User:Mroxberr|'''Mark Roxberry''']] leads this project. Formerly the project leader was [[User:Dinis.cruz|Dinis Cruz]]  with strong contributions from [[User:medelibero|Mike de Libero]]. Mike was sponsored under an OWASP Autumn of Code 2006 sponsorship to work on ORG.
  
 
== Downloads ==
 
== Downloads ==
  
'''[NOTE: contact Mike de Libero(mike at mde-dev dot com) for the latest version]'''
+
The latest release of ORG's installer can be found at (updated on 1/15/2007)
 +
[http://sourceforge.net/project/downloading.php?group_id=64424&use_mirror=osdn&filename=ORG_v0.88.msi Report Generator Installer]
  
[http://prdownloads.sourceforge.net/owasp/reportgenerator_src.zip Report Generator Source]
+
The source code for latest stable version can be downloaded from here (updated on 11/1/2006): [http://prdownloads.sourceforge.net/owasp/ReportGenerator.zip Report Generator Source]
  
 +
This project is in active development and the latest version can be obtained from [http://owasp-code-central.googlecode.com/svn/trunk/labs/ReportGenerator Google SVN]
  
 +
'''Instructions for using the zip file'''
  
== ORG Active Developers ==
+
1) Unzip the files
  
* [[ORG (Owasp Report Generator) - Mike de Libero]]
+
2) Run regAuthenticPlugin.bat to register the AuthenticPlugin
* [[ORG (Owasp Report Generator) - Dinis Cruz]]
+
* [[ORG (Owasp Report Generator) - Zi Jin]]
+
  
== TODO ==
+
3) Open the solution in VS.Net 2k5.  You can use any version of VS but the primary version used for development is the express edition. 
  
'''Priority High'''
+
4) More than likely you need to modify the references area to use the local files for [IxInterop|AxInterop].XMLSPYPLUGIN. 
  
{|class="wikitable"
+
5) Then try and compile and you should be good to go. If not contact Mike and we will work with you to get it all straightened out and so we can adjust this process.
|+TODO
+
|-
+
|
+
! Task !! Comment !! Complexity || Assigned !! Status
+
|-
+
! 1
+
|| Enable templates in executive summary to save copying and pasting in new projects || There is an easy and a hard way to do this. The easy is to implement this using template xml files which are copied to the target location (for example a finding or 'Report Content') from a default location (in the current plan the output of a plug-in). The hard way (but much more powerfull) will be to implement this templates using dinamic manipulation of the autentic object (which is something that I haven't figure out how to do) || Medium || Not Assigned
+
|-
+
!
+
|| Create plug-in to support templates || Which is basically a mapping between SPS and XML files (need to figure out how to dynamically use SPS transformations
+
|-
+
|-
+
!
+
||Fix XML attribute / value errors when using copy and paste functionality
+
!
+
|| Convert Export functionality into a Plug-in || Should be easy to do since all code is already there || Low || DC ||
+
|-
+
  
|-
+
== ORG Development  ==
!
+
|| Verify all current data against a schema and ensure that consistency is maintained (especially with IP Address / DNS Name fields) || Basicaly the issue here is that everytime an xml file is saved, a quick check to the schema should be made. The code to do this already exists (it is in the export data code).
+
|-
+
!
+
||
+
|-
+
!
+
||
+
|-
+
!
+
||
+
|-
+
!
+
||
+
|}
+
  
 +
The current version under development is v0.86 and you can see the change log here: [[ORG (Owasp Report Generator) - Change Log]]
  
 +
The current Todo is here: [[ORG (Owasp Report Generator) - To Do]]
  
'''Priority Medium'''
+
== Getting setup for an assessment ==
  
{|class="wikitable"
+
'''Step 1)''' Create a profile for you to use on your computer.  You can do this on the first screen that will be encountered when running ORG. 
|-
+
|
+
! Task !! Comment !! Complexity || Assigned !! Status
+
|-
+
! 1
+
| Add a default profile with the project files maped to the local disk || this way the first time user can just click Start |
+
|}
+
  
 +
[[Image:Profile_ss.jpg]]
  
'''Priority Low'''
+
Once the information has been inputted click on “Start Pen Test Reporter” and you are ready to start adding new projects.
  
{|class="wikitable"
 
|-
 
|
 
! Task !! Comment !! Complexity || Assigned !! Status
 
|-
 
!
 
|| generated Pdf reports don't appear in the respective ORG window. || [DC]: this doesn't occour all the time and it is due to the fact that the current way used to display the pdf is to open it in the embebed IE control (which sometimes opens the pdf inside it and others in an external window || no idea || ||
 
|}
 
  
|-
+
'''Step 2)''' The next step is to create a project. With the “Current and Archived Projects” window open make sure that the project metadata tab is selected. From there in the lower left hand corner you will see an area to type in a new project and then click “Add”.  You will then see a window like the one below.
! x
+
|| {Template} || {...} || Medium || Not Assigned
+
  
 +
[[Image:Project_setup_ss.jpg]]
  
 +
You can now type in the pertinent information about your project.  After that you are ready to identify your targets and start attacking (i.e. the fun part!).
  
'''To Map to Priority Tables'''
 
  
{|class="wikitable"
+
'''Step 3)''' Next click on the targets tab, this will allow you to define the targets for your assessment. Below is a screen shot of an example of a target during an assessment.  
|-
+
|
+
! Task !! Comment !! Assigned !! Status
+
|-
+
! 1
+
| Del Key should delete newline (and other elements) ||
+
|-
+
! 2
+
| Add ability to move findings to other targets ||
+
|-
+
! 3
+
| Sort of tracking views by Issue ID || Enable sorting in the issue tracking screens, to enable easier finding of issues when retests are occurring
+
|-
+
! 4
+
| Search (for Issue IDs) ||
+
|-
+
! 5
+
| Select contacts from a db ||
+
|-
+
! 6
+
| Automatic Import data (like DSN info) || This can also include task / default messages with links to areas like the OWASP vulnerability pages
+
|-
+
! 7
+
| Data feed for global database spreadsheets ||
+
|-
+
! 8
+
| Sign application and FOP engine ||
+
|-
+
! 9
+
| Ensure that within the same project, image folders are unique ||
+
|-
+
! 10
+
| Make an installer ||
+
|-
+
! 11
+
| Add Backup feature for XSLT changes ||
+
|-
+
! 12
+
| Add upgrade tool ||
+
|-
+
! 13
+
| Add XSLT search feature ||
+
|-
+
! 14
+
| Project level tags ||
+
|-
+
! 15
+
| Image's path are hardcoded on the PDF xslt ||
+
* Monthly CISO Report.xslt
+
* test.xslt
+
* Bespoke Brief.xslt
+
* Monthly RISO Report.xslt
+
* Outstanding Issues.xslt
+
|-
+
! 16
+
| Document the installation procedure of the Altova XML engine (used for xslt2 queries) ||
+
|-
+
! 17
+
| Add to FAQ the fact that the errors that show on the current main FOP transformation are ok ||
+
|-
+
! 18
+
| Convert the current xslt/FOP to the altova engine so that we can use xslt2 queries ||
+
|-
+
! 19
+
| Modify the tabs on the "Current and Archived Projects" screen so that whenever you click on one it reloads the data
+
|-
+
! 20
+
| Only show up tabs that we have the data set up for ||
+
|-
+
! 21
+
| Remove all those empty try/catches in authentic.cs ||
+
|-
+
! 22
+
| Upgrade the Altova component || || || Y || 50%
+
|-
+
! 23
+
| Create a Microsoft Word report option || || || ||
+
|-
+
! 24
+
| Perform a validation against a schema of all current _consolidatedReports files to ensure they are compliant (check in particular dates, IPs and DNS names) ||
+
|-
+
! 25
+
| Manage the exceptions that occur when you add a finding with a duplicate name more effectively ||
+
|-
+
! 26
+
| Change the Window menu to have the current open windows in the main menu, rather than as a sub menu ||
+
|-
+
! 27
+
| Add a find function to the source code editor ||
+
|-
+
! 28
+
| Add drop down menus to the recommendations section (which links to the recommendations database) ||
+
|-
+
! 29
+
| Enable schema-safe copy and paste between the project meta data tab and the executive summary tab (the xml attribute copying bug) ||
+
|-
+
! 30
+
| Allow for defaults and templates to be used (especially in the executive summary where all executive summaries should follow the same format) ||
+
|}
+
  
== To add to to-do ==
+
[[Image:Org_target_ss.jpg]]
  
* Default headers auto populated in "Report Contents".  Executive Summary, Background, Scope
+
The above area gives you the logistics of the target things like name, IP(s), the type of target and common dns names.  The bottom area allows you to put files related to the target. 
* Paste tables into Appendix
+
* Paste images into Appendix
+
* Bug report, sequence of events:
+
** do findings
+
** then do exec sumamry
+
** then make a pdf
+
** then try to change a finding (exception will occur)
+
** if you reload the project the issue will go away
+
  
  
== TODO Future Versions ==
+
You can also import in targets from an NMap scan if you use the xml output file option.  To do import targets click the “Import Targets” button and select the saved scan.
* Add in the ability to import in stock findings
+
* Remove the global variable class.
+
* Add in tool tips to the forms.
+
  
  
Other related [[https://sourceforge.net/project/showfiles.php?group_id=64424&package_id=105632 Owasp .Net Project Downloads]]
+
'''Step 4)''' After defining the attack targets you can specify the individual tasks you wish to perform on the targets. A screen like the one below should be shown.
  
 +
[[Image:Org_target_tasks_ss.jpg]]
  
{{Template:Stub}}
+
Using this screen you can manage the tasks that need to be done for an assessment, things like information gathering, auditing of source code and other tasks that are normally done during a security audit.  You can specify the state of each task with the drop down in the status column. 
  
 +
 +
We now have all the background information but we need a way to let our customers know what we have found that is where the findings tab comes into play.
 +
 +
== Recording assessment findings ==
 +
During an assessment you can record all your findings using the findings tab in the projects form.  All findings must be associated to a target.  An example findings window is below.  These findings will later be added to reports that you will give to your customers.
 +
 +
[[Image:Org_findings_ss.jpg]]
 +
 +
You can add screenshots to the additional details area of the findings screen as well.  To create findings use the “Add Finding” area.  This will give you a blank slate and initially use the simple mode. 
 +
 +
 +
You can change the template for the editor by using the drop down labeled “Editor Template To Use”.  There are two other options besides simple mode they are: Authentic – All Fields Mode and Windows Explorer.  The all fields mode allows you to specify more detailed information.  While, the windows explorer mode allows you to add other artifacts related to this finding, like code excerpts, PoC code, etc…
 +
 +
 +
After we are done finding all the holes in our targets we need to report them to our customers. 
 +
 +
== Reporting Our Findings ==
 +
'''Step 1)''' Click on the “Report Contents” tab and fill out the information there.  This will be later used for the executive summary and other reports that need to be ran.  Below is an example screen of the report contents filled out.
 +
 +
[[Image:Org_report_contents_tab_ss.jpg]]
 +
 +
Click on ”Save Report Contents” and we are ready for the next step generating a report.
 +
 +
 +
'''Step 2)''' The first thing to do is click on the “Report Pdf” tab. Select the xslt you wish to use for the report then select “FOP” for what you want to create the report with.  Then click on “Create report files using”.  After clicking on the button a small PDF reader will show up on the form.  You can then save the report to wherever you wish.  An example screen shot is below.
 +
 +
[[Image:Org_pdf_report_ss.jpg]]
 +
 +
The other way to create reports is by click on the reports button at the very top.  You will see a screen like the one below.
 +
 +
[[Image:Org_reports_ss.jpg]]
 +
 +
== Adding new entries into drop downs ==
 +
A user has the ability to modify the values in the drop downs in the targets, findings, project details and target tasks by modifying the any sps files under <Application_Path>/VulnReport_Files/sps/. 
 +
 +
== ORG Active Developers ==
 +
 +
* [[ORG (Owasp Report Generator) - Mike de Libero]]
 +
* [[ORG (Owasp Report Generator) - Dinis Cruz]]
 +
 +
Other related [[https://sourceforge.net/project/showfiles.php?group_id=64424&package_id=105632 OWASP .Net Project Downloads]]
 +
 +
== Building the Installer ==
 +
ORG is built using the WiX installer [http://wix.sourceforge.net/].  The assumption is that the folder housing the WiX libraries is in your search path. 
 +
 +
* Setup a directory like the below screen shot
 +
** '''Note''' the following files can be found in the Google SVN: BuildInstaller.bat, FOP.zip.txt, regAuthenticPlugin.bat, ORG_v0.88.wxs, ORG_CONFIG_FILEs.zip.txt, AuthenticPlugin.zip.txt, AxInterop.PdfLib.dll, AxInterop.SHDocVw.dll, AxInterop.XMLSPYPLUGINLib.dll, ICSharpCode.TextEditor.dll, ICSharpCode.TextEditor.dll, Interop.SHDocVw.dll, Interop.XMLSPYPLUGINLib.dll, SharpZipLib.dll
 +
[[Image:Org_installer_files_ss.gif]]
 +
* Run the batch script BuildInstaller.bat
 +
 +
When a new version of the installer needs to be built the ID for the product element needs to be replaced along with the version information. 
 +
 +
<!-- ==== Project Identification ====
 +
{{Template:OWASP Report Generator Project - GPC Tab}}
 +
[[Category:OWASP Project|Report Generator)]]
 
[[Category:OWASP .NET Project]]
 
[[Category:OWASP .NET Project]]
 +
[[Category:OWASP Tool]]
 +
[[Category:OWASP Download]]
 +
[[Category:OWASP Alpha Quality Tool]] -->
 +
 +
==== Project Identification ====
 +
 +
[[Category:OWASP Project|Report Generator)]]
 +
[[Category:OWASP .NET Project]]
 +
[[Category:OWASP Tool]]
 +
[[Category:OWASP Download]]
 +
[[Category:OWASP Alpha Quality Tool]]
 +
 +
{{Template:OWASP Project Identification Tab
 +
| project_name = OWASP Report Generator Project
 +
| project_description = The ORG (OWASP Report Generator) is a multi-purpose reporting tool designed to be extensible for various reporting needs. By using what is known as a provider model, report providers can be plugged in to ORG. OWASP Report Providers will include Penetration Testing and SDL. The Penetration Testing Report Provider supports the documentation and reporting of security vulnerabilities discovered during security audits. The SDL Report Provider supports the documentation and reporting requirements of the Secure Development Lifecycle. Beyond OWASP Report Providers, the community can leverage the ORG for their own reporting needs.
 +
| project_license = [http://www.gnu.org/copyleft/lesser.html GNU Lesser General Public License]
 +
| leader_name = Mark Roxberry
 +
| leader_email =
 +
| leader_username = Mroxberr
 +
| maintainer_name = Mark Roxberry
 +
| maintainer_email =
 +
| maintainer_username = Mroxberr
 +
| contributor_name1 = Gary Burns
 +
| contributor_email1 =
 +
| contributor_username1 = Gary.m.burns
 +
| contributor_name2 =
 +
| contributor_email2 =
 +
| contributor_username2 =
 +
| contributor_name3 =
 +
| contributor_email3 =
 +
| contributor_username3 =
 +
| contributor_name4 =
 +
| contributor_email4 =
 +
| contributor_username4 =
 +
| contributor_name5 =
 +
| contributor_email5 =
 +
| contributor_username5 =
 +
| contributor_name6 =
 +
| contributor_email6 =
 +
| contributor_username6 =
 +
| contributor_name7 =
 +
| contributor_email7 =
 +
| contributor_username7 =
 +
| contributor_name8 =
 +
| contributor_email8 =
 +
| contributor_username8 =
 +
| contributor_name9 =
 +
| contributor_email9 =
 +
| contributor_username9 =
 +
| contributor_name10 =
 +
| contributor_email10 =
 +
| contributor_username10 = 
 +
| pamphlet_link =
 +
| presentation_link =
 +
| mailing_list_name = owasp-org
 +
| links_url1 = http://code.google.com/p/org2/
 +
| links_name1 = Code
 +
| links_url2 = http://owasprox.blogspot.com/search/label/org2
 +
| links_name2 = Blog
 +
| links_url3 =
 +
| links_name3 =
 +
| links_url4 =
 +
| links_name4 =
 +
| links_url5 =
 +
| links_name5 =
 +
| links_url6 =
 +
| links_name6 =
 +
| links_url7 =
 +
| links_name7 =
 +
| links_url8 =
 +
| links_name8 =
 +
| links_url9 =
 +
| links_name9 =
 +
| links_url10 =
 +
| links_name10 =
 +
| project_road_map = http://code.google.com/p/org2/wiki/RoadMap
 +
| project_health_status =
 +
| current_release_name = ORG v.088
 +
| current_release_date = August 2009
 +
| current_release_download_link = http://sourceforge.net/project/downloading.php?group_id=64424&use_mirror=osdn&filename=ORG_v0.88.msi
 +
| current_release_details = :Category:OWASP_Report_Generator_Project_-_ORG_v.088_Release
 +
| current_release_rating = - 1
 +
| current_release_leader_name = Dinis Cruz
 +
| current_release_leader_email =
 +
| current_release_leader_username = Dinis.cruz
 +
| last_reviewed_release_name =
 +
| last_reviewed_release_date =
 +
| last_reviewed_release_download_link =
 +
| last_reviewed_release_rating =
 +
| last_reviewed_release_leader_name =
 +
| last_reviewed_release_leader_email =
 +
| last_reviewed_release_leader_username =
 +
| old_release_name1 =
 +
| old_release_date1 =
 +
| old_release_download_link1 =
 +
| old_release_name2 =
 +
| old_release_date2 =
 +
| old_release_download_link2 =
 +
| old_release_name3 =
 +
| old_release_date3 =
 +
| old_release_download_link3 =
 +
| old_release_name4 =
 +
| old_release_date4 =
 +
| old_release_download_link4 =
 +
| old_release_name5 =
 +
| old_release_date5 =
 +
| old_release_download_link5 =
 +
}}
 +
__NOTOC__ <headertabs />

Revision as of 08:33, 9 October 2009

Main

The ORG (OWASP Report Generator) is a tool for Security Consultants that supports the documentation and reporting of security vulnerabilities discovered during security audits.

Currently Mark Roxberry leads this project. Formerly the project leader was Dinis Cruz with strong contributions from Mike de Libero. Mike was sponsored under an OWASP Autumn of Code 2006 sponsorship to work on ORG.

Downloads

The latest release of ORG's installer can be found at (updated on 1/15/2007) Report Generator Installer

The source code for latest stable version can be downloaded from here (updated on 11/1/2006): Report Generator Source

This project is in active development and the latest version can be obtained from Google SVN

Instructions for using the zip file

1) Unzip the files

2) Run regAuthenticPlugin.bat to register the AuthenticPlugin

3) Open the solution in VS.Net 2k5. You can use any version of VS but the primary version used for development is the express edition.

4) More than likely you need to modify the references area to use the local files for [IxInterop|AxInterop].XMLSPYPLUGIN.

5) Then try and compile and you should be good to go. If not contact Mike and we will work with you to get it all straightened out and so we can adjust this process.

ORG Development

The current version under development is v0.86 and you can see the change log here: ORG (Owasp Report Generator) - Change Log

The current Todo is here: ORG (Owasp Report Generator) - To Do

Getting setup for an assessment

Step 1) Create a profile for you to use on your computer. You can do this on the first screen that will be encountered when running ORG.

Profile ss.jpg

Once the information has been inputted click on “Start Pen Test Reporter” and you are ready to start adding new projects.


Step 2) The next step is to create a project. With the “Current and Archived Projects” window open make sure that the project metadata tab is selected. From there in the lower left hand corner you will see an area to type in a new project and then click “Add”. You will then see a window like the one below.

Project setup ss.jpg

You can now type in the pertinent information about your project. After that you are ready to identify your targets and start attacking (i.e. the fun part!).


Step 3) Next click on the targets tab, this will allow you to define the targets for your assessment. Below is a screen shot of an example of a target during an assessment.

Org target ss.jpg

The above area gives you the logistics of the target things like name, IP(s), the type of target and common dns names. The bottom area allows you to put files related to the target.


You can also import in targets from an NMap scan if you use the xml output file option. To do import targets click the “Import Targets” button and select the saved scan.


Step 4) After defining the attack targets you can specify the individual tasks you wish to perform on the targets. A screen like the one below should be shown.

Org target tasks ss.jpg

Using this screen you can manage the tasks that need to be done for an assessment, things like information gathering, auditing of source code and other tasks that are normally done during a security audit. You can specify the state of each task with the drop down in the status column.


We now have all the background information but we need a way to let our customers know what we have found that is where the findings tab comes into play.

Recording assessment findings

During an assessment you can record all your findings using the findings tab in the projects form. All findings must be associated to a target. An example findings window is below. These findings will later be added to reports that you will give to your customers.

Org findings ss.jpg

You can add screenshots to the additional details area of the findings screen as well. To create findings use the “Add Finding” area. This will give you a blank slate and initially use the simple mode.


You can change the template for the editor by using the drop down labeled “Editor Template To Use”. There are two other options besides simple mode they are: Authentic – All Fields Mode and Windows Explorer. The all fields mode allows you to specify more detailed information. While, the windows explorer mode allows you to add other artifacts related to this finding, like code excerpts, PoC code, etc…


After we are done finding all the holes in our targets we need to report them to our customers.

Reporting Our Findings

Step 1) Click on the “Report Contents” tab and fill out the information there. This will be later used for the executive summary and other reports that need to be ran. Below is an example screen of the report contents filled out.

Org report contents tab ss.jpg

Click on ”Save Report Contents” and we are ready for the next step generating a report.


Step 2) The first thing to do is click on the “Report Pdf” tab. Select the xslt you wish to use for the report then select “FOP” for what you want to create the report with. Then click on “Create report files using”. After clicking on the button a small PDF reader will show up on the form. You can then save the report to wherever you wish. An example screen shot is below.

Org pdf report ss.jpg

The other way to create reports is by click on the reports button at the very top. You will see a screen like the one below.

Org reports ss.jpg

Adding new entries into drop downs

A user has the ability to modify the values in the drop downs in the targets, findings, project details and target tasks by modifying the any sps files under <Application_Path>/VulnReport_Files/sps/.

ORG Active Developers

Other related [OWASP .Net Project Downloads]

Building the Installer

ORG is built using the WiX installer [1]. The assumption is that the folder housing the WiX libraries is in your search path.

  • Setup a directory like the below screen shot
    • Note the following files can be found in the Google SVN: BuildInstaller.bat, FOP.zip.txt, regAuthenticPlugin.bat, ORG_v0.88.wxs, ORG_CONFIG_FILEs.zip.txt, AuthenticPlugin.zip.txt, AxInterop.PdfLib.dll, AxInterop.SHDocVw.dll, AxInterop.XMLSPYPLUGINLib.dll, ICSharpCode.TextEditor.dll, ICSharpCode.TextEditor.dll, Interop.SHDocVw.dll, Interop.XMLSPYPLUGINLib.dll, SharpZipLib.dll

Org installer files ss.gif

  • Run the batch script BuildInstaller.bat

When a new version of the installer needs to be built the ID for the product element needs to be replaced along with the version information.


Project Identification


PROJECT INFO
What does this OWASP project offer you?
RELEASE(S) INFO
What does this OWASP project release offer you?
what is this project?
OWASP Report Generator Project

Purpose: The ORG (OWASP Report Generator) is a multi-purpose reporting tool designed to be extensible for various reporting needs. By using what is known as a provider model, report providers can be plugged in to ORG. OWASP Report Providers will include Penetration Testing and SDL. The Penetration Testing Report Provider supports the documentation and reporting of security vulnerabilities discovered during security audits. The SDL Report Provider supports the documentation and reporting requirements of the Secure Development Lifecycle. Beyond OWASP Report Providers, the community can leverage the ORG for their own reporting needs.

License: GNU Lesser General Public License

who is working on this project?
Project Leader: Mark Roxberry

Project Maintainer: Mark Roxberry

Project Contributor(s):

how can you learn more?
Project Pamphlet: N/A

3x slide Project Presentation: N/A

Mailing list: Subscribe or read the archives

Project Roadmap: To view, click here

Main links:

Project Health: Yellow button.JPG Not Reviewed (Provisional)
To be reviewed under Assessment Criteria v2.0

Key Contacts
  • Contact Mark Roxberry to contribute, review or sponsor this project
  • Contact the GPC to report a problem or concern about this project or to update information.
current release
ORG v.088 - August 2009 - (download)

Release Leader: Dinis Cruz

Release details: Main links, release roadmap and assessment

Rating: Yellow button.JPG Not Reviewed
To be reviewed under Assessment Criteria v2.0