From owner-freebsd-ports@FreeBSD.ORG Sun Aug 16 05:28:59 2009 Return-Path: Delivered-To: ports@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 741AB106568D for ; Sun, 16 Aug 2009 05:28:59 +0000 (UTC) (envelope-from linimon@lonesome.com) Received: from mail.soaustin.net (lefty.soaustin.net [66.135.55.46]) by mx1.freebsd.org (Postfix) with ESMTP id 1FF788FC43 for ; Sun, 16 Aug 2009 05:28:58 +0000 (UTC) Received: by mail.soaustin.net (Postfix, from userid 502) id 7D95A8C341; Sun, 16 Aug 2009 00:28:58 -0500 (CDT) Date: Sun, 16 Aug 2009 00:28:58 -0500 From: Mark Linimon To: Klaus Koch Message-ID: <20090816052858.GA3928@lonesome.com> References: <200908091016.52261.klaus@sentinel.dyndns.info> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <200908091016.52261.klaus@sentinel.dyndns.info> User-Agent: Mutt/1.5.18 (2008-05-17) Cc: ports@freebsd.org, glewis@freebsd.org Subject: Re: diablo-jdk-1.6.0.07.02_5 remote code execution exploit X-BeenThere: freebsd-ports@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Porting software to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 16 Aug 2009 05:28:59 -0000 On Sun, Aug 09, 2009 at 10:16:44AM +0200, Klaus Koch wrote: > as of 6th of August, there's a possible remote code execution exploit > known in both "Sun JDK and JRE 6 Update 14 and earlier" and "Sun JDK > and JRE 5.0 Update 19 and earlier" [...] I didn't get any notifications > with portaudit yet. Because I don't know who to contact else, I'm > sending this to the port maintainer/team. For future reference, the right mailing address is secteam@FreeBSD.org. This is an address rather than a mailing list so tat fixes may be developed before vulnerabilities are announced. mcl