Date: Wed, 20 Mar 2002 13:38:50 +0000 From: Rasputin <rasputin@shikima.mine.nu> To: Greg Lewis <glewis@eyesbeyond.com> Cc: java@freebsd.org Subject: Re: [setantae@submonkey.net: [body_114818111878816447@hermes.sun.com: Sun Security Bulletin #00218]] Message-ID: <20020320133850.A93951@shikima.mine.nu> In-Reply-To: <20020320115209.C45919@misty.eyesbeyond.com>; from glewis@eyesbeyond.com on Wed, Mar 20, 2002 at 11:52:10AM %2B1030 References: <20020319162422.A26883@shikima.mine.nu> <200203200034.JAA14371@cafe.muraoka.info.waseda.ac.jp> <20020320115209.C45919@misty.eyesbeyond.com>
next in thread | previous in thread | raw e-mail | index | archive | help
* Greg Lewis <glewis@eyesbeyond.com> [020320 08:59]: > On Wed, Mar 20, 2002 at 09:34:02AM +0900, shudo@computer.org wrote: > > The #00218 of Sun Security Bulletin is at: > > http://sunsolve.Sun.COM/pub-cgi/retrieve.pl?doc=secbull/218 > > Probably. The FreeBSD port of JDK 1.3.1 is based on the source code > > of the plain 1.3.1, which is the newer one Sun provides as source > > code. The source code of 1.4.1 and even 1.3.1_02 has not been > > released. > > Shudo-san is completely correct here, although I would change the > "Probably" to "Definitely" :). The SCSL source code base is earlier > than 1.3.1_01 which is listed as vulnerable. That's what I thought. Have we got a contact at Sun who could give us some more detail or where the bug is, or release a new SCSL bundle (although I expect that would be a pig from the patchset maintainers point of view)? -- On-line, adj.: The idea that a human being should always be accessible to a computer. Rasputin :: Jack of All Trades - Master of Nuns :: To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-java" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20020320133850.A93951>