Date: Tue, 30 Nov 2004 14:32:03 -0500 From: Matthew George <mdg@secureworks.net> To: freebsd-java@freebsd.org Subject: jdk14 MINIMAL=true and XPM vuln Message-ID: <41ACCAB3.7040405@secureworks.net>
next in thread | raw e-mail | index | archive | help
Ok, so open-motif, the origin of libXm is marked in vuXML due to the XPM vulnerabilities. The jdk is in vuXML due to the javascript unsafe class loading issue. Since the jdk issue is with the browser plugin, I figured I'd be ok using MINIMAL=true to skip the plugin, but now I'm tripping over open-motif. I'd like to understand the relationship between the two a little more before proceeding. From the CVS history, I see a note that libXm is statically linked into libawt. It seems like this is a non-issue for me since I'm precompiling a package that is intended for use on servers that won't run X, but I'd like to get some kind of confirmation before I go ahead and override the vulnerability check. -- Matthew George SecureWorks Technical Operations
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?41ACCAB3.7040405>