From owner-freebsd-java@FreeBSD.ORG Tue May 17 03:34:22 2005 Return-Path: Delivered-To: freebsd-java@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id C5F9E16A4CE for ; Tue, 17 May 2005 03:34:22 +0000 (GMT) Received: from elvis.mu.org (elvis.mu.org [192.203.228.196]) by mx1.FreeBSD.org (Postfix) with ESMTP id A657243DA0 for ; Tue, 17 May 2005 03:34:22 +0000 (GMT) (envelope-from bright@elvis.mu.org) Received: by elvis.mu.org (Postfix, from userid 1192) id 0AF005CA1F; Mon, 16 May 2005 20:34:20 -0700 (PDT) Date: Mon, 16 May 2005 20:34:20 -0700 From: Alfred Perlstein To: java@freebsd.org Message-ID: <20050517033420.GB62055@elvis.mu.org> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.4.2.1i Subject: What's up with java and security? X-BeenThere: freebsd-java@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Porting Java to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 17 May 2005 03:34:22 -0000 I wanted to play with java, but it looks like all the ports we have are busted... jdk13 native has issues: ===> jdk-1.3.1p9_5 has known vulnerabilities: => jdk/jre -- Security Vulnerability With Java Plugin. Reference: jdk14 depends on linux-sun-jdk14 which has issues: ===> linux-sun-jdk-1.4.2.08_1 has known vulnerabilities: => jdk -- jar directory traversal vulnerability. Reference: Is Sun planning on fixing this? -- - Alfred Perlstein - Research Engineering Development Inc. - email: bright@mu.org cell: 408-480-4684