Skip site navigation (1)Skip section navigation (2)
Date:      Sat, 4 Jan 2014 22:15:53 -0800 (PST)
From:      ari <ari@ish.com.au>
To:        freebsd-java@freebsd.org
Subject:   Re: open jdk7 marked "FORBIDDEN"
Message-ID:  <1388902553441-5873886.post@n5.nabble.com>
In-Reply-To: <20140105041919.GA57795@misty.eyesbeyond.com>
References:  <21189.33585.949509.38005@jerusalem.litteratus.org> <52C58E85.8030501@freebsd.org> <1388798626990-5873612.post@n5.nabble.com> <52C7E24A.6010902@FreeBSD.org> <20140105041919.GA57795@misty.eyesbeyond.com>

next in thread | previous in thread | raw e-mail | index | archive | help
>"Safe" being a relative term since typically the updated Java version will
>contain security fixes as well.  I didn't enumerate all the security fixes
>between 7u25 and 7u45 when doing the update, but I'm pretty certain it was
>not a list of zero length.

> I realise this potentially puts people in a poor situation.  I'd
> definitely
> recommend running 7u45 if you can, and in particular please run 7.45.18_1,
> since the initial 7.45.18 update didn't pick up changes to how the
> unlimited
> strength security policies were installed.

Hi Greg,

Thanks for this information. However in my predicament, I'm happier running
7u25 since at least the security fixes are well documented and I can read
and evaluate whether any bugs are likely to affect me. With 7u45 all I know
is that in some situations, on all 'released' versions of FreeBSD, the
kernel will panic. But I have nothing to go by to understand whether this
problem might affect me. "If you can" doesn't have a concrete answer unless
I know what to look for or how to exercise my systems to reproduce the
fault. I've read the svn commits, but don't understand enough about kernel
programming to understand what I'm looking at.

I see this puts you in a difficult position though since the FreeBSD ports
tree isn't sophisticated enough to know to install 7u25 on some versions of
FreeBSD and 7u45 on others. But at some point the 'forbidden' flag will have
to be removed and people on vulnerable OS versions will have problems unless
the JDK itself can be patched to avoid it.

Do you have an estimated timeframe on the next steps or the release of more
detailed information?

Cheers
Ari



--
View this message in context: http://freebsd.1045724.n5.nabble.com/open-jdk7-marked-FORBIDDEN-tp5873171p5873886.html
Sent from the freebsd-java mailing list archive at Nabble.com.



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?1388902553441-5873886.post>