Date: Wed, 20 Mar 2002 11:52:10 +1030 From: Greg Lewis <glewis@eyesbeyond.com> To: shudo@computer.org Cc: java@FreeBSD.ORG Subject: Re: [setantae@submonkey.net: [body_114818111878816447@hermes.sun.com: Sun Security Bulletin #00218]] Message-ID: <20020320115209.C45919@misty.eyesbeyond.com> In-Reply-To: <200203200034.JAA14371@cafe.muraoka.info.waseda.ac.jp>; from shudo@computer.org on Wed, Mar 20, 2002 at 09:34:02AM %2B0900 References: <20020319162422.A26883@shikima.mine.nu> <200203200034.JAA14371@cafe.muraoka.info.waseda.ac.jp>
next in thread | previous in thread | raw e-mail | index | archive | help
On Wed, Mar 20, 2002 at 09:34:02AM +0900, shudo@computer.org wrote: > From: Rasputin <rasputin@shikima.mine.nu> > > > Sorry for the length of this - I couldn't find a URL. > > The #00218 of Sun Security Bulletin is at: > http://sunsolve.Sun.COM/pub-cgi/retrieve.pl?doc=secbull/218 > We are also be able to find past bulletins at: > http://sunsolve.sun.com/security > > > Is our SCSL version vulnerable? > > Probably. The FreeBSD port of JDK 1.3.1 is based on the source code > of the plain 1.3.1, which is the newer one Sun provides as source > code. The source code of 1.4.1 and even 1.3.1_02 has not been > released. Shudo-san is completely correct here, although I would change the "Probably" to "Definitely" :). The SCSL source code base is earlier than 1.3.1_01 which is listed as vulnerable. -- Greg Lewis Email : glewis@eyesbeyond.com Eyes Beyond Web : http://www.eyesbeyond.com Information Technology To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-java" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20020320115209.C45919>