jdk -- jar directory traversal vulnerability (CVE-2005-1080).
Jacques Vidrine
nectar at FreeBSD.org
Tue Sep 12 15:04:53 PDT 2006
On 2006-09-12, at 13:52:40, Remko Lodder wrote:
> David Robillard wrote:
>> Hi everyone,
>> Are there any workaround or a patch for this security problem?
>> FreeBSD Foundation's Java JDK and JRE 5.0 Update 7 binaries for
>> FreeBSD 6.1/i386:
>> Affected package: diablo-jdk-freebsd6.i386.1.5.0.07.00
>> Type of problem: jdk -- jar directory traversal vulnerability.
>> Reference: <http://www.FreeBSD.org/ports/portaudit/18e5428f-
>> ae7c-11d9-837d-000e0c2e438a.html> Many thanks,
>> David
>
> Hello david,
>
> I corrected the entry, it should be fixed within little notice :)
Hey, hold on a second... are you sure this has been fixed? As far as
I know, Sun has never issues a patch for this vulnerability. Yay Sun!
Cheers,
--
Jacques Vidrine <nectar at FreeBSD.org>
More information about the freebsd-questions
mailing list