jdk -- jar directory traversal vulnerability (CVE-2005-1080).
Andrew Pantyukhin
infofarmer at FreeBSD.org
Wed Sep 13 04:01:01 PDT 2006
On 9/13/06, Jacques Vidrine <nectar at freebsd.org> wrote:
>
> On 2006-09-12, at 13:52:40, Remko Lodder wrote:
>
> > David Robillard wrote:
> >> Hi everyone,
> >> Are there any workaround or a patch for this security problem?
> >> FreeBSD Foundation's Java JDK and JRE 5.0 Update 7 binaries for
> >> FreeBSD 6.1/i386:
> >> Affected package: diablo-jdk-freebsd6.i386.1.5.0.07.00
> >> Type of problem: jdk -- jar directory traversal vulnerability.
> >> Reference: <http://www.FreeBSD.org/ports/portaudit/18e5428f-
> >> ae7c-11d9-837d-000e0c2e438a.html> Many thanks,
> >> David
> >
> > Hello david,
> >
> > I corrected the entry, it should be fixed within little notice :)
>
> Hey, hold on a second... are you sure this has been fixed? As far as
> I know, Sun has never issues a patch for this vulnerability. Yay Sun!
http://www.freshports.org/java/jdk15/files.php?message_id=200505120414.j4C4EqNR029930@repoman.freebsd.org
FreeBSD != Sun
More information about the freebsd-questions
mailing list