jdk security vuln?

Scott Robbins scottro at nyc.rr.com
Tue May 31 12:33:28 PDT 2005

Hash: SHA1

On Tue, May 31, 2005 at 08:22:00PM +0100, Jayton Garnett wrote:
> Hello,
> I have recently installed freebsd 5.4 and tried many times to install
> the native freebsd jdk (1.4 & 1.5) and wont install as  there is a
> security vulnerability in the linux jdk's and other jdk's.
> How do I go about compiling these now? I only need it for openoffice and
> unfortunately there are no packages for openoffice and dont want to
> install it without java as i am not sure what the out come will be :-s

You should be able to install openoffice with 

make -DWITHOUT_JAVA install clean

(However, I think openoffice has its own vulnerabilities, but that might
only be the devel version.)

To override the vulnerability (hopefully, you have examined what it is
and decided you can live with it) do


However, if you install native java-1.4, note that you will have to
install linux-sun-jdk14 first.  That one has a pkg-message that you
should read before starting the whole thing.  

I have a page that briefly covers it at


It doesn't go into all the details of installing java, but gives a few
of the problems, letting you know what to expect.  (Though I don't cover
the vulnerability issue, that happened later) :)

- -- 


GPG KeyID EB3467D6
( 1B848 077D 66F6 9DB0 FDC2  A409 FA54 D575 EB34 67D6)
gpg --keyserver pgp.mit.edu --recv-keys EB3467D6

Willow: I knew it! I knew it! Well, not in the sense of having 
the slightest idea, but I knew there was something I didn't know.
Version: GnuPG v1.4.1 (FreeBSD)


More information about the freebsd-stable mailing list