Linux-sun-jdk16 security advisory
Geoff Franks
gfranks at hwi.buffalo.edu
Wed Jun 11 19:11:05 UTC 2008
I installed linux-sun-jdk16 last week, and it required the jdk-6u3 files. I
went to reinstall it today (long story, but I uninstalled it on Friday, and
am starting over). However, now it requires the jdk-6u6 files. After I
grabbed those, I went to re-install with portinstall, and now I get an error
saying that this version has known vulnerabilities:
======================================================================
===> linux-sun-jdk-1.6.0.06 has known vulnerabilities:
=> jdk -- jar directory traversal vulnerability.
Reference:
<http://www.FreeBSD.org/ports/portaudit/18e5428f-ae7c-11d9-837d-000e0c2e438a
.html>
=> Please update your ports tree and try again.
*** Error code 1
When I go to the link, it mentions nothing about java 1.6, and nothing over
a java 1.5.0p1_1. Is this a new vulnerability that the portaudit page hasn't
been updated for, or is this wrongly applying to jdk16?
Geoff Franks
Sr. Systems Administrator
Hauptman Woodward Institute
More information about the freebsd-java
mailing list