Security Patches

Tim Bell Tim.Bell at Sun.COM
Sun Dec 6 21:39:42 PST 2009


Deepak Mathews wrote:

> Does OpenJDK share a lot of codebase with SunJDK.

Yes, it does.

> There was a security issue for SunJDK...

... ?? specific details please ??

> A command execution vulnerability in the Java Runtime Environment Deployment
> Toolkit may be leveraged to execute arbitrary code. This may occur as the
> result of a user of the Java Runtime Environment viewing a specially crafted
> web page that exploits this vulnerability.
> 
> This issue can occur in the following Java SE and Java SE for Business
> releases for Windows:
> 
> JDK and JRE 6 Update 16 and earlier
> Note: JDK and JRE 5.0, and SDK and JRE 1.4.2 and 1.3.1 are not affected by
> this issue.
> 
> The security issues for SunJDK... Will this affect OpenJDK 7 also?

Where did you get the text pasted above?  Were there bug-ID(s) referenced,
and if so, what were they?

JDK7 is currently in sync with security fixes, but we won't be
able to track this down for sure without more information.

Thx-

Tim



More information about the jdk7-dev mailing list