Security Patches
Tim Bell
Tim.Bell at Sun.COM
Sun Dec 6 21:39:42 PST 2009
Deepak Mathews wrote:
> Does OpenJDK share a lot of codebase with SunJDK.
Yes, it does.
> There was a security issue for SunJDK...
... ?? specific details please ??
> A command execution vulnerability in the Java Runtime Environment Deployment
> Toolkit may be leveraged to execute arbitrary code. This may occur as the
> result of a user of the Java Runtime Environment viewing a specially crafted
> web page that exploits this vulnerability.
>
> This issue can occur in the following Java SE and Java SE for Business
> releases for Windows:
>
> JDK and JRE 6 Update 16 and earlier
> Note: JDK and JRE 5.0, and SDK and JRE 1.4.2 and 1.3.1 are not affected by
> this issue.
>
> The security issues for SunJDK... Will this affect OpenJDK 7 also?
Where did you get the text pasted above? Were there bug-ID(s) referenced,
and if so, what were they?
JDK7 is currently in sync with security fixes, but we won't be
able to track this down for sure without more information.
Thx-
Tim
More information about the jdk7-dev
mailing list