[Freedombox-discuss] Java vulnerabilities
Sean Alexandre
sean at alexan.org
Tue Jun 16 19:25:32 UTC 2015
I think this is less of an issue for FreedomBox because it's based on
Debian, and Debian packages get security updates. This should update a
FreedomBox with any security patches:
apt-get update
apt-get upgrade
To me this is one of the beautiful things about Debian (or any distro
that has actively maintained package management.) All the pieces are
coordinated and in sync...or that's the theory anyway.
Of course none of this is magic and, for Debian, lots of kudos are due
to all the Debian developers that help make this happen!
On 06/16/2015 01:03 PM, Sandy Harris wrote:
> A rather scary article:
> http://www.itworld.com/article/2936575/security/software-applications-have-on-average-24-vulnerabilities-inherited-from-buggy-components.html
>
> Does the current Fbox implementation use Java? Should we eliminate it
> as a matter of necessary security policy? If not, how can we deal with
> these issues?
>
> Are other things we use also high-risk? Javascript? Perl? Python? ...?
>
> _______________________________________________
> Freedombox-discuss mailing list
> Freedombox-discuss at lists.alioth.debian.org
> http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/freedombox-discuss
>
>
More information about the Freedombox-discuss
mailing list