[Freedombox-discuss] Java vulnerabilities

Michael Rauch l15t at miranet.ch
Sun Jun 21 18:19:01 UTC 2015


please take note that the company which is pointing out the issues also 
has a remedy on offer. also, the companies name is mentioned eight times 
throughout the article.

i don't consider the java platform being high-risk. rather the opposite.

because java is used a lot in enterprise applications, keeping track of 
security vulnerabilities in java components and selling that information 
to enterprises makes an interesting business opportunity. from my point 
of view, that makes vulnerabilities more transparent an manageable.

Michael


On 16.06.2015 19:03, Sandy Harris wrote:
> A rather scary article:
> http://www.itworld.com/article/2936575/security/software-applications-have-on-average-24-vulnerabilities-inherited-from-buggy-components.html
>
> Does the current Fbox implementation use Java? Should we eliminate it
> as a matter of necessary security policy? If not, how can we deal with
> these issues?
>
> Are other things we use also high-risk? Javascript? Perl? Python? ...?
>
> _______________________________________________
> Freedombox-discuss mailing list
> Freedombox-discuss at lists.alioth.debian.org
> http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/freedombox-discuss
>




More information about the Freedombox-discuss mailing list