[Freedombox-discuss] Java vulnerabilities
Michael Rauch
l15t at miranet.ch
Sun Jun 21 18:19:01 UTC 2015
please take note that the company which is pointing out the issues also
has a remedy on offer. also, the companies name is mentioned eight times
throughout the article.
i don't consider the java platform being high-risk. rather the opposite.
because java is used a lot in enterprise applications, keeping track of
security vulnerabilities in java components and selling that information
to enterprises makes an interesting business opportunity. from my point
of view, that makes vulnerabilities more transparent an manageable.
Michael
On 16.06.2015 19:03, Sandy Harris wrote:
> A rather scary article:
> http://www.itworld.com/article/2936575/security/software-applications-have-on-average-24-vulnerabilities-inherited-from-buggy-components.html
>
> Does the current Fbox implementation use Java? Should we eliminate it
> as a matter of necessary security policy? If not, how can we deal with
> these issues?
>
> Are other things we use also high-risk? Javascript? Perl? Python? ...?
>
> _______________________________________________
> Freedombox-discuss mailing list
> Freedombox-discuss at lists.alioth.debian.org
> http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/freedombox-discuss
>
More information about the Freedombox-discuss
mailing list