struts-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Emi Lu <em...@encs.concordia.ca>
Subject Re: Java security issue vs. struts?
Date Wed, 16 Jan 2013 22:12:13 GMT
On 01/16/2013 05:02 PM, Chris Pratt wrote:
> I believe the description says it all.
>
> This Security Alert addresses security issues CVE-2013-0422 (US-CERT
> Alert TA13-010A - Oracle Java 7 Security Manager Bypass Vulnerability)
> and another vulnerability affecting Java running in web browsers. *These
> vulnerabilities are not applicable to Java running on servers,*
> standalone Java desktop applications or embedded Java applications. They
> also do not affect Oracle server-based software.
>
Thank you Chris. Moreover, if I call jfreechart to generate reports 
through web applications, it will not be affected, I believe?

Emi



> On Wed, Jan 16, 2013 at 1:54 PM, Emi Lu <emilu@encs.concordia.ca
> <mailto:emilu@encs.concordia.ca>> wrote:
>
>     Hello,
>
>     Does someone know how this java security issue related to struts
>     framework?
>
>     http://www.oracle.com/__technetwork/topics/security/__alert-cve-2013-0422-1896849.__html
>     <http://www.oracle.com/technetwork/topics/security/alert-cve-2013-0422-1896849.html>
>
>     Thanks a lot!
>     Emi
>
>     ------------------------------__------------------------------__---------
>     To unsubscribe, e-mail: user-unsubscribe@struts.__apache.org
>     <mailto:user-unsubscribe@struts.apache.org>
>     For additional commands, e-mail: user-help@struts.apache.org
>     <mailto:user-help@struts.apache.org>
>
>


-- 
Emi Lu, ENCS, Concordia University, Montreal H3G 1M8
emilu@encs.concordia.ca        +1 514 848-2424 x5884

---------------------------------------------------------------------
To unsubscribe, e-mail: user-unsubscribe@struts.apache.org
For additional commands, e-mail: user-help@struts.apache.org


Mime
View raw message