struts-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Christian Grobmeier <grobme...@gmail.com>
Subject Re: Java security issue vs. struts?
Date Thu, 17 Jan 2013 04:52:35 GMT
On Wed, Jan 16, 2013 at 11:12 PM, Emi Lu <emilu@encs.concordia.ca> wrote:
> On 01/16/2013 05:02 PM, Chris Pratt wrote:
>>
>> I believe the description says it all.
>>
>> This Security Alert addresses security issues CVE-2013-0422 (US-CERT
>> Alert TA13-010A - Oracle Java 7 Security Manager Bypass Vulnerability)
>> and another vulnerability affecting Java running in web browsers. *These
>> vulnerabilities are not applicable to Java running on servers,*
>> standalone Java desktop applications or embedded Java applications. They
>> also do not affect Oracle server-based software.
>>
> Thank you Chris. Moreover, if I call jfreechart to generate reports through
> web applications, it will not be affected, I believe?

As long as you do not use Applets to output JFreechart data you should
be fine (saying: if you generate images with JFreechart)


> Emi
>
>
>
>> On Wed, Jan 16, 2013 at 1:54 PM, Emi Lu <emilu@encs.concordia.ca
>> <mailto:emilu@encs.concordia.ca>> wrote:
>>
>>     Hello,
>>
>>     Does someone know how this java security issue related to struts
>>     framework?
>>
>>
>> http://www.oracle.com/__technetwork/topics/security/__alert-cve-2013-0422-1896849.__html
>>
>>
>> <http://www.oracle.com/technetwork/topics/security/alert-cve-2013-0422-1896849.html>
>>
>>     Thanks a lot!
>>     Emi
>>
>>
>> ------------------------------__------------------------------__---------
>>     To unsubscribe, e-mail: user-unsubscribe@struts.__apache.org
>>     <mailto:user-unsubscribe@struts.apache.org>
>>
>>     For additional commands, e-mail: user-help@struts.apache.org
>>     <mailto:user-help@struts.apache.org>
>>
>>
>
>
> --
> Emi Lu, ENCS, Concordia University, Montreal H3G 1M8
> emilu@encs.concordia.ca        +1 514 848-2424 x5884
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: user-unsubscribe@struts.apache.org
>
> For additional commands, e-mail: user-help@struts.apache.org
>



--
http://www.grobmeier.de
https://www.timeandbill.de

---------------------------------------------------------------------
To unsubscribe, e-mail: user-unsubscribe@struts.apache.org
For additional commands, e-mail: user-help@struts.apache.org


Mime
View raw message