please take note that the company which is pointing out the issues also
has a remedy on offer. also, the companies name is mentioned eight times
throughout the article.
i don't consider the java platform being high-risk. rather the opposite.
because java is used a lot in enterprise applications, keeping track of
security vulnerabilities in java components and selling that information
to enterprises makes an interesting business opportunity. from my point
of view, that makes vulnerabilities more transparent an manageable.
Michael
On 16.06.2015 19:03, Sandy Harris wrote:
A rather scary article:
http://www.itworld.com/article/2936575/security/software-applications-have-on-average-24-vulnerabilities-inherited-from-buggy-components.html
Does the current Fbox implementation use Java? Should we eliminate it
as a matter of necessary security policy? If not, how can we deal with
these issues?
Are other things we use also high-risk? Javascript? Perl? Python? ...?
_______________________________________________
Freedombox-discuss mailing list
[email protected]
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/freedombox-discuss
_______________________________________________
Freedombox-discuss mailing list
[email protected]
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/freedombox-discuss
