Le 2/02/2017 à 23:08, Moritz Muehlenhoff a écrit :

> So Oracle has these lovely, unspecified vulnerabilities reported against 
> Glassfish,
> but it's my understanding that the Debian package only provides a minor subset
> what usually constitutes Java, so could you have a look, which of 
> http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html
> might possibly affect the Debian package?

I think this is unlikely to affect our packages. We only have two
specification packages (glassfish-javaee and glassfish-jmac-api) and an
Object/Relational mapper (glassfish-toplink-essentials) that is never
used at runtime.

Emmanuel Bourg

This is the maintainer address of Debian's Java team
Please use
debian-j...@lists.debian.org for discussions and questions.

Reply via email to