Re: So whats up with the 11.2 java security hole?

From: John Hurley <johnbhurley_at_sbcglobal.net>
Date: Tue, 9 Feb 2010 11:25:37 -0800 (PST)
Message-ID: <95daadb9-746b-47f4-a57d-2c463f45055d_at_q16g2000yqq.googlegroups.com>



On Feb 8, 10:52 am, "Vladimir M. Zakharychev" <vladimir.zakharyc..._at_gmail.com> wrote:

snip

> Well, the weekend's over, been 4 (if I didn't miscalculate) days since
> disclosure and guess what - no alert from Oracle still. Neither public
> athttp://www.oracle.com/technology/deploy/security/alerts.htm, nor
> paying-customer-only at MOS, nor on their security blogs... Even a
> simple acknowledgment that they are aware and are working on a fix
> would do at this point... Do they think that if they just ignore the
> threat it will eventually go away? Or are they too busy rebranding Sun
> sites and cleaning up after CVE-2010-0073? (this one's a nice BEA
> heritage, full-fledged user-friendly backdoor, even no need to compose
> and inject shellcode to instantiate one of your own...)
> [/rant]

Well the web logic alert is out now ... so maybe Oracle corp is about ready to get this one out next ... maybe. Received on Tue Feb 09 2010 - 13:25:37 CST

Original text of this message