Re: So whats up with the 11.2 java security hole?

From: John Hurley <johnbhurley_at_sbcglobal.net>
Date: Mon, 8 Feb 2010 11:18:46 -0800 (PST)
Message-ID: <f5b5cfb2-f00d-4b7e-888c-5bd43dcbfdb8_at_r24g2000yqd.googlegroups.com>

On Feb 8, 10:52�am, "Vladimir M. Zakharychev" <vladimir.zakharyc..._at_gmail.com> wrote:

snip ...

> [rant]
> Well, the weekend's over, been 4 (if I didn't miscalculate) days since
> disclosure and guess what - no alert from Oracle still. Neither public
> athttp://www.oracle.com/technology/deploy/security/alerts.htm, nor
> paying-customer-only at MOS, nor on their security blogs... Even a
> simple acknowledgment that they are aware and are working on a fix
> would do at this point... Do they think that if they just ignore the
> threat it will eventually go away? Or are they too busy rebranding Sun
> sites and cleaning up after CVE-2010-0073? (this one's a nice BEA
> heritage, full-fledged user-friendly backdoor, even no need to compose
> and inject shellcode to instantiate one of your own...)
> [/rant]

It does seem quite curious doesn't it.

No worries though because Mary Ann has our back right?

How long until the auditors start asking questions ( as they are supposed to do )? Received on Mon Feb 08 2010 - 13:18:46 CST

This message: [ Message body ]
Next message: John Hurley: "Re: rant - does oracle know how to design a website?"
Previous message: Terry Dykstra: "Re: rant - does oracle know how to design a website?"
Maybe in reply to: John Hurley: "So whats up with the 11.2 java security hole?"
Next in thread: Vladimir M. Zakharychev: "Re: So whats up with the 11.2 java security hole?"

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ]

Original text of this message