cayenne-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Richard Frovarp <rfrov...@apache.org>
Subject Re: javadoc security flaw
Date Tue, 09 Jul 2013 21:07:02 GMT
On 07/09/2013 03:58 PM, Mike Kienenberger wrote:
> I wasn't able to quickly determine how to detect or exploit this by
> reviewing the recent security advisories about the issue.   Maybe
> someone else will have more time or better luck spotting the wanted
> info.
>
> http://www.kb.cert.org/vuls/id/225657
>
> http://xforce.iss.net/xforce/xfdb/84715
>
> http://www.oracle.com/technetwork/topics/security/javacpujun2013-1899847.html
>

They released a tool that can be ran to check the Javadoc:


http://www.oracle.com/technetwork/java/javase/downloads/java-doc-updater-tool-1955731.html

That will fix the Javadoc, but it also can be used in a checking mode.

There is an issue under Legal's JIRA to determine if the tool could be 
used automatically as part of a build or not. I'm not sure of the issue 
number, or their determination.

Mime
View raw message