[Freedombox-discuss] Java vulnerabilities

Sean Alexandre sean at alexan.org
Tue Jun 16 19:25:32 UTC 2015

I think this is less of an issue for FreedomBox because it's based on 
Debian, and Debian packages get security updates. This should update a 
FreedomBox with any security patches:

apt-get update
apt-get upgrade

To me this is one of the beautiful things about Debian (or any distro 
that has actively maintained package management.) All the pieces are 
coordinated and in sync...or that's the theory anyway.

Of course none of this is magic and, for Debian, lots of kudos are due 
to all the Debian developers that help make this happen!

On 06/16/2015 01:03 PM, Sandy Harris wrote:
> A rather scary article:
> http://www.itworld.com/article/2936575/security/software-applications-have-on-average-24-vulnerabilities-inherited-from-buggy-components.html
> Does the current Fbox implementation use Java? Should we eliminate it
> as a matter of necessary security policy? If not, how can we deal with
> these issues?
> Are other things we use also high-risk? Javascript? Perl? Python? ...?
> _______________________________________________
> Freedombox-discuss mailing list
> Freedombox-discuss at lists.alioth.debian.org
> http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/freedombox-discuss

More information about the Freedombox-discuss mailing list