On Wed, 30 Nov 2005, Todd Vierling wrote:

> > > > -sun-{jre,jdk}14-*	1122,local-file-write	http://secunia.com/advisories/14902/
> > > > +sun-{jre,jdk}14<2.10	1122,local-file-write	http://secunia.com/advisories/14902/
>
> > Ok, never post before (a third) coffee; the release of 1.4.2_10 and the
> > announcement of this vulnerability are unrelated.  The vulnerability has
> > been fixed in 1.4.2_9, and 1.4.2_10 is just another update.
>
> Where is the announcement that this was actually fixed?  Are you *sure* it
> is fixed -- have you tested?

FWIW, I tested, and Secunia SA14902 is, as yet, NOT fixed in JDK 1.4.2_10.
Sorry, this one's still open.

(I also added pkg-vulnerabilites entries for blackdown/sun-j*13  as well as
fastjar.)

-- 
-- Todd Vierling <tv@duh.org> <tv@pobox.com> <todd@vierling.name>