subject:"\[SECURITY\] Java Deserialization, JMX and CVE\-2016\-3427"

Re: [SECURITY] Java Deserialization, JMX and CVE-2016-3427

2016-05-25 Thread Mark Thomas

On 25/05/2016 16:12, Christopher Schultz wrote: > Mark, > > On 5/24/16 10:06 AM, Mark Thomas wrote: >> TL;DR If you use remote JMX, you need to update your JVM to address >> CVE-2016-3427 > >> For the longer version, see the blog post I just published on >> this: http://engineering.pivotal.io/pos

RE: [SECURITY] Java Deserialization, JMX and CVE-2016-3427

2016-05-25 Thread Caldarale, Charles R

> From: Christopher Schultz [mailto:ch...@christopherschultz.net] > Subject: Re: [SECURITY] Java Deserialization, JMX and CVE-2016-3427 > "Java SE: 6u113, 7u99, 8u77; Java SE Embedded: 8u77; JRockit: R28.3.9" > I have Java 1.8.0_91. Am I affected? No. > What about if

Re: [SECURITY] Java Deserialization, JMX and CVE-2016-3427

2016-05-25 Thread Christopher Schultz

Woonsan, On 5/25/16 11:29 AM, Woonsan Ko wrote: > On Wed, May 25, 2016 at 11:12 AM, Christopher Schultz > wrote: > Mark, > > On 5/24/16 10:06 AM, Mark Thomas wrote: TL;DR If you use remote JMX, you need to update your JVM to address CVE-2016-3427 For the longer version, see t

Re: [SECURITY] Java Deserialization, JMX and CVE-2016-3427

2016-05-25 Thread Woonsan Ko

On Wed, May 25, 2016 at 11:12 AM, Christopher Schultz wrote: > -BEGIN PGP SIGNED MESSAGE- > Hash: SHA1 > > Mark, > > On 5/24/16 10:06 AM, Mark Thomas wrote: >> TL;DR If you use remote JMX, you need to update your JVM to address >> CVE-2016-3427 >> >> For the longer version, see the blog po

Re: [SECURITY] Java Deserialization, JMX and CVE-2016-3427

2016-05-25 Thread Christopher Schultz

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Mark, On 5/24/16 10:06 AM, Mark Thomas wrote: > TL;DR If you use remote JMX, you need to update your JVM to address > CVE-2016-3427 > > For the longer version, see the blog post I just published on > this: http://engineering.pivotal.io/post/java-dese

[SECURITY] Java Deserialization, JMX and CVE-2016-3427

2016-05-24 Thread Mark Thomas

TL;DR If you use remote JMX, you need to update your JVM to address CVE-2016-3427 For the longer version, see the blog post I just published on this: http://engineering.pivotal.io/post/java-deserialization-jmx/ Mark - To unsubsc

Re: [SECURITY] Java Deserialization, JMX and CVE-2016-3427

RE: [SECURITY] Java Deserialization, JMX and CVE-2016-3427

Re: [SECURITY] Java Deserialization, JMX and CVE-2016-3427

Re: [SECURITY] Java Deserialization, JMX and CVE-2016-3427

Re: [SECURITY] Java Deserialization, JMX and CVE-2016-3427

[SECURITY] Java Deserialization, JMX and CVE-2016-3427

6 matches

Site Navigation

Mail list logo

Footer information