To shore up Javarsquo;s security, a private group that operates outside the normal open source community process is under consideration.The proposednbsp;OpenJDK (Java Development Kit) Vulnerability Group would provide a secure, private forum in which trusted members of the community receive reports on vulnerabilities in code bases and then review and fix them.
Coordinating the release of fixes also would be part of the grouprsquo;s mandate. (Java SE, the standard edition of Java, has been developed under the auspices of OpenJDK.)[ Keep track of whatrsquo;s changed in Java 9 in InfoWorldrsquo;s live changelog, “Whatrsquo;s new in Java 9.” | Keep up with hot topics in programming with InfoWorldrsquo;s App Dev Report newsletter. ]The vulnerability group and Oraclersquo;s internal security teams would work together, and it may occasionally need to work with external security organizations.To read this article in full or to leave a comment, please click here
Coordinating the release of fixes also would be part of the grouprsquo;s mandate. (Java SE, the standard edition of Java, has been developed under the auspices of OpenJDK.)[ Keep track of whatrsquo;s changed in Java 9 in InfoWorldrsquo;s live changelog, “Whatrsquo;s new in Java 9.” | Keep up with hot topics in programming with InfoWorldrsquo;s App Dev Report newsletter. ]The vulnerability group and Oraclersquo;s internal security teams would work together, and it may occasionally need to work with external security organizations.To read this article in full or to leave a comment, please click here