| Re: [technology-pmc] Eclipse JustJ 1.0 Release |
+1 Ed, are you aware that 11.0.2 has a few CVEs logged? https://www.cvedetails.com/vulnerability-list/vendor_id-93/product_id-19116/version_id-281792/Oracle-JDK-11.0.2.html As such it will be reported/blocked as insecure software by security scanning software installed on corporate machines. This might effect Eclipse packages and installer distributed with such vulnerable JREs. I experienced this myself with other applications shipping/embedding a JRE. I'd like to encourage you to provide a 1.0.x release soon with updated JRE versions. -Gunnar -- Gunnar Wagenknecht gunnar@xxxxxxxxxxxxxxx, http://guw.io/ > On Aug 28, 2020, at 06:07, Ed Merks <ed.merks@xxxxxxxxx> wrote: > > Hi, > > I've created the release review for the 1.0 release of JustJ: > > https://projects.eclipse.org/projects/technology.justj/releases/1.0 > > It is a 1.0 (graduation) release because JustJ is releasing JREs for Java 11.0.2 and Java 14.0.2 and the version numbers of the p2 installable units reflect those version numbers. > > I've create the IP log CQ: > > https://dev.eclipse.org/ipzilla/show_bug.cgi?id=22558 > > Please approve the CQ and the review. > > Regards, > Ed > > _______________________________________________ > technology-pmc mailing list > technology-pmc@xxxxxxxxxxx > To unsubscribe from this list, visit https://www.eclipse.org/mailman/listinfo/technology-pmc