[Owasp-baltimore] Null Byte Injection in filenames fixed in Java 7 too!
dave.wichers at owasp.org
Sat Sep 14 00:26:27 UTC 2013
For those of you who attended the chapter meeting last week, I mentioned
that Null Byte Injection into filenames in Java was being fixed in Java 1.8.
Turns out that it was also just fixed in Java 7 update 40 which just came
out. Details are here:
So, if you or your customers are using Java 7, I would recommend you upgrade
to update 40 as soon as you can.
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Owasp-baltimore