Name is required.
Email address is required.
Invalid email address
Answer is required.
Exceeding max length of 5KB

Vulnerable Java JRE

Dransfeldt Jul 26, 2019 08:00AM UTC

Hi

The newest version of the community edition for Linux is shipped with a private JRE (Oracle 1.11.0 2) which is effected by multiple vulnerabilities, can this be updated to 1.11.0 3?

Thanks
Br, Dransfeldt


Liam Tai-Hogan Jul 26, 2019 10:46AM UTC Support Center agent

Burp Community ships with OpenJDK Runtime Environment 11.0.2+9.

Could you provide us with details of your security concerns?


Jerry Rothensteiner Oct 10, 2019 10:13PM UTC
We are seeing this issue as well, Nessus is complaning about our Burp workstations due to vulnerable JRE. Will this be updated?

Jerry Rothensteiner Oct 11, 2019 02:30PM UTC
https://www.cvedetails.com/vulnerability-list/vendor_id-93/product_id-19116/version_id-281792/Oracle-JDK-11.0.2.html

Jerry Rothensteiner Oct 11, 2019 02:31PM UTC
https://www.cvedetails.com/vulnerability-list/vendor_id-93/product_id-19117/version_id-286264/Oracle-JRE-11.0.2.html

Mike Eaton Oct 15, 2019 10:08AM UTC Support Center agent

Thank you for the clarification, we have passed this onto our development team for their consideration.


Post Your public answer

Your name
Your email address
Answer