Go Down

Topic: Java vulnerabilities and the Arduino IDE (Read 1 time) previous topic - next topic

mother

Quote
This website uses Java where? I have Java disabled in my browser and can navigate and use this site just fine.

The website does use Javascript, which is entirely different and unrelatd to Java.


OMG indeed, just checked the forum software the site is running on, and it's all LAMP & Javascript, no Java to be seen anywhere. My original question stands  :)

Coding Badly

In the past couple of weeks, there was an exploit in the wild and Java 7 update 7 released to fix it.


Let's read the security alert together, shall we...
http://www.oracle.com/technetwork/topics/security/alert-cve-2012-4681-1835715.html

From the first paragraph...
Quote
...affecting Java running in web browsers on desktops. These vulnerabilities are not applicable to Java running on servers or standalone Java desktop applications.


Do you believe the security alert applies to the Arduino IDE?

mother

Perfectly good answer, all is well - I had read about the hole in other places, where that particularity wasn't included. What I sense though is some kind of protectionism towards Java, judging by the tone of the replies... I hope this is not the default way of addressing people here.

Otherwise, since I'm new here (although I've been a mod at BackTrack Linux & Netstumbler forums for years, so I know something about moderation) I respectfully ask what the rules are in posting questions, so as to not offend anyone again. :|

Louis Davis

FWIW

I verified the IDE will work with 1.7.0_07 version of the JRE.

I am running Win7 X64 with 32-bit version of the JRE

I had to rename the java folder under Arduino, so that it would use the installed version instead of the Arduino version.

Here is the launch4j.log:
Code: [Select]
CmdLine: C:\arduino\arduino-1.0.1\arduino.exe --l4j-debug
WOW64: yes
Working dir: C:\arduino\arduino-1.0.1\.
Bundled JRE: java
Check launcher: C:\arduino\arduino-1.0.1\java\bin\javaw.exe (n/a)
64-bit search: SOFTWARE\JavaSoft\Java Runtime Environment...
32-bit search: SOFTWARE\JavaSoft\Java Runtime Environment...
Match: SOFTWARE\JavaSoft\Java Runtime Environment\1.7
Match: SOFTWARE\JavaSoft\Java Runtime Environment\1.7.0_07
64-bit search: SOFTWARE\JavaSoft\Java Development Kit...
32-bit search: SOFTWARE\JavaSoft\Java Development Kit...
Check launcher: C:\Program Files (x86)\Java\jre7\bin\javaw.exe (OK)
Add classpath: lib\pde.jar
Add classpath: lib\core.jar
Add classpath: lib\jna.jar
Add classpath: lib\ecj.jar
Add classpath: lib\RXTXcomm.jar
Launcher: C:\Program Files (x86)\Java\jre7\bin\javaw.exe
Launcher args: -Xms128m -Xmx128m -classpath "lib;C:\Program Files (x86)\Java\jre7\lib\tools.jar;lib\pde.jar;lib\core.jar;lib\jna.jar;lib\ecj.jar;lib\RXTXcomm.jar" processing.app.Base
Args length: 167/32768 chars
Exit code: 259

eried

There is some description of the vulnerabilities java has? I mean, I think installing java is more harmful than using an old version from the arduino folder.
My website: http://ried.cl

Go Up