P2
NOTE: I believe that JavaFX is now being included in the Standard JRE 7 and this may be very low priority now that is no longer a separate runtime environment.
Can it be investigated whether the dlls and executables related to JavaFX have their appropriate File Decription, File Version, Product Name and Product Version information completed prior to release. From looking at the JRE 7 u11 it appears that the files associated with the JRE mainly contain this information, whilst fxplugins.dll, jfxmedia.dll, jfxwebkit.dll, javafx-font,dll and javafx-iio.dll are all missing this information (forgive me if any of these aren't JavaFX related I am not a developer by any stretch of the imagination).
The main reason I am interested in this is to ensure that Vulnerability Scanners are able to detect the version of JavaFX installed by examining files. Already Secunia have advised that the current dll files are missing the version numbers so that they can't scan the files and advise of security vulnerabilities.
Can it be investigated whether the dlls and executables related to JavaFX have their appropriate File Decription, File Version, Product Name and Product Version information completed prior to release. From looking at the JRE 7 u11 it appears that the files associated with the JRE mainly contain this information, whilst fxplugins.dll, jfxmedia.dll, jfxwebkit.dll, javafx-font,dll and javafx-iio.dll are all missing this information (forgive me if any of these aren't JavaFX related I am not a developer by any stretch of the imagination).
The main reason I am interested in this is to ensure that Vulnerability Scanners are able to detect the version of JavaFX installed by examining files. Already Secunia have advised that the current dll files are missing the version numbers so that they can't scan the files and advise of security vulnerabilities.
- relates to
-
JDK-8166759 jfxwebkit.dll is missing file detail for 8u112 and 9
-
- Resolved
-