Oracle proposes industry collaboration on OpenJDK security

Java Chief Architect Mark Reinhold posts…

Create a secure, private forum in which trusted members of the OpenJDK Community can receive reports of vulnerabilities in OpenJDK code bases, review them, collaborate on fixing them, and coordinate the release of such fixes. Ensure that information flows efficiently, in both directions, between this forum and Oracle’s internal security teams. Encourage the forum to be used for other OpenJDK security-related discussions as needed.

Continue reading, Proposal: OpenJDK Vulnerability Group