Posted by Security Explorations on Mar 09

Hello All,

On Mar 07, 2016 Security Explorations modified its Disclosure Policy [1].
As a result, we do not tolerate broken fixes any more. If an instance
of a broken fix for a vulnerability we already reported to the vendor
is encountered, it gets disclosed by us without any prior notice.

The vendor that gets the questionable honor to be the first to experience
our modified Disclosure Policy is Oracle.

Yesterday, during my JavaLand talk [2],…