[Libreoffice-bugs] [Bug 134248] JURT and JUH JARs contain bad class path declaration
bugzilla-daemon at bugs.documentfoundation.org
bugzilla-daemon at bugs.documentfoundation.org
Tue Jun 23 08:08:49 UTC 2020
https://bugs.documentfoundation.org/show_bug.cgi?id=134248
--- Comment #2 from Stephan Bergmann <sbergman at redhat.com> ---
(In reply to Alexander Veit from comment #0)
> 1.) The Class-Path declaration in the respective META-INF/MANIFEST.MF files
> contains ../ as an entry. This does not make sense and has the potential to
> screw up IDEs and runtime deployments by adding completely unrelated parts
> of the file system to the class path[1]. It may also qualify as a security
> issue.
Those entries are necessary so that native code used by those jars can be
found.
> 2.) Class-Path also contains entries like "ridl.jar unoloader.jar". This
> does not make sense either. These JARs normally do not extist since they are
> usually distributed[2] with a version suffix in the file name, e.g.
> ridl-6.4.3.jar.
Those entries are necessary because the jars use classes from those other jars.
And those other jars do have fixed names ridl.jar, unoloader.jar, etc., and
are located in the LibreOffice installation's classes/ directory.
(The LibreOffice jars were never designed to be made available via Maven,
outside the context of a LibreOffice installation. I know that there have been
efforts to make them available via Maven, but do not know how effective the
results of those efforts were. I personally know next to nothing about Maven.)
--
You are receiving this mail because:
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.freedesktop.org/archives/libreoffice-bugs/attachments/20200623/b93bf707/attachment.htm>
More information about the Libreoffice-bugs
mailing list