Re: java plugin, is does it have any security vulnerabilities ?
On Sat, Jul 14, 2012 at 06:23:58PM -0400, Andrew Reid wrote: Hi, You can switch to OpenJDK, or remove your sun-java6 packages and install the JRE from the Oracle-provided binaries. I would rephrase it a little bit to 'You _should_ switch to OpenJDK and the icedtea browser plugin'. If you can't, because you've to e.g. use the KVM console of Dells iDRAC cards in various incarnations, you can convert the Oracle .bin packages to a .deb package. There is a helper tool in sid, which works fine on Debian/Squeeze aswell, called make-jpkg. You can find it in the java-package Debian package http://packages.debian.org/sid/java-package Sven -- We are what you say We are not what you think [ Dead Sara - We are what you say ] -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20120715075406.GB10910@colin
Re: java plugin, is does it have any security vulnerabilities ?
On Sat, 14 Jul 2012 21:54:09 +0100, dave selby wrote: i am running Debian stable (squeeze) and have java installed 6.26-osqueeze1 as a package. Firefox uses this package but when I asked it to check if plugins are up to date it says nope, need version 7... Yes, the latest Oracle's Java version is now 7 (update 5). So am I right in thinking that v6.26 is old (and thus the advice to upgrade to 7) but does not have any known security vulnerabilities because it is part of stable ? Or have I missed something ? I'm afraid the current Oracle's Java version in Squeeze is vulnerable. You either switch to OpenJVM or manually install Oracle's Java 7 from their site ;-( More info: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=646524 http://security-tracker.debian.org/tracker/source-package/sun-java6 Greetings, -- Camaleón -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/jtugtj$83b$5...@dough.gmane.org
java plugin, is does it have any security vulnerabilities ?
Hi All, i am running Debian stable (squeeze) and have java installed 6.26-osqueeze1 as a package. Firefox uses this package but when I asked it to check if plugins are up to date it says nope, need version 7... So am I right in thinking that v6.26 is old (and thus the advice to upgrade to 7) but does not have any known security vulnerabilities because it is part of stable ? Or have I missed something ? Cheers Dave -- Please avoid sending me Word or PowerPoint attachments. See http://www.gnu.org/philosophy/no-word-attachments.html -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/ca+-bttyv4cyl2mp0w-wr1fn6wap_kv41ry2r9aito95bqy7...@mail.gmail.com
Re: java plugin, is does it have any security vulnerabilities ?
Hi All, i am running Debian stable (squeeze) and have java installed 6.26-osqueeze1 as a package. Firefox uses this package but when I asked it to check if plugins are up to date it says nope, need version 7... So am I right in thinking that v6.26 is old (and thus the advice to upgrade to 7) but does not have any known security vulnerabilities because it is part of stable ? Are you using the Debian-provided sun-java6-plugin package? My understanding is that this package is no longer updated by Debian, because of licensing restrictions introduced by Oracle affecting redistribution. There is no Debian-packaged Sun Java VM newer than 6u26. You can switch to OpenJDK, or remove your sun-java6 packages and install the JRE from the Oracle-provided binaries. -- A. -- Andrew Reid / rei...@bellatlantic.net -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/201207141823.58980.rei...@bellatlantic.net
