Your message dated Thu, 10 Jul 2008 15:03:01 +0200
with message-id <[EMAIL PROTECTED]>
and subject line Re: sun-java5-jre: jre/lib/security/*_policy.jar should be
conffiles
has caused the Debian Bug report #466675,
regarding sun-java5-jre: jre/lib/security/*_policy.jar should be conffiles
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [EMAIL PROTECTED]
immediately.)
--
466675: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=466675
Debian Bug Tracking System
Contact [EMAIL PROTECTED] with problems
--- Begin Message ---
Package: sun-java5-jre
Version: 1.5.0-14-2
Severity: important
As it's currently done with other files in the same directory, the jar
files that impose the US crypto restrictions should be symlinks to files
in etc, so they can be overwritten locally (the procedure indicated by
Sun) with unrestricted versions and not overwritten on upgrades.
Today, an application was rendered unusable in one of my test servers
because of the latest stable upgrade reinstalling the cripppled versions.
Also, please consider providing the unrestricted files in the same or an
separate package, as this is very inconvenient for any real crypto work.
Citing JRE's README:
-----------------------------------------------------------------------
Unlimited Strength Java Cryptography Extension
-----------------------------------------------------------------------
Due to import control restrictions for some countries, the Java
Cryptography Extension (JCE) policy files shipped with the JRE
allow strong but limited cryptography to be used. These files are
located at
<java-home>/lib/security/local_policy.jar
<java-home>/lib/security/US_export_policy.jar
where <java-home> is the jre directory of the JDK or the top-level
directory of the JRE.
An unlimited strength version of these files indicating no
restrictions on cryptographic strengths is available on the JDK web
site for those living in eligible countries. Those living in eligible
countries may download the unlimited strength version and replace the
strong cryptography jar files with the unlimited strength files. The
JCE Unlimited Strength Jurisdiction Policy Files 5.0 are available from:
http://java.sun.com/j2se/1.5.0/download.jsp
-------------------------------------------------------------------------
Thanks, Tincho.
-- System Information:
Debian Release: lenny/sid
APT prefers testing
APT policy: (500, 'testing'), (1, 'experimental')
Architecture: i386 (i686)
Kernel: Linux 2.6.24-1-686 (SMP w/2 CPU cores)
Locale: LANG=es_AR.UTF-8, LC_CTYPE=es_AR.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash
Versions of packages sun-java5-jre depends on:
ii debconf [debconf-2.0] 1.5.19 Debian configuration management sy
ii java-common 0.27 Base of all Java packages
ii locales 2.7-6 GNU C Library: National Language (
ii sun-java5-bin 1.5.0-14-2 Sun Java(TM) Runtime Environment (
Versions of packages sun-java5-jre recommends:
ii gsfonts-x11 0.20 Make Ghostscript fonts available t
ii java-common 0.27 Base of all Java packages
-- debconf information:
sun-java5-jre/jcepolicy:
sun-java5-jre/stopthread: true
* shared/accepted-sun-dlj-v1-1: true
shared/error-sun-dlj-v1-1:
* shared/present-sun-dlj-v1-1:
--- End Message ---
--- Begin Message ---
tag 466675 + wontfix
thanks
no, afaik we cannot distribute these files, not in this nor another package. If
you do want to provide some solution, please use a local diversion to make sure
these files are not overwritten on upgrades. Or build a package to do these
diversions. I'm happy to announce such a package in a README.Debian file.
Matthias
--- End Message ---
