You might've heard about the malware for Mac called Flashback. It spreads via a vulnerability in Java implementations. OpenJDK and IcedTea, which include Java code from Sun/Oracle, were vulnerable as well. Please make sure Java implementations in your distributions are patched to fix this vulnerability, and publish updates as appropriate.
It doesn't look like there's a full technical report on the exploit (the CVE is "reserved") but here's Oracle's official page about the problem: <http://www.oracle.com/technetwork/topics/security/javacpufeb2012-366318.html> Here are trackers for Red Hat and Debian. The Red Hat page at least includes a high-level summary of the bug. * <https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-0507> * <http://security-tracker.debian.org/tracker/CVE-2012-0507> Best regards, -- Brett Smith License Compliance Engineer, Free Software Foundation Support the FSF by becoming an Associate Member: http://fsf.org/jf
