On 11/01/13 18:52, David Walser wrote: > If you're using Cauldron as a workstation and have the Java plugin > (icedtea-web > or Sun Java) enabled in your browser, be aware there's a zero-day > vulnerability > being actively exploited, and you should disable the plugin for general usage > until we have a fix. > > If you're using icedtea-web on Mageia 2 you're not affected, as that uses > Java 6 > which is not known to be vulnerable. > > http://arstechnica.com/security/2013/01/critical-java-zero-day-bug-is-being-massively-exploited-in-the-wild/ > http://www.h-online.com/security/news/item/Dangerous-vulnerability-in-latest-Java-version-1781156.html >
That's maybe worth a blog post, especially the Mga2 is not vulnerable bit. People will be looking for updates when they are not needed. Claire
