Re: Testing needed: openjdk7 update for stable-security
On 11/07/13 23:11, Moritz Mühlenhoff wrote: Moritz Mühlenhoff j...@inutil.org schrieb: As discussed on debian-release some time ago security support for openjdk will be following upstream releases in the future. The openjdk7 packages available at http://people.debian.org/~jmm/ have seen initial testing and the testsuite results look good, but some advance testing more setups (including the web plugin) is needed before I'll release in a few days. Please send test feedback directly to jmm@debian with a short description of what you tested. I got precisely zero feedback. That saves me a lot of time: If noone is using Java, noone is affected and I can simply drop the packages... Cheers, Moritz I had planned to do some testing but haven't gotten around to it. I'll make some time today and get back to you later on. -- Kind regards Michael Sinax Platform - Scalable Django hosting http://www.sinaxplatform.com signature.asc Description: OpenPGP digital signature
Re: Testing needed: openjdk7 update for stable-security
On 07/12/2013 06:21 AM, Paul Wise wrote: It is more likely that people who are using OpenJDK on Debian wheezy aren't reading this list or are reading this list but not often enough to have responded in the last three days. It's exactly what I thought and I wonder why Moritz have not cced debian-u...@lists.debian.org. Anyway I'm going to test OpenJDK 7u25 with Eclipse 4.2.2 this weekend. I'm not sure that it will be valuable, but that is what I use daily. I have been happy with OpenJDK 7 from stable so far. Best regards Georgi -- To UNSUBSCRIBE, email to debian-security-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/51dfa9a1.8020...@oles.biz
Re: Testing needed: openjdk7 update for stable-security
On Fri, Jul 12, 2013 at 10:00:49AM +0300, Georgi Naplatanov wrote: Anyway I'm going to test OpenJDK 7u25 with Eclipse 4.2.2 this weekend. I'm not sure that it will be valuable, but that is what I use daily. I have been happy with OpenJDK 7 from stable so far. Best regards Georgi Why haven't you been happy with it? --- Henri Salo signature.asc Description: Digital signature
Re: Testing needed: openjdk7 update for stable-security
Le 11/07/2013 23:11, Moritz Mühlenhoff a écrit : Moritz Mühlenhoff j...@inutil.org schrieb: As discussed on debian-release some time ago security support for openjdk will be following upstream releases in the future. The openjdk7 packages available at http://people.debian.org/~jmm/ have seen initial testing and the testsuite results look good, but some advance testing more setups (including the web plugin) is needed before I'll release in a few days. Please send test feedback directly to jmm@debian with a short description of what you tested. I got precisely zero feedback. That saves me a lot of time: If noone is using Java, noone is affected and I can simply drop the packages... Cheers, Moritz I use openjdk7, for console acces in several web andministration tools (iKVM, iLO, iDrac, Proxmox, VMware...). Java Web plugin is a must have. OpenJDK does not work very well compare to Oracle version with theses console applets, but we need to improve that. -- To UNSUBSCRIBE, email to debian-security-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/51e0390c.5000...@nuagelibre.org
debian7 compromised (rk)
Hi all :-) First of all sorry for my english. 2 day ago a hacker crow (BALUARI TEAM) with brute forces programs has compromised my debian 7, changes root password and installed a rootkit. last root pts/031.14.106.154Mon Jul 1 12:28 - 12:28 (00:00) root pts/031.14.106.154Mon Jul 1 09:43 - 09:45 (00:01) (for router problem I start my server 2 days ago) /var/log/syslog Jul 11 06:26:01 server5 /USR/SBIN/CRON[4522]: (root) CMD (/root/Agent/update /dev/null 21) Immediately I see by netstat a connection: tcp 0 0 0.0.0.0:34600 0.0.0.0:* LISTEN - and tcp 0 0 192.168.1.250:55834 173.230.241.139:6667 ESTABLISHED - this IP: 173.230.241.139 is a Romanian VPS server with IRC server and 3 channels I connect to this channel and I known staff of hackers. Today I done a backup of this script that contains a huge list of server compromised. Later I re-install whole system. Can be usuful send this rk? thanks Pol -- To UNSUBSCRIBE, email to debian-security-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/51e08b8c.9080...@fuckaround.org