On Sunday 09 August 2009 01:22:28 am Matthew Toseland wrote:
> Anyone running Freenet must upgrade to at least Sun Java 6 Update 15 or Sun
> Java 5 Update 20.
> Until you are able to do this, please shut down anything that parses XML,
> specifically: - Do not use the search function (XMLLibrarian).
> - Unload the WoT and Freetalk plugins if you are using them. Likewise with
> Library etc. - Do not use Thaw. Shut it down if it is running.
> Other applications may also be vulnerable via the Python libexpat and
> Apache Xerces libraries, so you should update your distribution ASAP.
> However, not all applications that process XML are vulnerable as there are
> a number of XML parsers.
> This concerns both denial of service and remote code execution and thus is
> a *SEVERE* vulnerability.
> I will be putting out a new build ASAP, which will tell any users who
> haven't upgraded to upgrade and will disable XMLLibrarian until they do so.
> http://www.cert.fi/en/reports/2009/vulnerability2009085.html

I am using ubuntu 8.04

There is an easy way in ubuntu to upgrade packages.

Open a terminal and run


Then click Install Updates

I just did that, but I only get sun-java6 update 14 (6-14-0ubuntu)

I also checked if Freenet 1228 had been automatic updated, but it had not, so 
I ran:

cd Freenet


and now 1228 is running (instead of 1223)

But my Freenet still complains about updating sun-java

I can inform, that I also did an upgrade on another machine running ubuntu 
9.04, and this also is running sun-java6 update 14 (6-14-0ubuntu)
Support mailing list
Unsubscribe at http://emu.freenetproject.org/cgi-bin/mailman/listinfo/support
Or mailto:support-requ...@freenetproject.org?subject=unsubscribe

Reply via email to