Re: There is a DoS vulnerability in Java 1.4 (URL)
On Thu, Jul 15, 2004 at 11:28:20PM +0200, Andreas Tille wrote:
> On Thu, 15 Jul 2004, Finn-Arne Johansen wrote:
> > > For those ignorant people like me: Could you please post the URL / sources.list
> > > entry to get a recent JRE 1.4.x ? I never realized that there is something except
> > > of Blackdown and the packages there are not up to date.
> > http://java.sun.com/j2se/1.4.2/index.jsp
> Yes - and my question was: Are there any Debian-packages from this which
> handle alternatives etc nicely?
They had to be build first, right ?
> > The reason for us to use j2re1.4 from sun and not blackdown, is that
> > the version from sun does work with woody _and_ mozilla.
> Yes - there are even more issues which can force you to this non-free
> stuff, unfortunately. :-(
Well, Blackdown is also non-free.
Java is not Open Source, and I guess it never will be ...
> > I'm in the process of downloading right now, and will try to build
> > later tonight.
> Does mean "build" = "build inofficial Debian packages and make them
> available anywhere in public"?
Yes. They will end up in our woody local apt source, and there will be
a DESA around.
I guess the package now has ended up in our woody-test apt-source, but
you may fetch it from
deb http://ftp.skolelinux.no/ ~finnarne/mozilla/
deb-src http://ftp.skolelinux.no/ ~finnarne/mozilla/
Please test, and report back at