Re: java plugin, is does it have any security vulnerabilities ?
> Hi All,
>
> i am running Debian stable (squeeze) and have java installed
> 6.26-osqueeze1 as a package.
>
> Firefox uses this package but when I asked it to check if plugins are
> up to date it says nope, need version 7...
>
> So am I right in thinking that v6.26 is old (and thus the advice to
> upgrade to 7) but does not have any known security vulnerabilities
> because it is part of stable ?
Are you using the Debian-provided "sun-java6-plugin" package?
My understanding is that this package is no longer updated by Debian,
because of licensing restrictions introduced by Oracle affecting
redistribution. There is no Debian-packaged Sun Java VM newer than 6u26.
You can switch to OpenJDK, or remove your sun-java6 packages and install
the JRE from the Oracle-provided binaries.
-- A.
--
Andrew Reid / reidac@bellatlantic.net
Reply to: