Re: java plugin, is does it have any security vulnerabilities ?
On Sat, 14 Jul 2012 21:54:09 +0100, dave selby wrote:
> i am running Debian stable (squeeze) and have java installed
> 6.26-osqueeze1 as a package.
>
> Firefox uses this package but when I asked it to check if plugins are up
> to date it says nope, need version 7...
Yes, the latest Oracle's Java version is now 7 (update 5).
> So am I right in thinking that v6.26 is old (and thus the advice to
> upgrade to 7) but does not have any known security vulnerabilities
> because it is part of stable ?
>
> Or have I missed something ?
I'm afraid the current Oracle's Java version in Squeeze is vulnerable.
You either switch to OpenJVM or manually install Oracle's Java 7 from
their site ;-(
More info:
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=646524
http://security-tracker.debian.org/tracker/source-package/sun-java6
Greetings,
--
Camaleón
Reply to: