Re: java plugin, is does it have any security vulnerabilities ?

To: debian-user@lists.debian.org
Subject: Re: java plugin, is does it have any security vulnerabilities ?
From: Camaleón <noelamac@gmail.com>
Date: Sun, 15 Jul 2012 13:34:43 +0000 (UTC)
Message-id: <[🔎] jtugtj$83b$5@dough.gmane.org>
References: <[🔎] CA+-BTTyV4CYL2Mp0W-wR1FN6waP_kv41ry2R9aiTO95bqY77+g@mail.gmail.com>

On Sat, 14 Jul 2012 21:54:09 +0100, dave selby wrote:

> i am running Debian stable (squeeze) and have java installed
> 6.26-osqueeze1 as a package.
> 
> Firefox uses this package but when I asked it to check if plugins are up
> to date it says nope, need version 7...

Yes, the latest Oracle's Java version is now 7 (update 5).

> So am I right in thinking that v6.26 is old (and thus the advice to
> upgrade to 7) but does not have any known security vulnerabilities
> because it is part of stable ?
> 
> Or have I missed something ?

I'm afraid the current Oracle's Java version in Squeeze is vulnerable. 
You either switch to OpenJVM or manually install Oracle's Java 7 from 
their site ;-(

More info:

http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=646524
http://security-tracker.debian.org/tracker/source-package/sun-java6

Greetings,

-- 
Camaleón

Reply to:

References:
- java plugin, is does it have any security vulnerabilities ?
  - From: dave selby <dave6502@gmail.com>

Prev by Date: Re: Do ATI HD cards have good working drivers for Linux (Debian Squeeze in particular)
Next by Date: Re: t128_drv.so
Previous by thread: Re: java plugin, is does it have any security vulnerabilities ?
Next by thread: Debian on a 32G USB flashdrive
Index(es):
- Date
- Thread