Re: Testing needed for openjdk-6 security updates

To: Lisi Reisz <lisi.reisz@gmail.com>
Cc: debian-user@lists.debian.org, Moritz Mühlenhoff <jmm@inutil.org>, debian-security@lists.debian.org
Subject: Re: Testing needed for openjdk-6 security updates
From: Moritz Mühlenhoff <jmm@inutil.org>
Date: Mon, 22 Jul 2013 23:36:11 +0200
Message-id: <[🔎] 20130722213611.GA5165@pisco.westfalen.local>
In-reply-to: <[🔎] 201307222219.00358.lisi.reisz@gmail.com>
References: <[🔎] 20130716214323.GA6398@pisco.westfalen.local> <[🔎] slrnkuno2g.4fn.jmm@inutil.org> <[🔎] 201307222219.00358.lisi.reisz@gmail.com>

On Mon, Jul 22, 2013 at 10:19:00PM +0100, Lisi Reisz wrote:
> On Sunday 21 July 2013 14:21:20 Moritz Mühlenhoff wrote:
> > Moritz Muehlenhoff <jmm@debian.org> schrieb:
> > > As discussed on debian-release some time ago security support
> > > for openjdk will be following upstream releases in the future.
> > >
> > > The packages for openjdk are generally ready, but I don't use
> > > Java myself. As such I need some additional real world testing
> > > before I'll release them through security.debian.org
> >
> > In case anyone's wondering why there's no DSA yet: Noone bothered
> > to test.
> >
> > Cheers,
> >         Moritz
> 
> I am willing, indeed happy to test for you; but I have no idea what you want 
> us to do.  What does testing it involve?  Using it, of course; but I wouldn't 
> know how to use it.  I know that many on this list are very knowledgeable and 
> would know, but they may be too busy.  I can find time and would like to 
> help: I do far too little for the community.  But I am also an ignoramus when 
> it comes to the details of Java.  

If you currently run any application using Java (i.e. depending on openjdk-6-jre
or openjdk-6-jdk), simply install the updated packages and simply continue to
use that app. If everything breaks, please tell. If not, please tell as well.
 
If especially interested in feedback on the browser plugin. I'm pretty confident
no app will break with the base packages, but especially for oldstable the
version bump is significant.

> Does "test" mean spending an uncomfortable amount of time on YouTube?? ;-)  I 
> don't consciously use Java much, and would not know how to set about doing 
> so - except by trying to create a booklist and index for a publication in 
> OpenOffice.org.

The Youtube plugins don't use Java, so that's not a sufficient test case.

> I could, of course test to see if I get the same circular dependancy as Rob 
> Owens.

Feeding all the debs you've installed into a single dpkg -i invocation should
fix that (that's what apt would do for you if you install the packages from
security.debian.irg).

You can figure out the currently installed java Version by running

dpkg --list | grep 6b27-1.12

Then you can download all the respective debs and execute

dpkg -i x.deb y.deb

Cheers,
        Moritz

Reply to:

References:
- Testing needed for openjdk-6 security updates
  - From: Moritz Muehlenhoff <jmm@debian.org>
- Re: Testing needed for openjdk-6 security updates
  - From: Moritz Mühlenhoff <jmm@inutil.org>
- Re: Testing needed for openjdk-6 security updates
  - From: Lisi Reisz <lisi.reisz@gmail.com>

Prev by Date: Wheezy cdrom dvd tray opens randomly
Next by Date: Re: wheezy keyboard shortcuts w/ lxde
Previous by thread: Re: Testing needed for openjdk-6 security updates
Next by thread: Re: Testing needed for openjdk-6 security updates
Index(es):
- Date
- Thread