Am Mi, den 15.06.2005 schrieb Captain Bubudiu um 21:21: > What is the "official line"? Are we getting an update > from Fedora through yum? (Presumably a redhat dude > should be in the know.) The official guideline - as stated in the FC4 release notes - is to use www.jpackage.org (non-free section) and to rpmbuild the Java engine RPM from the non source containing SRC.RPM there. You will have to get the self-extracting binary from java.sun.com manually. There will be no update for Fedora through the default yum / up2date - simply because Sun's Java isn't part of Fedora, and this due to it's license. To make it clear: I posted the info here, because I think a majority of people running Fedora too have Sun's Java installed - whichever way they did the install. And as said, like no official update or announcement would happen I felt it was a good thing to inform list readers about the severe security issue. > Alexander as you are always asking for CVE numbers > what is the CVE id for this issue? Have you considered > filing a bug report? I posted Sun's official notification with my initial posting. > Captain Bubudiu Alexander -- Alexander Dalloz | Enger, Germany | GPG http://pgp.mit.edu 0xB366A773 legal statement: http://www.uni-x.org/legal.html Fedora Core 2 GNU/Linux on Athlon with kernel 2.6.11-1.27_FC2smp Serendipity 21:52:25 up 22 days, 20:30, load average: 0.06, 0.11, 0.09
Attachment:
signature.asc
Description: Dies ist ein digital signierter Nachrichtenteil