On Friday 29 August 2008, Rahul Sundaram wrote:
>Gene Heskett wrote:
>> And the simple fact that those of us who want a working java are going to
>> the sun site, getting the latest jre and installing it, never again to
>> click on an ICED TEA update in yumex. Really, I think that says it all.
>> You for legal reasons are defending an emasculated version, but the final
>> say on what gets run is us, its our machine. Sue us? I doubt it. :)
>
>It is not iced tea now. It is called OpenJDK and that is a certified
>Java from Sun. I won't sue for getting the details wrong ;-)
>
>Rahul
Oh? From my yumex screen (F8 install)
java-1.7.0-icedtea
jave-1.7.0-icedtea-plugin
and from an rpm -qa|grep java
java-1.7.0-icedtea-1.7.0.0-0.19.b21.snapshot.fc8
java-1.5.0-gcj-1.5.0.0-17.fc8
tzdata-java-2008d-1.fc8
glib-java-0.2.6-10.fc8
java_cup-0.10-0.k.6jpp.1
java-1.7.0-icedtea-plugin-1.7.0.0-0.19.b21.snapshot.fc8
Humm, I may be wrong about not having icedtea
[root@coyote ~]# which java
/usr/bin/java
[root@coyote ~]# ls -l `which java`
lrwxrwxrwx 1 root root 22 2008-03-31
19:34 /usr/bin/java -> /etc/alternatives/java
[root@coyote ~]# ls -l /etc/alternatives/java/
ls: cannot access /etc/alternatives/java/: Not a directory
[root@coyote ~]# ls -l /etc/alternatives/java
lrwxrwxrwx 1 root root 39 2008-03-31
19:41 /etc/alternatives/java -> /usr/lib/jvm/jre-1.7.0-icedtea/bin/java
However, from FF's about:plugins, I get this:
Java(TM) Plug-in 1.6.0_06-b02
File name: /usr/java/jre1.6.0_06/plugin/i386/ns7/libjavaplugin_oji.so
Java(TM) Plug-in 1.6.0_06
So, do I need to replace that link? By installing the yumex offerings and
bearing in mind that I long since gave up trying to keep up with every new
browser version having its own plugins dir, created one & put all the plugins
there, and linked all the other browsername/plugins to it?
In that case, is it safe to do so since updates are not yet flowing? Those
are old packages that have been sitting there for a month or more.
A side note, we (my local group of friends) have found a blog
<http://blogs.zdnet.com/security/?p=1803&tag=nl.e539> that gives a few hints
on finding out if we too have been infected. According to it, no systems
here are. The point being that the extreme privacy this has been kept under
has now been exposed, letting the horse out of the barn so to speak, and this
list deserves more candor from its 'parent' regarding it. We had been led to
believe this was only a debian problem because of the speedup shortcut in the
random number section of the code supposedly only they used. If this is a
different exploit, then we need to know. We aren't above pulling in the
src's and building our own you know, however my reading that code is not
going to tell me if its safe, so I've told the one in my local group who was
going to do that to hold off another day or so... His exposure to an exploit
is 100x that of mine, so lets see some activity of some kind other than take
a potato and wait. We are beginning to need a second potato to stave off the
hunger here.
--
Cheers, Gene
"There are four boxes to be used in defense of liberty:
soap, ballot, jury, and ammo. Please use in that order."
-Ed Howdershelt (Author)
What will you do if all your problems aren't solved by the time you die?
--
fedora-list mailing list
fedora-list@xxxxxxxxxx
To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list
Guidelines: http://fedoraproject.org/wiki/Communicate/MailingListGuidelines
