Java exploit, the inevitable question

Myriam Schweingruber myriam at kde.org
Tue Jan 15 19:03:12 UTC 2013


On Tue, Jan 15, 2013 at 4:40 PM, Gene Heskett <gheskett at wdtv.com> wrote:
> Greetings all;
>
> All this hoorah about disabling Java seems like it should have by now,
> generated the question of whether or not iced-tea is also vulnerable.
> Since the 10.04.4 approved version of FF doesn't have the ability to kill
> it all, we'ed have to disable about 20 calls in edit/prefs/applications in
> order to effect a kill.
>
> But I am confused.  FF is saying its using iced tea, but when I look at
> /etc/alternatives, it all looks like real java?
>
> So, do we need to butcher that or ???


Not at all, the exploit is only the the Oracle Java, and only applies
on Windows systems. And even then, Oracle has already fixed it AFAIK.


Regards, Myriam
-- 
Proud member of the Amarok and KDE Community
Protect your freedom and join the Fellowship of FSFE:
http://www.fsfe.org
Please don't send me proprietary file formats,
use ISO standard ODF instead (ISO/IEC 26300)




More information about the kubuntu-users mailing list