Java and openjdk

Gene Heskett gene.heskett at verizon.net
Fri Aug 29 14:38:40 UTC 2008 

On Friday 29 August 2008, Rahul Sundaram wrote:
>Gene Heskett wrote:
>> And the simple fact that those of us who want a working java are going to
>> the sun site, getting the latest jre and installing it, never again to
>> click on an ICED TEA update in yumex.  Really, I think that says it all. 
>> You for legal reasons are defending an emasculated version, but the final
>> say on what gets run is us, its our machine.  Sue us?  I doubt it. :)
>
>It is not iced tea now. It is called OpenJDK and that is a certified
>Java from Sun.  I won't sue for getting the details wrong ;-)
>
>Rahul

Oh?  From my yumex screen (F8 install)
java-1.7.0-icedtea
jave-1.7.0-icedtea-plugin

and from an rpm -qa|grep java
java-1.7.0-icedtea-1.7.0.0-0.19.b21.snapshot.fc8
java-1.5.0-gcj-1.5.0.0-17.fc8
tzdata-java-2008d-1.fc8
glib-java-0.2.6-10.fc8
java_cup-0.10-0.k.6jpp.1
java-1.7.0-icedtea-plugin-1.7.0.0-0.19.b21.snapshot.fc8

Humm, I may be wrong about not having icedtea
[root at coyote ~]# which java
/usr/bin/java
[root at coyote ~]# ls -l `which java`
lrwxrwxrwx 1 root root 22 2008-03-31 
19:34 /usr/bin/java -> /etc/alternatives/java
[root at coyote ~]# ls -l /etc/alternatives/java/
ls: cannot access /etc/alternatives/java/: Not a directory
[root at coyote ~]# ls -l /etc/alternatives/java
lrwxrwxrwx 1 root root 39 2008-03-31 
19:41 /etc/alternatives/java -> /usr/lib/jvm/jre-1.7.0-icedtea/bin/java

However, from FF's about:plugins, I get this:
Java(TM) Plug-in 1.6.0_06-b02

    File name: /usr/java/jre1.6.0_06/plugin/i386/ns7/libjavaplugin_oji.so
    Java(TM) Plug-in 1.6.0_06

So, do I need to replace that link?  By installing the yumex offerings and 
bearing in mind that I long since gave up trying to keep up with every new 
browser version having its own plugins dir, created one & put all the plugins 
there, and linked all the other browsername/plugins to it?

In that case, is it safe to do so since updates are not yet flowing?  Those 
are old packages that have been sitting there for a month or more.

A side note, we (my local group of friends) have found a blog
<http://blogs.zdnet.com/security/?p=1803&tag=nl.e539> that gives a few hints 
on finding out if we too have been infected.  According to it, no systems 
here are.  The point being that the extreme privacy this has been kept under 
has now been exposed, letting the horse out of the barn so to speak, and this 
list deserves more candor from its 'parent' regarding it.  We had been led to 
believe this was only a debian problem because of the speedup shortcut in the 
random number section of the code supposedly only they used.  If this is a 
different exploit, then we need to know.  We aren't above pulling in the 
src's and building our own you know, however my reading that code is not 
going to tell me if its safe, so I've told the one in my local group who was 
going to do that to hold off another day or so...  His exposure to an exploit 
is 100x that of mine, so lets see some activity of some kind other than take 
a potato and wait.  We are beginning to need a second potato to stave off the 
hunger here.

-- 
Cheers, Gene
"There are four boxes to be used in defense of liberty:
 soap, ballot, jury, and ammo. Please use in that order."
-Ed Howdershelt (Author)
What will you do if all your problems aren't solved by the time you die?

More information about the fedora-list mailing list