This is not a "bug" thread, it's a discussion thread.<div><br></div><div>Yes, after updating to 1.7.0.7 open and closed jdk/jre 32/64bit that hole is closed. </div><div><br></div><div>Thanks.</div><div><br></div>
<div>Dan<br><br><div class="gmail_quote">On Mon, Sep 3, 2012 at 6:46 AM, Tristan Santore <span dir="ltr"><<a href="mailto:tristan.santore@internexusconnect.net" target="_blank">tristan.santore@internexusconnect.net</a>></span> wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div class="im">On 03/09/12 11:39, Įlvaro Castillo wrote:<br>
> You see these is Java but free. On Java always exist bugs, exploits,<br>
> trojans.... Difference Java Oracle between OpenJDK avoid one is<br>
> privative and other is free. Is speed fixing issues.<br>
><br>
> On Sep 3, 2012 6:17 AM, "Dan Mashal" <<a href="mailto:dan.mashal@gmail.com">dan.mashal@gmail.com</a><br>
</div><div class="im">> <mailto:<a href="mailto:dan.mashal@gmail.com">dan.mashal@gmail.com</a>>> wrote:<br>
><br>
> I think this is a bigger deal:<br>
><br>
> <a href="https://bugzilla.redhat.com/show_bug.cgi?id=852051" target="_blank">https://bugzilla.redhat.com/show_bug.cgi?id=852051</a><br>
><br>
> Dan<br>
><br>
> On Sun, Sep 2, 2012 at 9:23 AM, Jon <<a href="mailto:jdisnard@gmail.com">jdisnard@gmail.com</a><br>
</div><div class="im">> <mailto:<a href="mailto:jdisnard@gmail.com">jdisnard@gmail.com</a>>> wrote:<br>
><br>
> I believe the OP was referring to this (?):<br>
><br>
> <a href="http://www.f-secure.com/weblog/archives/00002400.html" target="_blank">http://www.f-secure.com/weblog/archives/00002400.html</a><br>
><br>
> It's from July, but I keep seeing the same news appear on<br>
> different sites.<br>
> I do believe they are all referring to the above link.<br>
> That is unless the kit has been taken, modified, adapted, evolved,<br>
> etc... into something new.<br>
><br>
><br>
> Best regards,<br>
> -Jon<br>
><br>
><br>
><br>
><br>
> On Sun, Sep 2, 2012 at 6:26 AM, Dan Mashal <<a href="mailto:dan.mashal@gmail.com">dan.mashal@gmail.com</a><br>
</div><div class="im">> <mailto:<a href="mailto:dan.mashal@gmail.com">dan.mashal@gmail.com</a>>> wrote:<br>
> > Really the only ways to get in are the following:<br>
> ><br>
> > 1) CVEs on the packages in the stable repo<br>
> > 2) Vulnerabilities in software such as web browsers<br>
> > 3) Sniffing unecnrypted data<br>
> > 4) dictionary attacks<br>
> > 5) network scanning/port vulnerabilities<br>
> > 6) Pushing out fake updates with back doors.<br>
> ><br>
> > Again, that was the god old days.<br>
> ><br>
> > Dan<br>
> ><br>
> ><br>
> > On Sun, Sep 2, 2012 at 4:22 AM, Įlvaro Castillo<br>
</div>> <<a href="mailto:netsys@fedoraproject.org">netsys@fedoraproject.org</a> <mailto:<a href="mailto:netsys@fedoraproject.org">netsys@fedoraproject.org</a>>><br>
<div class="im">> > wrote:<br>
> >><br>
> >> I think a lot vuln about DDos on kernel or software that can<br>
> solved with<br>
> >> update your system (built) patchs. And know about Java too<br>
> that can be<br>
> >> opened door for exploits and daemons runs on shadows. About<br>
> trojans on<br>
> >> Linux... dont know. All software is downloaded of repos or<br>
> .tar directly...<br>
> >> Maybe passes such as Debian with OpenSSL (never be sure.)<br>
> >><br>
> >> Is true that 100% is not exist on security. If you have<br>
> paranoia, try<br>
> >> OpenBSD, but remember, never be sure with something built by<br>
> human as have<br>
> >> said this.<br>
> >><br>
> >> On Sep 2, 2012 3:05 AM, "Danishka Navin" <<a href="mailto:danishka@gmail.com">danishka@gmail.com</a><br>
</div><div class="im">> <mailto:<a href="mailto:danishka@gmail.com">danishka@gmail.com</a>>> wrote:<br>
> >>><br>
> >>> Is this true? (for Linux)<br>
> >>><br>
> >>><br>
> <a href="http://news.efytimes.com/e1/89929/New-Trojan-Threatens-Mac-OS-X-Linux-Machines" target="_blank">http://news.efytimes.com/e1/89929/New-Trojan-Threatens-Mac-OS-X-Linux-Machines</a><br>
> >>><br>
> >>> Btw, I could not find any source other than this.<br>
> >>><br>
> >>> Thanks,<br>
> >>> --<br>
> >>> Danishka Navin<br>
> >>> <a href="http://danishkanavin.blogspot.com" target="_blank">http://danishkanavin.blogspot.com</a><br>
> >>> <a href="http://twitter.com/danishkanavin" target="_blank">http://twitter.com/danishkanavin</a><br>
> >>> <a href="http://www.flickr.com/photos/danishkanavin/" target="_blank">http://www.flickr.com/photos/danishkanavin/</a><br>
> >>><br>
> >>><br>
> >>><br>
><br>
><br>
> --<br>
><br>
> -Jon<br>
> --<br>
> ambassadors mailing list<br>
> <a href="mailto:ambassadors@lists.fedoraproject.org">ambassadors@lists.fedoraproject.org</a><br>
</div>> <mailto:<a href="mailto:ambassadors@lists.fedoraproject.org">ambassadors@lists.fedoraproject.org</a>><br>
<div class="im">> <a href="https://admin.fedoraproject.org/mailman/listinfo/ambassadors" target="_blank">https://admin.fedoraproject.org/mailman/listinfo/ambassadors</a><br>
><br>
><br>
><br>
> --<br>
> ambassadors mailing list<br>
> <a href="mailto:ambassadors@lists.fedoraproject.org">ambassadors@lists.fedoraproject.org</a><br>
</div>> <mailto:<a href="mailto:ambassadors@lists.fedoraproject.org">ambassadors@lists.fedoraproject.org</a>><br>
<div class="im">> <a href="https://admin.fedoraproject.org/mailman/listinfo/ambassadors" target="_blank">https://admin.fedoraproject.org/mailman/listinfo/ambassadors</a><br>
><br>
><br>
><br>
> --<br>
> ambassadors mailing list<br>
> <a href="mailto:ambassadors@lists.fedoraproject.org">ambassadors@lists.fedoraproject.org</a><br>
> <a href="https://admin.fedoraproject.org/mailman/listinfo/ambassadors" target="_blank">https://admin.fedoraproject.org/mailman/listinfo/ambassadors</a><br>
</div>These issues are now fixed. packages have just been pushed out, so<br>
please can be now close this thread. It is not in the right place any way.<br>
<br>
Thank you.<br>
<div class="im HOEnZb"><br>
Regards,<br>
Tristan<br>
<br>
--<br>
Tristan Santore BSc MBCS<br>
TS4523-RIPE<br>
Network and Infrastructure Operations<br>
InterNexusConnect<br>
Mobile <a href="tel:%2B44-78-55069812" value="+447855069812">+44-78-55069812</a><br>
<a href="mailto:Tristan.Santore@internexusconnect.net">Tristan.Santore@internexusconnect.net</a><br>
<br>
Former Thawte Notary<br>
(Please note: Thawte has closed its WoT programme down,<br>
and I am therefore no longer able to accredit trust)<br>
<br>
For Fedora related issues, please email me at:<br>
<a href="mailto:TSantore@fedoraproject.org">TSantore@fedoraproject.org</a><br>
</div><div class="HOEnZb"><div class="h5">--<br>
ambassadors mailing list<br>
<a href="mailto:ambassadors@lists.fedoraproject.org">ambassadors@lists.fedoraproject.org</a><br>
<a href="https://admin.fedoraproject.org/mailman/listinfo/ambassadors" target="_blank">https://admin.fedoraproject.org/mailman/listinfo/ambassadors</a></div></div></blockquote></div><br></div>