[Ambassadors] New Trojan Threatens Mac OS X, Linux Machines

Dan Mashal dan.mashal at gmail.com
Mon Sep 3 13:47:55 UTC 2012 

This is not a "bug" thread, it's a discussion thread.

Yes, after updating to 1.7.0.7 open and closed jdk/jre 32/64bit that hole
is closed.

Thanks.

Dan

On Mon, Sep 3, 2012 at 6:46 AM, Tristan Santore <
tristan.santore at internexusconnect.net> wrote:

> On 03/09/12 11:39, Álvaro Castillo wrote:
> > You see these is Java but free. On Java always exist bugs, exploits,
> > trojans.... Difference Java Oracle between OpenJDK avoid one is
> > privative and other is free. Is speed fixing issues.
> >
> > On Sep 3, 2012 6:17 AM, "Dan Mashal" <dan.mashal at gmail.com
> > <mailto:dan.mashal at gmail.com>> wrote:
> >
> >     I think this is a bigger deal:
> >
> >     https://bugzilla.redhat.com/show_bug.cgi?id=852051
> >
> >     Dan
> >
> >     On Sun, Sep 2, 2012 at 9:23 AM, Jon <jdisnard at gmail.com
> >     <mailto:jdisnard at gmail.com>> wrote:
> >
> >         I believe the OP was referring to this (?):
> >
> >         http://www.f-secure.com/weblog/archives/00002400.html
> >
> >         It's from July, but I keep seeing the same news appear on
> >         different sites.
> >         I do believe they are all referring to the above link.
> >         That is unless the kit has been taken, modified, adapted,
> evolved,
> >         etc... into something new.
> >
> >
> >         Best regards,
> >         -Jon
> >
> >
> >
> >
> >         On Sun, Sep 2, 2012 at 6:26 AM, Dan Mashal <dan.mashal at gmail.com
> >         <mailto:dan.mashal at gmail.com>> wrote:
> >         > Really the only ways to get in are the following:
> >         >
> >         > 1) CVEs on the packages in the stable repo
> >         > 2)  Vulnerabilities in software such as web browsers
> >         > 3) Sniffing unecnrypted data
> >         > 4) dictionary attacks
> >         > 5) network scanning/port vulnerabilities
> >         > 6) Pushing out fake updates with back doors.
> >         >
> >         > Again, that was the god old days.
> >         >
> >         > Dan
> >         >
> >         >
> >         > On Sun, Sep 2, 2012 at 4:22 AM, Álvaro Castillo
> >         <netsys at fedoraproject.org <mailto:netsys at fedoraproject.org>>
> >         > wrote:
> >         >>
> >         >> I think a lot vuln about DDos on kernel or software that can
> >         solved with
> >         >> update your system (built) patchs. And know about Java too
> >         that can be
> >         >> opened door for exploits and daemons runs on shadows. About
> >         trojans on
> >         >> Linux... dont know. All software is downloaded of repos or
> >         .tar directly...
> >         >> Maybe passes such as Debian with OpenSSL (never be sure.)
> >         >>
> >         >> Is true that 100% is not exist on security. If you have
> >         paranoia, try
> >         >> OpenBSD, but remember, never be sure with something built by
> >         human as have
> >         >> said this.
> >         >>
> >         >> On Sep 2, 2012 3:05 AM, "Danishka Navin" <danishka at gmail.com
> >         <mailto:danishka at gmail.com>> wrote:
> >         >>>
> >         >>> Is this true? (for Linux)
> >         >>>
> >         >>>
> >
> http://news.efytimes.com/e1/89929/New-Trojan-Threatens-Mac-OS-X-Linux-Machines
> >         >>>
> >         >>> Btw, I could not find any source other than this.
> >         >>>
> >         >>> Thanks,
> >         >>> --
> >         >>> Danishka Navin
> >         >>> http://danishkanavin.blogspot.com
> >         >>> http://twitter.com/danishkanavin
> >         >>> http://www.flickr.com/photos/danishkanavin/
> >         >>>
> >         >>>
> >         >>>
> >
> >
> >         --
> >
> >         -Jon
> >         --
> >         ambassadors mailing list
> >         ambassadors at lists.fedoraproject.org
> >         <mailto:ambassadors at lists.fedoraproject.org>
> >         https://admin.fedoraproject.org/mailman/listinfo/ambassadors
> >
> >
> >
> >     --
> >     ambassadors mailing list
> >     ambassadors at lists.fedoraproject.org
> >     <mailto:ambassadors at lists.fedoraproject.org>
> >     https://admin.fedoraproject.org/mailman/listinfo/ambassadors
> >
> >
> >
> > --
> > ambassadors mailing list
> > ambassadors at lists.fedoraproject.org
> > https://admin.fedoraproject.org/mailman/listinfo/ambassadors
> These issues are now fixed. packages have just been pushed out, so
> please can be now close this thread. It is not in the right place any way.
>
> Thank you.
>
> Regards,
> Tristan
>
> --
> Tristan Santore BSc MBCS
> TS4523-RIPE
> Network and Infrastructure Operations
> InterNexusConnect
> Mobile +44-78-55069812
> Tristan.Santore at internexusconnect.net
>
> Former Thawte Notary
> (Please note: Thawte has closed its WoT programme down,
> and I am therefore no longer able to accredit trust)
>
> For Fedora related issues, please email me at:
> TSantore at fedoraproject.org
> --
> ambassadors mailing list
> ambassadors at lists.fedoraproject.org
> https://admin.fedoraproject.org/mailman/listinfo/ambassadors
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.fedoraproject.org/pipermail/ambassadors/attachments/20120903/4f20471c/attachment.html>

More information about the ambassadors mailing list