icedtea-web installed and enabled by default in Fedora 19

Rahul Sundaram metherid at
Mon Jun 17 19:42:11 UTC 2013


On Mon, Jun 17, 2013 at 3:26 PM, Dan Mashal wrote:

> There is no way in hell anyone here is going to fix the security holes
> in Java (open or closed).
> The only way to avoid the security holes caused by java is to not use it.

That is too extreme.  It is certainly possible to fix security issues in
IcedTea and OpenJDK.  Otherwise Fedora wouldn't be including it in the
distribution and building a lot of packages using openJDK.   If we don't
include IcedTea by default and there are future security issues, it still
needs to be fixed but the chances of it affecting users are reduced
however  we might be creating problems for users who are relying on
IcedTea-Web to do their banking or other critical tasks and IcedTea-Web is
not easily installable via the Firefox plugin search and it is a entirely
un-obvious name for users to install using the package manager.   Not a lot
of people understand that Java applet source was never open sourced by Sun
or Oracle and is not part of the OpenJDK project.   If we can fix Firefox
to install IcedTea on demand, that would be great.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <>

More information about the devel mailing list