icedtea-web installed and enabled by default in Fedora 19

Przemek Klosowski przemek.klosowski at
Wed Jun 19 17:01:38 UTC 2013

On 06/19/2013 01:29 AM, Dhiru Kholia wrote:

> Some recent news,
> "The majority are vulnerable through browser plugins, 11 of which are
> exploitable for complete control of the underlying operating system,"
> said Ross Barrett, senior manager of security engineering at Rapid7.

Not that I am stepping up to defend Java plugins, but let's not be 
overly alarmist here. TheReg's article indeed points out some severe 
vulnerabilities, but they should not be 'exploitable for complete 
control of the underlying operating system' unless there is another 
vulnerability, e.g. in the kernel.

The quote above is from another article, and in my personal opinion it 
is overly shrill. As a general observation, security companies might 
just have a slight bias hyping up threats, but not to worry because they 
can also offer inexpensive and convenient solutions.

More information about the devel mailing list