[Mageia-discuss] Current java plugin with security hole?

Wolfgang Bornath molch.b at googlemail.com
Thu Mar 29 09:22:21 CEST 2012

According to the article "Critical Java hole being exploited on a
large scale" there is a hole which is heavily exploited.

The hole that was patched by Oracle in mid-February allows malicious
code to breach the Java sandbox and permanently anchor itself in a
system. Varying types of malware have been injected; for example, it
is believed that the hole has been exploited to deploy the ZeuS

The page gives a link to a test routine at java.com where you can test
which version is installed on your machine. For my Mageia 1
installation with firefox the test shows  "Your Java version: Version
6 Update 26" - which matches the installed package

Recommended is "version 6 update 31". But this is not available yet at Mageia.

 - will there be a security related update for Mageia 1?
 - if not, should we use the recommended newer version from java.com
(rpm packages available for 32 and 64 bit)


More information about the Mageia-discuss mailing list