[Mageia-discuss] Current java plugin with security hole?
molch.b at googlemail.com
Thu Mar 29 09:22:21 CEST 2012
According to the article "Critical Java hole being exploited on a
large scale" there is a hole which is heavily exploited.
The hole that was patched by Oracle in mid-February allows malicious
code to breach the Java sandbox and permanently anchor itself in a
system. Varying types of malware have been injected; for example, it
is believed that the hole has been exploited to deploy the ZeuS
The page gives a link to a test routine at java.com where you can test
which version is installed on your machine. For my Mageia 1
installation with firefox the test shows "Your Java version: Version
6 Update 26" - which matches the installed package
Recommended is "version 6 update 31". But this is not available yet at Mageia.
- will there be a security related update for Mageia 1?
- if not, should we use the recommended newer version from java.com
(rpm packages available for 32 and 64 bit)
More information about the Mageia-discuss