There has been much 'noise' about Oracle java zero-day attack lately.
Since Mint uses opensource java & icedtea instead - should I be concerned at all?
Oracle java zero-day attack
Forum rules
There are no such things as "stupid" questions. However if you think your question is a bit stupid, then this is the right place for you to post it. Stick to easy to-the-point questions that you feel people can answer fast. For long and complicated questions use the other forums in the support section.
Before you post read how to get help. Topics in this forum are automatically closed 6 months after creation.
There are no such things as "stupid" questions. However if you think your question is a bit stupid, then this is the right place for you to post it. Stick to easy to-the-point questions that you feel people can answer fast. For long and complicated questions use the other forums in the support section.
Before you post read how to get help. Topics in this forum are automatically closed 6 months after creation.
Oracle java zero-day attack
Last edited by LockBot on Wed Dec 28, 2022 7:16 am, edited 1 time in total.
Reason: Topic automatically closed 6 months after creation. New replies are no longer allowed.
Reason: Topic automatically closed 6 months after creation. New replies are no longer allowed.
Re: Oracle java zero-day attack
That attacks are on Oracle Java, so you wouldn't be immediately at risk with OpenJDK and IcedTea that you are using. However, Java being Java, probably any implementation has security issues. I'd recommend you disable or remove IcedTea from your web browser (Firefox > Tools > Add-ons > Plugins). Don't run Java in your browser, or if you do use an extension like NoScript so only websites that you have allowed will be able to use Java.
To remove IcedTea from your browser, open a terminal and run the following command to completely remove IcedTea:
To remove IcedTea from your browser, open a terminal and run the following command to completely remove IcedTea:
Code: Select all
sudo apt-get --purge autoremove icedtea-*
Re: Oracle java zero-day attack
I haven't found a definitive answer to this question since there seems to be so many related questions.
** Does openjdk / icedtea have the same vulnerability?
** Is it specific to only Java7 or is Java6 also affected?
I do not have the answer but if you go to the following site it will check what version Oracle ( and presumably any evil-doer ) thinks you are running:
http://www.java.com/en/download/testjava.jsp
On Mint14 it will come back with:
** Does openjdk / icedtea have the same vulnerability?
** Is it specific to only Java7 or is Java6 also affected?
I do not have the answer but if you go to the following site it will check what version Oracle ( and presumably any evil-doer ) thinks you are running:
http://www.java.com/en/download/testjava.jsp
On Mint14 it will come back with:
On Mint13 it will come back with:Java SE 7 Update 09
You can always disable the plugin in Firefox: Tools > Addons > Plugins > IcedTea > Disable. You can go back to the link above and retest it to see if it gives you a "This Plugin is Disabled" error.Java SE 6 Update 24
Please add a [SOLVED] at the end of your original subject header if your question has been answered and solved.
Re: Oracle java zero-day attack
Thank you.
Unfortunately in Denmark we are all forced to use java, since we otherwise could not use on-line banking or log on to government sites.
I do use NoScript though, so I should be OK.
Unfortunately in Denmark we are all forced to use java, since we otherwise could not use on-line banking or log on to government sites.
I do use NoScript though, so I should be OK.