Those of us who are also running Windows are receiving Warnings about Java. "With nearly every news outlet — along with the U.S. Department of Homeland Security — calling for its removal from PCs, who wouldn't worry about running Java on their computer?"
Is this warning applicable to those of us running Linux Distros with Firefox, Chrome, and other browsers, or will the uniqueness of Linux protect us from Java problems?? I'm running LMDE.
Thanks,
tlcmd (aka Dick)
Java Security Warning
Forum rules
LMDE 2 has reached end of support as of 1-1-2019
LMDE 2 has reached end of support as of 1-1-2019
Java Security Warning
Last edited by LockBot on Wed Dec 28, 2022 7:16 am, edited 2 times in total.
Reason: Topic automatically closed 6 months after creation. New replies are no longer allowed.
Reason: Topic automatically closed 6 months after creation. New replies are no longer allowed.
Re: Java Security Warning
Yes that warning is applicable to ALL users who use Java, regardless of operating system. Java is cross-platform.
Re: Java Security Warning
Its applicable if you have installed Oracle Java. By default Linux Mint Main Edition comes with OpenJDK, and I gather also LMDE does? That's something else than Oracle Java that has the Windows world in a fit. If you are concerned about Java security risks, you need not remove Java but like the rest of us you could consider removing Java support from your web browser.
IcedTea is the Java web client for OpenJDK, so you can on LMDE probably also use the command here to remove it: http://forums.linuxmint.com/viewtopic.p ... 55#p660774
IcedTea is the Java web client for OpenJDK, so you can on LMDE probably also use the command here to remove it: http://forums.linuxmint.com/viewtopic.p ... 55#p660774
Re: Java Security Warning
Visit about://plugins. Disable the Java plugin there (Chrome), or Tools -> Addons -> Plugins (Firefox).http://dottech.org/94112/latest-version ... o-experts/
JANUARY 20, 2013
According to two security firms, Trend Micro and Immunity Inc., the most recently discovered Java exploit (the one that hit the headlines on Jan 10) was due to two vulnerabilities in Java. The most recent patch issued by Oracle on Jan 14 (Java 7u11, Java 6u37, Java 5u38, and Java 4u40) patched only one of the vulnerabilities. Both firms independently came to this conclusion (meaning they both studied the patch and figured this out)
more info: http://forums.linuxmint.com/viewtopic.php?f=47&t=122731
It seems to be a problem for openjdk, too.xenopeek wrote:Its applicable if you have installed Oracle Java. By default Linux Mint Main Edition comes with OpenJDK
http://security.stackexchange.com/quest ... dk-icedtea
Java 7 and OpenJDK share a lot of common code, so, as a general rule, security issues in Java 7 also apply to OpenJDK. In that specific case, it seems that the vulnerability was reported in the Debian OpenJDK package, so yes, they are vulnerable. See this question on another stackexchange site.
Re: Java Security Warning
True, Oracle 7 is based on OpenJDK 7. I gather it is Oracle that adds the security issues... But yes, removing the Java web client or disabling Java in your browser is recommended if you are concerned about this.
Also, adding to the above, if you do need Java for some websites and you can't switch to alternatives (some banks are using Java web clients for their home banking), install NoScript for Firefox (perhaps also available on other browsers). This will allow you to block all Java / Flash / JavaScript code on all websites, and lets you create a whitelist of the websites that are allowed to use that kind of code as an exception to the rule to block all.
Also, adding to the above, if you do need Java for some websites and you can't switch to alternatives (some banks are using Java web clients for their home banking), install NoScript for Firefox (perhaps also available on other browsers). This will allow you to block all Java / Flash / JavaScript code on all websites, and lets you create a whitelist of the websites that are allowed to use that kind of code as an exception to the rule to block all.