Re: [GNU-linux-libre] Important security update for all Java implementations

[Jaromil]

On Wed, 18 Apr 2012, Karl Goetz wrote:

> On Wed, 11 Apr 2012 11:33:12 -0400
> Brett Smith <address@hidden> wrote:
> 
> > You might've heard about the malware for Mac called Flashback.  It
> > spreads via a vulnerability in Java implementations.  OpenJDK and
> > IcedTea, which include Java code from Sun/Oracle, were vulnerable
> > as well.  Please make sure Java implementations in your
> > distributions are patched to fix this vulnerability, and publish
> > updates as appropriate.
> 
> Since no one else asked: What makes this vulnerability something we
> should all jump on rather then any of the other major exploits that
> appear in our software from time to time? I hardly think 'its
> infecting macs' is a particularly good reason ...

its a limit in attention span, information sources and
experience.. internet is full of buzzing and buzzwords and spam
filters are not enough, the thing is getting as difficult as doing
ninjitsu. on a side note, after 15 years and still counting, I do
think that slashdot was quite unique in making out of rating democracy
a good approximation for a selection of "stuff that matters".. but of
course it does change from time to time.

I wonder if FSF has the idea of doing a content rating new website a
la slashdot, or if we can live with that? an similar question to
asking if we should just all follow bugtraq and forward the relevant
things here directly, or make an automatic match service for names of
software included in our distros, or so?

> The same week an exploit available in samba for 5 years was
> revealed; not a mention here.

woa ^_^

gooood point made.

ciao


-- 
jaromil,  dyne.org developer,  http://jaromil.dyne.org
GPG: B2D9 9376 BFB2 60B7 601F 5B62 F6D3 FBD9 C2B6 8E39