Most everyone knows the software isn't supported. Therein lies the root
cause of this issue. Many apps that use java recommend the official
distribution of java, not the open source version.
No disrespect intended here sir, but I believe is flat out irresponsible for
Canonical, and the Ubuntu Security Team, to refuse to recognize the sheer
number of users that use this package, and retort existing policy, citing
that it is not supported.
Someone needs to recognize the need here, and make it an officially
supported package. As a long time Ubuntu user, and someone who recommends
Ubuntu to everyone, it is *embarassing* to use a top of the line
distribution of GNU/Linux, commercially supported, that allows such a
package security vulnerability to remain absent for so long.
The official version of java needs to be supported, but not installed by
default.
On Sat, Aug 22, 2009 at 1:02 PM, Marc Deslauriers <
<email address hidden>> wrote:
> Software in the multiverse and universe repositories is not supported by
> the Ubuntu Security Team. See:
>
> https://wiki.ubuntu.com/SecurityTeam/FAQ#Official%20Support
>
> Packages in multiverse and universe need to be updated by the Ubuntu
> community by following the procedures here:
>
> https://wiki.ubuntu.com/SecurityTeam/UpdateProcedures
>
> As soon as someone volunteers to submit updates for this issue, the
> security team will get them published into the proper repositories.
>
> --
> version 1.6.0_15 is available
> https://bugs.launchpad.net/bugs/409559
> You received this bug notification because you are a direct subscriber
> of the bug.
>
--
"The world is a dangerous place, not because of the people who are evil, but
because of the people who don't do anything about it." - Albert Einstein
Marc,
Most everyone knows the software isn't supported. Therein lies the root
cause of this issue. Many apps that use java recommend the official
distribution of java, not the open source version.
No disrespect intended here sir, but I believe is flat out irresponsible for
Canonical, and the Ubuntu Security Team, to refuse to recognize the sheer
number of users that use this package, and retort existing policy, citing
that it is not supported.
Someone needs to recognize the need here, and make it an officially
supported package. As a long time Ubuntu user, and someone who recommends
Ubuntu to everyone, it is *embarassing* to use a top of the line
distribution of GNU/Linux, commercially supported, that allows such a
package security vulnerability to remain absent for so long.
The official version of java needs to be supported, but not installed by
default.
On Sat, Aug 22, 2009 at 1:02 PM, Marc Deslauriers <
<email address hidden>> wrote:
> Software in the multiverse and universe repositories is not supported by /wiki.ubuntu. com/SecurityTea m/FAQ#Official% 20Support /wiki.ubuntu. com/SecurityTea m/UpdateProcedu res /bugs.launchpad .net/bugs/ 409559
> the Ubuntu Security Team. See:
>
> https:/
>
> Packages in multiverse and universe need to be updated by the Ubuntu
> community by following the procedures here:
>
> https:/
>
> As soon as someone volunteers to submit updates for this issue, the
> security team will get them published into the proper repositories.
>
> --
> version 1.6.0_15 is available
> https:/
> You received this bug notification because you are a direct subscriber
> of the bug.
>
--
"The world is a dangerous place, not because of the people who are evil, but
because of the people who don't do anything about it." - Albert Einstein
http:// www.CampaignFor Liberty. org