Main menu:

Sponsoring

Please consider a small donation:

 

 

Or you can donate bitcoin:

 

Thanks to TekLinks in Birmingham, AL, for providing colocation and bandwidth.

Page Rank

Fame

FOSS Force Best Blog--2013 Award

Recent posts

Recent comments

About this blog

I am Eric Hameleers, and this is where I think out loud.
More about me.

Search

Subscribe to Blog via Email

Enter your email address to subscribe to this blog and receive notifications of new posts by email.

Join 406 other subscribers

My Favourites

Slackware

Calendar

November 2018
M T W T F S S
« Oct    
 1234
567891011
12131415161718
19202122232425
2627282930  

RSS Alien's Slackware packages

RSS Alien's unofficial KDE Slackware packages

RSS Alien's multilib packages

RSS Slackware64-current

RSS SBo

Meta

Last week’s security updates

adobe_flash_8s600x600_2Adobe released updated Flash player plugins last tuesday, but I was too busy with other things to write a blog post about it. However, I did release updated packages the day after! The updates are for chromium-pepperflash-plugin (to be used together with my chromium package) with new version 19.0.0.245, and flashplayer-plugin which now is at version 11.2.202.548.

The PepperFlash plugin was extracted from Google Chrome 46.0.2490.86 but I did not compile a new Chromium package from the sources bearing that version this time. You’ll have to wait for the next stable release.

.

icedteaVersion 2.6.3 of IcedTea was also released last week. This version of IcedTea will compile OpenJDK 7 “Update 91 Build 02“. The release adds one missed security fix from Oracle’s october updates to OpenJDK. I could not find the announcement on the blog of release maintainer Andrew Hughes but here is his post on the mailing list instead.

The CVE which has been addressed and fixed:

  • S8142882, CVE-2015-4871: rebinding of the receiver of a DirectMethodHandle may allow a protected method to be accessed.

Note about OpenJDK usage:

I release packages for the JRE (runtime environment) and the JDK (development kit) simultaneously, but you only need to install one of the two. The JRE is sufficient if you only want to run Java programs (including Java web plugins). Only in case where you’d want to develop Java programs and need a Java compiler, you are in need of the JDK package.

The Java package (openjre as well as openjdk) has one dependency: rhino provides JavaScript support for OpenJDK.

Optionally: If you want to use Java in a web browser then you’ll have to install my icedtea-web package too. While Oracle’s binary JDK tarball contains a browser plugin, that one is closed-source and therefore Icedtea offers an open source variant which does a decent job. Note that icedtea-web is a NPAPI plugin – this prevents use of Java in Chrome & Chromium because those browsers only support PPAPI plugins, but you’ll be OK with all Mozilla [-compatible] browsers of course.

My download locations for these updated packages are as always:

If you are using the slackpkg+ extension for slackpkg, then you just run “slackpkg update && slackpkg update flash”. Alternatively, you can subscribe to my repository RSS feed to stay informed of any updates.

Have fun! Eric

 

Comments

Comment from tim
Posted: November 19, 2015 at 15:22

thanks for the updates. One thing I noticed was although you anounced icedtea 2.6.3 the icedtea-web packages are unchanged at 1.6.1
Is the web component unchanged?
thanks again

Comment from alienbob
Posted: November 19, 2015 at 15:48

tim, the two are developed independently (you need an icedtea-built openjdk/jre to be able to use icedtea-web of course), and their release schedules are not coupled.

Write a comment