Main menu:

Sponsoring

Please consider a small donation:

 

 

Or you can donate bitcoin:

 

Thanks to TekLinks in Birmingham, AL, for providing colocation and bandwidth.

Page Rank

Fame

FOSS Force Best Blog--2013 Award

Recent posts

Recent comments

About this blog

I am Eric Hameleers, and this is where I think out loud.
More about me.

Search

Subscribe to Blog via Email

Enter your email address to subscribe to this blog and receive notifications of new posts by email.

Join 310 other subscribers

My Favourites

Slackware

Calendar

August 2017
M T W T F S S
« Jul    
 123456
78910111213
14151617181920
21222324252627
28293031  

RSS Alien's Slackware packages

RSS Alien's unofficial KDE Slackware packages

RSS Alien's multilib packages

RSS Slackware64-current

Meta

OpenJDK 7 security update Jan ’17

icedteaAndrew Hughes (aka GNU/Andrew) has created a new release for IcedTea 2.6.x (which is the series targeting Java7) to allow the creation of an OpenJDK 7 package with the Java security fixes for January 2017 included.

I do realize that Java8 is the more popular version currently but as long as there are security updates for OpenJDK 7, I will try to put those into Slackware packages. So today, here’s OpenJDK 7u131_b00 – or “Java 7 Update 131 Build 00” for you. In fact two packages as always: the JRE and the JDK (which includes the JRE).

As is customary, Andrew provides release notes on his blog that list the vulnerabilities (CVE’s) which are being plugged with the new release. I used to paste those into my own blog articles but I rather give Andrew the credits, so please visit his latest post dubbed “[SECURITY] IcedTea 2.6.9 for OpenJDK 7 Released!“.

If you are still in need of Java 7 and have my older package installed, please upgrade your OpenJDK 7 to this new release. Here is where you can download the Slackware packages:

The “rhino” package (implementation of the JavaScript engine used by OpenJDK) is an external dependency for OpenJDK 7, you can find a package in my repository.

Note about usage:

My Java 7 and Java 8 packages (e.g. openjdk7 and openjdk… or openjre7 and openjre) can not co-exist on your computer because they use the same installation directory. You must install either Java 7 or Java 8.

Remember that I release packages for the JRE (runtime environment) and the JDK (development kit) simultaneously, but you only need to install one of the two. The JRE is sufficient if you only want to run Java programs (including Java web plugins). Only in case where you’d want to develop Java programs and need a Java compiler, you are in need of the JDK package.

Optionally: If you want to use Java in a web browser then you’ll have to install my icedtea-web package too. Oracle’s JDK contains a browser plugin, but that one is closed-source. Therefore Icedtea offers an open source variant which does a decent job.

Plugin support in Web Browsers:

Note that icedtea-web is a NPAPI plugin – this prevents the use of Java in Chrome & Chromium because those browsers only support PPAPI plugins, but you’ll be OK with all Mozilla [-compatible] browsers of course. For how long, I do not know. Mozilla have announced they will deprecate NPAPI in their browsers back in 2015.
And even though the plugins are still supported (but require manual activation now) there’s a very recent post on the blog of Firefox software engineer Mike Kaply where he mentions that Firefox 52 will be the first release that will no longer support NPAPI plugins at all (except for Flash but only for a few more releases to come). Remember, we are currently at Firefox version 51. Mike Kaply also mentions that the ESR releases of Firefox (i.e. the Extended Support Releases) will continue to support the NPAPI plugins!
So: Firefox 52: no more plugins. And Firefox ESR 52: plugins still supported.

Have fun! Eric

Comments

Pingback from Links 19/2/2017: GParted 0.28.1, LibreOffice Donations Record | Techrights
Posted: February 20, 2017 at 00:16

[…] OpenJDK 7 security update Jan ’17 […]

Write a comment