[Slackbuilds-users] The latest jdk on slackbuilds.org (JB)
Matteo Bernardini
matteo.bernardini at gmail.com
Tue Apr 16 13:46:51 UTC 2013
as the plugin is a serious threat for anybody using it, there's this block
inside the slackbuild
if [ ${EXPLOIT_ME:-"no"} = "YES" ] ;then
mkdir -p $PKG/usr/lib${LIBDIRSUFFIX}/mozilla/plugins
cd $PKG/usr/lib${LIBDIRSUFFIX}/mozilla/plugins
ln -sf /usr/lib${LIBDIRSUFFIX}/java/jre/lib/${LIB_ARCH}/libnpjp2.so
libnpjp2.so
else
echo "
The February Critical Patch Update for Java SE addresses 50 security
vulnerabilities, 44 of which affect the use of Java as a plug-in for
Web browers.
!! THE MOZILLA PLUGIN IS NO LONGER ACTIVATED BY DEFAULT !!
"
sleep 5
fi
so, if you prefer, passing a variable EXPLOIT_ME=YES to the
slackbuild, exposes you to the various java plugin exploits out there.
Matteo
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.slackbuilds.org/pipermail/slackbuilds-users/attachments/20130416/fd3ce4e6/attachment.html>
More information about the SlackBuilds-users
mailing list