Hi :) It's the same old story.
"All this has happened before and will happen again" (any Battlestar Galactica fans out there?). Oracle tell us all that their new version of java is ultra safe and really is safe this time and that all their previous versions are horribly flawed and likely to cause widespread plagues and death etc to anyone that continues to use them. Then their new "ultra safe" one is found to also have horrible flaws in it. As it happens it seems very few people actually seem to suffer or at least we never hear of it. Still we keep advising people to update to the most recent possible version but to try avoiding it completely if they can. For us the 1.6_32 is currently the most usable as the 1.7 has never really worked well with LO. As time goes on it seems that java is compromised faster and faster. Each new release lasting less and less time until some horror story emerges. Their 1.7 branch was supposed to be their best ever taking the whole thing to a new plateau of rock solid stability and sfaety but the 1st 4 versions got compromised even before release! Meanwhile the TDF devs working on LO have removed just about all dependancy on java. There are still a few Wizards and Extensions that need it and, of course, the database program (but only if you use the internal embedded back-end) and all the Accessibility stuff. So, the User List stance is to try to get people to try not using Java at all but if they do need it to use the one that does work with LO - which i don't think has been compromised just yet although that's probably just because it hasn't reached the mainstream media yet because it's considered an 'old' version even though it was released after the latest in the 1.7 branch. Regards from Tom :) >________________________________ > From: Fabian Rodriguez <[email protected]> >To: [email protected] >Sent: Thursday, 30 August 2012, 19:14 >Subject: [libreoffice-users] What is the status of Java security vs. >LibreOffice? > > >-----BEGIN PGP SIGNED MESSAGE----- >Hash: SHA1 > >Hi all > >I saw this a few days ago, I'd like to know what should I make of it?: >http://arstechnica.com/security/2012/08/critical-flaw-under-active-attack-prompts-calls-to-disable-java/ > >I never install Java when I install LibreOffice, but a few people end up >installing it. > >I have seen a few threads about it in the fr-discuss list, but nothing >clear/concise (although I may have missed a post or two). > >Thanks for any information. > >Cheers, > >Fabian Rodriguez >http://libreoffice.magicfab.ca > > > >- -- > >-----BEGIN PGP SIGNATURE----- >Version: GnuPG v1.4.11 (GNU/Linux) >Comment: PGP/Mime available upon request >Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ > >iEYEARECAAYFAlA/rXIACgkQfUcTXFrypNXJOACcDs0YJHO+yhWBA2p/kMaUzRp0 >W0wAnjYmH9iPtp74HZsHyglBFernR0cw >=NWFH >-----END PGP SIGNATURE----- > > >-- >For unsubscribe instructions e-mail to: [email protected] >Problems? http://www.libreoffice.org/get-help/mailing-lists/how-to-unsubscribe/ >Posting guidelines + more: http://wiki.documentfoundation.org/Netiquette >List archive: http://listarchives.libreoffice.org/global/users/ >All messages sent to this list will be publicly archived and cannot be deleted > > > > -- For unsubscribe instructions e-mail to: [email protected] Problems? http://www.libreoffice.org/get-help/mailing-lists/how-to-unsubscribe/ Posting guidelines + more: http://wiki.documentfoundation.org/Netiquette List archive: http://listarchives.libreoffice.org/global/users/ All messages sent to this list will be publicly archived and cannot be deleted
