Re: unsigned packages on F18

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Thu, 2013-01-31 at 15:04 -0800, Dave Stevens wrote:
> Quoting Craig White <craigwhite@xxxxxxxxxxx>:
> 
> > On Thu, 2013-01-31 at 13:02 -0800, Dave Stevens wrote:
> >> Quoting Reindl Harald <h.reindl@xxxxxxxxxxxxx>:
> >>
> >> >
> >> >
> >> > Am 31.01.2013 20:53, schrieb Jan Litwiński:
> >> >> Dnia 2013-01-31, o godz. 10:25:00
> >> >> Dave Stevens <geek@xxxxxxxxxxxx> napisał(a):
> >> >>
> >> >>> I tried to install Java in Firefox and after the download I get an
> >> >>> error saying the package is unsigned and installation halts. Have
> >> >>> got the same response with another widely used package. Using the
> >> >>> x86_64 live spin. What to do?
> >> >>>
> >> >>> Dave
> >> >>>
> >> >> try yum localinstall javapackage
> >> >
> >> > not a smart idea - usually ANY fedora package is signed
> >> >
> >> > missing signatures should be a WARNING SINGAL and not
> >> > ignored like trained monkeys confirm any SSL warning
> >> > in a webbrowser
> >> >
> >> >
> >>
> >> it isn't a fedora package. I wanted to used a js app in firefox and it
> >> needed the plugin and went looking for one. the download came from
> >> Oracle. I have some criticisms of Oracle as a firm but I suppose they
> >> can be trusted to that extent. Anyway I'll try that suggestion when I
> >> get back to that computer.
> > ----
> > just an fyi...
> >
> > There are many who suggest that even the very latest java update doesn't
> > fix the security issues with the browser plug-in and pretty much
> > everyone and his brother recommend disabling the plug-in right now
> > (Apple did it for you with their last OSX update). It's become a real
> > security nightmare. Don't say you weren't warned and this security issue
> > is even more serious than not having a signed package.
> >
> > Craig
> 
> yes, thanks, I've been following the news. I've got a facility I use  
> in virtualmin that needs java, what would I do for a replacement?
----
the file manager? That's pretty long in the tooth anyway.

I'm not suggesting anything other than the obvious... if the plugin is
installed and active, it may be enough to lose control of your system
and the advice is clear... disable.

Craig


-- 
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.

-- 
users mailing list
users@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
Have a question? Ask away: http://ask.fedoraproject.org


[Index of Archives]     [Older Fedora Users]     [Fedora Announce]     [Fedora Package Announce]     [EPEL Announce]     [EPEL Devel]     [Fedora Magazine]     [Fedora Summer Coding]     [Fedora Laptop]     [Fedora Cloud]     [Fedora Advisory Board]     [Fedora Education]     [Fedora Security]     [Fedora Scitech]     [Fedora Robotics]     [Fedora Infrastructure]     [Fedora Websites]     [Anaconda Devel]     [Fedora Devel Java]     [Fedora Desktop]     [Fedora Fonts]     [Fedora Marketing]     [Fedora Management Tools]     [Fedora Mentors]     [Fedora Package Review]     [Fedora R Devel]     [Fedora PHP Devel]     [Kickstart]     [Fedora Music]     [Fedora Packaging]     [Fedora SELinux]     [Fedora Legal]     [Fedora Kernel]     [Fedora OCaml]     [Coolkey]     [Virtualization Tools]     [ET Management Tools]     [Yum Users]     [Yosemite News]     [Gnome Users]     [KDE Users]     [Fedora Art]     [Fedora Docs]     [Fedora Sparc]     [Libvirt Users]     [Fedora ARM]

  Powered by Linux