diff options
Diffstat (limited to 'zarb-ml/mageia-dev/attachments/20120329/9a904863/attachment.html')
-rw-r--r-- | zarb-ml/mageia-dev/attachments/20120329/9a904863/attachment.html | 38 |
1 files changed, 38 insertions, 0 deletions
diff --git a/zarb-ml/mageia-dev/attachments/20120329/9a904863/attachment.html b/zarb-ml/mageia-dev/attachments/20120329/9a904863/attachment.html new file mode 100644 index 000000000..6dc17eaeb --- /dev/null +++ b/zarb-ml/mageia-dev/attachments/20120329/9a904863/attachment.html @@ -0,0 +1,38 @@ +<br><br><div class="gmail_quote">On Thu, Mar 29, 2012 at 21:23, Maarten Vanraes <span dir="ltr"><<a href="mailto:alien@rmail.be">alien@rmail.be</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"> + +Op donderdag 29 maart 2012 21:08:22 schreef David Walser:<br> +<div><div class="h5">> Guillaume Rousse <guillomovitch@...> writes:<br> +> > If I want to keep a proprietary JRE on my computers, because I trust it<br> +> > more to run crap proprietary applications (also called<br> +> > corporate-compliants), than marvelous free-licensed environment they<br> +> > have never been tested with, that is my choice, not yours.<br> +><br> +> If they really want to keep Sun Java, shouldn't they just download the<br> +> installer from Sun and install it themselves, rather than using some<br> +> obsolete Mageia 1 package of it?<br> +<br> +<br> +</div></div>well, iinm the version that the people have, will still have the correct<br> +license and we are able to distribute it fine.<br> +<br> +i would argue that if security bugs we could remove it, but i'm not too sure<br> +on this point... i mean, can we really remove it from them? otoh, people<br> +wanting to have the proprietary ones, likely know what they are doing...<br></blockquote><div><br></div><div><a href="http://www.h-online.com/open/news/item/Critical-Java-hole-being-exploited-on-a-large-scale-Update-1485681.html">http://www.h-online.com/open/news/item/Critical-Java-hole-being-exploited-on-a-large-scale-Update-1485681.html</a></div> + +<div><br></div><div>If people want it they should install the fixed version that we are not allowed to distribute</div><div><br></div><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"> + + +perhaps we can obsolete it with one of those nonfree getters? (if security<br> +bug)<br> +<br> +or, maybe a package that gives an README.urpmi ...<br> +<br> +IMHO: i think obsoleting it is fine, but with a README.urpmi that says notifies<br> +that it's been obsoleted.<br></blockquote><div><br></div><div>Yes that seems the best solution to me</div><div> </div><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"> + + +(unless someone wants to have and maintain a nonfree getter application that<br> +fetches the upstream releases)<br> +<br> +we really shouldn't keep stuff we can't maintain...<br> +</blockquote></div><br> |