In any case, regardless of the security vulnerability, please update Hardy to Java 1.6.0.20.
This has been done before, for example Hardy was updated to "6b16" (1.6.0.16 or 6u16?) in #420426. Ubuntu 8.04 LTS Desktop Edition is an officially supported Java platform, as far as Sun/Oracle is concerned, as of 6u18, but not before. In this answer [https://answers.launchpad.net/ubuntu/+source/sun- java6/+question/106322] leoquant said "Users of Ubuntu 8.04 Hardy Heron will probably (in due time?) receive this update (6u19) automatically, from the update function of Ubuntu itself." (i.e. an updated package will be released). 6u18 fixes a bug in 6u17, the latest version of sun-java6 officially packaged for Hardy as far as I can tell, which is a show-stopper for me [https://issues.apache.org/jira/browse/DERBY-4620]. I am being forced to install Java using Sun's binary packages (losing dependency management and automatic updates) on our servers to work around this. -- Update sun-java6 to 1.6.0_20 (6u20) due to security vulnerabilities https://bugs.launchpad.net/bugs/563957 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
