Debian Bug report logs - #466675
sun-java5-jre: jre/lib/security/*_policy.jar should be conffiles

version graph

Package: sun-java5-jre; Maintainer for sun-java5-jre is (unknown);

Reported by: Martín Ferrari <martin.ferrari@gmail.com>

Date: Wed, 20 Feb 2008 10:36:02 UTC

Severity: important

Tags: wontfix

Found in version sun-java5/1.5.0-14-2

Done: Matthias Klose <doko@ubuntu.com>

Bug is archived. No further changes may be made.

Toggle useless messages

View this report as an mbox folder, status mbox, maintainer mbox


Report forwarded to debian-bugs-dist@lists.debian.org, martin.ferrari@gmail.com, Matthias Klose <doko@ubuntu.com>:
Bug#466675; Package sun-java5-jre. Full text and rfc822 format available.

Acknowledgement sent to Martín Ferrari <martin.ferrari@gmail.com>:
New Bug report received and forwarded. Copy sent to martin.ferrari@gmail.com, Matthias Klose <doko@ubuntu.com>. Full text and rfc822 format available.

Message #5 received at submit@bugs.debian.org (full text, mbox):

From: Martín Ferrari <martin.ferrari@gmail.com>
To: Debian Bug Tracking System <submit@bugs.debian.org>
Subject: sun-java5-jre: jre/lib/security/*_policy.jar should be conffiles
Date: Wed, 20 Feb 2008 08:34:18 -0200
Package: sun-java5-jre
Version: 1.5.0-14-2
Severity: important

As it's currently done with other files in the same directory, the jar
files that impose the US crypto restrictions should be symlinks to files
in etc, so they can be overwritten locally (the procedure indicated by
Sun) with unrestricted versions and not overwritten on upgrades.

Today, an application was rendered unusable in one of my test servers
because of the latest stable upgrade reinstalling the cripppled versions.

Also, please consider providing the unrestricted files in the same or an
separate package, as this is very inconvenient for any real crypto work.

Citing JRE's README:

-----------------------------------------------------------------------
Unlimited Strength Java Cryptography Extension
-----------------------------------------------------------------------

Due to import control restrictions for some countries, the Java
Cryptography Extension (JCE) policy files shipped with the JRE 
allow strong but limited cryptography to be used. These files are
located at

    <java-home>/lib/security/local_policy.jar
    <java-home>/lib/security/US_export_policy.jar

where <java-home> is the jre directory of the JDK or the top-level 
directory of the JRE. 

An unlimited strength version of these files indicating no
restrictions on cryptographic strengths is available on the JDK web
site for those living in eligible countries. Those living in eligible
countries may download the unlimited strength version and replace the
strong cryptography jar files with the unlimited strength files. The
JCE Unlimited Strength Jurisdiction Policy Files 5.0 are available from:

    http://java.sun.com/j2se/1.5.0/download.jsp

-------------------------------------------------------------------------

Thanks, Tincho.

-- System Information:
Debian Release: lenny/sid
  APT prefers testing
  APT policy: (500, 'testing'), (1, 'experimental')
Architecture: i386 (i686)

Kernel: Linux 2.6.24-1-686 (SMP w/2 CPU cores)
Locale: LANG=es_AR.UTF-8, LC_CTYPE=es_AR.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash

Versions of packages sun-java5-jre depends on:
ii  debconf [debconf-2.0]         1.5.19     Debian configuration management sy
ii  java-common                   0.27       Base of all Java packages
ii  locales                       2.7-6      GNU C Library: National Language (
ii  sun-java5-bin                 1.5.0-14-2 Sun Java(TM) Runtime Environment (

Versions of packages sun-java5-jre recommends:
ii  gsfonts-x11                   0.20       Make Ghostscript fonts available t
ii  java-common                   0.27       Base of all Java packages

-- debconf information:
  sun-java5-jre/jcepolicy:
  sun-java5-jre/stopthread: true
* shared/accepted-sun-dlj-v1-1: true
  shared/error-sun-dlj-v1-1:
* shared/present-sun-dlj-v1-1:




Tags added: wontfix Request was from Matthias Klose <doko@ubuntu.com> to control@bugs.debian.org. (Thu, 10 Jul 2008 13:06:03 GMT) Full text and rfc822 format available.

Reply sent to Matthias Klose <doko@ubuntu.com>:
You have taken responsibility. Full text and rfc822 format available.

Notification sent to Martín Ferrari <martin.ferrari@gmail.com>:
Bug acknowledged by developer. Full text and rfc822 format available.

Message #12 received at 466675-done@bugs.debian.org (full text, mbox):

From: Matthias Klose <doko@ubuntu.com>
To: 466675-done@bugs.debian.org, "Martín Ferrari" <martin.ferrari@gmail.com>
Cc: control@bugs.debian.org
Subject: Re: sun-java5-jre: jre/lib/security/*_policy.jar should be conffiles
Date: Thu, 10 Jul 2008 15:03:01 +0200
tag 466675 + wontfix
thanks

no, afaik we cannot distribute these files, not in this nor another package. If
you do want to provide some solution, please use a local diversion to make sure
these files are not overwritten on upgrades. Or build a package to do these
diversions. I'm happy to announce such a package in a README.Debian file.

  Matthias




Bug archived. Request was from Debbugs Internal Request <owner@bugs.debian.org> to internal_control@bugs.debian.org. (Fri, 08 Aug 2008 07:39:03 GMT) Full text and rfc822 format available.

Send a report that this bug log contains spam.


Debian bug tracking system administrator <owner@bugs.debian.org>. Last modified: Fri Apr 18 03:44:58 2014; Machine Name: beach.debian.org

Debian Bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.