Java update issue with Java 1.7.0_51-b13

The latest Java update 1.7.0_51-b13  (see http://www.java.com/en/download/help/java_blocked.xml) includes an enhanced security model that prevents unsigned applications from running. This change in behaviour can affect the Abiquo platform in two ways.
For Abiquo Servers:
Abiquo uses jdk-1.7.0_21-fcs in V2.6.x and in V3.0. Servers will only be affected if the Java version is explicitly upgraded. In which case there will be issues with the Flex UI, Chef and Public Cloud integrations. Our development team is aware of the issue, but we are reliant on an update being available in the CentOS repositories to resolve it. In the mean time you should not update the Java version on Abiquo servers.
For Abiquo Users:
Users of the Abiquo platform can access a console using TightVNC that is shipped with Abiquo. If these users have run an automatic Java update they will experience problems running the TightVNC console. Unfortunately we are dependent on TightVNC for any long term fix to this situation, but we are monitoring their updates closely. In the meantime users should be directed to the workaround described in http://www.java.com/en/download/help/java_blocked.xml where there are instructions on how to manually trust an application.
An alternative solution for some Abiquo customers may be to replace the TightVNC console shipped with Abiquo by default to the NoVNC console. We have several customers that have previously taken this approach because they prefer the security offered by the NoVNC solution, which is not affected by the Java change.  You can find more details on this alternative solution on our Wiki at http://wiki.abiquo.com/display/DEVOPS/Using+noVNC+in+Abiquo

0 Comments

Please sign in to leave a comment.