The Java applet security vulnerability that’s had a lot of news coverage this week was patched today in a new Java release from Oracle. Further details here.
To avoid committing files to version control you can add their names to a .gitignore file, and to committing local changes to an already version controlled file you can use the git command described in my previous post here.
How can you remove history if you’ve already committed a file? For example, let’s say you have a properties file with some environment specific values that you’ve committed, but you want to remove the history of those committed values?
This FAQ walks through the steps needed, which in summary are:
- Remove all history from the repo:
git filter-branch --force --index-filter 'git rm --cached --ignore-unmatch path/to/your_file_name' --prune-empty --tag-name-filter cat -- --all
- on Windows, replace the ‘ with “
- add the filename to .gitignore if you want to avoid future commits (and commit .gitignore: git commit -m “updated gitignore” )
- push changes back to your remotes: git push remotename master –force
If you need to make local changes to a tracked file and then not commit them in future commit, use the ‘git update-index -skip-worktree’ as described here.
It pains me as a Java developer to recommend to anyone to disable their Java support in their browsers, but given the recently discovered Java vulnerability that can be exploited by a Java applet running in a browser to do ‘bad things’ to your machine, until this gets patched, it’s worth to disable your Java plugins until it gets patched.
According to some sources, Oracle has known about these vulnerabilities since April, but still has not patched them. Since sites have started showing up that have applets exploiting this vulnerability, it’s worth to play it safe and batten down the hatches, and disabled Java support in your browsers.
Oracle releases security patches for Java every 4 months, the next one is due in October. Until this gets patched, best to play it safe.
To disable the Java plugin on Chrome on Mac OS X:
- Go to Chrome / Preferences, click on Show Advanced Settings
- In the Privacy section, click the Content Settings button
- Scroll down to Plugins, click ‘Disable individual plugins’
- Scroll down to find the Java plugin, click disable
To disable the Java plugin in Safari on Mac OS X:
- Go to Safari / Preferences, click the Security icon
- In the web content section, uncheck ‘Enable Java’
To disable the Java plugin in Firefox on Mac OS X:
- Go to Firefox / Preferences, click the General icon
- Click the Manage Add-ons button
- In the Addons Manager window, click Plugins on the left
- Scroll down to find Java Applet plugin, click the Disable button
Samsung have said the final court ruling in the patent case with Apple is ‘a loss for the American consumer’, and I can’t help but agree.
In a statement after the ruling, Samsung continue:
“It is unfortunate that patent law can be manipulated to give one company a monopoly over rectangles with rounded corners, or technology that is being improved every day by Samsung and other companies”
That one statement for me sums up the ridiculous nature of his patent lawsuit. So what next, is Apple going to continue to sue every other phone manufacturer who manufacturers a device that is essentially a rectangle with rounded corners? To avoid infringing on Apple’s patents on rectangles, all other phones must be square, or circular, or any other shape but not a rectangle? This is the ridiculous part of this case. Imagine if someone was able to patent the shape of a car? A house? A table? A TV?