... and just deleting the version of Java they have installed is somehow more reasonable? Honestly, the fact that this is even being seriously considered by Ubuntu is pretty much a death blow to me ever trusting a package update from the project again... what's next: a security update that uninstalls Apache from my web server, or one that uninstalls Exim from my email server?
Actually, I do think the Ubuntu solution is more reasonable. I installed sun-java6 for precisely the use case mdeslaur described, and I'm pretty sure that the errors from a missing JDK will be much more clear and noticeable than the subtler (but still work-killing) ones from OpenJDK.
Strawman. Every other suggestion on this page is more reasonable than the one Ubuntu is choosing, whether it be replacing the package with one that is 90% functionally equivalent (openjdk) to printing giant warnings during the package upgrade process. The decision made by Ubuntu is so uncaring for its user community that this reads like comedy.
I disagree. Many people leave windows in favor of Ubuntu for increased security against virus and malware.
I agree that there could be more transparent feedback to the user who probably will never check to see what's being update and why, but I don't think this reads like comedy at all.
Maybe a balance and not remove it on servers? I have a pretty locked down environment and trust my ability to read advisories and take necessary precautions. It's weird to presume your users can't deal with that.
