Page 3 of 8 FirstFirst 1234567 ... LastLast
Results 21 to 30 of 78

Thread: Old Sun Java JRE updates

  1. #21
    Adviser Team AplusWebMaster's Avatar
    Join Date
    Oct 2005
    Location
    USA
    Posts
    6,881

    Exclamation Multiple Sun JRE vulns - updates available

    FYI...

    Security Vulns in the JRE Image Parsing Code may Allow a Untrusted Applet to Elevate Privileges
    - http://www.sunsolve.sun.com/search/p...=1-26-102934-1
    Update Date: Thu May 31 00:00:00 MDT 2007
    Relief/Workaround: There is no workaround. Please see Resolution section below.
    Resolution: The first issue is addressed in the following releases (for Windows, Solaris, and Linux):
    * JDK and JRE 6 Update 1 or later
    * JDK and JRE 5.0 Update 11 or later...
    Java SE 6 Update 1 is available for download at the following links:
    * http://java.sun.com/javase/downloads/index.jsp
    J2SE 5.0 is available for download at the following link:
    * http://java.sun.com/j2se/1.5.0/download.jsp ...
    Note: When installing a new version of the product from a source other than a Solaris patch, it is recommended that the old affected versions be removed from your system..."

    > http://www.us-cert.gov/current/#sun_...urity_advisory
    June 6, 2007

    > http://www.kb.cert.org/vuls/id/138545
    Last Updated: 06/06/2007

    - http://java.sun.com/javase/6/
    "Java SE 6 is the current major release of the Java SE platform... Sun provides some older product and technology releases as a courtesy..."

    Last edited by AplusWebMaster; 2007-06-06 at 21:35.
    The machine has no brain.
    ......... Use your own.
    Browser check for updates here.
    YOU need to defend against -all- vulnerabilities.
    Hacks only need to find -1- to get in...
    .

  2. #22
    Adviser Team AplusWebMaster's Avatar
    Join Date
    Oct 2005
    Location
    USA
    Posts
    6,881

    Arrow

    FYI...

    - http://java.sun.com/javase/6/
    "Java SE 6 is the current major release of the Java SE platform... Sun provides some older product and technology releases as a courtesy..."

    .
    The machine has no brain.
    ......... Use your own.
    Browser check for updates here.
    YOU need to defend against -all- vulnerabilities.
    Hacks only need to find -1- to get in...
    .

  3. #23
    Senior Member djpailo's Avatar
    Join Date
    Oct 2005
    Posts
    126

    Default

    Thanks for the notice. I read on neowin that microsoft were making a flash program to rival adobes flash player. Will they ever resume with their java programme or are there still legal issues?

  4. #24
    Adviser Team AplusWebMaster's Avatar
    Join Date
    Oct 2005
    Location
    USA
    Posts
    6,881

    Exclamation Sun Java Web Start vuln - updates available

    FYI...

    - http://secunia.com/advisories/25823/
    Release Date: 2007-06-29
    Critical: Highly critical
    Impact: Security Bypass, Manipulation of data
    Where: From remote
    Solution Status: Vendor Patch
    Software:
    Java Web Start 1.x
    Sun Java JDK 1.5.x
    Sun Java JRE 1.4.x
    Sun Java JRE 1.5.x / 5.x
    Sun Java SDK 1.4.x
    ...The vulnerability affects Java Web Start in JDK and JRE 5.0 Update 11 and earlier and Java Web Start in SDK and JRE 1.4.2_13 and earlier for the Windows platform...
    Solution: Apply updates.
    Java Web Start in JDK and JRE 5.0 Update 12 or later
    http://java.sun.com/j2se/1.5.0/download.jsp
    Java Web Start in SDK and JRE 1.4.2_14 or later
    http://java.sun.com/j2se/1.4.2/download.html ...
    Original Advisory:
    http://sunsolve.sun.com/search/docum...=1-26-102957-1 ..."

    Also see: http://secunia.com/advisories/25769/
    ( http://sunsolve.sun.com/search/docum...=1-26-102958-1 )

    Last edited by AplusWebMaster; 2007-06-29 at 15:33.
    The machine has no brain.
    ......... Use your own.
    Browser check for updates here.
    YOU need to defend against -all- vulnerabilities.
    Hacks only need to find -1- to get in...
    .

  5. #25
    Adviser Team AplusWebMaster's Avatar
    Join Date
    Oct 2005
    Location
    USA
    Posts
    6,881

    Arrow SunJava JRE v1.6.0_02 released

    FYI...

    SunJava JRE v1.6.0_02 released
    Download Java Runtime Environment (JRE) 6u2:
    - http://java.sun.com/javase/downloads/index.jsp

    Release notes:
    - http://java.sun.com/javase/6/webnote...es.html#160_02
    180+ bug fixes (!)

    -----------------------------

    - http://java.sun.com/javase/6/
    "Java SE 6 is the current major release of the Java SE platform... Sun provides some older product and technology releases as a courtesy..."

    .
    Last edited by AplusWebMaster; 2007-07-08 at 18:15.
    The machine has no brain.
    ......... Use your own.
    Browser check for updates here.
    YOU need to defend against -all- vulnerabilities.
    Hacks only need to find -1- to get in...
    .

  6. #26
    Adviser Team AplusWebMaster's Avatar
    Join Date
    Oct 2005
    Location
    USA
    Posts
    6,881

    Exclamation

    FYI...

    - http://secunia.com/advisories/25981/
    Release Date: 2007-07-10
    Critical: Highly critical
    Impact: System access
    Where: From remote
    Solution Status: Vendor Patch
    Software: Java Web Start 1.x, Sun Java JRE 1.5.x / 5.x, Sun Java JRE 1.6.x / 6.x ...
    The vulnerability is reported in the following versions:
    * Java Runtime Environment 6 Update 1 and earlier
    * Java Runtime Environment 5 Update 11, and earlier ...
    Solution: Apply updates.
    JRE 5 Update 12:
    http://java.sun.com/javase/downloads/index_jdk5.jsp
    JRE 6 Update 2:
    http://java.sun.com/javase/downloads/index.jsp ..."

    Note: http://java.sun.com/javase/6/
    "Java SE 6 is the current major release of the Java SE platform... Sun provides some older product and technology releases as a courtesy..."

    The machine has no brain.
    ......... Use your own.
    Browser check for updates here.
    YOU need to defend against -all- vulnerabilities.
    Hacks only need to find -1- to get in...
    .

  7. #27
    Adviser Team AplusWebMaster's Avatar
    Join Date
    Oct 2005
    Location
    USA
    Posts
    6,881

    Exclamation

    FYI...

    Sun Java vuln - updates available
    > http://secunia.com/advisories/26015/
    Release Date: 2007-07-11
    Critical: Moderately critical
    ...The vulnerability affects the following versions for Solaris, Linux, and Windows:
    * JDK and JRE 6 Update 1 and earlier
    * JDK and JRE 5.0 Updates 7, 8, 9, 10, and 11
    * SDK and JRE 1.4.2_11, _12, _13, and _14 ...
    Solution: Update to the latest versions:
    JDK and JRE 6 Update 2 or later: http://java.sun.com/javase/downloads/index.jsp
    JDK and JRE 5.0 Update 12 and later: http://java.sun.com/j2se/1.5.0/download.jsp
    SDK and JRE 1.4.2_15 and later: http://java.sun.com/j2se/1.4.2/download.html ...
    Original Advisory:
    http://sunsolve.sun.com/search/docum...=1-26-102997-1 ...

    - http://secunia.com/advisories/26031/
    Release Date: 2007-07-11
    Critical: Moderately critical
    Impact: System access
    Where: From remote
    Solution Status: Vendor Patch
    Software: Sun Java JDK 1.6.x, Sun Java JRE 1.6.x / 6.x ...
    Solution: Apply patches.
    Update to JDK and JRE 6 Update 2 or later.
    http://java.sun.com/javase/downloads/index.jsp ...

    ----------------------
    Note: http://java.sun.com/javase/6/
    "Java SE 6 is the current major release of the Java SE platform... Sun provides some older product and technology releases as a courtesy..."

    .
    Last edited by AplusWebMaster; 2007-07-11 at 17:59.
    The machine has no brain.
    ......... Use your own.
    Browser check for updates here.
    YOU need to defend against -all- vulnerabilities.
    Hacks only need to find -1- to get in...
    .

  8. #28
    Adviser Team AplusWebMaster's Avatar
    Join Date
    Oct 2005
    Location
    USA
    Posts
    6,881

    Exclamation

    FYI...

    - http://isc.sans.org/diary.html?storyid=3140
    Last Updated: 2007-07-13 16:44:38 UTC - "...anyone using the Java Runtime Environment or Java Development Kit is at risk.
    http://www.auscert.org.au/render.html
    This flaw may have an impact on PDA's and mobile phones as well as PC's. Because Java is browser independent it has potential to impact many, many devices. It is recommended that you patch all java devices as soon as possible."

    - http://news.zdnet.com/2100-1009_22-6196493.html
    July 13, 2007 - "...problem is compounded by the fact that organizations are unlikely to take on the daunting process of patching -all- of their Java Runtime vulnerabilities..."

    The machine has no brain.
    ......... Use your own.
    Browser check for updates here.
    YOU need to defend against -all- vulnerabilities.
    Hacks only need to find -1- to get in...
    .

  9. #29
    Adviser Team AplusWebMaster's Avatar
    Join Date
    Oct 2005
    Location
    USA
    Posts
    6,881

    Arrow SunJava JRE 6 Update 3 released

    FYI...

    - http://java.sun.com/javase/downloads/index.jsp

    Bug Fixes: -10-
    - http://java.sun.com/javase/6/webnote...es.html#160_03

    ----------------------
    Note: http://java.sun.com/javase/6/
    "Java SE 6 is the current major release of the Java SE platform... Sun provides some older product and technology releases as a courtesy..."

    .
    Last edited by AplusWebMaster; 2007-10-02 at 22:57.
    The machine has no brain.
    ......... Use your own.
    Browser check for updates here.
    YOU need to defend against -all- vulnerabilities.
    Hacks only need to find -1- to get in...
    .

  10. #30
    Adviser Team AplusWebMaster's Avatar
    Join Date
    Oct 2005
    Location
    USA
    Posts
    6,881

    Exclamation

    FYI...

    Sun Java JRE multiple Vulns - updates available
    - http://secunia.com/advisories/27009/
    Release Date: 2007-10-04
    Critical: Highly critical
    Impact: Security Bypass, Manipulation of data, Exposure of system information, Exposure of sensitive information, System access
    Where: From remote
    Solution Status: Vendor Patch
    Software: Sun Java JDK 1.5.x, Sun Java JDK 1.6.x, Sun Java JRE 1.3.x, Sun Java JRE 1.4.x, Sun Java JRE 1.5.x / 5.x, Sun Java JRE 1.6.x / 6.x, Sun Java SDK 1.3.x, Sun Java SDK 1.4.x
    ...The vulnerabilities are reported in the following versions:
    * JDK and JRE 6 Update 2 and earlier
    * JDK and JRE 5.0 Update 12 and earlier
    * SDK and JRE 1.4.2_15 and earlier
    * SDK and JRE 1.3.1_20 and earlier
    Solution: Update to the fixed versions.
    JDK and JRE 6 Update 3:
    http://java.sun.com/javase/downloads/index.jsp
    JDK and JRE 5.0 Update 13:
    http://java.sun.com/javase/downloads/index_jdk5.jsp
    SDK and JRE 1.4.2_16:
    http://java.sun.com/j2se/1.4.2/download.html
    SDK and JRE 1.3.1 for Solaris 8:
    http://java.sun.com/j2se/1.3/download.html ...

    .
    The machine has no brain.
    ......... Use your own.
    Browser check for updates here.
    YOU need to defend against -all- vulnerabilities.
    Hacks only need to find -1- to get in...
    .

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •