Groups | Search | Server Info | Keyboard shortcuts | Login | Register [http] [https] [nntp] [nntps]
Groups > comp.lang.java.programmer > #21422
| From | Eric Sosman <esosman@comcast-dot-net.invalid> |
|---|---|
| Newsgroups | comp.lang.java.programmer |
| Subject | Re: JDK 1.7.0_11 is out. |
| Date | 2013-01-15 22:03 -0500 |
| Organization | A noiseless patient Spider |
| Message-ID | <kd558i$fbp$1@dont-email.me> (permalink) |
| References | <n1r6f817h6mus92hrkpgr92lineb6lintr@4ax.com> <h2l9f8dcitjijhvu1hi596cos7julbci7q@4ax.com> <50f60a90$0$287$14726298@news.sunsite.dk> |
On 1/15/2013 9:03 PM, Arne Vajhøj wrote:
>[...]
> <quote>
> This release contains fixes for security vulnerabilities. For more
> information, see Oracle Security Alert for CVE-2013-0422.
CERT's advice is
"Immunity has indicated that only the reflection
vulnerability has been fixed and that the JMX MBean
vulnerability remains. [...] Unless it is absolutely
necessary to run Java in web browsers, disable it as
described below, even after updating to 7u11. [...]"
--from <http://www.kb.cert.org/vuls/id/625617>
Write once, pwn anywhere ...
--
Eric Sosman
esosman@comcast-dot-net.invalid
Back to comp.lang.java.programmer | Previous | Next — Previous in thread | Next in thread | Find similar | Unroll thread
JDK 1.7.0_11 is out. Roedy Green <see_website@mindprod.com.invalid> - 2013-01-13 18:24 -0800
Re: JDK 1.7.0_11 is out. Arne Vajhøj <arne@vajhoej.dk> - 2013-01-13 21:32 -0500
Re: JDK 1.7.0_11 is out. Roedy Green <see_website@mindprod.com.invalid> - 2013-01-14 20:01 -0800
Re: JDK 1.7.0_11 is out. Arne Vajhøj <arne@vajhoej.dk> - 2013-01-15 21:03 -0500
Re: JDK 1.7.0_11 is out. Eric Sosman <esosman@comcast-dot-net.invalid> - 2013-01-15 22:03 -0500
Re: JDK 1.7.0_11 is out. Arne Vajhøj <arne@vajhoej.dk> - 2013-01-16 20:14 -0500
csiph-web