Main Menu

Login



Support Virus.Org

Help support Virus.Org by donating.
Donating allows us to keep this site free and pay the running costs of all our services.
Apple Release Java Update PDF Print E-mail
Written by Editor   
Thursday, 25 September 2008 11:59
Apple released yesterday an update for Java for Mac OS X 10.5 Leopard, the update addresses a number of known vulnerabilities that affect Java.
 
The updated applies to OS X 10.5.4 and later for both client and server. The update is known as 'Java for Mac OS X 10.5 Update 2'. The update addresses the following issues referenced by their CVE that affect versions 1.4, 1.5 and 1.6 of Java:
CVE-2008-1193, CVE-2008-1194, CVE-2008-1185, CVE-2008-1186, CVE-2008-1187, CVE-2008-1188, CVE-2008-1189, CVE-2008-1190, CVE-2008-1191, CVE-2008-1192, CVE-2008-1195, CVE-2008-1196, CVE-2008-3103, CVE-2008-3104, CVE-2008-3105, CVE-2008-3106, CVE-2008-3107, CVE-2008-3108, CVE-2008-3109, CVE-2008-3110, CVE-2008-3111, CVE-2008-3112, CVE-2008-3113, CVE-2008-3114, CVE-2008-3115, CVE-2008-3637, CVE-2008-3638
A number of the issues identified by the their CVE above can be used by an attacker to execute arbitrary code on a targeted system or be used to elevate privileges of a user on an OS X system.

The patch also addresses a problem with the Java Cryptography Extensions (JCE) that was restricting the maximum key size to 128 bits.

Additionally there is an update targeting OS X 10.4 Tiger, this update addresses many of the issues listed previously that only affect the Java 1.4 and 1.5 environments. This update is known as 'Java for Mac OS X 10.4, Release 7'.

As always it is recommended that these updates are installed as soon as possible.

Add this page to your favorite Social Bookmarking websites
Digg! Reddit! Del.icio.us! Google! Live! Facebook! Technorati! StumbleUpon! Yahoo!
Last Updated ( Thursday, 25 September 2008 12:05 )