Hi! Just noting that Java 6u35, 7u07 were released by Oracle a day ago http://www.oracle.com/technetwork/java/javase/downloads/
Those contain security fixes for issues exploitable when running Java from within a web browser. (Those running it on server or standalone are said to be unaffected). http://www.oracle.com/technetwork/topics/security/alert-cve-2012-4681-1835715.html BTW, some media wrote that CVE-2012-4681 affects only Java 7, but not Java 6. Oracle page, linked above, says the update includes fixes for two other vulnerabilities and affects both Java 6 and Java 7. Best regards, Konstantin Kolinko --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org