Hi everyone,
Today I stumbled across the (Oracle) SE 1.6 update 22 release notes [1]. Initially, it made me curious about a couple of imageio-related issues [2] [3], something which may become useful in the scope of related Batik issue 46513 [4] (possibly/probably there is also related interest in the scope of xmlgraphics-commons [5] and/or FOP [7]). Afterward, I noticed the highly relevant security fixes [7], which may currently affect most (any?) current Java-based project, with the specially alarmist nuance of potentially exposing Java applets and Web start applications (which is pretty serious in my opinion). Note that the security issue, as far as I could see, affects all known Java versions (ranging from Java 1.3.x to 6.0, previous versions probably just unlisted due already been EOL'ed). I'm thinking if this may worth a mention in the software download pages, kind of the Batik 1.5.0 release security warning [8]...? (Yes, it's not the same as this is due to a VM issue but... How to others feel about this?) Please forward at will, keep software updated and please reply to general@ only to avoid (more) cross-posting. (Non-Oracle users and watchers of several of the targeted mailing lists, please excuse the "spam-effect", if any.) Cheers, Helder [1] http://www.oracle.com/technetwork/java/javase/6u22releasenotes-176121.html [2] http://bugs.sun.com/bugdatabase/view_bug.do?bug_id=6547241 [3] http://bugs.sun.com/bugdatabase/view_bug.do?bug_id=6557086 [4] https://issues.apache.org/bugzilla/show_bug.cgi?id=46513 [5] http://xmlgraphics.apache.org/commons/ [6] http://xmlgraphics.apache.org/fop/ [7] http://www.oracle.com/technetwork/topics/security/javacpuoct2010-176258.html [8] http://xmlgraphics.apache.org/batik/index.html#download --------------------------------------------------------------------- To unsubscribe, e-mail: batik-users-unsubscr...@xmlgraphics.apache.org For additional commands, e-mail: batik-users-h...@xmlgraphics.apache.org
