This is off topic but important to all CAS users. There exists a remotely exploitable critical bug in Java which can lead to a complete crash of the JVM. Every admin is urged to immediately patch all Sun/Bea/Oracle Java Versions on their servers.
Main cause of the problem is a flaw in the AMD/Intel floating point unit. JVM Patcher: https://cds.sun.com/is-bin/INTERSHOP.enfinity/WFS/CDS-CDS_Developer-Site/en_US/-/USD/ViewProductDetail-Start?ProductRef=fpupdater-oth-JPR@CDS-CDS_Developer As noted above, every script kiddie can crash your remotely available java app by simply sending the magic string in the HTTP-HEADER (e.g. by using curl). Hope it helps. Robert -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
