Just saw that java 7u13 has been released. It's good to see Oracle try and patch more of these vulnerabilities.
On Saturday, January 19, 2013 2:48:42 PM UTC-5, Casper Bang wrote: > > Another week, another security hole. At least update 11 adds confirmation > dialog for non-signed code, which makes new holes harder to exploit. > Perhaps Oracle should change their update policy from 4 months to 4 days > instead. ;) > > > http://arstechnica.com/security/2013/01/critical-java-vulnerabilies-confirmed-in-latest-version/ > > /Casper > > On Monday, January 14, 2013 4:09:41 AM UTC+1, jddarcy wrote: >> >> Notification directly from Oracle on this matter: >> >> https://blogs.oracle.com/security/entry/security_alert_for_cve_2013 >> >> -Joe >> >> On Sun, Jan 13, 2013 at 7:02 PM, Ricky Clarkson >> <[email protected]> wrote: >> > >> http://blogs.computerworld.com/cybercrime-and-hacking/21627/oracle-patches-java-7-security-flaw-update-11 >> >> > >> > >> > On Sun, Jan 13, 2013 at 10:44 PM, Phil Swenson <[email protected]> >> > wrote: >> >> >> >> What is it going to take to get oracle to just kill java in the >> browser? >> >> It's an unneeded/obsolete embarrassment. >> >> >> >> >> >> On Jan 11, 2013, at 7:36 AM, Casper Bang <[email protected]> wrote: >> >> >> >> Naturally. It's the first time, over the last couple of JRE bugs, that >> my >> >> bank officially on their front page, is now issuing a warning against >> >> running Java 7 (which is a bit of a problem, as using Java is pretty >> much >> >> mandatory with our contry's SSO solution). >> >> >> >> On Thursday, January 10, 2013 5:55:22 PM UTC+1, Cédric Beust ♔ wrote: >> >>> >> >>> On Thu, Jan 10, 2013 at 7:31 AM, Casper Bang <[email protected]> >> wrote: >> >>>> >> >>>> In any event, the exploit has now made it into the known exploit >> kits >> >>>> Blackhole and NuclearPack, so a new wave of JVM security exploits >> now seems >> >>>> eminent: >> >>> >> >>> >> >>> Hopefully you mean 'imminent' :-) >> >>> >> >>> -- >> >>> Cédric >> >>> >> >> -- >> >> You received this message because you are subscribed to the Google >> Groups >> >> "Java Posse" group. >> >> To view this discussion on the web visit >> >> https://groups.google.com/d/msg/javaposse/-/6fFk5pAxFd0J. >> >> To post to this group, send email to [email protected]. >> >> To unsubscribe from this group, send email to >> >> [email protected]. >> >> For more options, visit this group at >> >> http://groups.google.com/group/javaposse?hl=en. >> >> >> >> -- >> >> You received this message because you are subscribed to the Google >> Groups >> >> "Java Posse" group. >> >> To post to this group, send email to [email protected]. >> >> To unsubscribe from this group, send email to >> >> [email protected]. >> >> For more options, visit this group at >> >> http://groups.google.com/group/javaposse?hl=en. >> > >> > >> > -- >> > You received this message because you are subscribed to the Google >> Groups >> > "Java Posse" group. >> > To post to this group, send email to [email protected]. >> > To unsubscribe from this group, send email to >> > [email protected]. >> > For more options, visit this group at >> > http://groups.google.com/group/javaposse?hl=en. >> > -- You received this message because you are subscribed to the Google Groups "Java Posse" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. Visit this group at http://groups.google.com/group/javaposse?hl=en. For more options, visit https://groups.google.com/groups/opt_out.
