It may be a "port" of Sun/Oracle Java, but I believe there are internal
differences that are not necessarily minor. They at least use different words
to describe their garbage collection policies (although they have similar
strategies).
-
I am pleased, if that is the right word, to have my conjecture
discredited unambiguously.
I am not sure that, given its location within z/OS, [Oracle] Java 7
poses so severe a security threat there as it does in more exposed
positions elsewhere. A threat it nevertheless is.
--jg
On 8/29/12, Sta
IBM JAVA is a port of SUN (ORACLE) JAVA...
I have been told that parts of the IBM JVM does in fact include some Oracle
code. This was from a couple of years ago when I was investigating some odd
application behavior. I found an Oracle bug report that would explain the
behavior. In discussio
I have been told that parts of the IBM JVM does in fact include some Oracle
code. This was from a couple of years ago when I was investigating some odd
application behavior. I found an Oracle bug report that would explain the
behavior. In discussion with IBM support I was told that the bug wa
IBM should be consulted, certainly; but there is strong evidence that
this vulnerability is an ORACLE-specific one.
Code-sharing aside, vulnerabilities are implementation-specific; and
code sharing between IBM and ORACLE would be enormously interesting,
not least because of the vanishingly small p
According to this: http://www.us-cert.gov/cas/techalerts/TA12-240A.html
the vulnerability is limited to Oracle Java 1.7.0
Also, the vulnerability is an exploit that allows java code to break out of
a Java SecurityManager. This is most important when Java is being run on
a machine under a browse
http://www.computerworld.com/s/article/9230656/Macs_at_risk_from_super_dangerous_Java_zero_day
Has Java 7 made it to z/OS? Has anyone tested for this vulnerability?
The problem was new to Java 7, so one suggestion is to uninstall Java
7 and re-install Java 6 until patched.
--
Mike A Schwab, Sp
