Cookies op Tweakers

Tweakers maakt gebruik van cookies, onder andere om de website te analyseren, het gebruiksgemak te vergroten en advertenties te tonen. Door gebruik te maken van deze website, of door op 'Ga verder' te klikken, geef je toestemming voor het gebruik van cookies. Je kunt ook een cookievrije versie van de website bezoeken met minder functionaliteit. Wil je meer informatie over cookies en hoe ze worden gebruikt, bekijk dan ons cookiebeleid.

Meer informatie

Door , , reacties: 3, views: 6.719 •
Bron: Oracle, submitter: Ge Someone

Oracle heeft onder de Sun-vlag de negentiende update voor zowel de developmentkit als de runtime-environment van Java Standard Edition 6.0 uitgebracht. Het exacte versienummer is 1.6.0_19-b04. De ontwikkelaars hebben zeven nieuwe root-certificaten meegeleverd en een lijst met bugs afgewerkt. De lijst met veranderingen voor deze negentiende update ziet er als volgt uit:

Changes in 1.6.0_19 (6u19)

The full internal version number for this update release is 1.6.0_19-b04 (where "b" means "build"). The external version number is 6u19.

OlsonData 2010b
6u19 contains Olson time zone data version 2010b. For more information, refer to Timezone Data Versions in the JRE Software.

Security Baseline
6u19 specifies the following security baselines for use with Java Plug-in technology:

JRE Family Version 5.0
Java SE Security Baseline 1.5.0_22
Java SE for Business Security Baseline 1.5.0_24

JRE Family Version 1.4.2
Java SE Security Baseline 1.4.2_19
Java SE for Business Security Baseline 1.4.2_26

On October 30, 2008, Java SE 1.4.2 reached its end of service life with the release of 1.4.2_19. Java SE 5.0 reached its end of service life on November 3, 2009, with the release of 5.0u22. Future revisions of Java SE 1.4.2 (1.4.2_20 and above) and Java SE 5.0 (5.0u23 and above) include the Access Only option and are available to Java SE for Business subscribers. For more information about the security baseline, see Deploying Java Applets With Family JRE Versions in Java Plug-in for Internet Explorer.

Root Certificates
Added seven new root certificates, removed three root certificates and five root certificates replaced with stronger signature algorithms from VeriSign, Thawte and GeoTrust. (Refer to 6904162.)

Ensuring Application and Applet Security when Mixing Signed and Unsigned Code
Signed Java Web Start applications and applets that contain signed and unsigned components could potentially be unsafe unless the mixed code was intended by the application vendor. As of this release, when mixed code is detected in a program, a warning dialog is raised. Mixing Signed and Unsigned Code explains this warning dialog and options that the user, system administrator, developer, and deployer have to manage it.

Interim Fix for the Transport Layer Security (TLS) Man-in-the-Middle Attack
For more information about the vulnerability and the interim fix, please see the TLS Renegotiation Issue Readme.

Bug Fixes
This release contains fixes for security vulnerabilities. For more information, please see Oracle Java SE and Java for Business Critical Patch Update advisory.

Other Bug Fixes:
  • hotspot - garbage_collector - GC stacks should use a better data structure
  • hotspot - garbage_collector - G1: crash in oopDesc*G1ParCopyHelper::copy_to_survivor_space(oopDesc*)
  • hotspot - jvmti - src/share/vm/prims/jvmtiEnv.cpp:457 assert(phase == JVMTI_PHASE_LIVE,"sanity check")
  • hotspot - runtime_system - JDK 1.6.0_u14p Application crashed very early
  • hotspot - runtime_system - in-process JVM now ignores preset Windows unhandled exception filter
  • hotspot - runtime_system - Crash in CompilerThread/Parser. Unloaded array klass?
  • idl - orb - RMI-IIOP EJB clients do not fail over due to defect in JDK 1.6.0_12
  • idl - orb - SVUID calculated for java.lang.Enum is not 0L
  • idl - orb - memory leak in readObject() and writeObject() using idlj from jdk 1.6.0_14
  • java - classes_2d - Dialog created by JOptionPane.showMessageDialog does not repaint sometimes
  • java - classes_2d - Chinese Font PMingLiu not rendered correctly
  • java - classes_security - Add new VeriSign root CA certificates to JRE and remove some old/unused ones
  • java - classes_swing - Deadlock in JFileChooser with synchronized custom FileSystemView
  • java - classes_util_concurrent - ConcurrentLinkedQueue.remove sometimes very slow
  • java - classes_util_concurrent - LinkedBlockingQueue Nodes should unlink themselves before becoming garbage
  • java - classes_util_i18n - (rb) ResourceBundle and/or SimpleDateFormat not thread safe (hangs JVM)
  • java - classes_util_i18n - (tz) Support tzdata2010b
  • java - classes_util_jarzip - Improve handling of zip encoding through use of property flag
  • java_deployment - networking - PhotoFlockr JavaFX app shows security dialog for net access even though crossdomain allows access
  • java_deployment - security - Plugin/WebStart cannot validate chains when the chain contains a root cert that has been replaced
  • java_plugin - plugin - Regression: applet.destroy() is interrupted with jdk 6u10, run into completion with 6u7
  • java_plugin - plugin2 - Areas of java plugin code ignore jar version settings
  • javawebstart - app_mgr - regression: JWS does not update desktop shortcut following JNLP update with 6u18 release
  • javawebstart - general - java web start download dialog should not be displayed when loading from cache
  • javawebstart - general - main-class fails if loaded by Trusted-Library class loader
  • jgss - krb5plugin - ignore incoming channel binding if acceptor does not set one
  • jndi - cosnaming - JDK 6 CNCtx always uses the default ORB and not take java.naming.corba.orb ORB value
  • jndi - ldap - Invalid ldap filter is accepted and processed
Versienummer:6.0 update 19
Releasestatus:Final
Besturingssystemen:Linux AMD64, Linux x86, Linux, Solaris, Windows Server 2008, Windows Vista x64, Windows Vista, Windows Server 2003 x64, Windows XP x64, Windows Server 2003, Windows XP, Windows 2000, Windows 7 x64, Windows 7
Website:Oracle
Download:http://java.sun.com/javase/downloads/index.jsp
Licentietype:Voorwaarden (GNU/BSD/etc.)

Reacties (3)

Klopt het dat in deze update 19 een deel van Java 7 verwerkt zit?

Ik kreeg van een Java applicatie ontwikkelaar namelijk de melding deze update vooralsnog niet te gebruiken omdat de Java applicatie anders niet meer (goed) zou werken.
Dit klopt niet. Er zullen waarschijnlijk wel een aantal fixes gevonden zijn bij de ontwikkeling van Java 7, die dan ge-backport zijn naar deze Java 6 update. Maar nieuwe features & grote veranderingen komen er pas bij de release van Java 7.

Heb je het over een specifieke Java applicatie die die ontwikkelaar gemaakt heeft? Of bedoel je dat die ontwikkelaar zegt dat Java applicaties in het algemeen niet meer goed zouden werken?
update 20 is inmiddels uitgebracht. http://java.sun.com/javase/downloads/index.jsp
Changes in 1.6.0_20 (6u20)
The full internal version number for this update release is 1.6.0_20-b02 (where "b" means "build"). The external version number is 6u20.

OlsonData 2010b
6u20 contains Olson time zone data version 2010b. For more information, refer to Timezone Data Versions in the JRE Software .

Security Baseline
6u20 specifies the following security baselines for use with Java Plug-in technology:

JRE Family Version Java SE
Security Baseline Java SE for Business
Security Baseline
6 1.6.0_20 1.6.0_20
5.0 1.5.0_22 1.5.0_24
1.4.2 1.4.2_19 1.4.2_26
On October 30, 2008, Java SE 1.4.2 reached its end of service life with the release of 1.4.2_19. Java SE 5.0 reached its end of service life on November 3, 2009, with the release of 5.0u22. Future revisions of Java SE 1.4.2 (1.4.2_20 and above) and Java SE 5.0 (5.0u23 and above) include the Access Only option and are available to Java SE for Business subscribers.

For more information about the security baseline, see Deploying Java Applets With Family JRE Versions in Java Plug-in for Internet Explorer .

Changes
A Java Network Launch Protocol (JNLP) file without a codebase parameter, such as the following, will no longer work with the Java SE 6 update 20 release.

<jnlp spec="0.2 1.0" href="draw.jnlp">

This means that developers must specify the codebase parameter in a JNLP file. See the following example:
<jnlp spec="0.2 1.0"
codebase="http://java.sun.com/javase/technologies/desktop/javawebstart/apps/"
href="draw.jnlp">

Bug Fixes
This release contains fixes for security vulnerabilities. For more information, please see Oracle Security Alert for CVE-2010-0886.

Other Bug Fixes

BugId Category Subcategory Description
6939778 java classes_security Mixed code warning for class.getResource("directory/") in 1.6.0_19
6940136 javawebstart other Webstart Shows Wrong Exception when the same jnlp has a signed and a none signed jar
6942801 java_deployment security Improve Mixed Code Logging

Op dit item kan niet meer gereageerd worden.



Populair:Apple iPhone 6Samsung Galaxy Note 4Apple iPad Air 2FIFA 15Motorola Nexus 6Call of Duty: Advanced WarfareApple WatchWorld of Warcraft: Warlords of Draenor, PC (Windows)Microsoft Xbox One 500GBSamsung

© 1998 - 2014 Tweakers.net B.V. Tweakers is onderdeel van De Persgroep en partner van Computable, Autotrack en Carsom.nl Hosting door True

Beste nieuwssite en prijsvergelijker van het jaar 2013