Cookies op Tweakers

Tweakers maakt gebruik van cookies, onder andere om de website te analyseren, het gebruiksgemak te vergroten en advertenties te tonen. Door gebruik te maken van deze website, of door op 'Ga verder' te klikken, geef je toestemming voor het gebruik van cookies. Wil je meer informatie over cookies en hoe ze worden gebruikt, bekijk dan ons cookiebeleid.

Meer informatie

Door , , 3 reacties
Bron: Sun

Sun heeft alweer de twintigste update voor Java Standard Edition 5.0 uitgebracht, zowel voor de development kit als voor de runtime environment. De versieaanduiding is vastgesteld op 5.0 update 20 en het exacte versienummer is op 1.5.0_20-b02 komen te liggen. De ontwikkelaars hebben de beveiliging van verschillende onderdelen verbeterd en een lijstje met bugs verholpen. De lijst met veranderingen voor deze twintigste update ziet er als volgt uit:

Changes in 1.5.0_20

The full internal version number for this update release is 1.5.0_20-b02 (where "b" means "build"). The external version number is 5.0u20.

OlsonData 2009i
This release contains Olson time zone data version 2009i. For more information, refer to Timezone Data Versions in the JRE Software.

Security Baseline
This update release specifies the following security baseline:
JRE Family Version 1.4.2
Java SE Security Baseline 1.4.2_19
Java SE for Business Security Baseline 1.4.2_22

In December, 2008, Java SE 1.4.2 reached its end of service life with the release of 1.4.2_19. Future revisions of Java SE 1.4.2 (1.4.2_20 and above) include the Access Only option and are available to Java SE for Business subscribers.

For more information about the security baseline, see Deploying Java Applets With Family JRE Versions in Java Plug-in for Internet Explorer.

Root Certificates

Root Certificates are included in this release.
  • Added one new root certificate and removed 3 root certificates from Entrust. (Refer to 6805338.)
  • Added three new root certificates from Keynectis. (Refer to 6845457.)
  • Added three new root certificates from Quovadis. (Refer to 6846473.)
Bug Fixes
This release contains fixes for one or more security vulnerabilities. For more information, please see Sun Alerts 263408, 263409, 263488, 263489, and 264648.

Bug fixes for vulnerabilities are listed in the following table.
  • java - accessibility - AccessibleResourceBundle.getContents exposes mutable static (findbugs)
  • java - classes_awt - Cursor.predefined is protected static mutable (findbugs)
  • java - classes_beans - Introspector cache mutable static
  • java - classes_lang - 3Y Race condition in reflection checks
  • java - classes_net - Remote sites can compromise user privacy and possibly hijack web session
  • java - classes_net - Proxy is assumed to be immutable but is non-final
  • java - classes_security - Security issues in the Provider class
  • java - classes_security - Fix for 6406003 can be circumvented
  • java - classes_security - Provider deserialization still has problems
  • java - classes_security - AbstractSaslImpl.logger is a static mutable (findbugs)
  • java - classes_sound - RmfFileReader/StandardMidiFileWriter.types are public mutable statics (findbugs)
  • java - classes_sound - JDK13Services allows read access to system properties from untrusted code
  • java - classes_sound - JDK13Services.getProviders creates instances with full privileges
  • java - classes_swing - LayoutQueue mutable statics
  • java - classes_swing - Synth Region.uiToRegionMap/lowerCaseNameMap are mutable statics
  • java - imageio - ImageReaderSpi.STANDARD_INPUT_TYPE/ImageWriterSpi.STANDARD_OUTPUT_TYPE are mutable static (findbugs)
  • java - imageio - Mutable statics in imageio plugins (findbugs)
  • java - jar - Java JAR Pack200 Decompression Integer Overflow Vulnerability
  • javawebstart - other - java web start ActiveX control security problem caused by ATL PROP_ENTRY macro
  • jaxp - parse - Xerces2 Java XML library infinite loop with malformed XML input
  • jndi - dns - DnsContext.debug is public static mutable (findbugs)
Other bug fixes are listed in the following table.
  • java - classes_2d - font files not deleted upon exit
  • java - classes_security - Add 1 new Entrust root CA cert and remove 3 others with 1024 bit keys
  • java - classes_security - Add root certs for Keynectis CA
  • java - classes_security - Add QuoVadis root CA certs to the JRE
  • java - classes_util_i18n - (tz) Support tzdata2009i
  • java - classes_util_i18n - (tz) New Jordan rule creates a failure for SimpleTimeZone parsing post tzdata2009h
Versienummer:5.0 update 20
Releasestatus:Final
Besturingssystemen:Windows 7, Windows 9x, Windows NT, Windows 2000, Linux, Windows XP, Linux x86, Solaris, Windows Server 2003, Windows XP x64, Windows Server 2003 x64, Linux AMD64, Windows Vista, Windows Vista x64, Windows Server 2008
Website:Sun
Download:http://java.sun.com/javase/downloads/index_jdk5.jsp
Licentietype:Freeware
Moderatie-faq Wijzig weergave

Reacties (3)

Heb jij wel goed gelezen?

The full internal version number for this update release is 1.5.0_20-b02 (where "b" means "build"). The external version number is 5.0u20.e
Opvallend dat zoveel findbugs bugs zijn gefixed.
Geen beta? 1.5.0_20-b02

Op dit item kan niet meer gereageerd worden.



Apple iOS 10 Google Pixel Apple iPhone 7 Sony PlayStation VR AMD Radeon RX 480 4GB Battlefield 1 Google Android Nougat Watch Dogs 2

© 1998 - 2016 de Persgroep Online Services B.V. Tweakers vormt samen met o.a. Autotrack en Carsom.nl de Persgroep Online Services B.V. Hosting door True