CERT mailing list archives
Oracle Java SE Critical Patch Update Announcement - June 2013
From: "US-CERT" <US-CERT () public govdelivery com>
Date: Tue, 18 Jun 2013 16:48:11 -0500
US Computer Emergency Readiness Team banner graphic National Cyber Awareness System: Oracle Java SE Critical Patch Update Announcement - June 2013 [ https://www.us-cert.gov/ncas/current-activity/2013/06/18/Oracle-Java-SE-Critical-Patch-Update-Announcement-June-2013 ] 06/18/2013 04:17 PM EDT Original release date: June 18, 2013 Oracle has released a June 2013 Critical Patch Update for Oracle Java SE. This Critical Patch Update is a collection of patches for multiple security vulnerabilities in Oracle Java SE. The update contains 40 new security vulnerability fixes, including a patch for Oracle JavaDoc frame injection vulnerability VU#225657 [ http://www.kb.cert.org/vuls/id/225657 ]. Due to the threat posed by a successful attack, Oracle strongly recommends that customers apply Critical Patch Update fixes as soon as possible. The following versions of Oracle Java SE are affected: * JDK and JRE 7 Update 21 and earlier * JDK and JRE 6 Update 45 and earlier * JDK and JRE 5.0 Update 45 and earlier * JavaFX 2.2.21 and earlier US-CERT encourages users and administrators to review the bulletin [ http://www.oracle.com/technetwork/topics/security/javacpujun2013-1899847.html ] and follow best-practice security policies to determine which updates should be applied. ________________________________________________________________________ This product is provided subject to this Notification [ http://www.us-cert.gov/privacy/notification ] and this Privacy & Use [ http://www.us-cert.gov/privacy/ ] policy. ________________________________________________________________________ OTHER RESOURCES: Contact Us [ http://www.us-cert.gov/contact-us/ ] | Security Publications [ http://www.us-cert.gov/security-publications ] | Alerts and Tips [ http://www.us-cert.gov/ncas ] | Related Resources [ http://www.us-cert.gov/related-resources ] STAY CONNECTED: Sign up for email updates [ http://public.govdelivery.com/accounts/USDHSUSCERT/subscriber/new ]
Current thread:
- Oracle Java SE Critical Patch Update Announcement - June 2013 US-CERT (Jun 18)