Push-Nachrichten von MacTechNews.de
Würden Sie gerne aktuelle Nachrichten aus der Apple-Welt direkt über Push-Nachrichten erhalten?

Apple veröffentlicht Java-Update

Sowohl für Mac OS X 10.5 Leopard als auch für Mac OS X 10.6 Snow Leopard stehen über die Software-Aktualisierung Java-Updates zur Verfügung. Das "Java for Mac OS X 10.5 Update 8" aktualisiert J2SE 5.0 auf 1.5.0_26 bzw. Java SE 6 auf 1.6.0_22, wenn ein 64-Bit-fähiger Mac eingesetzt wird.
Der Download ist 119 MB groß. Das "Java for Mac OS X 10.6 Update 3" setzt Mac OS X 10.6.4 voraus und hebt ebenfalls Java SE 6 auf Version 1.6.0_22. Als Download ist die neue Version 75 MB groß.

Weiterführende Links:

Kommentare

dragonlittle20.10.10 22:44
+ aperture 3.1 )
0
barbengo20.10.10 23:02
Und Pro Kit.
0
hns20.10.10 23:40
Java 1.6 könnte es ruhig auch als 32-bit version geben
0
Hannes Gnad
Hannes Gnad21.10.10 00:04
APPLE-SA-2010-10-20-2 Java for Mac OS X 10.5 Update 8

Java for Mac OS X 10.5 Update 8 is now available and addresses the
following:

Java
CVE-ID: CVE-2009-3555, CVE-2010-1321
Available for: Mac OS X v10.5.8, Mac OS X Server v10.5.8
Impact: Multiple vulnerabilities in Java 1.6.0_20
Description: Multiple vulnerabilities exist in Java 1.6.0_20, the
most serious of which may allow an untrusted Java applet to execute
arbitrary code outside the Java sandbox. Visiting a web page
containing a maliciously crafted untrusted Java applet may lead to
arbitrary code execution with the privileges of the current user.
These issues are addressed by updating to Java version 1.6.0_22.
Further information is available via the Java website at
http://java.sun.com/javase/6/webnotes/ReleaseNotes.html

Java
CVE-ID: CVE-2009-3555, CVE-2010-1321
Available for: Mac OS X v10.5.8, Mac OS X Server v10.5.8
Impact: Multiple vulnerabilities in Java 1.5.0_24
Description: Multiple vulnerabilities exist in Java 1.5.0_24, the
most serious of which may allow an untrusted Java applet to execute
arbitrary code outside the Java sandbox. Visiting a web page
containing a maliciously crafted untrusted Java applet may lead to
arbitrary code execution with the privileges of the current user.
These issues are addressed by updating to Java version 1.5.0_26.
Further information is available via the Java website at
http://java.sun.com/j2se/1.5.0/ReleaseNotes.html

Java
CVE-ID: CVE-2010-1826
Available for: Mac OS X v10.5.8, Mac OS X Server v10.5.8
Impact: A local user may be able to execute arbitrary code with the
privileges of another user who runs a Java application
Description: A command injection issue exists in updateSharingD's
handling of Mach RPC messages. A local user may be able to execute
arbitrary code with the privileges of another user who runs a Java
application. This issue is addressed by implementing a per-user Java
shared archive. This issue only affects the Mac OS X implementation
of Java. Credit to Dino Dai Zovi for reporting this issue.

Java
CVE-ID: CVE-2010-1827
Available for: Mac OS X v10.5.8, Mac OS X Server v10.5.8
Impact: Visiting a web page containing a maliciously crafted Java
applet tag may lead to an unexpected application termination or
arbitrary code execution with the privileges of the current user
Description: A memory corruption issue exists in Java's handling of
applet window bounds. Visiting a web page containing a maliciously
crafted Java applet tag may lead to an unexpected application
termination or arbitrary code execution with the privileges of the
current user. This issue is addressed through improved validation of
window bounds. This issue only affects the Mac OS X implementation of
Java.



APPLE-SA-2010-10-20-1 Java for Mac OS X 10.6 Update 3

Java for Mac OS X 10.6 Update 3 is now available and addresses the
following:

Java
CVE-ID: CVE-2009-3555, CVE-2010-1321
Available for: Mac OS X v10.6.4, Mac OS X Server v10.6.4
Impact: Multiple vulnerabilities in Java 1.6.0_20
Description: Multiple vulnerabilities exist in Java 1.6.0_20, the
most serious of which may allow an untrusted Java applet to execute
arbitrary code outside the Java sandbox. Visiting a web page
containing a maliciously crafted untrusted Java applet may lead to
arbitrary code execution with the privileges of the current user.
These issues are addressed by updating to Java version 1.6.0_22.
Further information is available via the Java website at
http://java.sun.com/javase/6/webnotes/ReleaseNotes.html

Java
CVE-ID: CVE-2010-1826
Available for: Mac OS X v10.6.4, Mac OS X Server v10.6.4
Impact: A local user may be able to execute arbitrary code with the
privileges of another user who runs a Java application
Description: A command injection issue exists in updateSharingD's
handling of Mach RPC messages. A local user may be able to execute
arbitrary code with the privileges of another user who runs a Java
application. This issue is addressed by implementing a per-user Java
shared archive. This issue only affects the Mac OS X implementation
of Java. Credit to Dino Dai Zovi for reporting this issue.

Java
CVE-ID: CVE-2010-1827
Available for: Mac OS X v10.6.4, Mac OS X Server v10.6.4
Impact: Visiting a web page containing a maliciously crafted Java
applet tag may lead to an unexpected application termination or
arbitrary code execution with the privileges of the current user
Description: A memory corruption issue exists in Java's handling of
applet window bounds. Visiting a web page containing a maliciously
crafted Java applet tag may lead to an unexpected application
termination or arbitrary code execution with the privileges of the
current user. This issue is addressed through improved validation of
window bounds. This issue only affects the Mac OS X implementation of
Java.
0

Kommentieren

Sie müssen sich einloggen, um die News kommentieren zu können.