xmlgraphics-batik-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Helder Magalhães <helder.magalh...@gmail.com>
Subject Oracle (previously Sun) JDK/JRE: couple of imageio fixes + critical security update
Date Thu, 14 Oct 2010 06:02:48 GMT
Hi everyone,

Today I stumbled across the (Oracle) SE 1.6 update 22 release notes
[1]. Initially, it made me curious about a couple of imageio-related
issues [2] [3], something which may become useful in the scope of
related Batik issue 46513 [4] (possibly/probably there is also related
interest in the scope of xmlgraphics-commons [5] and/or FOP [7]).
Afterward, I noticed the highly relevant security fixes [7], which may
currently affect most (any?) current Java-based project, with the
specially alarmist nuance of potentially exposing Java applets and Web
start applications (which is pretty serious in my opinion). Note that
the security issue, as far as I could see, affects all known Java
versions (ranging from Java 1.3.x to 6.0, previous versions probably
just unlisted due already been EOL'ed).

I'm thinking if this may worth a mention in the software download
pages, kind of the Batik 1.5.0 release security warning [8]...? (Yes,
it's not the same as this is due to a VM issue but... How to others
feel about this?)

Please forward at will, keep software updated and please reply to
general@ only to avoid (more) cross-posting. (Non-Oracle users and
watchers of several of the targeted mailing lists, please excuse the
"spam-effect", if any.)


[1] http://www.oracle.com/technetwork/java/javase/6u22releasenotes-176121.html
[2] http://bugs.sun.com/bugdatabase/view_bug.do?bug_id=6547241
[3] http://bugs.sun.com/bugdatabase/view_bug.do?bug_id=6557086
[4] https://issues.apache.org/bugzilla/show_bug.cgi?id=46513
[5] http://xmlgraphics.apache.org/commons/
[6] http://xmlgraphics.apache.org/fop/
[7] http://www.oracle.com/technetwork/topics/security/javacpuoct2010-176258.html
[8] http://xmlgraphics.apache.org/batik/index.html#download

To unsubscribe, e-mail: batik-users-unsubscribe@xmlgraphics.apache.org
For additional commands, e-mail: batik-users-help@xmlgraphics.apache.org

View raw message