Linked by Thom Holwerda on Tue 19th May 2009 22:20 UTC
Six months ago, a certain security flaw in Java was fixed by Sun. This flaw was present in OpenJDK, GIJ, icedtea and Sun's JRE, but it got fixed in those. There's one important shipping Java implementation that still has not been fixed to remove this security flaw: Apple's Java.
Thread beginning with comment 364438
To read all comments associated with this story, please click here.
To read all comments associated with this story, please click here.
Member since:2008-07-15
Given the way Apple seems to be shunning Java lately I'm surprised it's still in the software update feature. The jvm that ships with os x is still a 1.5 rather than a 1.6 for example, and Apple has all but deprecated the Cocoa-Java bridge, at least that was their stance a few months ago. Java has been reduced to a second-class citizen on Mac, and Apple seems to like it that way. Given this, I'm disappointed--though not surprised--that their jvm is still unpatched.
Member since:2005-11-21
Given the way Apple seems to be shunning Java lately I'm surprised it's still in the software update feature. The jvm that ships with os x is still a 1.5 rather than a 1.6 for example, and Apple has all but deprecated the Cocoa-Java bridge, at least that was their stance a few months ago. Java has been reduced to a second-class citizen on Mac, and Apple seems to like it that way. Given this, I'm disappointed--though not surprised--that their jvm is still unpatched.
Unless Apple restores WebObjects to it's roots with ObjC and Cocoa then a new release of WOF with a new JVM to cover this will occur.
I'm betting it'll arrive at WWDC or the day Snow Leopard arrives.
Member since:2005-07-13
Most likely Sun is demanding that Apple buy a support contract in order to get the code fix.
Java isn't "free" after all.
Java isn't "free" after all.
Nice try. You missed the part about OpenJDK, GIJ and icedtea already being patched. All of which are "free".
Apple rolls their own Java, as many others do. Apple is being lazy. Quit making excuses.
Member since:
2006-05-14
Its very rare to find a java exploit that can do any real damage. This one is fairly amazing.
Does anyone know why apple cant just release a small patch? Java, on the OS X platform, has one of the rare privileges of being part of the OS auto-update facilities, so it cant be THAT hard...