Re: Java problems

["McClenon, Brady" <Brady.McClenon () ONEONTA EDU>]

> From http://www.oracle.com/technetwork/topics/security/alert-cve-2013-0422-1896849.html

Affected product releases and versions:
Java SE

Patch Availability

JDK and JRE 7 Update 10 and earlier

Java SE<http://www.oracle.com/technetwork/topics/security/alert-cve-2013-0422-1896849.html#PatchTable>



Note: JDK and JRE 6, 5.0 and 1.4.2, and Java SE Embedded JRE releases are not affected.


From: The EDUCAUSE Security Constituent Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Roger A 
Safian
Sent: Monday, January 14, 2013 10:18 AM
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: Re: [SECURITY] Java problems

I'm not sure if they're correct or not, but, even assuming they are.  Since Java 6 is basically not supported any more, 
how long do you think you can safely continue to use it?  Seems like at best you have just kicked the can down the road 
a little.

FWIW, I'd like to be wrong on this, since we use Kronos, and it has the same issue.  We're recommending the non-java 
version right now.

Hopefully Oracle will put out some news today...

From: The EDUCAUSE Security Constituent Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Shalla, 
Kevin
Sent: Monday, January 14, 2013 9:03 AM
To: SECURITY () LISTSERV EDUCAUSE EDU<mailto:SECURITY () LISTSERV EDUCAUSE EDU>
Subject: [SECURITY] Java problems

Here's a Chicago Tribune story on Java security problems:
http://www.chicagotribune.com/business/technology/chi-java-update-oracle-updates-java-security-experts-say-bugs-remain-20130114,0,7822126.story

We use Java 6 in order to run Banner.  This article seems to suggest that Java 6 doesn't have the problem.  People in 
my department have started to ask me what to do.  What do you all think?

Kevin