site_archiver@lists.apple.com Delivered-To: security-announce@lists.apple.com -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 APPLE-SA-2011-03-08-2 Java for Mac OS X 10.5 Update 9 Java for Mac OS X 10.5 Update 9 is now available and addresses the following: Java Available for: Mac OS X v10.5.8, Mac OS X Server v10.5.8 Impact: Multiple vulnerabilities in Java 1.6.0_22 Description: Multiple vulnerabilities exist in Java 1.6.0_22, the most serious of which may allow an untrusted Java applet to execute arbitrary code outside the Java sandbox. Visiting a web page containing a maliciously crafted untrusted Java applet may lead to arbitrary code execution with the privileges of the current user. These issues are addressed by updating to Java version 1.6.0_24. Further information is available via the Java website at http://java.sun.com/javase/6/webnotes/ReleaseNotes.html CVE-ID CVE-2010-4422 CVE-2010-4447 CVE-2010-4448 CVE-2010-4450 CVE-2010-4454 CVE-2010-4462 CVE-2010-4463 CVE-2010-4465 CVE-2010-4467 CVE-2010-4468 CVE-2010-4469 CVE-2010-4470 CVE-2010-4471 CVE-2010-4472 CVE-2010-4473 CVE-2010-4476 Java Available for: Mac OS X v10.5.8, Mac OS X Server v10.5.8 Impact: Multiple vulnerabilities in Java 1.5.0_26 Description: Multiple vulnerabilities exist in Java 1.5.0_26, the most serious of which may allow an untrusted Java applet to execute arbitrary code outside the Java sandbox. Visiting a web page containing a maliciously crafted untrusted Java applet may lead to arbitrary code execution with the privileges of the current user. These issues are addressed by updating to Java version 1.5.0_28. Further information is available via the Java website at http://www.o racle.com/technetwork/java/javase/documentation/overview-137139.html CVE-ID CVE-2010-4447 CVE-2010-4448 CVE-2010-4450 CVE-2010-4454 CVE-2010-4462 CVE-2010-4465 CVE-2010-4468 CVE-2010-4469 CVE-2010-4471 CVE-2010-4473 CVE-2010-4476 Java for Mac OS X 10.5 Update 9 may be obtained from the Software Update pane in System Preferences, or Apple's Software Downloads web site: http://www.apple.com/support/downloads/ The download file is named: JavaForMacOSX10.5Update9.dmg Its SHA-1 digest is: 65173cd19b5f4dd9b6b3bc396c364665eae23217 Information will also be posted to the Apple Security Updates web site: http://support.apple.com/kb/HT1222 This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/ -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.9 (Darwin) iQEcBAEBAgAGBQJNdnYHAAoJEGnF2JsdZQee6u8IAMPf/ftUPYtjBK8RWxjwFhUv Czj79SLQ81Rie/JvuGib90b9IWX5U757tKdoumyCF6Pv2lEjo53Cu+1k/6TgrTzL p6odiSbQ8xYpzZ5FLn3CrfN94a1SK00+TdocKN0zpRKENRSz2uNaFwfHILo1SyMe Gr19M6Av0QKrNBXZSILR5l1WIA5Bg8Hk0HWiKl/Jo+F7uvZzWX98qP8rKFBLQw+r llnK8c/JAMSt79MRXNhGXJKfLpPPiPG2RiUdCHQci87pPkm4pmioEFXTvaDDUSpZ ZirowKvDqEaR1XpW67/8JcY3+mW/QKXNMGnFaBSqFZLzQ5wxtn6IxNnk/8RaSdY= =IR0f -----END PGP SIGNATURE----- _______________________________________________ Do not post admin requests to the list. They will be ignored. Security-announce mailing list (Security-announce@lists.apple.com) Help/Unsubscribe/Update your Subscription: http://lists.apple.com/mailman/options/security-announce/site_archiver%40lis... This email sent to site_archiver@lists.apple.com