site_archiver@lists.apple.com Delivered-To: security-announce@lists.apple.com -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 APPLE-SA-2009-02-12 Java for Mac OS X 10.5 Update 3 Java for Mac OS X 10.5 Update 3 is now available and addresses the following: Java CVE-ID: CVE-2008-2086, CVE-2008-5340, CVE-2008-5342, CVE-2008-5343 Available for: Mac OS X v10.5.6 and later with Java for Mac OS X 10.5 Update 2, Mac OS X Server v10.5.6 and later with Java for Mac OS X 10.5 Update 2 Impact: Multiple vulnerabilities in Java Web Start and Java Plug-in Description: Multiple vulnerabilities exist in Java Web Start and the Java Plug-in, the most serious of which may allow untrusted Java Web Start applications and untrusted Java applets to obtain elevated privileges. Visiting a web page containing a maliciously crafted Java applet may lead to arbitrary code execution with the privileges of the current user. This update provides patches for the Java Bug IDs 6694892, 6707535, 6727081 and 6767668 from Sun Microsystems. Java for Mac OS X 10.5 Update 3 may be obtained from the Software Update pane in System Preferences, or Apple's Software Downloads web site: http://www.apple.com/support/downloads/ The download file is named: JavaForMacOSX10.5Update3.dmg Its SHA-1 digest is: c4b2a1ed7a6629a0dee6498758c69d5b473ed6dc Information will also be posted to the Apple Security Updates web site: http://support.apple.com/kb/HT1222 This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/ -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.9 (Darwin) iQEcBAEBAgAGBQJJlIdcAAoJEHkodeiKZIkBosEH/iIJb1QyRCD09/sQVpXfoOFF 4577ocnzZCq805YlWLj2bZVWhYmAWGwUQ84ecR1Bx4Yp2Drnr6CEeDCfD3GrorFu hezd49na47sKoYh0Ptbp2OoIPTK2cbR9tlDVuIj4DJrExV65lCYpRDWTxOKZu+LI rT6xbd/X2cj16mPsmYrGLCHN700aoAEXYKqAAQjDBDyTbRCvS4f44YLyEwZG5oJQ m+hnJOK1vHZjJQjwciBnORWJ5Vp0ZlPjuWzTdIKbeD1BFcFhmxrZm7drh5/Y9qpu 0/HEUZGwMX4HTo9CgDf8dyl1hwEPdOV7zHfglY1lZcdW34xYA00CGp3NOGNHnYw= =uKYO -----END PGP SIGNATURE----- _______________________________________________ Do not post admin requests to the list. They will be ignored. Security-announce mailing list (Security-announce@lists.apple.com) Help/Unsubscribe/Update your Subscription: http://lists.apple.com/mailman/options/security-announce/site_archiver%40lis... This email sent to site_archiver@lists.apple.com