site_archiver@lists.apple.com Delivered-To: security-announce@lists.apple.com -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 APPLE-SA-2009-02-12 Java for Mac OS X 10.4, Release 8 Java for Mac OS X 10.4, Release 8 is now available and addresses the following: Java CVE-ID: CVE-2008-2086, CVE-2008-5340, CVE-2008-5342, CVE-2008-5343 Available for: Mac OS X v10.4.11 with Java for Mac OS X 10.4, Release 7, Mac OS X Server v.10.4.11 with Java for Mac OS X 10.4, Release 7 Impact: Multiple vulnerabilities in Java Web Start and Java Plug-in Description: Multiple vulnerabilities exist in Java Web Start and the Java Plug-in, the most serious of which may allow untrusted Java Web Start applications and untrusted Java applets to obtain elevated privileges. Visiting a web page containing a maliciously crafted Java applet may lead to arbitrary code execution with the privileges of the current user. This update provides patches for the Java Bug IDs 6694892, 6707535, 6727081 and 6767668 from Sun Microsystems. Java for Mac OS X 10.4, Release 8 may be obtained from the Software Update pane in System Preferences, or Apple's Software Downloads web site: http://www.apple.com/support/downloads/ The download file is named: JavaForMacOSX10.4Release8.dmg Its SHA-1 digest is: 32a5be5e8bdfd9d6ba95d08eb45f9ef4edfd877e Information will also be posted to the Apple Security Updates web site: http://support.apple.com/kb/HT1222 This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/ -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.9 (Darwin) iQEcBAEBAgAGBQJJlHukAAoJEHkodeiKZIkBgTMH/1MMk9D4U7tfG3E/YfM+uWKd 7FmK8BtZm2lUGqu1XHaUzn1Q0twq13NLDGkZX6i8r54ISNyZu2YLv3zLux5nipeL SyPvbPZ123760jMSoEKT1Gmlf8h2ZW1Yxl2xLF8MgqfqL6/yZ6LFkpVzzR3hh56u ypGxzIAet6dmYiJ5oPN3gjEMckiLJnahCKMCQk1BBzMOJpZ1MiNV35Peei7RfZ5q GOgGW3Kex1TY2kUQhpYnch17rdsBmQ7ODtHBXoCGv18rEDm5ZlvMUzPzKaNoGiKD HZJEV/+Ce8LWW9BW0X8yUctTwBMZggqR5ty/cYtKMylLIB4qq9OOeMKV7omCdec= =rTxH -----END PGP SIGNATURE----- _______________________________________________ Do not post admin requests to the list. They will be ignored. Security-announce mailing list (Security-announce@lists.apple.com) Help/Unsubscribe/Update your Subscription: http://lists.apple.com/mailman/options/security-announce/site_archiver%40lis... This email sent to site_archiver@lists.apple.com