APPLE-SA-2009-06-15-2 Java for Mac OS X 10.4 Release 9
APPLE-SA-2009-06-15-2 Java for Mac OS X 10.4 Release 9
- Subject: APPLE-SA-2009-06-15-2 Java for Mac OS X 10.4 Release 9
- From: Apple Product Security <email@hidden>
- Date: Mon, 15 Jun 2009 13:23:02 -0700
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
APPLE-SA-2009-06-15-2 Java for Mac OS X 10.4 Release 9
Java for Mac OS X 10.4 Release 9 is now available and addresses the
following:
Java
CVE-ID: CVE-2009-1107, CVE-2008-5352, CVE-2008-5356, CVE-2008-5353,
CVE-2008-5354, CVE-2008-5357, CVE-2008-5359, CVE-2009-1104,
CVE-2008-5344, CVE-2008-5345, CVE-2008-5346, CVE-2009-1103,
CVE-2008-5349, CVE-2008-5350, CVE-2008-5351, CVE-2008-5348,
CVE-2009-1101, CVE-2009-1100, CVE-2009-1100, CVE-2009-1099,
CVE-2009-1098, CVE-2009-1095, CVE-2009-1096, CVE-2009-1094,
CVE-2009-1093, CVE-2008-5341, CVE-2008-5339, CVE-2008-5360
Available for:
Mac OS X v10.4.11 with Java for Mac OS X 10.4 Release 8,
Mac OS X Server v.10.4.11 with Java for Mac OS X 10.4 Release 8
Impact: Multiple vulnerabilities in Java 1.5.0_16
Description: Multiple vulnerabilities exist in Java 1.5.0_16, the
most serious of which may allow an untrusted Java applet to obtain
elevated privileges. Visiting a web page containing a maliciously
crafted untrusted Java applet may lead to arbitrary code execution
with the privileges of the current user. These issues are addressed
by updating Java 1.5 to version 1.5.0_19. Further information is
available via the Sun Java website at
http://java.sun.com/j2se/1.5.0/ReleaseNotes.html
Java
CVE-ID: CVE-2008-5342, CVE-2008-5356, CVE-2008-5353, CVE-2008-5354,
CVE-2008-5357, CVE-2008-5340, CVE-2008-5359, CVE-2009-1104,
CVE-2008-5360, CVE-2008-5344, CVE-2008-5345, CVE-2008-2086,
CVE-2008-5346, CVE-2009-1103, CVE-2008-5350, CVE-2008-5351,
CVE-2008-5348, CVE-2009-1100, CVE-2009-1100, CVE-2009-1098,
CVE-2009-1094, CVE-2009-1093, CVE-2008-5343, CVE-2008-5339
Available for:
Mac OS X v10.4.11 with Java for Mac OS X 10.4 Release 8,
Mac OS X Server v.10.4.11 with Java for Mac OS X 10.4 Release 8
Impact: Multiple vulnerabilities in Java 1.4.2_18
Description: Multiple vulnerabilities exist in Java 1.4.2_18, the
most serious of which may allow an untrusted Java applet to obtain
elevated privileges. Visiting a web page containing a maliciously
crafted untrusted Java applet may lead to arbitrary code execution
with the privileges of the current user. These issues are addressed
by updating Java 1.4 to version 1.4.2_21. Further information is
available via the Sun Java website at
http://java.sun.com/j2se/1.4.2/ReleaseNotes.html
Java for Mac OS X 10.4 Release 9 may be obtained from the Software
Update pane in System Preferences, or Apple's Software Downloads
web site: http://www.apple.com/support/downloads/
The download file is named: JavaForMacOSX10.4Release9.dmg
Its SHA-1 digest is: cc470c07eb67f66b4980cea2a6566a7b0e4bf755
Information will also be posted to the Apple Security Updates
web site: http://support.apple.com/kb/HT1222
This message is signed with Apple's Product Security PGP key,
and details are available at:
https://www.apple.com/support/security/pgp/
-----BEGIN PGP SIGNATURE-----
iQEcBAEBAgAGBQJKNopyAAoJEHkodeiKZIkBQTgH/jgtmho0SjvzX93WpoNUfjQ6
xZJElEjdkRqxDAK6ittRfo4JPsf/tOkG8ZLP3hzuj6SPKN+XlRorxdd9jyu6ZGKC
dkege0Xvs9Gx6HEOGsY1P/j/349q/4WP/z5DZxK5ostoWttwNlSMLmnM+dxmxG3Y
gNYV0fwIrB50WCZwwPECyAnQrwkfAdwdKSwhxNSfnl3qlvVf2F532Kc2BcS3KK1X
iimy4u7QhAhqbuMe0mjpXums+bXHzi0DV/n96jgqMpzqBa7/bVKS3xOFJ/oC1mJf
9OgDrBqxT3e9SxnTKzSMNRIMhPK2GsrtrES9GuzonyGme9sekpmPQPEF83+V6aQ=
=1WtD
-----END PGP SIGNATURE-----
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Security-announce mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden