본문 바로가기
취약점소식

[Oracle Java] 오라클 자바 JRE 신규취약점 0-Day(CVE-2012-4681) 보안 업데이트 공개!!

by 잡다한 처리 2012. 8. 31.
반응형


어제 소개했던 오라클 자바 JRE 신규취약점 0-Day(CVE-2012-4681)의 보안업데이트가 금일 공개되었다.

자바를 사용하시는 분들은 빨리 업데이트를 해야 주말에 뉴스 페이지를 안전하게 볼 수 있을 것이다.


관련내용 :  http://www.oracle.com/technetwork/java/javase/7u7-relnotes-1835816.html 

Update Release Notes

Update Release Notes Index

Java™ SE Development Kit 7, Update 7 (JDK 7u7)

The full version string for this update release is 1.7.0_07-b10 (where "b" means "build") and the version number is 7u7.


JDK Demos and Samples remain the same as in JDK 7u6

The vulnerabilities addressed by this security release do not affect the demos and samples code. Therefore there is no need to update Demos and Samples as long as the JDK itself is updated to version 7u7.

JDK for Linux on ARM

The JDK for Linux on ARM is not covered by this security alert and therefore 7u6 remains as the latest version available for Linux on ARM.

 

Olson Data 2012c

JDK 7u7 contains Olson time zone data version 2012c. For more information, refer to Timezone Data Versions in the JRE Software.

Security Baselines

The security baselines for the Java Runtime Environment (JRE) at the time of the release of JDK 7u7 are specified in the following table:

JRE Family VersionJRE Security Baseline
(Full Version String)
7 1.7.0_07
6 1.6.0_35
5.0 1.5.0_36
1.4.2 1.4.2_38

For more information about security baselines, see Deploying Java Applets With Family JRE Versions in Java Plug-in for Internet Explorer.

Bug Fixes

This release contains fixes for security vulnerabilities. For more information, see Oracle Security Alert for CVE-2012-4681.


업데이트 방법은 자바의 자동 업데이트를 실행하던가,
[제어판]에 가서 [JAVA] 를 실행시킨 후 [지금 업데이트] 하면 된다.



 

댓글