Closed Bug 1246249 Opened 9 years ago Closed 8 years ago

Java 8u73 was released, security baseline remains unchanged

Categories

(Plugin Check Graveyard :: Database, defect)

Product:
Plugin Check Graveyard
Component:
Database
Type:
defect
Priority:
Not set
Severity:
normal

Tracking

(Not tracked)

Status:
RESOLVED INCOMPLETE

People

(Reporter: roger.lewis, Unassigned)

Details

Today, Friday Feb 6, 2016 we released versions 8u73 to java.com and 8u73/8u74 to Oracle.com, which contain a vulnerability fix. The fix is related to the installer on certain Windows systems and *not* within the JRE itself, and *not* with the plugin. We are not aware of any related active exploits and are issuing this release purely as a precaution. Given the issue is Windows platform installer related, there should be no need to block/restrict existing 8u71/8u72 users in Firefox since it is ultimately the same security baseline runtime. Related documents: Release Note - 8u73: http://www.oracle.com/technetwork/java/javase/8u73-relnotes-2874654.html 8u74: http://www.oracle.com/technetwork/java/javase/8u74-relnotes-2879024.html Critical Patch Updates and Security Alerts page: http://www.oracle.com/technetwork/topics/security/alert-cve-2016-0603-2874360.html
See also: Bug 1357501.
Status: NEW → RESOLVED
Closed: 8 years ago
Resolution: --- → INCOMPLETE
You need to log in before you can comment on or make changes to this bug.