SUN HAS RELEASED Java updates that fix many bugs and security holes in its Java Development Kit (JDK) and Java Runtime Environment (JRE).

The Java software flaws resolved by these updates reportedly include Denial of Service (DoS) vulnerabilities, buffer overflows and other errors in Sun's Java implementation that could cause a Java crash or expose a system to compromise by a maliciously crafted Java applet.

The updated versions are JDK and JRE 6 Update 7, JDK and JRE 5.0 Update 16, SDK and J2SE 1.4.2_18 and SDK and J2SE 1.3.1_23. Version 6, which is actually Java 1.6, is the most recently released Java version currently. All Java users are encouraged to switch to that latest version if possible.

The Java installation programs don't uninstall older versions, or update symbolic links for browser plugins under Linux, so users have to do those tasks manually.

Updating Linux symbolic links is covered in the installation instructions provided by Sun.

Windows users can use System Control to remove their old Java version. Linux jockeys can use their distribution's integrated package management facility or command-line RPM functions, or bash shell commands if they didn't install the old Java version using RPM. µ

L'Inq
Heise