Information about Sun Security Alerts

(last updated June, 2006)

 


IBM has just published information about, and made available fixes for, the latest pair of security alerts to be published by Sun. The first (Sun Alert ID 102170) deals with a vulnerability in Java Web Start that may allow an untrusted application to elevate its privileges. The second (Sun Alert ID 102171) tackles seven vulnerabilities with the use of "reflection" APIs in the Java Runtime Environment that may independently allow an untrusted applet to elevate its privileges. See the issues detailed at ibm.com/developerworks/java/jdk/alerts/.

The fixes are in:


z/OS SDK 1.4.2 Products

For IBM SDK for z/OS, Java 2 Technology Edition, V1.4, 5655-I56:
PTF UK11628

For IBM 64-bit SDK for z/OS, Java 2 Technology Edition, V1.4.2, 5655-M30:
PTF UK11177

z/OS SDK 5 Products

For IBM 31-bit SDK for z/OS, Java 2 Technology Edition, V5, 5655-N98:
The file on the download site, pmz31devifx-20060124-sdk.pax.Z, is the GA level plus the fixes for the problems in Sun security bulletins 102170 and 102171 that affects SDK 5.0.

For IBM 64-bit SDK for z/OS, Java 2 Technology Edition, V5, 5655-N99:
The file on the download site, pmz31devifx-20060124-sdk.pax.Z, is the GA level plus the fixes for the problems in Sun security bulletins 102170 and 102171 that affects SDK 5.0.


Browse z/OS