Home / mailingsPDF  

APPLE-SA-2009-06-15-2 Java for Mac OS X 10.4 Release 9

Posted on 15 June 2009
Apple Security-announce

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

APPLE-SA-2009-06-15-2 Java for Mac OS X 10.4 Release 9

Java for Mac OS X 10.4 Release 9 is now available and addresses the
following:

Java
CVE-ID: CVE-2009-1107, CVE-2008-5352, CVE-2008-5356, CVE-2008-5353,
CVE-2008-5354, CVE-2008-5357, CVE-2008-5359, CVE-2009-1104,
CVE-2008-5344, CVE-2008-5345, CVE-2008-5346, CVE-2009-1103,
CVE-2008-5349, CVE-2008-5350, CVE-2008-5351, CVE-2008-5348,
CVE-2009-1101, CVE-2009-1100, CVE-2009-1100, CVE-2009-1099,
CVE-2009-1098, CVE-2009-1095, CVE-2009-1096, CVE-2009-1094,
CVE-2009-1093, CVE-2008-5341, CVE-2008-5339, CVE-2008-5360
Available for:
Mac OS X v10.4.11 with Java for Mac OS X 10.4 Release 8,
Mac OS X Server v.10.4.11 with Java for Mac OS X 10.4 Release 8
Impact: Multiple vulnerabilities in Java 1.5.0_16
Description: Multiple vulnerabilities exist in Java 1.5.0_16, the
most serious of which may allow an untrusted Java applet to obtain
elevated privileges. Visiting a web page containing a maliciously
crafted untrusted Java applet may lead to arbitrary code execution
with the privileges of the current user. These issues are addressed
by updating Java 1.5 to version 1.5.0_19. Further information is
available via the Sun Java website at
http://java.sun.com/j2se/1.5.0/ReleaseNotes.html

Java
CVE-ID: CVE-2008-5342, CVE-2008-5356, CVE-2008-5353, CVE-2008-5354,
CVE-2008-5357, CVE-2008-5340, CVE-2008-5359, CVE-2009-1104,
CVE-2008-5360, CVE-2008-5344, CVE-2008-5345, CVE-2008-2086,
CVE-2008-5346, CVE-2009-1103, CVE-2008-5350, CVE-2008-5351,
CVE-2008-5348, CVE-2009-1100, CVE-2009-1100, CVE-2009-1098,
CVE-2009-1094, CVE-2009-1093, CVE-2008-5343, CVE-2008-5339
Available for:
Mac OS X v10.4.11 with Java for Mac OS X 10.4 Release 8,
Mac OS X Server v.10.4.11 with Java for Mac OS X 10.4 Release 8
Impact: Multiple vulnerabilities in Java 1.4.2_18
Description: Multiple vulnerabilities exist in Java 1.4.2_18, the
most serious of which may allow an untrusted Java applet to obtain
elevated privileges. Visiting a web page containing a maliciously
crafted untrusted Java applet may lead to arbitrary code execution
with the privileges of the current user. These issues are addressed
by updating Java 1.4 to version 1.4.2_21. Further information is
available via the Sun Java website at
http://java.sun.com/j2se/1.4.2/ReleaseNotes.html


Java for Mac OS X 10.4 Release 9 may be obtained from the Software
Update pane in System Preferences, or Apple's Software Downloads
web site: http://www.apple.com/support/downloads/

The download file is named: JavaForMacOSX10.4Release9.dmg
Its SHA-1 digest is: cc470c07eb67f66b4980cea2a6566a7b0e4bf755

Information will also be posted to the Apple Security Updates
web site: http://support.apple.com/kb/HT1222

This message is signed with Apple's Product Security PGP key,
and details are available at:
https://www.apple.com/support/security/pgp/

 

TOP