Downloads

Download Sun Java 6.0 Update 17

By admin
Spread the love

Sun has released the 17th update for both the Java Standard Edition 6.0 development kit and runtime environment, with the exact version number set to 1.6.0_17-b04. The developers have improved the security of several components and completed a list of bugs. The list of changes for this seventeenth update is as follows:

Changes in 1.6.0_17 (6u17)

The full internal version number for this update release is 1.6.0_17-b04 (where “b” means “build”). The external version number is 6u17.

OlsonData 2009m
6u17 contains Olson time zone data version 2009m. For more information, refer to Timezone Data Versions in the JRE Software.

Security Baseline
6u17 specifies the following security baselines for use with Java Plug-in technology:

JRE Family version 5.0
Java SE Security Baseline 1.5.0_22
Java SE for Business Security Baseline 1.5.0_22

JRE Family version 1.4.2
Java SE Security Baseline 1.4.2_19
Java SE for Business Security Baseline 1.4.2_24

On October 30, 2008, Java SE 1.4.2 reached its end of service life with the release of 1.4.2_19. Future revisions of Java SE 1.4.2 (1.4.2_20 and above) include the Access Only option and are available to Java SE for Business subscribers. For more information about the security baseline, see Deploying Java Applets With Family JRE Versions in Java Plug-in for Internet Explorer.

Root Certificates
Root Certificates are included in this release.

  • Added one new root certificate for SECOM. (Refer to 6872579.)
  • Added one new root certificate for GlobalSign. (Refer to 6860447.)

Blacklist Entries
There are no new blacklist entries in this update release.

Bug Fixes
This release contains fixes for one or more security vulnerabilities. For more information, please see Sun Alerts 269868, 269869, 269870, 270474, 270475and 270476.

Bug fixes for vulnerabilities are listed in the following table.

  • java – classes_2d – ICC_Profile allows detecting if some files exist
  • java – classes_2d – TrueType font parsing crash when stressing Sun Bug 6751322 test case
  • java – classes_2d – X11 and Win32GraphicsDevice don’t clone arrays returned from getConfigurations()
  • java – classes_2d – JPEG JFIF Decoder issue
  • java – classes_2d – Image Color Profile parsing issue
  • java – classes_2d – JRE AWT setDifflCM vulnerable to Stack Overflow
  • java – classes_2d – JRE AWT setBytePixels vulnerable to Heap Overflow
  • java – classes_awt – Component and [Default]KeyboardFocusManager pass security sensitive objects to loggers
  • java – classes_lang – (cl) Resurrected ClassLoaders can still have children
  • java – classes_security – Disable MD2 in certificate chain validation
  • java – classes_security – SECURITY: MessageDigest.isEqual introduces timing attack vulnerabilities
  • java – classes_security – ASN.1/DER input stream parser needs more work
  • java – classes_sound – Sun Java HsbParser.getSoundBank Stack Buffer Overflow Vulnerability
  • java – classes_swing – Numerous static security flaws in Swing (findbugs)
  • java – classes_swing – Mutable statics in Windows PL&F (findbugs)
  • java – classes_util_i18n – (tz) TimeZone.getTimeZone allows probing local filesystem
  • java – imageio – DoS from parsing BMPs with UNC ICC links
  • java – imageio – JPEG Image Writer quantization problem
  • java – imageio – ImageI/O JPEG is vulnerable to Heap Overflow
  • java – install – java update malfunctioning
  • java_deployment – deployment_toolkit – Deployment Toolkit plugin “launch” method vulnerable to exploits
  • javawebstart – general – arbitrary code execution using java web start
  • javawebstart – other – REGRESSION:have problem to run JNLP app and applets with signed Jar files

Other bug fixes are listed in the following table.

  • hotspot – runtime_system – Update hotspot windows os_win32 for windows 2008 R2
  • java – classes_2d – RFE: Provide a way to control the printing dpi resolution from MSIE browser print. See also 6801859
  • java – classes_awt – pageDialog throws NPE from applet
  • java – classes_awt – Security warning may change Z-order of top-level
  • java – classes_lang – Windows Server 2008 R2 system recognition
  • java – classes_security – Add GlobalSign R3 Root certificate to the JDK
  • java – classes_security – Add SECOM Root CA 2 to JDK
  • java – classes_util_i18n – (tz) Support tzdata2009m
  • java – classes_util_logging – deadlock due to synchronized demandLogger() code that locks ServerLogManager
  • jaxp – parse – com.sun.org.apache.xerces.internal.jaxp.DocumentBuilderImpl failing to parse xml document

Version number 6.0 update 17
Release status Final
Operating systems Windows 7, Windows 2000, Linux, Windows XP, Linux x86, Solaris, Windows Server 2003, Windows XP x64, Windows Server 2003 x64, Linux AMD64, Windows Vista, Windows Vista x64, Windows Server 2008
Website sun
Download
License type Conditions (GNU/BSD/etc.)
You might also like
News

Apple will come up with big announcements in the coming weeks: these are them

Apps

Popular apps Pixelmator and Photomator are now from Apple

News

MacBook Air with M4 chip seems closer than ever

News

MacOS Sequoia 15.3.1 is out: what’s new for your Mac?

News

iOS 18.3.1 is out (and this is why you have to update)

Apps

Apple launches invitations app (and that is reason for a party)