SDK/RTE 1.4.2.28 Release Notes
Table Of Contents
- Table of Contents
- Overview
- Features
- Installation
- Usage Documentation
- Removing support for unwanted architectures in the JRE
- Support for dynamic thread local storage (TLS)
- Signal Chaining Functionality
- Support for C++ applications built with -AA and -AP options (PA-RISC) only
- Using Java 2 JNI on HP-UX
- HotSpot JVM Options
- Garbage collectors: Parallel, Concurrent mark, and Sweep
- Allocating physical memory and swap in the Java heap
- Asian TrueType fonts and Asian locales
- Date/Time methods defaults
- Profiling
- Closing a socket when accept or read is pending (PA-RISC) - new patch information!
- Compatibility with previous releases
- Runtime Plug-In usage and configuration
- GC log-rotation support
- ThreadDumpPath support
- Additional HP and Oracle Java documentation
- Problem Fixes
- PA-RISC Known issues
- Recommend setting PTHREAD_SUSPEND_SYNC to 1 under certain conditions (HP-UX 11.31 (11i v3))
- shl_load HotSpot libjvm problem due to TLS (HP-UX 11.0 PA-RISC)
- 64-bit Support X/Motif (HP-UX 11.00 & 11.11 (11i v1) PA-RISC)
- 64-bit Support - System Call (HP-UX 11.00 PA-RISC)
- /dev/​poll Runtime Support (HP-UX 11.00 & 11.11 (11i v1) PA-RISC)
- HPjconfig Configuration Tool
- Compiler Safe Points (HP-UX 11.00 & 11.11 (11i v1) PA-RISC)
- Using Linker Option +noenvvar and +compat on HP Integrity and PA-64 Systems
- Running Java with setuid or setgid
- HP Integrity (Itanium) Known Issues
- Using pthread_suspend() under certain conditions on HP-UX 11.31 (11i v3)
- Initializing a JVM instance with JNI_CreateJavaVM or attaching to JVM with AttachCurrentThread()
- Using Linker Option +noenvvar and +compat on HP Integrity and PA-64 Systems
- Running Java with setuid or setgid
- Running Aries HP Integrity emulation on PA2.0
- Software Support
- Security fixes in the 1.4.2.28 release
Table 1 Security Fixes (continued)
NoteComponentCVE
See Note 8JSSECVE-2011-3389
See Note 1NetworkingCVE-2011-3552
See Note 22DCVE-2012-0499
See Note 1I18nCVE-2012-0503
See Note 1SerializationCVE-2012-0505
See Note 1AWTCVE-2012-0502
See Note 2SoundCVE-2011-3563
See Note 1CORBACVE-2012-0506
Note 1. Applies to client deployment of Java only. This vulnerability can be exploited
only through Untrusted Java Web Start applications and Untrusted Java applets.
(Untrusted Java Web Start applications and untrusted applets run in the Java sandbox
with limited privileges.)
Note 2. Applies to client and server deployment of Java. This vulnerability can be
exploited through Untrusted Java Web Start applications and Untrusted Java applets.
It can also be exploited by supplying data to APIs in the specified Component without
using untrusted Java Web Start applications or untrusted Java applets, such as through
a web service.
Note 3. Fix addresses multiple instances of this vulnerability. Applies to client and
server deployments of Java. This vulnerability can be exploited through Untrusted
Java Web Start applications and Untrusted Java applets. It can also be exploited by
supplying data to APIs in the specified Component without using untrusted Java Web
Start applications or untrusted Java applets, such as through a web service.
Note 4. Applies to client deployment of Java only. This vulnerability is applicable only
to systems using the Java Update (which is available only on the Windows platform).
Note 5. Applies to server deployment of Java. This vulnerability can only be exploited
by supplying data to APIs in the specified Component without using Untrusted Java
Web Start applications or Untrusted Java applets, such as through a web service.
Note 6. Applies to client deployment of Java only. This vulnerability can be exploited
only when a user runs a standalone application.
Note 7. Applies to RMI server deployments of Java.
Note 8. This is a vulnerability in the SSLv3/TLS 1.0 protocol. Exploitation of this
vulnerability requires a man-in-the-middle and the attacker needs to be able to inject
chosen plaintext.
Security fixes in the 1.4.2.28 release 27