This week's giveaway is in the Android forum.
We're giving away four copies of Android Security Essentials Live Lessons and have Godfrey Nolan on-line!
See this thread for details.
The moose likes Java in General and the fly likes Security Issues in JRE1.5.0_05  Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login


Win a copy of Android Security Essentials Live Lessons this week in the Android forum!
JavaRanch » Java Forums » Java » Java in General
Bookmark "Security Issues in JRE1.5.0_05  " Watch "Security Issues in JRE1.5.0_05  " New topic
Author

Security Issues in JRE1.5.0_05

banu bala banu bala
Greenhorn

Joined: Sep 07, 2005
Posts: 1
We have a webstart application that runs on JRE1.5.0_05. It is a very heavy swing app. Since it has been extensively tested for many man months on that version, upgrading JRE is a very expensive solution.
Will a private version of that JRE have the same security issues as a public/installed JRE version?
Is there any other workaround other than upgrading?

Issues are like "Java Plug-in and Java Web Start May Allow Applets and Applications to Run With Unpatched JRE" are what we are looking to avoid.
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102557-1
Ulf Dittmer
Marshal

Joined: Mar 22, 2005
Posts: 41124
    
  45
Welcome to JavaRanch.

Will a private version of that JRE have the same security issues as a public/installed JRE version?

I'm not sure what you mean by publiv vs. private JRE, but a JRE is a JRE, no matter how it's installed, so all security issues will apply.

You would only need to worry about that particular bug if the code you downloaded wasn't trusted. But I gather that you/your company don't specify the use of an earlier, possibly buggy, JRE, so as long as your customers/users trust you, all is well.


Ping & DNS - my free Android networking tools app
 
I agree. Here's the link: http://aspose.com/file-tools
 
subject: Security Issues in JRE1.5.0_05
 
Similar Threads
Head First EJB: 1st tut error
how to run a jar file from the cmd prompt using a specific jre version
TimeZone and Daylight Savings Time 2007
Java Cryptography Problem in 1.2
security and other aspects