First published: Wed Mar 31 2010(Updated: )
The Sun 1.5.0 Java release includes the Sun Java 5 Runtime Environment and<br>the Sun Java 5 Software Development Kit.<br>The java-1.5.0-sun packages are vulnerable to a number of security flaws<br>and should no longer be used. (CVE-2009-3555, CVE-2010-0082, CVE-2010-0084,<br>CVE-2010-0085, CVE-2010-0087, CVE-2010-0088, CVE-2010-0089, CVE-2010-0091,<br>CVE-2010-0092, CVE-2010-0093, CVE-2010-0094, CVE-2010-0095, CVE-2010-0837,<br>CVE-2010-0838, CVE-2010-0839, CVE-2010-0840, CVE-2010-0841, CVE-2010-0842,<br>CVE-2010-0843, CVE-2010-0844, CVE-2010-0845, CVE-2010-0846, CVE-2010-0847,<br>CVE-2010-0848, CVE-2010-0849)<br>The Sun Java SE Release family 5.0 reached its End of Service Life on<br>November 3, 2009. The RHSA-2009:1571 update provided the final publicly<br>available update of version 5.0 (Update 22). Users interested in continuing<br>to receive critical fixes for Sun Java SE 5.0 should contact Oracle:<br><a href="http://www.sun.com/software/javaforbusiness/index.jsp" target="_blank">http://www.sun.com/software/javaforbusiness/index.jsp</a> An alternative to Sun Java SE 5.0 is the Java 2 Technology Edition of the<br>IBM Developer Kit for Linux, which is available from the Extras and<br>Supplementary channels on the Red Hat Network.<br>Applications capable of using the Java 6 runtime can be migrated to Java 6<br>on: OpenJDK (java-1.6.0-openjdk), an open source JDK included in Red Hat<br>Enterprise Linux 5, since 5.3; the IBM JDK, java-1.6.0-ibm; or the Sun JDK,<br>java-1.6.0-sun.<br>This update removes the java-1.5.0-sun packages as they have reached their<br>End of Service Life.<br>
Affected Software | Affected Version | How to fix |
---|
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.