This forum is a discussion about improving the "How to allow Java on trusted sites" article. If you'd like to participate, please register.

If you need help with Firefox, please ask a question.

Need to update article based on release of Java 7 Update 11?

  • 2 Replies
  • Last reply by AliceWyman
  1. AliceWyman 5189 posts
    Report Abuse

    An "Update Java" section is needed at the beginning of the article, based on the release of Java 7 Update 11. Ref: https://blogs.oracle.com/java/entry/java_vulnerabilities_addressed

    An "Update Java" section is needed at the beginning of the article, based on the release of Java 7 Update 11. Ref: https://blogs.oracle.com/java/entry/java_vulnerabilities_addressed
  2. AliceWyman 5189 posts
    Report Abuse

    See also: Bug 829111 comment 32:


    alex_mayorga 2013-01-13 15:08:10 PST

    Oracle has released a fix[1], 7u11, but seems like this block is overreaching based on user comments[2] and still blocking when updated.

    Should this be reopened?

    1. https://blogs.oracle.com/security/entry/security_alert_for_cve_2013
    2. https://blog.mozilla.org/security/2013/01/11/protecting-users-against-java-vulnerability/comment-page-1/#comment-110981

    P.S. I looked at link #2 and the comments probably have to do with another bug introduced in Java 7 Update 10, which will be fixed in Java 7 Update 12. Ref:

    The Java 7 Update 11 release notes refer to bug 8005410 under Known Issues, Area: deploy Synopsis: Problems with Registration of Plugin on Systems with Stand-alone Version of JavaFX Installed

    See also: [https://bugzilla.mozilla.org/show_bug.cgi?id=829111#c32 Bug 829111 comment 32]: ----- alex_mayorga 2013-01-13 15:08:10 PST Oracle has released a fix[1], 7u11, but seems like this block is overreaching based on user comments[2] and still blocking when updated. Should this be reopened? # https://blogs.oracle.com/security/entry/security_alert_for_cve_2013 # https://blog.mozilla.org/security/2013/01/11/protecting-users-against-java-vulnerability/comment-page-1/#comment-110981 ----- P.S. I looked at link #2 and the comments probably have to do with another bug introduced in Java 7 Update 10, which will be fixed in Java 7 Update 12. Ref: * http://kb.mozillazine.org/Java#Uninstall_JavaFX * https://bugzilla.mozilla.org/show_bug.cgi?id=820759#c12 * http://bugs.sun.com/bugdatabase/view_bug.do?bug_id=8005410 The Java 7 Update 11 [http://www.oracle.com/technetwork/java/javase/7u11-relnotes-1896856.html release notes] refer to bug 8005410 under '''Known Issues''', Area: deploy Synopsis: Problems with Registration of Plugin on Systems with Stand-alone Version of JavaFX Installed
    Modified by AliceWyman on
  3. AliceWyman 5189 posts
    Report Abuse

    Never mind ... see https://blog.mozilla.org/security/2013/01/11/protecting-users-against-java-vulnerability/
    Quote:
    Update – January 18, 2013
    Mozilla is extending Click to Play for Java 7u11 due to reports of exploit code available for 7u11 and information that all elements of the original Java bug have not been fully addressed by Oracle in the 7u11 patch.

    Never mind ... see https://blog.mozilla.org/security/2013/01/11/protecting-users-against-java-vulnerability/ <br>Quote:<br> ''Update – January 18, 2013<br> Mozilla is extending Click to Play for Java 7u11 due to reports of exploit code available for 7u11 and information that all elements of the original Java bug have not been fully addressed by Oracle in the 7u11 patch.''