This content has been marked as final. Show 2 replies
I totally support that. Java RE is under fire, this is something that keep us thinking to move away from Oracle. It's totally unacceptable that Oracle lets this critical bug open for so long. All JRE around the world are vulnerable.
Note that oracle has released the jre 7u11 to patch the version 7 problems:
BTW I don't think the vendor took very long to fix this particular bug, it's just that there is a succession of them that has unfortunately greatly weakened the credibility of the 7 lineage. If only we could get some control over some aspects of this! Running forms as applets in browsers has too many points of failure. The browser can at any time suddenly decide to block or partly block launching applets, like mozilla click blocking 6u38 just because maybe the version 7 bug was more widespread as they said here:
"Why are you blocking the jre 6u38? I thought only 7 was vulnerable to these problems."
"We are being extra cautious to ensure all users are protected in the event the scope of the vulnerability is larger than the initial reports have indicated. We are erring on the side of caution."
Most browsers now autoupdate on their own so there is no telling what they may decide to do at any time. Mozilla has consistently for months refused to recognize the jre 6 lineage as valid and tries to get the users to upgrade to 7 which doesn't work with our forms due to the vendor having changed the vendor name in the jre.
As you can see here Mozilla will not recognize 6u38 as a valid version of java and it has not even hit the end of life yet:
After february 2013 I fear firefox will totally block the jre 6 even if we keep getting up updated via oracle support. I don't know any browser that will accept more than one jre plugin at a time so it's not possible to run jre 6 requiring applets and jre 7 requiring applets. One would wish the vendor was working with the browser providers and solving some of these problems!
Edited by: lake on Jan 14, 2013 8:51 AM