Ubuntu / Linux news and application reviews.

oracle java vulnerability

Oracle has released updates for Java 7: 7u13 and Java 6: 6u39, which come with a Critical Patch Update for 50 new security issues, of which 49 could be used to execute code remotely, without authentication.

The updates were scheduled for February 19th, but because of the vulnerabilities affecting Java Runtime Environment (JRE) in browsers, Oracle has decided to accelerate their release, specially since some browsers have automatically blocked the Java browser plugin because of these security issues.

Oracle Java PPA for Ubuntu and Debian: Besides the new Oracle JDK 6u39 and 7u13 updates which are now available in our Oracle Java PPA, I've also fixed the Oracle Java installer package (for all Java versions: 6, 7, and 8), thanks to Sergio Talens-Oliag, to allow local installations so if you place the JDK archive under /var/cache/oracle-jdk7-installer (replace jdk7 with jdk6 or jdk8 for Java 6 or 8), you can install Oracle Java without an Internet connection, useful for installing Oracle Java JDK on multiple machines or on machines without an Internet connection.


Ubuntu users can install / upgrade to the latest Oracle Java 7u13 or 6u39 using the instructions below:

- firstly add the WebUpd8 Oracle Java PPA:
sudo add-apt-repository ppa:webupd8team/java
sudo apt-get update

- then, to install or upgrade to Oracle Java 7u13, use the following command:
sudo apt-get install oracle-java7-installer

- or, to install / upgrade to the latest Oracle Java 6u39, use the following command:
sudo apt-get install oracle-java6-installer

For Debian, see:
Arch Linux users can install it via AUR: Oracle JDK6 | JDK7.

    image via zeeshan