Otkriveno je i ispravljeno nekoliko nedostataka u JRE (eng. Java Runtime Environment) programskom paketu. Radi se o paketu koji predstavlja radno okruženje za programe pisane u programskom jeziku Java. Brojne nespecificirane pogreške su otkrivene u JRE, a najozbiljnije omogućavaju Java aplikacijama (eng. applet) pokretanje proizvoljnog programskog koda. Kako bi nedostatak bio iskorišten, potrebno je otvoriti web stranicu sa zlonamjerno oblikovanom Java aplikacijom. Korisnicima se savjetuje žurna primjena dostupne nadogradnje.

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

APPLE-SA-2011-03-08-1 Java for Mac OS X 10.6 Update 4

Java for Mac OS X 10.6 Update 4 is now available and addresses the
following:

Java
Available for:  Mac OS X v10.6.6, Mac OS X Server v10.6.6
Impact:  Multiple vulnerabilities in Java 1.6.0_22
Description:  Multiple vulnerabilities exist in Java 1.6.0_22, the
most serious of which may allow an untrusted Java applet to execute
arbitrary code outside the Java sandbox. Visiting a web page
containing a maliciously crafted untrusted Java applet may lead to
arbitrary code execution with the privileges of the current user.
These issues are addressed by updating to Java version 1.6.0_24.
Further information is available via the Java website at
http://java.sun.com/javase/6/webnotes/ReleaseNotes.html
CVE-ID
CVE-2010-4422
CVE-2010-4447
CVE-2010-4448
CVE-2010-4450
CVE-2010-4454
CVE-2010-4462
CVE-2010-4463
CVE-2010-4465
CVE-2010-4467
CVE-2010-4468
CVE-2010-4469
CVE-2010-4470
CVE-2010-4471
CVE-2010-4472
CVE-2010-4473
CVE-2010-4476


Java for Mac OS X 10.6 Update 4 may be obtained from the Software
Update pane in System Preferences, or Apple's Software Downloads
web site: http://www.apple.com/support/downloads/

The download file is named: JavaForMacOSX10.6Update4.dmg
Its SHA-1 digest is: 513d5c5b62fb1257b8bf582c1c11e02e944fa808

Information will also be posted to the Apple Security Updates
web site: http://support.apple.com/kb/HT1222

This message is signed with Apple's Product Security PGP key,
and details are available at:
https://www.apple.com/support/security/pgp/

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.9 (Darwin)

iQEcBAEBAgAGBQJNdnX4AAoJEGnF2JsdZQee15UIAIOQ/o/p52iNLJM4T2koZhRi
DnG49jI2v42vTRKU+d8l2AqlNVVVYFzMJ6SN3xbl1Rayu4y2wLzPR8KsVl64sQ03
9x61TE32fB1h7IMxAYHp0DDw6saHwMPOHhY1oOl6U47oXa3fRfOyjPu6PVV8XOCH
ECubIG8fDqxjpk3PIpOZLGS8St6S9yMO7o5o791t/ObeQ7afZ3z268XWiM+Cn/pS
lxCkDS494ke637Nx9gG/WQY63V1zbhmzKoCkYfDhZYiNq/0unQCviWT4SVDQ3doR
IP9zCeJOvFcVZiM4Rp69CoVRJLHOZ3/IKg+tVg3SIAGbzHnjs8pyaNNNuYw8+rw=
=HIdY
-----END PGP SIGNATURE-----
 _______________________________________________
Do not post admin requests to the list. They will be ignored.
Security-announce mailing list      (Ova e-mail adresa je zaštićena od spambota. Potrebno je omogućiti JavaScript da je vidite.)
Help/Unsubscribe/Update your Subscription:
http://lists.apple.com/mailman/options/security-announce/lss.advisory%40gmail.com

This email sent to Ova e-mail adresa je zaštićena od spambota. Potrebno je omogućiti JavaScript da je vidite.