Google Site Search


Wednesday, February 9, 2011

JBoss users upgrade to Oracle/Sun JVM JDK 1.6 Update 23 and apply FP Updater Tool

A serious vulnerability in the JVM was identified via CVE and has been handled by Oracle/Sun. Please see the following article for more details:

This is an issue that affects all Java applications that may be performing Double-String operations.

In summary, JBoss AS users should try to upgrade to JDK 1.6 Update 23 and use the Floating Point Updater Tool from here.

JDK/JRE6 Update 24 (forthcoming) will fix the issue. Until then please run the updater tool.

Reference Page for JBoss AS Security Vulnerabilities:

Additional information is available from Oracle Blog Post.


1 comment:

Unknown said...

should update to jdk1.6 update 24, the 23 is affected.