Sun’s invisible flaws

Maybe I just don’t know where to find these things, but I really shouldn’t have to poke around. Reports come through (like this one from TechRepublic) that Sun has released a new update to the JRE to patch critical flaws. So, ok, I go to see what other detail is given on the Sun site. My mistake, I go first to java.sun.com, can’t find anything. Go to www.sun.com and eventually find under the support link something that leads me to their adivisory here, here and here. But I have to search through lists of patches, and if I’d come here a week later would I have spotted it?!

The resolution to all three vulnerabilities is to update to JRE Update 4 or greater. The advisory contains a link to download. The latest JRE is Update 6. Perhaps the release notes may contain some information about the flaws fixed. The release notes are Update 5 release notes! What else has been changed in Update 6? Should I just roll it? Should I roll an earlier update so I know what’s in it? What a pile of…!

Sun, you need to sort this out. And while you’re about it, how about providing patches for the JRE instead of full reinstalls. I have 9000 clients to roll this to, and of course I have a software distribution system, but I’d rather patch the JRE than remove and install.

Advertisements

3 responses to “Sun’s invisible flaws

  1. Yep,the sun’s way to deal with this kind of thing is rough.

    And you mentioned that you “…have 9000 clients to roll this to…”,my question is that do you organise your system in C/S structure and each client has to install the JRE ?

    May brower/server structure work better.

  2. Our workstations are scattered over multiple sites with different connectivity and are almost all portables. Distribution from a central point would mean an unacceptable level of risk to the WAN during the initial rollout. Our electronic software distribution tool takes care of these issues.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s