Sun recently announced two new security response enhancements for Java
SE. They include our plans for the synchronized release of Java SE
security fixes, and advance customer notification of security updates.
These new features are designed to complement Sun's existing
Sun Alert notifications
as well as the built-in Java Auto Update tool for Microsoft Windows
users. Details are available here
The following is our first advance notification of security updates for Java SE.
On the week of October 1, 2007, Sun will be releasing security updates
with JDK and JRE 6 Update 3, JDK and JRE 5.0 Update 13, and SDK and JRE
1.4.2_16. This will be followed by the release of SDK and JRE 1.3.1_21
on the second week of October 2007.
This is Sun's first step towards the simultaneous release of security
fixes across all supported Java SE release families. Sun expects to
fully synchronize the release of security fixes across all supported
releases, including J2SE 1.3.1 in 2008. Note that J2SE 1.3.1 has
completed the Sun "End of Life" (EOL) process
and is only supported
for the Solaris Operating Environment and customers on Sun's Vintage