Solved

Oracle cpuapr2014-1972952.html

Posted on 2014-04-19
6
880 Views
Last Modified: 2014-04-22
Q1:
Is Java SE & JRE the same?


Q2:
www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html
is the above applicable to the products below:
Java 7 Update 17 (7.0.170); Update 21 (7.0.210)      
Java 7 Update 7 (7.0.70); Update 9 (7.0.90); Update 9 (7.0.90)
Java Auto Updater      2.0.6.1, 2.0.7.1, 2.1.5.3, 2.1.9.0
Java JRE 7
Java SE Development Kit 7 Update 21 (1.7.0.210);  7 Update 7 (1.7.0.70)
Java(TM) 6 Update 14 (6.0.140);  Update 16 (6.0.160)
Java(TM) 6 Update 31 (6.0.310); Update 33 (6.0.330); Update 34 (6.0.340)
Java(TM) 7 (7.0.0); Update 2 (7.0.20)
Java(TM) SE Development Kit 6 Update 33      
Java(TM) SE Development Kit 6 Update 34      1.6.0.340
MySQL Connector/ODBC 5.1      5.1.11
Oracle Standard One 11.2.0.2
0
Comment
Question by:sunhux
6 Comments
 
LVL 16

Assisted Solution

by:Wasim Akram Shaik
Wasim Akram Shaik earned 150 total points
ID: 40011121
Is Java SE & JRE the same?

Definitely No.

As the name suggests One is Standard Edition(SE) and other is Runtime Edition(JRE)
Standard Edition is a place where you can actually code your functionality and debug your code and implement new things using the standards and in-built classes.

Runtime edition is a place where you can actually see the result of the above steps what you have coded and what you have developed

Basically if you can think of Cause and Effect . the former(SE) is the cause and RE is the effect.

more info can be obtained from Oracle's official site

http://www.java.com/en/download/faq/techinfo.xml

For Q2:

its a broad question, it depends on the functionality you use and the effect of any upgrades may have an impact on your functionality which is already running, you need to assess the patch set for individual components, it cannot be a generic answer
0
 
LVL 86

Accepted Solution

by:
CEHJ earned 200 total points
ID: 40011237
Is Java SE & JRE the same?

Yes. The naming is confusing but essentially, there are two (main) things: the development kit (JDK) and the runtime (JRE). Their purposes are distinct, but the former contains the latter, differing only in containing essential tools for the developer.  The Standard Edition does NOT commonly mean the JDK, it means the current standard (no server side classes like Servlet) runtime.

is the above applicable to the products below:
Anything that contains a runtime (see above) needs updates. The JRE is currently one of the worst malware vectors around and should be kept updated.

A further observation: although the JDK has a JRE in it, generally speaking, there will also be an independent JRE on the system too. This is really a convenience thing
0
 

Author Comment

by:sunhux
ID: 40011319
Thanks;  though that Oracle link indicates "Java SE" is the vulnerable product,
my colleague had assessed our servers with "JRE" to be vulnerable & with
the patch applicable, thus I asked this question.

Two clarifications I need from EE:
> MySQL Connector/ODBC 5.1      5.1.11
If the link indicates MySQL is applicable, does the above needs to be patched?

> Oracle Standard One 11.2.0.2
What's "Standard One"?  A DB or ODBC or in what way it's applicable to any
of the products listed in Oracle's link above?
0
PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

 
LVL 86

Expert Comment

by:CEHJ
ID: 40011376
I can't really tell you much about the other two i'm afraid
0
 
LVL 76

Assisted Solution

by:slightwv (䄆 Netminder)
slightwv (䄆 Netminder) earned 150 total points
ID: 40011836
>>What's "Standard One"?

It's a licensed version of Oracle Standard Edition:
http://docs.oracle.com/cd/E11882_01/license.112/e47877/editions.htm#DBLIC109

>>Oracle link indicates "Java SE" is the vulnerable product,

All the CPU means is there is a patch available for that product.  You'll need to read the release notes to see if that patch is for a vulnerability of just a bug fix.

For what it's worth:  Java is FAMOUS for vulnerabilities...  Any product that runs just about everywhere is always a target for hackers!
0
 
LVL 86

Expert Comment

by:CEHJ
ID: 40015312
:)
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
jar file executable 12 43
rhino JavaScript import, load 25 69
data lookup in Oracle - need suggestions 55 104
fibonacci ten numbers 4 30
Checking the Alert Log in AWS RDS Oracle can be a pain through their user interface.  I made a script to download the Alert Log, look for errors, and email me the trace files.  In this article I'll describe what I did and share my script.
If you're not part of the solution, you're part of the problem.   Tips on how to secure IoT devices, even the dumbest ones, so they can't be used as part of a DDoS botnet.  Use PRTG Network Monitor as one of the building blocks, to detect unusual…
This videos aims to give the viewer a basic demonstration of how a user can query current session information by using the SYS_CONTEXT function
This video shows how to copy an entire tablespace from one database to another database using Transportable Tablespace functionality.

867 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

15 Experts available now in Live!

Get 1:1 Help Now