• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 952
  • Last Modified:

Oracle cpuapr2014-1972952.html

Q1:
Is Java SE & JRE the same?


Q2:
www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html
is the above applicable to the products below:
Java 7 Update 17 (7.0.170); Update 21 (7.0.210)      
Java 7 Update 7 (7.0.70); Update 9 (7.0.90); Update 9 (7.0.90)
Java Auto Updater      2.0.6.1, 2.0.7.1, 2.1.5.3, 2.1.9.0
Java JRE 7
Java SE Development Kit 7 Update 21 (1.7.0.210);  7 Update 7 (1.7.0.70)
Java(TM) 6 Update 14 (6.0.140);  Update 16 (6.0.160)
Java(TM) 6 Update 31 (6.0.310); Update 33 (6.0.330); Update 34 (6.0.340)
Java(TM) 7 (7.0.0); Update 2 (7.0.20)
Java(TM) SE Development Kit 6 Update 33      
Java(TM) SE Development Kit 6 Update 34      1.6.0.340
MySQL Connector/ODBC 5.1      5.1.11
Oracle Standard One 11.2.0.2
0
sunhux
Asked:
sunhux
3 Solutions
 
Wasim Akram ShaikCommented:
Is Java SE & JRE the same?

Definitely No.

As the name suggests One is Standard Edition(SE) and other is Runtime Edition(JRE)
Standard Edition is a place where you can actually code your functionality and debug your code and implement new things using the standards and in-built classes.

Runtime edition is a place where you can actually see the result of the above steps what you have coded and what you have developed

Basically if you can think of Cause and Effect . the former(SE) is the cause and RE is the effect.

more info can be obtained from Oracle's official site

http://www.java.com/en/download/faq/techinfo.xml

For Q2:

its a broad question, it depends on the functionality you use and the effect of any upgrades may have an impact on your functionality which is already running, you need to assess the patch set for individual components, it cannot be a generic answer
0
 
CEHJCommented:
Is Java SE & JRE the same?

Yes. The naming is confusing but essentially, there are two (main) things: the development kit (JDK) and the runtime (JRE). Their purposes are distinct, but the former contains the latter, differing only in containing essential tools for the developer.  The Standard Edition does NOT commonly mean the JDK, it means the current standard (no server side classes like Servlet) runtime.

is the above applicable to the products below:
Anything that contains a runtime (see above) needs updates. The JRE is currently one of the worst malware vectors around and should be kept updated.

A further observation: although the JDK has a JRE in it, generally speaking, there will also be an independent JRE on the system too. This is really a convenience thing
0
 
sunhuxAuthor Commented:
Thanks;  though that Oracle link indicates "Java SE" is the vulnerable product,
my colleague had assessed our servers with "JRE" to be vulnerable & with
the patch applicable, thus I asked this question.

Two clarifications I need from EE:
> MySQL Connector/ODBC 5.1      5.1.11
If the link indicates MySQL is applicable, does the above needs to be patched?

> Oracle Standard One 11.2.0.2
What's "Standard One"?  A DB or ODBC or in what way it's applicable to any
of the products listed in Oracle's link above?
0
Granular recovery for Microsoft Exchange

With Veeam Explorer for Microsoft Exchange you can choose the Exchange Servers and restore points you’re interested in, and Veeam Explorer will present the contents of those mailbox stores for browsing, searching and exporting.

 
CEHJCommented:
I can't really tell you much about the other two i'm afraid
0
 
slightwv (䄆 Netminder) Commented:
>>What's "Standard One"?

It's a licensed version of Oracle Standard Edition:
http://docs.oracle.com/cd/E11882_01/license.112/e47877/editions.htm#DBLIC109

>>Oracle link indicates "Java SE" is the vulnerable product,

All the CPU means is there is a patch available for that product.  You'll need to read the release notes to see if that patch is for a vulnerability of just a bug fix.

For what it's worth:  Java is FAMOUS for vulnerabilities...  Any product that runs just about everywhere is always a target for hackers!
0
 
CEHJCommented:
:)
0

Featured Post

2017 Webroot Threat Report

MSPs: Get the facts you need to protect your clients.
The 2017 Webroot Threat Report provides a uniquely insightful global view into the analysis and discoveries made by the Webroot® Threat Intelligence Platform to provide insights on key trends and risks as seen by our users.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now