-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 APPLE-SA-2011-06-28-2 Java for Mac OS X 10.5 Update 10 Java for Mac OS X 10.5 Update 10 is now available and addresses the following: Java Available for: Mac OS X v10.5.8, Mac OS X Server v10.5.8 Impact: Multiple vulnerabilities in Java 1.6.0_24 Description: Multiple vulnerabilities exist in Java 1.6.0_24, the most serious of which may allow an untrusted Java applet to execute arbitrary code outside the Java sandbox. Visiting a web page containing a maliciously crafted untrusted Java applet may lead to arbitrary code execution with the privileges of the current user. These issues are addressed by updating to Java version 1.6.0_26. Further information is available via the Java website at http://java.sun.com/javase/6/webnotes/ReleaseNotes.html CVE-ID CVE-2011-0802 CVE-2011-0814 CVE-2011-0862 CVE-2011-0863 CVE-2011-0864 CVE-2011-0865 CVE-2011-0867 CVE-2011-0868 CVE-2011-0869 CVE-2011-0871 CVE-2011-0873 Java Available for: Mac OS X v10.5.8, Mac OS X Server v10.5.8 Impact: Multiple vulnerabilities in Java 1.5.0_28 Description: Multiple vulnerabilities exist in Java 1.5.0_28, the most serious of which may allow an untrusted Java applet to execute arbitrary code outside the Java sandbox. Visiting a web page containing a maliciously crafted untrusted Java applet may lead to arbitrary code execution with the privileges of the current user. These issues are addressed by updating to Java version 1.5.0_30. Further information is available via the Java website at http://www.o racle.com/technetwork/java/javase/documentation/overview-137139.html CVE-ID CVE-2011-0802 CVE-2011-0814 CVE-2011-0862 CVE-2011-0864 CVE-2011-0865 CVE-2011-0867 CVE-2011-0871 CVE-2011-0873 Java for Mac OS X 10.5 Update 10 may be obtained from the Software Update pane in System Preferences, or Apple's Software Downloads web site: http://www.apple.com/support/downloads/ The download file is named: JavaForMacOSX10.5Update10.dmg Its SHA-1 digest is: a4b5fd6d753d83b8798ce8482301647ffd19a629 Information will also be posted to the Apple Security Updates web site: http://support.apple.com/kb/HT1222 This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/ -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.9 (Darwin) iQEcBAEBAgAGBQJOChxIAAoJEGnF2JsdZQeeNfsIAK8nsutClzYraD6mDmaj8ehj PjkSOm+5XGCGMCP+oykHu2mZPJgCJW6tnBffVSayj3qPomk1JT4djkmwP+iRgxLU cfTdwTpRfldhqm8+VND9GBRI6jjD1wGvVWSbai1z3HQ3UuQMosEOatMmIvE3rYtL jBtLU9dA0uVzSG9SiCBWMls+sme+Oy8n285MAQKKjbkiOgN/lhAA1W430lhuE0HG +ghDwUA6oWWJskV3irK7l4af6u7jrO9ga9Zqr9PJ5Md0lcKuVAwFSIZxDxiPDKUi 4p+wAqsRK9FsOrimw5+Y2FVdX20GYRbs2wk/hpcETU7NhlpXMpNeeOO4fdQAd+c= =u6A8 -----END PGP SIGNATURE-----