What's New @Java.
- Jarsigner now encourages timestamping: The new jarsigner will encourage you to use a timestamp URL to avoid taking unexpected hits when a certificate expires.
- Default Socket Permissions: Applications that open listener ports, e.g. servers, will run into security issues now because Java limits which sockets you can bind to without modifying the security policy. A good tutorial on how to do this can be found at here.
- Clearing of Remembered Decisions: If you've accidentally selected incorrect or unnecessary security alerts, this release will now let you easily clear out our selections so you can always be sure you have only the settings you really want.
- JAXP Xalan DOM Implementation: Now when you have a Security Manager in your application, JAXP will always use the default DOM implementation. This should only affect those of you who have replaced the DOM implementation in your application.
For additional details on the release, you can read the full release notes here.
What you'll see from Genuitec.
Applet Security: For this pack update, SDC will now include support for the applet security issues. SDC now ships with web installation flows turned off by default to ensure users avoid receiving notifications that applets may be insecure. Users can easily turn applet support on by selecting the re-enable the option on the Access Policy page of the Admin Console.
Grab your Java here.
In an effort to keep you and your team up-to-date with the latest tools, Genuitec will now be making the Java packs available within a week of their release. Java packs, as well as the most current SDC downloads, will always be available at this link --
Edit: Pack downloads for Java are no longer downloadable.
Posted on Jan 23rd 2014