# oracle java 7 update 7

## casualx

hi there

we need immediatley a java portage update so we can update to java version 7 update 7.

the blackhole exploit is going to be a big problem. 

by the way...its now discovered that oracle knew about several exploits before and they want wait before october to close them all...

----------

## cach0rr0

I just synced, and it appears that it should be in portage now

```

[>]   == dev-java/oracle-jdk-bin ((~)1.7.0.6(1.7)^fs -> (~)1.7.0.7(1.7)^fs): Oracle's Java SE Development Kit

[U]   == dev-java/oracle-jre-bin (1.7.0.6(1.7)@08/23/12; (~)1.7.0.6(1.7)^fs -> (~)1.7.0.7(1.7)^fs): Oracle's Java SE Runtime Environment

[>]   == dev-java/sun-jdk ((~)1.6.0.34(1.6)^fs -> (~)1.6.0.35(1.6)^fs): Oracle's Java SE Development Kit

```

of course, i had already done this the manual way, and cp'd the 1.7.0.6 ebuild to just bump its version to 1.7.0.7 - realized after i did that that I'd sync again and check (id been syncing regularly the last 2 or 3 days to see if this update had been added, and it had not, but it is there as of right now!)

----------

## ackle

New Oracle Java packages are currently being stabilized [1] and new IcedTea packages are in the works [2].

However, it looks like another vulnerability [3] allowing a remote attacker to escape Java's sandbox and execute arbitrary code may be in the updated versions just released by Oracle.

[1] https://bugs.gentoo.org/433094

[2] https://bugs.gentoo.org/433389

[3] http://seclists.org/fulldisclosure/2012/Aug/388

----------

## casualx

thx a lot

----------

