IBM SDK for Java Version 1.4.2: Current news

News


Abstract

Support information for IBM SDK for Java Version 1.4.2 that is not available in the user documentation.

Content

The documentation to support IBM SDK for Java Version 1.4.2 is available in an IBM Information Center. Supplementary information is available for the following service refresh levels:


For information about security fixes, see Security Alerts.
For information about IBM fixes, see IBM fixes for Java 1.4.2

For information about the daylight saving time changes included in fix pack levels, see Olson time zone updates in the IBM SDK for Java. Later updates can by applied using the IBM Time Zone Update Utility for Java (JTZU).




Java 1.4.2 service refresh 13 fix pack 18

Unexpected XSLT error on extension elements or extension functions when Java security is enabled

Any attempt to use extension elements or extension functions when Java security is enabled, results in a javax.xml.transform.TransformerException error during XSLT processing. This change in behavior is introduced to enhance security.

The following XSLT message is generated when extension functions are used:
Use of the extension function '<method name>' is not allowed when Java security is enabled. To override this, set the  com.ibm.xtq.processor.overrideSecureProcessing property to true. This override only affects XSLT processing.

The following XSLT message is generated when extension elements are used:
Use of the extension element '<element name>' is not allowed when Java security is enabled. To override this, set the com.ibm.xtq.processor.overrideSecureProcessing property to true. This override only affects XSLT processing.

To allow extensions when Java security is enabled, set the com.ibm.xtq.processor.overrideSecureProcessing system property to true.

Go back to top



Java 1.4.2 service refresh 13 fix pack 17

This fix pack contains a security fix for the Oracle security vulnerability, CVE-2013-0169, which affects Transport Layer Services (TLS) 1.1 and 1.2.

Go back to top



Java 1.4.2 service refresh 13 fix pack 12

The following significant change is included with fix pack 12:

KeyboardFocusManager implementation
This change relates to Oracle security vulnerability CVE-2012-0502.
The KeyboardFocusManager specification explicitly allows a single, global KeyboardFocusManager for all applets. Some public methods are unsafe for such implementations.
As a result of the fix, the following methods now throw a java.lang.SecurityException if they are invoked on a java.awt.KeyboardFocusManager that is not the current java.awt.KeyboardFocusManager for the calling thread's context:
  • java.awt.KeyboardFocusManager.setGlobalFocusOwner(Component focusOwner)
  • java.awt.KeyboardFocusManager.clearGlobalFocusOwner()
  • java.awt.KeyboardFocusManager.setGlobalPermanentFocusOwner(Component permanentFocusOwner)
  • java.awt.KeyboardFocusManager.setGlobalFocusedWindow(Window focusedWindow)
  • java.awt.KeyboardFocusManager.setGlobalActiveWindow(Window activeWindow)
  • java.awt.KeyboardFocusManager.setGlobalCurrentFocusCycleRoot(Container newFocusCycleRoot)

Go back to top



IBM SDK for Java 1.4.2 service refresh 13

The following command-line option is available:

JVM command-line option: -Xloaminimum
You can use the following command-line option to manage the size of the large object area:
-Xloaminimum<percentage>
  • Specifies the minimum percentage (between 0 and 0.95) of the current tenure space allocated to the large object area (LOA). The LOA does not shrink below this value. The default value is 0, which is 0%.

Go back to top

Rate this page:

(0 users)Average rating

Document information


More support for:

Runtimes for Java Technology
Java SDK

Software version:

1.4.2

Operating system(s):

AIX, Linux, Linux zSeries, Windows, z/OS

Software edition:

Java SE

Reference #:

1592330

Modified date:

2013-07-08

Translate my page

Machine Translation

Content navigation