<html>
<head>
<meta name="viewport" content="width=device-width" />
<base href="http://wiki.javaforum.hu" />
<style type="text/css">
body, #email-content, #email-content-inner { font-family: Arial,FreeSans,Helvetica,sans-serif; }
body, p, blockquote, pre, code, td, th, li, dt, dd { font-size: 13px; }
small { font-size: 11px; }
body { width:100% !important; -webkit-font-smoothing: antialiased; }
body,
#email-wrapper { background-color: #f0f0f0; }
#email-wrapper-inner { padding: 20px; text-align: center; }
#email-content-inner { background-color: #fff; border: 1px solid #bbb; color: $menuTxtColour; padding:20px; text-align:left; }
#email-wrapper-inner > table { width: 100%; }
#email-wrapper-inner.thin > table { margin: 0 auto; width: 50%; }
#email-footer { padding: 0 16px 32px 16px; margin: 0; }
.email-indent { margin: 8px 0 16px 0; }
.email-comment { margin: 0 0 0 56px; }
#email-title-avatar { text-align: left; vertical-align: top; width: 56px; }
#email-title-flavor { margin: 0; padding: 0 0 4px 0; }
#email-title-heading { font-size: 16px; line-height: 20px; min-height: 20px; margin: 0; padding: 0; }
#email-title .icon { border: 0; padding: 0 2px 0 0; text-align: left; }
#email-actions { border-top: 1px solid #bbb; color: #505050; margin: 8px 0 0 0; padding: 0; }
#email-actions td { padding-top: 8px; }
#email-actions .left { max-width: 45%; text-align: left; }
#email-actions .right { text-align: right; }
.email-reply-divider { border-top: 1px solid #bbb; color: #505050; margin: 32px 0 8px 0; padding: 8px 0; }
.email-section-title { border-bottom: 1px solid #bbb; margin: 8px 0; padding: 8px 0 0 0; }
.email-metadata { color: #505050; }
a { color: #326ca6; text-decoration: none; }
a:hover { color: #336ca6; text-decoration: underline; }
a:active {color: #326ca6; }
a.email-footer-link { color: #505050; font-size: 11px; }
.email-item-list { list-style: none; margin: 4px 0; padding-left: 0; }
.email-item-list li { list-style: none; margin: 0; padding: 4px 0; }
.email-list-divider { color: #505050; padding: 0 0.35em; }
.avatar { -ms-interpolation-mode: bicubic; }
.avatar-link { margin: 2px; }
.tableview th { border-bottom: 1px solid #69C; font-weight: bold; text-align: left; }
.tableview td { border-bottom: 1px solid #bbbbbb; text-align: left; padding: 4px 16px 4px 0; }
.aui-message { margin: 1em 0; padding: 8px; }
.aui-message.info { background-color: #e0f0ff; border: 1px solid #9eb6d4; }
.aui-message.success { background-color: #ddfade; border: 1px solid #93c49f; }
.aui-message.error,
.aui-message.removed { background-color: #ffe7e7; border: 1px solid #df9898; color: #000; }
.call-to-action-table { margin: 10px 1px 1px 1px;}
.call-to-action-container { text-align: right; padding: 5px 20px; border: 1px solid #326396; background-color: #6495C7; border-radius: 3px;}
.call-to-action-container a.call-to-action-button { background-color: #6495C7; font-size: 15pt; line-height: 1; padding: 0; margin: 0; color: #fff; }
@media handheld, only screen and (max-device-width: 480px) {
div, a, p, td, th, li, dt, dd { -webkit-text-size-adjust: auto; }
small, small a { -webkit-text-size-adjust: 90%; }
td[id=email-wrapper-inner] { padding: 2px !important; }
td[id=email-content-inner] { padding: 8px !important; }
td[id="email-wrapper-inner"][class="thin"] > table { text-align: left !important; width: 100% !important; }
td[id=email-footer] { padding: 8px 12px !important; }
div[class=email-indent] { margin: 8px 0px !important; }
div[class=email-comment] { margin: 0 !important; }
p[id=email-title-flavor] a { display: block; } /* puts the username and the action on separate lines */
p[id=email-permalink] { padding: 4px 0 0 0 !important; }
table[id=email-actions] td { padding-top: 0 !important; }
table[id=email-actions] td.right { text-align: right !important; }
table[id=email-actions] .email-list-item { display: block; margin: 1em 0 !important; word-wrap: normal !important; }
span[class=email-list-divider] { display: none; }
}
</style>
</head>
<body bgcolor="#f0f0f0" topmargin="0" leftmargin="0" marginheight="0" marginwidth="0" style="font-family: Arial, FreeSans, Helvetica, sans-serif; font-size: 13px; width: 100%; -webkit-font-smoothing: antialiased; background-color: #f0f0f0">
<table id="email-wrapper" width="100%" cellspacing="0" cellpadding="0" border="0" style="background-color: #f0f0f0">
<tbody>
<tr valign="middle">
<td id="email-wrapper-inner" style="font-size: 13px; padding: 20px; text-align: center">
<table id="email-content" cellspacing="0" cellpadding="0" border="0" style="font-family: Arial, FreeSans, Helvetica, sans-serif; width: 100%">
<tbody>
<tr valign="top">
<td id="email-content-inner" align="left" style="font-family: Arial, FreeSans, Helvetica, sans-serif; font-size: 13px; background-color: #fff; border: 1px solid #bbb; padding: 20px; text-align: left">
<table id="email-title" cellpadding="0" cellspacing="0" border="0" width="100%">
<tbody>
<tr>
<td id="email-title-avatar" rowspan="2" style="font-size: 13px; text-align: left; vertical-align: top; width: 56px"> <img class="avatar" src="cid:avatar_d7177d5506ab05ef431ea35647b597a3" border="0" height="48" width="48" style="-ms-interpolation-mode: bicubic" /> </td>
<td valign="top" style="font-size: 13px">
<div id="email-title-flavor" class="email-metadata" style="margin: 0; padding: 0 0 4px 0; color: #505050">
<a href="http://wiki.javaforum.hu/display/~auth.gabor" style="color:#326ca6;text-decoration:none;; color: #326ca6; text-decoration: none">Auth Gábor</a> wrote a blog post:
</div> </td>
</tr>
<tr>
<td valign="top" style="font-size: 13px"> <h2 id="email-title-heading" style="font-size: 16px; line-height: 20px; min-height: 20px; margin: 0; padding: 0"> <a href="http://wiki.javaforum.hu/pages/viewpage.action?pageId=28442806" style="color: #326ca6; text-decoration: none"> <img class="icon" src="cid:blogpost-icon" alt="" style="border: 0; padding: 0 2px 0 0; text-align: left" /> <strong style="font-size:16px;line-height:20px;vertical-align:top;">További Java 7 biztonsági hibák</strong> </a> </h2> </td>
</tr>
</tbody>
</table>
<div class="email-indent" style="margin: 8px 0 16px 0">
<div class="email-page">
<p style="font-size: 13px">A jelenleg javított sebezhetőséget felfedező és Oracle számára jelző Adam Gowdiak (Security Explorations) a Computerworld/IDG megkeresésére megemlítette, hogy a most kiadott Java 7 update 7 se ad okot a nyugalomra, mivel átgondolták a helyzetet és találtak egy újabb lehetséges <em>sandbox</em> gyengeséget, amely szintén kihasználható lehet:</p>
<blockquote style="font-size: 13px">
<p style="font-size: 13px">"Once we found that our complete Java sandbox bypass codes stopped working after the update was applied, we looked again at POC codes and started to think about the possible ways of how to fully break the latest Java update again," Gowdiak said. "A new idea came, it was verified and it turned out that this was it."</p>
<p style="font-size: 13px">(forrás: <a href="http://www.arnnet.com.au/article/435241/researchers_find_critical_vulnerability_java_7_patch_hours_after_release/" class="external-link" rel="nofollow" style="color: #326ca6; text-decoration: none">http://www.arnnet.com.au/article/435241/researchers_find_critical_vulnerability_java_7_patch_hours_after_release/</a>)</p>
</blockquote>
<p style="font-size: 13px">A Gowdiak azt javasolja, hogy próbáljunk meg visszatérni a Java 6 kiadásra, amely biztonsági szempontból mégis csak jobb lehet, illetve távolítsuk el a Java futtató környezetet (JRE/JDK), ha arra nincs kifejezetten szükségünk:</p>
<blockquote style="font-size: 13px">
<p class="storybody" style="font-size: 13px">Based on the experience of Security Explorations researchers with hunting for Java vulnerabilities so far, Java 6 has better security than Java 7. "Java 7 was surprisingly much easier for us to break," Gowdiak said. "For Java 6, we didn't manage to achieve a full sandbox compromise, except for the issue discovered in Apple Quicktime for Java software."</p>
<p class="storybody" style="font-size: 13px">Gowdiak has echoed what many security researchers have said before: If you don't need Java, uninstall it from your system.</p>
<p class="storybody" style="font-size: 13px">(forrás: <a href="http://www.arnnet.com.au/article/435241/researchers_find_critical_vulnerability_java_7_patch_hours_after_release/" class="external-link" rel="nofollow" style="color: #326ca6; text-decoration: none">http://www.arnnet.com.au/article/435241/researchers_find_critical_vulnerability_java_7_patch_hours_after_release/</a>)</p>
</blockquote>
<p style="font-size: 13px">Mivel a hibák elsősorban a <em>sandbox</em> mechanizmust érintik, megfelelő védelem lehet a Java plugin alapértelmezett kikapcsolása, amelyet csak a szükséges esetekben kapcsolunk vissza.</p>
<hr />
<p style="font-size: 13px">
<style type="text/css">
.rater {
color: #949494;
font-size: 11px;
margin: 4px 4px;
overflow: auto;
}
.rater td {
vertical-align: middle;
padding-top: 6px;
}
.rater .images {
padding-top: 3px;
}
.rater .links {
cursor: pointer;
}
.rater .disabled a {
cursor: default;
}
.rater img {
height: 18px;
width: 15px;
}
.rater .wait img {
height: 18px;
width: 20px;
background: transparent url(/download/resources/com.adaptavist.confluence.rate:rate/resources/themes/v2/gfx/loading_mini.gif) no-repeat scroll center left;
}
.rater a img {
border-style: none;
}
.results.caption {
padding-left: 8px;
}
.rater .right-space {
padding-right: 8px;
}
/* sprites */
.rater img { background: url(/download/resources/com.adaptavist.confluence.rate:rate/resources/themes/v2/gfx/rater.gif) no-repeat top left; }
.rater a.out img { background-position: 0 -275px; }
.rater a.over img, .rater img.over { background-position: 0 -226px; }
.rater a.off img, .rater img.off { background-position: 0 -128px; }
.rater a.on img, .rater img.on { background-position: 0 -177px; }
.rater img.half { background-position: 0 -79px; }
</style> <img width="0px" height="0px" src="/download/resources/com.adaptavist.confluence.rate:rate/resources/themes/v2/gfx/loading_mini.gif" /> <img width="0px" height="0px" src="/download/resources/com.adaptavist.confluence.rate:rate/resources/themes/v2/gfx/rater.gif" /> </p>
<!-- only output the .vote td's if they CAN vote, but have NOT yet voted -->
<!-- obviously change the URL's on the a tags to reflect the various choices -->
<!-- only output the .wait td's if they CAN vote, but haven't already voted -->
<!-- always output .results td's - the classes (on, half and off) depict the current avg. rating -->
<!--td> <a id="activatePlusone-28442806" href="#"
onClick="gapi.plusone.render('plusone-div-28442806');document.getElementById('activatePlusone-28442806').style.display='none';">Activate the +1 button</a>
<div id="plusone-div-28442806"></div>
</td-->
<table class="rater ceoId-28442806" style="color: #949494; font-size: 11px; margin: 4px 4px; overflow: auto">
<tbody>
<tr>
<!-- only output the .vote td's if they CAN vote, but have NOT yet voted -->
<td class="vote caption" style="font-size: 13px; vertical-align: middle; padding-top: 6px">Your Rating:</td>
<td class="vote thanks" style="display:none;; font-size: 13px; vertical-align: middle; padding-top: 6px">Thanks for voting!</td>
<!-- obviously change the URL's on the a tags to reflect the various choices -->
<td class="vote links images right-space" style="font-size: 13px; vertical-align: middle; padding-top: 6px; padding-top: 3px; cursor: pointer; padding-right: 8px"> <a class="out" href="/plugins/rate/rating.action?decorator=none&displayFilter.includeCookies=true&displayFilter.includeUsers=true&ceoId=28442806&rating=1&redirect=true" alt="Pathetic" title="Pathetic" style="color: #326ca6; text-decoration: none"><img src="/download/resources/com.adaptavist.confluence.rate:rate/resources/themes/v2/gfx/blank.gif" style="height: 18px; width: 15px; border-style: none; background: url(/download/resources/com.adaptavist.confluence.rate:rate/resources/themes/v2/gfx/rater.gif) no-repeat top left; background-position: 0 -275px" /></a><a class="out" href="/plugins/rate/rating.action?decorator=none&displayFilter.includeCookies=true&displayFilter.includeUsers=true&ceoId=28442806&rating=2&redirect=true" alt="Bad" title="Bad" style="color: #326ca6; text-decoration: none"><img src="/download/resources/com.adaptavist.confluence.rate:rate/resources/themes/v2/gfx/blank.gif" style="height: 18px; width: 15px; border-style: none; background: url(/download/resources/com.adaptavist.confluence.rate:rate/resources/themes/v2/gfx/rater.gif) no-repeat top left; background-position: 0 -275px" /></a><a class="out" href="/plugins/rate/rating.action?decorator=none&displayFilter.includeCookies=true&displayFilter.includeUsers=true&ceoId=28442806&rating=3&redirect=true" alt="OK" title="OK" style="color: #326ca6; text-decoration: none"><img src="/download/resources/com.adaptavist.confluence.rate:rate/resources/themes/v2/gfx/blank.gif" style="height: 18px; width: 15px; border-style: none; background: url(/download/resources/com.adaptavist.confluence.rate:rate/resources/themes/v2/gfx/rater.gif) no-repeat top left; background-position: 0 -275px" /></a><a class="out" href="/plugins/rate/rating.action?decorator=none&displayFilter.includeCookies=true&displayFilter.includeUsers=true&ceoId=28442806&rating=4&redirect=true" alt="Good" title="Good" style="color: #326ca6; text-decoration: none"><img src="/download/resources/com.adaptavist.confluence.rate:rate/resources/themes/v2/gfx/blank.gif" style="height: 18px; width: 15px; border-style: none; background: url(/download/resources/com.adaptavist.confluence.rate:rate/resources/themes/v2/gfx/rater.gif) no-repeat top left; background-position: 0 -275px" /></a><a class="out" href="/plugins/rate/rating.action?decorator=none&displayFilter.includeCookies=true&displayFilter.includeUsers=true&ceoId=28442806&rating=5&redirect=true" alt="Outstanding!" title="Outstanding!" style="color: #326ca6; text-decoration: none"><img src="/download/resources/com.adaptavist.confluence.rate:rate/resources/themes/v2/gfx/blank.gif" style="height: 18px; width: 15px; border-style: none; background: url(/download/resources/com.adaptavist.confluence.rate:rate/resources/themes/v2/gfx/rater.gif) no-repeat top left; background-position: 0 -275px" /></a> </td>
<!-- only output the .wait td's if they CAN vote, but haven't already voted -->
<td class="wait images" style="display:none;; font-size: 13px; vertical-align: middle; padding-top: 6px; padding-top: 3px"><img src="/download/resources/com.adaptavist.confluence.rate:rate/resources/themes/v2/gfx/blank.gif" alt="Please Wait" title="Please Wait" style="height: 18px; width: 15px; height: 18px; width: 20px; background: transparent url(/download/resources/com.adaptavist.confluence.rate:rate/resources/themes/v2/gfx/loading_mini.gif) no-repeat scroll center left; background: url(/download/resources/com.adaptavist.confluence.rate:rate/resources/themes/v2/gfx/rater.gif) no-repeat top left" /></td>
<td class="wait text right-space" style="display:none;; font-size: 13px; vertical-align: middle; padding-top: 6px; padding-right: 8px">Please Wait</td>
<!-- always output .results td's - the classes (on, half and off) depict the current avg. rating -->
<td class="results caption border" style="font-size: 13px; vertical-align: middle; padding-top: 6px; padding-left: 8px">Results:</td>
<td class="results images" style="font-size: 13px; vertical-align: middle; padding-top: 6px; padding-top: 3px"> <img class="off" src="/download/resources/com.adaptavist.confluence.rate:rate/resources/themes/v2/gfx/blank.gif" alt="Pathetic" title="Pathetic" style="height: 18px; width: 15px; background: url(/download/resources/com.adaptavist.confluence.rate:rate/resources/themes/v2/gfx/rater.gif) no-repeat top left; background-position: 0 -128px" /><img class="off" src="/download/resources/com.adaptavist.confluence.rate:rate/resources/themes/v2/gfx/blank.gif" alt="Bad" title="Bad" style="height: 18px; width: 15px; background: url(/download/resources/com.adaptavist.confluence.rate:rate/resources/themes/v2/gfx/rater.gif) no-repeat top left; background-position: 0 -128px" /><img class="off" src="/download/resources/com.adaptavist.confluence.rate:rate/resources/themes/v2/gfx/blank.gif" alt="OK" title="OK" style="height: 18px; width: 15px; background: url(/download/resources/com.adaptavist.confluence.rate:rate/resources/themes/v2/gfx/rater.gif) no-repeat top left; background-position: 0 -128px" /><img class="off" src="/download/resources/com.adaptavist.confluence.rate:rate/resources/themes/v2/gfx/blank.gif" alt="Good" title="Good" style="height: 18px; width: 15px; background: url(/download/resources/com.adaptavist.confluence.rate:rate/resources/themes/v2/gfx/rater.gif) no-repeat top left; background-position: 0 -128px" /><img class="off" src="/download/resources/com.adaptavist.confluence.rate:rate/resources/themes/v2/gfx/blank.gif" alt="Outstanding!" title="Outstanding!" style="height: 18px; width: 15px; background: url(/download/resources/com.adaptavist.confluence.rate:rate/resources/themes/v2/gfx/rater.gif) no-repeat top left; background-position: 0 -128px" /> </td>
<td class="results value" style="font-size: 13px; vertical-align: middle; padding-top: 6px">0</td>
<td class="results ratings" style="font-size: 13px; vertical-align: middle; padding-top: 6px">rates</td>
<!--td> <a id="activatePlusone-28442806" href="#"
onClick="gapi.plusone.render('plusone-div-28442806');document.getElementById('activatePlusone-28442806').style.display='none';">Activate the +1 button</a>
<div id="plusone-div-28442806"></div>
</td-->
<td class="results" style="font-size: 13px; vertical-align: middle; padding-top: 6px"> </td>
<td style="font-size: 13px; vertical-align: middle; padding-top: 6px">
<g:plusone></g:plusone></td>
<td class="results" style="font-size: 13px; vertical-align: middle; padding-top: 6px"> </td>
<td style="font-size: 13px; vertical-align: middle; padding-top: 6px">
<div class="fb-like" data-send="true" data-layout="button_count" data-width="450" data-show-faces="true"></div></td>
</tr>
</tbody>
</table>
<p style="font-size: 13px"></p>
<p style="font-size: 13px"> </p>
<div class="bv_viewtracker">
<span class="bv_viewracker_span bv_viewtracker_closed"> Page viewed 1 times by 1 users since Aug 31, 2012 </span>
</div>
<div class="bv_viewtracker_visits" style="display:none;">
<table class="bv_viewtracker_table tableview attachments">
<tbody>
<tr class="bv_viewtracker_header">
<th class="bv_viewtracker_header_name" style="font-size: 13px; border-bottom: 1px solid #69c; font-weight: bold; text-align: left">Name</th>
<th class="bv_viewtracker_header_lastviewed" style="font-size: 13px; border-bottom: 1px solid #69c; font-weight: bold; text-align: left">Last viewed</th>
<th class="bv_viewtracker_header_timesviewed" style="font-size: 13px; border-bottom: 1px solid #69c; font-weight: bold; text-align: left">Times viewed</th>
</tr>
<tr class="bv_viewtracker_body">
<td class="bv_viewtracker_body_name" style="font-size: 13px; border-bottom: 1px solid #bbb; text-align: left; padding: 4px 16px 4px 0"> <a href="/display/~javalist" class="url fn confluence-userlink" data-username="javalist" style="color: #326ca6; text-decoration: none">Javaforum List</a><br /> </td>
<td class="bv_viewtracker_body_lastviewed" style="font-size: 13px; border-bottom: 1px solid #bbb; text-align: left; padding: 4px 16px 4px 0">Aug 31, 2012 21:54</td>
<td class="bv_viewtracker_body_timesviewed" style="font-size: 13px; border-bottom: 1px solid #bbb; text-align: left; padding: 4px 16px 4px 0">1</td>
</tr>
</tbody>
</table>
</div>
<p style="font-size: 13px"></p>
<p style="font-size: 13px"> </p>
</div>
</div>
<table id="email-actions" class="email-metadata" cellspacing="0" cellpadding="0" border="0" width="100%" style="border-top: 1px solid #bbb; color: #505050; margin: 8px 0 0 0; padding: 0; color: #505050">
<tbody>
<tr>
<td class="left" valign="top" style="font-size: 13px; padding-top: 8px; max-width: 45%; text-align: left"> <span class="email-list-item"><a href="http://wiki.javaforum.hu/pages/viewpage.action?pageId=28442806" style="color: #326ca6; text-decoration: none">View Online</a> </span> </td>
<td class="right" width="50%" valign="top" style="font-size: 13px; padding-top: 8px; text-align: right"> <span class="email-list-item"><a href="http://wiki.javaforum.hu/users/editmyemailsettings.action" style="color: #326ca6; text-decoration: none">Manage Notifications</a> </span> <span class="email-list-divider" style="color: #505050; padding: 0 0.350em">·</span> <span class="email-list-item"><a href="http://wiki.javaforum.hu/users/viewmyemailsettings.action" style="color: #326ca6; text-decoration: none">Unsubscribe from all blog posts</a> </span> </td>
</tr>
</tbody>
</table> </td>
</tr>
</tbody>
</table></td>
</tr>
<tr>
<td id="email-footer" align="center" style="font-size: 13px; padding: 0 16px 32px 16px; margin: 0"> <small style="font-size: 11px"> This message was sent by <a class="email-footer-link" style="color:#505050;font-size:11px;text-decoration:none;; color: #326ca6; text-decoration: none; color: #505050; font-size: 11px" href="http://www.atlassian.com/software/confluence">Atlassian Confluence</a> 4.2.5, the <a class="email-footer-link" style="color:#505050;font-size:11px;text-decoration:none;; color: #326ca6; text-decoration: none; color: #505050; font-size: 11px" href="http://www.atlassian.com/software/confluence/tour/enterprise-wiki.jsp">Enterprise Wiki</a> </small> </td>
</tr>
</tbody>
</table>
</body>
</html>