cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1252
Views
0
Helpful
1
Replies
kviola1
Beginner

Java SE 7u25 update for LMS 4.2.3? Java vulnerabilities

CSIRC is requiring updates to JRE on all systems. Is it possible to update the java runtime environment beyond 1.6.0_31? Oracle announced (June 2013) and provides critical patches for the affected systems:

Applications Affected

  • JDK and JRE 7 Update 21 and prior
  • JDK and JRE 6 Update 45 and prior
  • JDK and JRE 5.0 Update 45 and prior
  • JavaFX 2.2.21 and prior

I am currently running LMS 4.2.3 on Solaris 10 and Windows 2008 systems. If I update the servers to JRE 7 (JRE 6u45 was the latest for version 6) will LMS still function without loss to its clients? Is there a workaround to eliminate the java vulnerabilities? If Java SE 7u25 will work, can someone provide installation guidance to avoid breaking the application?

1 REPLY 1
jgeralsky
Beginner

Hello,

here is Cisco answer:

Now the recommended Java version to be used on LMS 4.2.3 is Java Plug-in version 1.6.0_31 or higher (up to Java Plug-in version 1.6.0_45 )

Java  7 is not supported over LMS 4.2.3 ,  and it will cause topology services not to launch up correctly.

However Java  7 is planned to be used as part of LMS 4.2.4 which should be released on October.