This release of Java 2 Standard Edition contains:
J2SE 1.4.2 for SCO UNIX is a full implementation of the Sun MicrosystemsTM Java 2 Platform - the technology and environment described in the SunTM specifications of the Java 2 Platform, Standard Edition, v. 1.4.2. (The _17 suffix on the version number indicates the patch level of the Sun J2SE that J2SE 1.4.2 for SCO UNIX corresponds to.)
J2SE 1.4.2_17
J2SE 1.4.2_17 for SCO UNIX is the latest and cumulative update to J2SE 1.4.2 and contains the latest fixes from Sun.Automatic update of the
/usr/java
and/usr/java2
symbolic links to the installation of this J2SE release has changed. Please see the "Installations Location and Multiple Java Versions" subsection of these J2SE 1.4.2_17 Release Notes and the "Multiple Java 2 SE Releases" section of this Getting Started document for complete details.J2SE 1.4.2_17 supercedes all previous releases of J2SE 1.4.2.
Sun Alert ID Description 233321 Two vulnerabilities in the Java Runtime Environment Virtual Machine may independently allow an untrusted applet or application to elevate its privileges. For example, an applet may grant itself permissions to read and write local files or execute local applications that are accessible to the user running the untrusted applet. 233322 A security vulnerability in the Java Runtime Environment (JRE) with the processing of XSLT transformations may allow an untrusted applet or application that is downloaded from a website to elevate its privileges. For example, an applet may read certain unauthorized URL resources (such as some files and web pages) or potentially execute arbitrary code. This vulnerability may also be exploited to create a Denial-of-Service (DoS) condition by causing the JRE to crash. 233323 A buffer overflow vulnerability in the Java Runtime Environment may allow an untrusted applet or application to elevate its privileges. For example, an applet may grant itself permissions to read and write local files or execute local applications that are accessible to the user running the untrusted applet 233324 A vulnerability in the Java Plug-in may an untrusted applet to bypass same origin policy and leverage this flaw to execute local applications that are accessible to the user running the untrusted applet. 233326 A vulnerability in the Java Runtime Environment may allow JavaScript code that is downloaded by a browser to make connections to network services on the system that the browser runs on, through Java APIs. This may allow files (that are accessible through these network services) or vulnerabilities (that exist on these network services) which are not otherwise normally accessible to be accessed or exploited.
J2SE 1.4.2_16
J2SE 1.4.2_16 for SCO UNIX is the latest and cumulative update to J2SE 1.4.2 and contains the latest fixes from Sun.J2SE 1.4.2_16 supercedes all previous releases of J2SE 1.4.2.
J2SE 1.4.2_14e
The release of J2SE 1.4.2, update 14e, prepared for the OpenServer 6.0.0, Maintenance Pack 3, removes the javasoap package from the Java 1.4.2 component. Any pieces of the former javasoap package that are needed by Tomcat are now installed with Tomcat.
J2SE 1.4.2_14d
J2SE 1.4.2_14d for SCO UNIX is a re-release of the J2SE 1.4.2_14 for SCO UNIX containing several security fixes from Sun including the following announced alert.J2SE 1.4.2_14d supercedes all previous releases of J2SE 1.4.2.
Sun Alert ID Description 102934 A buffer overflow vulnerability in the image parsing code in the Java Runtime Environment may allow an untrusted applet or application to elevate its privileges. For example, an applet may grant itself permissions to read and write local files or execute local applications that are accessible to the user running the untrusted applet. A second vulnerability may allow an untrusted applet or application to causes the Java Virtual Machine to hang.
J2SE 1.4.2_14c
J2SE 1.4.2_14c for SCO UNIX is a re-release of the J2SE 1.4.2_14 for SCO UNIX containing a fix for numeric keypad data entry with the keyboard Num Lock active.J2SE 1.4.2_14c supercedes all previous releases of J2SE 1.4.2.
J2SE 1.4.2_14b
J2SE 1.4.2_14b for SCO UNIX is a re-release of the J2SE 1.4.2_14 for SCO UNIX containing an urgent DST time zone fix from Sun.J2SE 1.4.2_14
- The introduction of the Olson TZ data, version 2005r or greater, may break backward compatibility for the Eastern, Hawaiian, and Mountain time zones, under certain circumstances. The Hawaiian TZ is only affected for historical data. Other American TZs such as PST and CST are not affected.
J2SE 1.4.2_14b supercedes the J2SE 1.4.2_14 release previously made available on the SCO Support web site.
J2SE 1.4.2_14 for SCO UNIX is the latest and cumulative update to J2SE 1.4.2 and contains the latest fixes from Sun and the following SCO specific fix:
- A JVM abort when the mouse wheel is used on a scrolled List widget has been resolved. Proper scrolling of the List widget requires an updated
[/udk]/usr/lib/libXm.so.1.3
scheduled for release in OSR 6.0.0 MP3, UW 7.1.4 MP4, and OSR 5.0.7 MP6.J2SE 1.4.2_14 supercedes the J2SE 1.4.2_13 release previously made available on the SCO Support web site.
J2SE 1.4.2_13
J2SE 1.4.2_13 for SCO UNIX, previously available from the SCO Support download site, contained the then latest fixes from Sun including DST timezone changes and security issue resolutions for the following announced issue as well as some yet to be announced issues. In addition, the CA Root Certificates file (cacerts) is now populated with the root certificates that we have recieved permission to distribute; see section "Distributed CA Certificates" for details
J2SE 1.4.2_13 superceded the J2SE 1.4.2_12 release previously made available on the SCO Support web site.
- A problem with embedded Java JVM initialization within a thread application has been corrected.
Sun Alert ID Description 102686 The JRE and Java Secure Socket Extension (JSSE) may verify incorrect RSA PKCS #1 v1.5 signatures if the RSA public key exponent is 3. This may allow applets or applications that are signed by forged signing certificates and websites with forged web server certificates to be verified as valid. For more information see:
http://www.imc.org/ietf-openpgp/mail-archive/msg14307.html http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4339
See the "Changes in This Release" section of the Release Notes for details on
the contents of earlier updates to J2SE 1.4.2
System Requirements and Supported Platforms
Supported SCO UNIX platforms:
urwfonts
[*]
urwfonts
[*]
J2SE 1.4.2 for SCO UNIX is not supported on older versions of the supported operating systems, such as SCO OpenServer Release 5.0.6 or UnixWare 7 Release 7.1.1, nor is it available for older operating systems, such as the SCO UnixWare 2 operating system.
J2SE 1.4.2 for SCO UNIX cannot be used with the older OSRcompat packages that were released together with older versions of UnixWare 7 and OpenServer.
For the most part the J2SE 1.4.2 is identical for all supported platforms, and everything in these release notes applies to all supported platforms unless otherwise noted.
[*] Package urwfonts
is available
as part of the UnixWare 7.1.3 and 7.1.4 and
OpenServer 5.0.7 media kits and is automatically installed as
part of Initial System Load if Java is installed. It is also available in
the UnixWare 7.1.3 Update Pack 4 media or in
the UnixWare and OpenServer Development Kit 7.1.3 or 7.1.4 and is
downloadable from this web page.
[**]
The required
runtime on OpenServer 5.0.7 are the libraries contained in the package set OSRcompat
version 8.0.2 provided in the SCO OpenServer Release 5.0.7
Maintenance Pack 3 as the "UDK Compatibility Libraries".
Approx. Size | |||
urwfonts |
3 MB | (URW)++ Free X11 Fonts | |
j2jre142 |
urwfonts
runtime (above) |
52 MB |
Runtime Support:
java , the Java virtual machine interpreter (JVM);
the "client" and "server" dynamic compilers;
Java Foundation Classes (JFC) & Swing Package; and
basic API libraries:
language support,
I/O,
AWT,
networking,
utilities,
images,
media,
math,
compression,
and
security.
Distributed applications and database access:
|
j2sdk142 |
j2jre142 | 24 MB |
Development Tools:
appletviewer , the Java Applet Viewer;
javac , the Java Compiler;
jdb , the command-line Java debugger;
javah , the C Header and Stub File Generator
for native methods;
javap , the Java Class File Disassembler;
javadoc , the JAVA API Documentation Generator;
jar , the Java Archive (JAR) tool;
and assorted other commands used in Java development;
class libraries used in Java development;
header files used in native code development.
Also Java demo applets and applications;
demos of Swing functionality;
Java Plug-in demos;
native method demos.
|
j2plg142 |
j2jre142 | 2.3 MB | Java 2 Plug-in for Mozilla browser, 1.2.1 through 1.7.x on UnixWare 7.1.4, OpenServer 5.0.7 and OpenServer 6.0.0. |
Note: Where one J2SE 1.4.2 package requires another J2SE 1.4.2 package, the version numbers of the packages must be the same. The Java 2 SDK package, version 1.4.2.1.17 requires the Java 2 Runtime, version 1.4.2.17.
/opt
.
J2SE 1.3.1 ==>Updates to each major version of J2SE install in the same base directory./opt/java2-1.3.1
J2SE 1.4.2 ==>/opt/java2-1.4.2
J2SE 5.0 ==>/opt/java2-1.5.0
Prior to the synchronized release of J2SE 1.3.1_22, 1.4.2_17 and 5.0 update 15,
the installation of the JRE piece for each of these major point releases
would automatically symbolicly link /usr/java
and
/usr/java2
to point to the "newly" installed JRE
directory.  
Starting with these synchronized J2SE releases, the symbolic links will
only be updated if the JRE being installed is a later J2SE version than
the current symbolic links.
For example, if prior to installation of J2SE 1.4.2_17, the symbolic links were:
Following the installation of J2SE 1.4.2_17, the links would be:/usr/java
==>/opt/java2-1.3.1
/usr/java2
==>/opt/java2-1.5.0
/usr/java
==>/opt/java2-1.4.2
/usr/java2
==>/opt/java2-1.5.0
Removal of the J2SE 1.4.7_17, will attempt to restore the pre-installation links, if and only if an executable /opt/java2-1.3.1/bin/java still exists on the system.
System administrators can and should readjust these symbolic links as needed by their specific system and software requirements.
Other software released by SCO for your SCO UNIX platform as well as third party applications that use Java, may require a specifc J2SE major version. That software may either reference the J2SE of interest through:
JAVA_HOME
that points to
/usr/java
or directly to the installation directory
/opt/java2-1.x.x
.
/usr/java/bin/command
or /opt/java2-1.x.x/bin/command
.
Caution: Before removing earlier/other major versions of J2SE on your system, be certain that other installed software does not require that version. For example, the Apache-Tomcat product released on UnixWare 7.1.4 and OpenServer 6.0.0 have been configured, tested and certified with J2SE 1.4.2. Removal of that JRE will result in Tomcat failing to start.
The J2SE 1.4.2 product is distributed as two separate installable Java packages plus a urwfonts
package, if needed.
pkgadd
datastream format.
File Package Version urwfonts.ds.Z urwfonts
2.0 j2jre142.ds.Z j2jre142
1.4.2.17 j2sdk142.ds j2sdk142
1.4.2.17 j2plg142.ds j2plg142
1.4.2.17
File Custom Package Custom Version UW Package UW Pkg. Version OSR5_Java2_JRE_142.VOLS.tar Java2_JRE_142 1.4.2Qa j2jre142
1.4.2.17 urwfonts
2.0 OSR5_Java2_SDK_142.VOLS.tar Java2_SDK_142 1.4.2Qa j2sdk142
1.4.2.17 OSR5_Java2_PLUGIN_142.VOLS.tar Java2_PLUGIN_142 1.4.2Qa j2plg142
1.4.2.17
File Custom Package Custom Version UW Package UW Pkg. Version OSR6_Java2_142.VOLS.tar j2se142 1.4.2Qa j2jre142
1.4.2.17 urwfonts
2.0Bo j2sdk142
1.4.2.17 j2plg142
1.4.2.17 javaxcomm
2.0
Change directory into the directory containing the downloaded package datastreams
cd <download-dir>
On UnixWare 7.1.4:
Install the J2SE 1.4.2 packages in the following order.
If the package datastreams have been downloaded in compressed format:zcat urwfonts.ds.Z | pkgadd -d -If the package datastreams have been uncompressed when downloaded with your browser:
zcat j2jre142.ds.Z | pkgadd -d -
pkgadd -d `pwd`/j2sdk142.ds
pkgadd -d `pwd`/j2plg142.ds
pkgadd -d `pwd`/urwfonts.ds
pkgadd -d `pwd`/j2jre142.ds
pkgadd -d `pwd`/j2sdk142.ds
pkgadd -d `pwd`/j2plg142.ds
On OpenServer 5.0.7, having downloaded the custom format files:
Make a subdirectory for each custom tar file that you downloaded.mkdir JRE SDK PLUGINUnwind each tar file into the corresponding subdirectory.cd JRE; tar -xf ../OSR5_Java2_JRE_142.VOLS.tarTo avoid possible compilications or problems installing a new release of J2SE 1.4.2 on your OpenServer 5.0.7 system, any previously installed J2SE 1.4.2 releases should be removed prior to installing this release. Because of packaging dependencies, the components should be removed in the following order:
cd ../SDK; tar -xf ../OSR5_Java2_SDK_142.VOLS.tar
cd ../PLUGIN; tar -xf ../OSR5_Java2_PLUGIN_142.VOLS.tar
- Java 2 1.4.2 Plug-in
- Java 2 1.4.2 Software Development Kit
- Java 2 1.4.2 Runtime Environment
Software should be installed in the following order:
- Java 2 1.4.2 Runtime Environment
- Java 2 1.4.2 Software Development Kit
- Java 2 1.4.2 Plug-in
Run the Software Manager with the command:scoadmin softwareor double-click on the Software Manager icon in the desktop.
or
custom
- Remove any previously installed Java 2 1.4.2 components, one at a time, in the removal order indicated above.
- Select the single Java 2 1.4.2 component to be removed.
- Pull down the "Software" menu and select "Remove Software"
- Click the "Remove" button.
- Repeat step 1 for each remaining Java 2 1.4.2 component to be removed.
- Install each of the new Java 2 1.4.2 components, one at a time , in the installation order indicted above.
- Pull down the "Software" menu and select "Install New".
- When prompted for the host from which to install, choose the local machine and then "Continue".
- In the "Select Media" menu, pull down the "Media Device" menu. Select "Media Images", then choose "Continue".
- When prompted for the "Image Directory", enter the directory where you unwound the tar file of the package to be installed and choose "OK".
- When prompted to select the software to install, the single software package in the directory will by highlighted. Choose "Install".
- Repeat step 3 for each remaining software download file to be installed.
On OpenServer 6.0.0, having downloaded the single custom format file:
Make a subdirectory and unwind the tar file into that subdirectory.mkdir JAVA142Run the Software Manager with the command:
cd JAVA142; tar -xf ../OSR6_Java2_142.VOLS.tar
scoadmin softwareor double-click on the Software Manager icon in the desktop.
or
custom
- Pull down the "Software" menu and select "Install New".
- When prompted for the host from which to install, choose the local machine and then "Continue".
- In the "Select Media" menu, pull down the "Media Device" menu. Select "Media Images", then choose "Continue".
- When prompted for the "Image Directory", enter the directory where you unwound the tar file of the package to be installed and choose "OK".
- When prompted to select the software to install, the single software package in the directory will by highlighted. You can deselect any of the optional packages that you do not wish to install at this time. Click on "Install".
Document version 405-000-044-q
05 March 2008
Copyright © 2004-2008 The SCO Group, Inc. All rights reserved.