Results 1 to 10 of 10

Thread: Oracle Delays Java 8 To Next Year Over Security

  1. #1
    Join Date
    Jan 2007
    Posts
    14,759

    Default Oracle Delays Java 8 To Next Year Over Security

    Phoronix: Oracle Delays Java 8 To Next Year Over Security

    Oracle has decided to delay the release of Java 8 into 2014 over their engineers tackling various security-related issues with the language as of late...

    http://www.phoronix.com/vr.php?view=MTM1NTM

  2. #2

    Default

    So are they extending support for Java 6 now that Java 8 is delayed? Java 6 was supposed to be EOL'd in Feb 2013 and Update 43 explicitly stated that it would be the last version in its release notes yet Update 45 was released this week.

  3. #3
    Join Date
    Jun 2009
    Posts
    550

    Default

    Quote Originally Posted by ltcommander.data View Post
    So are they extending support for Java 6 now that Java 8 is delayed? Java 6 was supposed to be EOL'd in Feb 2013 and Update 43 explicitly stated that it would be the last version in its release notes yet Update 45 was released this week.
    Why not upgrade to 1.7? is there anything in 1.6 that you need to use which is broken or not supported in 1.7?

  4. #4
    Join Date
    Sep 2008
    Location
    United States
    Posts
    57

    Default

    I don't quite understand the recent media bias against Java, but ignoring that issue I have two particular matters of contention with the way many Java related security stories have been reported in general. First is the poor distinction of parts of the JRE, ie, between the JVM, it's libraries and it's collection of web browser plugins(particularly those implementing the NPAPI). The JVM is a great piece of software. The web plugin, and by extension applets in general is not. This isn't a problem exclusive to Java, there isn't browser based plugin that isn't rife with security problems. This brings me to my second point, this isn't a coincidental, the architecture of browsers based plugins suck, and most of the problem featured in recent news articles are the failure of browsers.

    There is an active effort among browser developers to improve plugin architecture, however it is disappointing to see the court of public discourse misguidedly off topic for this very real problem.

  5. #5

    Default

    Quote Originally Posted by Sonadow View Post
    Why not upgrade to 1.7? is there anything in 1.6 that you need to use which is broken or not supported in 1.7?
    I suppose not. At the same time there's nothing I need that requires Java 7 so it's just a matter of lazily sticking with what I know works while it's still supported.

  6. #6
    Join Date
    Sep 2012
    Posts
    288

    Default

    Quote Originally Posted by ltcommander.data View Post
    I suppose not. At the same time there's nothing I need that requires Java 7 so it's just a matter of lazily sticking with what I know works while it's still supported.
    Oh well, let's stick with MS-DOS then, because it works.

    Meanwhile, Google is stuck with version 6 for Android. There's something to learn from Microsoft and .NET here.

  7. #7
    Join Date
    Dec 2011
    Posts
    2,045

    Default

    Quote Originally Posted by Milyardo View Post
    There is an active effort among browser developers to improve plugin architecture, however it is disappointing to see the court of public discourse misguidedly off topic for this very real problem.
    Not really. Google have Pepper API.
    Firefox, Internet Explorer and other's don't and don't plan to support it.
    They don't care and considered browser plugins deprecated.

  8. #8
    Join Date
    Feb 2013
    Posts
    233

    Default

    Oracle Delays Java 8 To Next Year Over Security
    The real reason is that the new functional collections library has run way over schedule and they can't ship Java 8 without that.

    The security issues sound like an excuse.

    I have downloaded java 8 builds, and the new functional collections work very well, but on the dev mailing list, I can see why they are making lots of changes.

    BTW, I'd argue that Java 1.1 had closures in that you can declare an inner function that "closes" over the outer variables that are declared final. Java 8 just adds nicer syntax for anonymous functions and the whole functional collections library. And of course a ton of other unrelated features.

  9. #9
    Join Date
    Apr 2010
    Posts
    733

    Default

    Quote Originally Posted by DanLamb View Post
    The security issues sound like an excuse.
    Yeah, no. They've just released *four* separate security fixes on top of 1.7 this weekend, jumping from 1.7.0_17 to _21 practically overnight. They're having to put a *lot* of effort into fixing security issues...

  10. #10
    Join Date
    Jan 2013
    Posts
    20

    Default

    Quote Originally Posted by Sonadow View Post
    Why not upgrade to 1.7? is there anything in 1.6 that you need to use which is broken or not supported in 1.7?
    Java 6 is still more mature , recently java 1.7 had a lot of security issues just take a look of Java 1.7 CVE's , maybe in environments when security is the most critical factor java 1.6 still fits better

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •