Announcement

Collapse
No announcement yet.

Oracle Delays Java 8 To Next Year Over Security

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • Oracle Delays Java 8 To Next Year Over Security

    Phoronix: Oracle Delays Java 8 To Next Year Over Security

    Oracle has decided to delay the release of Java 8 into 2014 over their engineers tackling various security-related issues with the language as of late...

    http://www.phoronix.com/vr.php?view=MTM1NTM

  • #2
    So are they extending support for Java 6 now that Java 8 is delayed? Java 6 was supposed to be EOL'd in Feb 2013 and Update 43 explicitly stated that it would be the last version in its release notes yet Update 45 was released this week.

    Comment


    • #3
      Originally posted by ltcommander.data View Post
      So are they extending support for Java 6 now that Java 8 is delayed? Java 6 was supposed to be EOL'd in Feb 2013 and Update 43 explicitly stated that it would be the last version in its release notes yet Update 45 was released this week.
      Why not upgrade to 1.7? is there anything in 1.6 that you need to use which is broken or not supported in 1.7?

      Comment


      • #4
        I don't quite understand the recent media bias against Java, but ignoring that issue I have two particular matters of contention with the way many Java related security stories have been reported in general. First is the poor distinction of parts of the JRE, ie, between the JVM, it's libraries and it's collection of web browser plugins(particularly those implementing the NPAPI). The JVM is a great piece of software. The web plugin, and by extension applets in general is not. This isn't a problem exclusive to Java, there isn't browser based plugin that isn't rife with security problems. This brings me to my second point, this isn't a coincidental, the architecture of browsers based plugins suck, and most of the problem featured in recent news articles are the failure of browsers.

        There is an active effort among browser developers to improve plugin architecture, however it is disappointing to see the court of public discourse misguidedly off topic for this very real problem.

        Comment


        • #5
          Originally posted by Sonadow View Post
          Why not upgrade to 1.7? is there anything in 1.6 that you need to use which is broken or not supported in 1.7?
          I suppose not. At the same time there's nothing I need that requires Java 7 so it's just a matter of lazily sticking with what I know works while it's still supported.

          Comment


          • #6
            Originally posted by ltcommander.data View Post
            I suppose not. At the same time there's nothing I need that requires Java 7 so it's just a matter of lazily sticking with what I know works while it's still supported.
            Oh well, let's stick with MS-DOS then, because it works.

            Meanwhile, Google is stuck with version 6 for Android. There's something to learn from Microsoft and .NET here.

            Comment


            • #7
              Originally posted by Milyardo View Post
              There is an active effort among browser developers to improve plugin architecture, however it is disappointing to see the court of public discourse misguidedly off topic for this very real problem.
              Not really. Google have Pepper API.
              Firefox, Internet Explorer and other's don't and don't plan to support it.
              They don't care and considered browser plugins deprecated.

              Comment


              • #8
                Oracle Delays Java 8 To Next Year Over Security
                The real reason is that the new functional collections library has run way over schedule and they can't ship Java 8 without that.

                The security issues sound like an excuse.

                I have downloaded java 8 builds, and the new functional collections work very well, but on the dev mailing list, I can see why they are making lots of changes.

                BTW, I'd argue that Java 1.1 had closures in that you can declare an inner function that "closes" over the outer variables that are declared final. Java 8 just adds nicer syntax for anonymous functions and the whole functional collections library. And of course a ton of other unrelated features.

                Comment


                • #9
                  Originally posted by DanLamb View Post
                  The security issues sound like an excuse.
                  Yeah, no. They've just released *four* separate security fixes on top of 1.7 this weekend, jumping from 1.7.0_17 to _21 practically overnight. They're having to put a *lot* of effort into fixing security issues...

                  Comment


                  • #10
                    Originally posted by Sonadow View Post
                    Why not upgrade to 1.7? is there anything in 1.6 that you need to use which is broken or not supported in 1.7?
                    Java 6 is still more mature , recently java 1.7 had a lot of security issues just take a look of Java 1.7 CVE's , maybe in environments when security is the most critical factor java 1.6 still fits better

                    Comment

                    Working...
                    X