The full internal version number for this update release is 1.6.0_20-b02 (where "b" means "build"). The external version number is 6u20.
6u20 contains Olson time zone data version 2010b. For more information, refer to Timezone Data Versions in the JRE Software .
6u20 specifies the following security baselines for use with Java Plug-in technology:
JRE Family Version | Java SE Security Baseline | Java SE for Business Security Baseline |
---|---|---|
6 | 1.6.0_20 | 1.6.0_20 |
5.0 | 1.5.0_22 | 1.5.0_24 |
1.4.2 | 1.4.2_19 | 1.4.2_26 |
For more information about the security baseline, see Deploying Java Applets With Family JRE Versions in Java Plug-in for Internet Explorer .
A Java Network Launch Protocol (JNLP) file without a codebase
parameter, such as the following, will no longer work with the Java SE 6 update 20 release.
<jnlp spec="0.2 1.0" href="draw.jnlp">
codebase
<jnlp spec="0.2 1.0"
codebase="#"
href="draw.jnlp">
This release contains fixes for security vulnerabilities. For more information, please see Oracle Security Alert for CVE-2010-0886.
BugId | Category | Subcategory | Description |
---|---|---|---|
6939778 | java | classes_security | Mixed code warning for class.getResource("directory/") in 1.6.0_19 |
6940136 | javawebstart | other | Webstart Shows Wrong Exception when the same jnlp has a signed and a none signed jar |
6942801 | java_deployment | security | Improve Mixed Code Logging |