The full internal version number for this update release is 1.7.0_02-b13 (where "b" means "build"). The external version number is 7u2.
This update release contains functionality enhancements for Java applications:
Java SE 7u2 contains Olson time zone data version 2011l. For more information, refer to Timezone Data Versions in the JRE Software.
The security baselines for the Java SE platform at the time of the release of Java SE 7u2 are specified in the following table:
JRE Family Version | Java SE Security Baseline |
---|---|
7 | 1.7.0_02 |
6 | 1.6.0_29 |
5.0 | 1.5.0_32 |
1.4.2 | 1.4.2_34 |
For more information about security baselines, see Deploying Java Applets With Family JRE Versions in Java Plug-in for Internet Explorer.
For Java SE 7u2, the following system configurations have been certified:
Refer to the Oracle Certified System Configurations page for more information.
If users have a version of Java on their systems that is below the security baseline, a warning message is displayed before an application or an applet can be run.
In Java SE 7u2, demos and samples have been removed from the JDK installers and placed into separate bundles:
Like other 64-bit bundles on Solaris and Linux, the 64-bit demos and samples bundles on Solaris and Linux expect the 32-bit demos and samples bundles to also be installed.
The JDK includes the JavaFX SDK. See JavaFX 2.0.2 Release Notes for more information.
This release introduces the following improvements for web-deployed applications:
Cache-Control
values no-cache
/no-store
.deployment.insecure.jres
in the deployment.properties
file to one of the following values:
Value of deployment.insecure.jres property |
Value of Insecure JRE versions setting | Description |
---|---|---|
NEVER |
Do not use insecure JRE versions | Untrusted content will always run with the default JRE. |
PROMPT |
Prompt user before using insecure JRE versions | Users will see the new warning dialogs; this is the default value. |
ALWAYS |
Allow using insecure JRE versions (not recommended) | Untrusted content will run with the requested JRE without any prompting. |
See Deployment Configuration File and Properties for more information about the deployment.properties
file.
Java SE 7u2 does not add any fixes for security vulnerabilities beyond those in Java SE 7u1. Users who have Java SE 7u1 have the latest security fixes and do not need to upgrade to this release to be current on security fixes.
This list includes some of the nota
Synopsis: The Java 7 compiler used to erroneously accept the diamond operator in array initializer expressions. For example, the following code, which was previously accepted, is now rightly rejected:
class Foo<X> {}
class Test {
Foo<String>[] fooArr = new Foo<>[]{ }; //error
}
See 7057297.
Area: Compiler
Synopsis: The Java 7 compiler erroneously accepted the following program due to a bug in the most specific algorithm implementation:
import java.util.*;
interface A {List<Number> getList();}
interface B {ArrayList getList();}
interface AB extends A, B {}
class Test {
void test(AB ab) {
Number n = ab.getList().get(1);
}
}
This program used to fail in JDK 6. A fix has been provided in Java SE 7u2 to rightly reject this program. See 7062745.
Area: Java Cryptography Extension
Synopsis: Public key certificates containing Elliptic Curve Cryptography (ECC) keys are parsed correctly by the SunPKCS11 JCE security provider on Solaris 11. See 7054637.
Area: hotspot/runtime_logging
Synopsis:Handling large log files produced by long running Java Applications
Three new java command line flags are introduced in this release to handle large log files:
-XX:+UseGCLogFileRotation
: must be used with -Xloggc:<filename>
-XX:NumberOfGClogFiles=<number of files>
: must be >=1, default is one-XX:GCLogFileSize=<number>M (or K)
: default will be set to 512KSee 6941923.
For other bug fixes, see Java SE 7u2 Bug Fixes.
Area: Security
Synopsis: Existing JRE 6 users of signed applications or applets might get SecurityException
when upgrading to JRE 7. This issue does not occur on Windows XP with jar files signed by the Maven Jar Tool.
The workaround for client machines is to clear the application from the Java deployment cache using the Java Control Panel. The workaround on the server side, which application publishers could do, is to change the last modified timestamp of the application signed jars. This would force redownload and automatic rebuild of the cache entries on the client side, thus help application users to avoid encountering the error. See 7083682.
Area: Install
Synopsis: In the past, only a deploy stack was installed with the JRE. Now a deploy stack can be delivered either by JavaFX or by the JRE. As the JRE does not understand this, the net result sometimes is a non-functional JRE.
In some cases this can be corrected by uninstalling JavaFX and the JREs, and then re-installing the JRE and re-installing JavaFX. Sometimes this does not work and you have to manually delete a registry key before you are able to get Java working properly again. See 7088173.
Area: Security
Synopsis: Inconsistent security dialog message when a JAR has been blacklisted. Tracing has to be enabled in the console to actually see if a JAR has been blacklisted. See 7112206.