Update Release Notes

Java™ SE Development Kit 7, Update 10 (JDK 7u10)

The full version string for this update release is 1.7.0_10-b18 (where "b" means "build") and the version number is 7u10.

Highlights

This update release contains the following enhancements:

  • Additional Certified System Configurations
  • Security Feature Enhancements

Olson Data 2012i

JDK 7u10 contains Olson time zone data version 2012i. For more information, refer to Timezone Data Versions in the JRE Software.

Security Baselines

The security baselines for the Java Runtime Environment (JRE) at the time of the release of JDK 7u10 are specified in the following table:

JRE Family Version JRE Security Baseline (Full Version String)
7 1.7.0_09
6 1.6.0_37
5.0 1.5.0_38
1.4.2 1.4.2_40

For more information about security baselines, see Deploying Java Applets With Family JRE Versions in Java Plug-in for Internet Explorer.

Additional Certified System Configurations

For JDK 7u10 release, the following additional system configurations have been certified:

  • Mac OS X 10.8
  • Windows Windows Server 2012 (64-bit)
  • Windows 8 Desktop Mode

For more information, refer to Oracle Certified System Configurations page.

Security Feature Enhancements

The JDK 7u10 release includes the following enhancements:

  • The ability to disable any Java application from running in the browser. This mode can be set in the Java Control Panel or (on Microsoft Windows platform only) using a command-line install argument.
  • The ability to select the desired level of security for unsigned applets, Java Web Start applications, and embedded JavaFX applications that run in a browser. Four levels of security are supported. This feature can be set in the Java Control Panel or (on Microsoft Windows platform only) using a command-line install argument.
  • New dialogs to warn you when the JRE is insecure (either expired or below the security baseline) and needs to be updated.

For more information, see Setting the Level of Security for the Java Client.

JRE Expiration Date

The JRE relies on periodic checks with an Oracle Server to determine if it (the JRE)is still considered up-to-date with all the available security fixes (above the security baseline). In the past, if the JRE was unable to contact the Oracle Server, it continued to behave as though it is still the most recent version with regard to security, for an indefinite period.

To avoid this problem, a secondary mechanism, that does not rely on external communication, has been added to the JDK 7u10. From this release onwards, all JREs will contain a hard-coded expiration date. The expiration date is calculated to end after the scheduled release of the next Critical Patch Update.

This means that JREs that are unable to contact Oracle Servers for an extended period of time, will now start offering additional protection after a reasonable period, and will not continue to behave as if they were still up-to-date with security fixes.

Bug Fixes

Notable Bug Fixes in JDK 7u10

The following are some of the notable bug fixes included in JDK 7u10.

Area: java command
Description: Wildcard expansion for single entry classpath does not work on Windows platforms.

The Java command and Setting the classpath documents describe how the wildcard character (*) can be used in a classpath element to expand into a list of the .jar files in the associated directory, separated by the classpath separator (;).

This wildcard expansion does not work in a Windows command shell for a single element classpath due to the Microsoft bug described in Wildcard Handling is Broken.

On Windows, wildcard expansion will be supported only for -cp, -classpath options and application arguments.

See 7146424.

For a list of other bug fixes included in this release, see JDK 7u10 Bug Fixes page.

Known Issues

Area: deploy
Synopsis: Jnlp shortcuts do not run after upgrading to 7u10 on Mac OS_X platform.

Jnlp shortcuts that are created prior to JRE 7u10 upgrade, and not run after upgrading to JRE 7u10, will not run if JRE has subsequently been disabled.

The workaround is to enable the JRE, run the jnlp shortcuts and then disable the JRE.

Area: deploy
Synopsis: System level disable switch does not work on Mac OS_X (10.8) platform.

On some systems running Mac OS X Mountain Lion (version 10.8), applying system level switch from the Java Control Panel to enable or disable Java does not work even though the correct credentials have been provided.

The workaround is to delete the file /Library/Application Support/Oracle/Java/Info.plist and then re-install the JRE.

Area: install
Synopsis: Regression - when JDK 7u2 is installed after JDK 7u10, applets do not work in Internet Explorer.

As a workaround, uninstall JDK 7u10 and re-install it.

Area: deploy/plugin
Synopsis: Enabled Plug-in option status is not updated in Java control panel on Windows platform.

Due to a bug in JDK 7u10 on Windows, after the user disabled Java and re-enabled it from Java Control Panel's Enable Java Content in Browser check box, the Java Plug-in registered for Internet Explorer will become the old Plug-in.

In order to re-enable the default (new) plug-in, please check the check box named Enable the next generation Java Plug-in, in Java Control Panel's Advanced tab.

See 8002342.