The Oracle Critical Patch Update (CPU) for October 2016 includes updates for several Oracle products including Java SE [1].
Airlock WAF and Login/IAM are not affected
Details: The seven Java vulnerabilities affect solely Java deployments that load and run untrusted code especially Java Web Start and sandboxing. The Java code on Airlock WAF and Login/IAM is trusted and therefore not affected.