You are here

Java Critical Patch Update February 2013

IDs: 
CVE-2013-0169
Keywords: 
Java CPU February 2013, Lucky Thirteen
Description: 

Java SE CPU February 2013

Oracle Java SE CPU (Critical Patch Update) contains various top-rated security fixes. Most of them are affecting client deployments of Java only. Airlock is not affected by them.

Lucky Thirteen, CVE-2013-0169

The only fix that affects server deployments regards CVE-2013-0169 (known as "Lucky Thirteen" attack). Airlock does not offer any SSL server implemented in Java. For this reason there is no indication to apply the newer Java version to Airlock.

Please read our statement about Lucky Thirteen in general.

Resolution: 

for Airlock: no action required

We strongly recommend to update all client installations of Java - or even better uninstalling Java from clients where it is not needed.

Component: 
Airlock
Airlock Vulnerability Status: 
No action required
Back-end Vulnerability Status: 
Does not affect back-end behind Airlock