(By bundling, I mean we extract a copy of the JRE in our installation directory--we don't install the JRE and configure it as the system default.) The problem is, it's a hassle having to keep that JRE up-to-date because first we have to retest everything to make sure the update didn't break anything (it has broken some of our third-party dependencies in the past).
How seriously, if at all, are we putting our customers at risk if we don't update our SDK/JDK and the runtime/JRE that we bundle with our product every time there's a security update?
The next scheduled build environment update is early April.
If you can find a PPA to supply a JDK 8 package, you can use The repository https://launchpad.net/~webupd8team/ archive/ubuntu/java now provides Oracle Java SE 8u40 packages.
It would be great when they could get installed on the Travis systems, my project depends on the new Java FX API introduced in this Java version.
before_install: - rm -rf ~/.linuxbrew - yes | ruby -e "$(curl -fs SL https://raw.githubusercontent.com/Homebrew/linuxbrew/go/install)" - export PATH="$HOME/.linuxbrew/bin:$PATH" - export MANPATH="$HOME/.linuxbrew/share/man:$MANPATH" - export INFOPATH="$HOME/.linuxbrew/share/info:$INFOPATH" - brew install jdk - brew install scala - brew install sbt script: - sbt test We've had to postpone the April update.
We're currently on 8u66, we'll probably update to 72 by late February.
I wasn't sure if the JCE files are in lock-step with the Java JDK releases or not.
i searched and not found how to upgrade oracle jdk in here.
It will be announced in and the mailing list (see
While we did that, 8u45 became available, so the update will contain that.
;) That depends on the nature of the security holes and that of your application.
The most popular and major ones that have been fixed are related to applets.