A zero-day vulnerability affecting sandboxed Java Web Start applications and sandboxed Java applets was recently announced, the first one for Java in nearly two years. Concerns that the vulnerability is already being exploited, together with the ease of exploitation, gave this vulnerability the highest CVSS risk score. Oracle has issued a patch and urges customers to upgrade as soon as possible.
The community has started discussions around what to do about sun.misc.Unsafe. Despite being part of an unsupported, proprietary API, this class is widely used by a number of popular tools due to its ability to provide low-level access to memory management. Given that Oracle has indicated their desire to remove this class at some point, developers are looking for viable alternatives.
JRuby released version 9000, the ninth release of the popular implementation of Ruby for the Java Virtual Machine. InfoQ speaks to Charles Oliver Nutter co-lead of the JRuby project and senior engineer at Red Hat about the release and about Ruby in general.
As previously mentioned on InfoQ, Oracle had proposed JEP 248, about making G1 the default garbage collector, to be included in the list of JEPs targeting Java 9; recently, Oracle has confirmed such decision and made it official. The decision triggered a lengthy debate in the HotSpot’s email discussion list, which concluded with a provision to defer the change if G1 proves not to be fully ready.
The OpenJDK Adoption Group is requesting community feedback on the newly announced comprehensive list of feature additions, changes and removals projected for Java 9. InfoQ talks to the Java Champions group about what to expect from Java 9 and how to get involved.
Richard and Raoul, who provide in person training courses on Java 8, offered a joint presentation at Devoxx UK 2015 where they discussed the origins and motivations for Generics in Java, some of the less known current features, and a glimpse of what might be coming up in Java 10. The presentation was split into three distinctive sections: past, present and future of Generics.
Today, the Eclipse Foundation announced the release of Eclipse Mars, the tenth annual combined release of Eclipse software. The Eclipse IDE incorporates additional Docker tooling, better Maven and Gradle support, enhanced Java 8 features and early access support for Java 9 via an additional install. Read on to find out more about the release.
On June 12, 2015, the Jetty Project released version 9.3 of their flagship open source embedded application server, that day being the 20th anniversary of the project's beginning. Features of the release include HTTP/2 server (and client) support, Java 8 as a minimum, more Java NIO integration and an overhauled scheduler. They also removed SPDY networking support and fixed over 400 bugs.
Microsoft is now classifying as malware and blocking the installation of older versions of the Ask Toolbar, currently bundled within the Java installer; however, the latest version of the toolbar will still work with no problems. The decision aligns with Microsoft recent’s policy to classify as malware any search protection code: code that prevents the user from changing the default search engine.
JVM monitoring vendor Plumbr has added slow query detection to its flagship product. With this addition, Plumbr now detects four types of problems: Memory Leaks, Garbage Collection Inefficiencies, Locked Threads and Expensive JDBC Operations.
Last week, RedHat hosted a "Microservices Architecture Developer Day" in London, and presented a set of technologies and patterns that can be used to create microservice-based applications using open-source solutions like Kubernetes, Docker, Fabric8 and Maven. Read on for more details about the day, including links to the presentations and demo videos.
Oracle is considering including JEP 248, making G1 the default garbage collector on server configurations, into the list of JEPs targeting Java 9. The decision has triggered some debate among the Java community, with many arguing that the CMS collector could have been more suitable.
Facebook has open sourced Infer, a static analysis tool for C, Java and Objective-C.
Typesafe's Play team has released version 2.4 "Damiya" of their web framework. By embracing dependency injection, the refactoring towards better modularization that was started in 2.3 has continued in this release. Play 2.4 requires Java 8 and uses Lambdas and Default Methods in Play's Java-API.
CONTENT IN THIS BOX PROVIDED BY OUR SPONSOR
The application intelligence company
- Automated application behavior learning
- Self-configuring platform
- Flexible deployment
- Low production overhead (production ready 24x7)
Start your Free Trial of fully featured AppDynamics Pro. Keep AppDynamics Lite free forever after the trial.
Featured Blog Content
By Kalyan Ramanathan | June 23, 2015
By Eric Smith | March 24, 2015
By Steven Haines | April 2, 2015
White papers and Assets