Mac Java security vulnerability upgrade - issue.

Similar Messages

• We use an add-on in one of our online solutions and we've identified a security vulnerability. The issue has been addressed in our latest add-ons and we would like to know how we may blocklist our previous player through a firefox update?

  We use an add-on in one of our online solutions and we've identified a security vulnerability. The issue has been addressed in our latest add-ons and we would like to know how we may blocklist our previous player through a firefox update?

  You can file a bug report to do that request.
  http://developer.mozilla.org/en/docs/Bug_writing_guidelines

• EHP Upgrade Issue - Java Stack

  Hi,
  Our Source System at NW 7.0 SP13 and we are upgrading the system to EHP1 SP03.
  Upgrade failed at Downtime > DEPLOY_ONLINE_DEPL phase.
  Error log:
  Sep 9, 2009 10:11:51 PM [Error]:                       com.sap.sdt.ucp.phases.AbstractPhaseType.doExecute(AbstractPhaseType.java:863) [Thread[main,5,main]]: Exception has occurred during the execution of the phase.
  Sep 9, 2009 10:11:51 PM [Error]:             com.sap.sdt.jspm.unattended.RequestController.addContextInfo(RequestController.java:178) [Thread[main,5,main]]: Deployment of queue sapjup-queue completed with error
  JSPM version is 7.01.3.0.15. Current JSPM log directory is /usr/sap/XPD/JC00/j2ee/JSPM/log/log_2009_09_09_16_09_42.
  Sep 9, 2009 10:11:51 PM [Error]: com.sap.sdt.sapjup.tools.sapjupjspm.SAPJupJSPMRapiAdapter.createAndLogRapiException(SAPJupJSPMRapiAdapter.java:698) [Thread[main,5,main]]: The deployment of the queue failed.
  Sep 9, 2009 10:11:51 PM [Error]: com.sap.sdt.sapjup.tools.sapjupjspm.deploy.SAPJupJSPMDeployer.deployList(SAPJupJSPMDeployer.java:68) [Thread[main,5,main]]: Could not execute deployment of stack file /usr/sap/trans/EPS/in/XPD.xml.
  Sep 9, 2009 10:11:51 PM [Error]:      com.sap.sdt.j2ee.phases.PhaseTypeDeploymentManager.execute(PhaseTypeDeploymentManager.java:519) [Thread[main,5,main]]: Error while executing DeploymentManager phase with action deploySlot. Check the log files for the specified action.
  Sep 9, 2009 10:11:51 PM [Info]:                         com.sap.sdt.ucp.phases.AbstractPhaseType.cleanup(AbstractPhaseType.java:906) [Thread[main,5,main]]: Phase UPGRADE/DEPLOYMENT_BASED_UPGRADE/DEPLOY_ONLINE_DEPL has been completed.
  Sep 9, 2009 10:11:51 PM [Info]:                         com.sap.sdt.ucp.phases.AbstractPhaseType.cleanup(AbstractPhaseType.java:907) [Thread[main,5,main]]: Start time: 2009/09/09 22:09:42.
  Sep 9, 2009 10:11:51 PM [Info]:                         com.sap.sdt.ucp.phases.AbstractPhaseType.cleanup(AbstractPhaseType.java:909) [Thread[main,5,main]]: End time: 2009/09/09 22:11:51.
  Sep 9, 2009 10:11:51 PM [Info]:                         com.sap.sdt.ucp.phases.AbstractPhaseType.cleanup(AbstractPhaseType.java:910) [Thread[main,5,main]]: Duration: 0:02:08.248.
  Sep 9, 2009 10:11:51 PM [Info]:                         com.sap.sdt.ucp.phases.AbstractPhaseType.cleanup(AbstractPhaseType.java:911) [Thread[main,5,main]]: Phase status is error.
  I went through the following link , proceeded with option 2, But still getting same error.  
  Portal Upgrade Issue
  Please advise the resolution for the issue I have.
  Thanks in advance
  Regards
  Srinivas
  Edited by: Srinivas Dasari on Sep 10, 2009 5:48 AM
  Edited by: Srinivas Dasari on Sep 10, 2009 5:48 AM

  Issue resolved

• HT1338 There is a lot of talk about the Java security issues and the ability to download a patch fix, do i need to do this or will software update pick this up for me?

  There is a lot of talk about the Java security issues and the ability to download an apple patch fix, do i need to do this or will software update pick this up for me?

  Thanks for that, how do I establish if I have Java installed as on Safari preferences it indicates the following
  Web content - Enable Java
                      - Enable JavaScript

• MII Workbench and java security Issue for jdk7

  Hello all,
  I am using MII version 12.2.2 Build(234) and java version jdk7.
  Now,I am not able to open or create a transaction in workbench.
  In java console, an error is shown below:
  AWT-EventQueue-0 [ERROR] - java.lang.ExceptionInInitializerError
       at com.sap.lhcommon.expressioneval.ExpressionLoader.<clinit>(ExpressionLoader.java:282)
       at com.sap.xmii.bls.expressioneval.TransactionFunctions.<clinit>(TransactionFunctions.java:27)
       at com.sap.xmii.xacute.editors.common.FunctionsComboBox.createBox(FunctionsComboBox.java:45)
       at com.sap.xmii.xacute.editors.common.FunctionsComboBox.<init>(FunctionsComboBox.java:39)
       at com.sap.xmii.xacute.editors.transaction.dialogs.linkeditor.LinkEditorPanel.createExpressionEditorPanel(LinkEditorPanel.java:1033)
       at com.sap.xmii.xacute.editors.transaction.dialogs.linkeditor.LinkEditorPanel.initialize(LinkEditorPanel.java:316)
       at com.sap.xmii.xacute.editors.transaction.dialogs.linkeditor.LinkEditorPanel.<init>(LinkEditorPanel.java:198)
       at com.sap.xmii.xacute.editors.transaction.dialogs.linkeditor.LinkEditorBottomPanel.<clinit>(LinkEditorBottomPanel.java:28)
       at com.sap.xmii.Illuminator.gui.workbench.core.TransactionInfo.initDisplay(TransactionInfo.java:353)
       at com.sap.xmii.Illuminator.gui.workbench.core.TransactionInfo.createNewFile(TransactionInfo.java:149)
       at com.sap.xmii.Illuminator.gui.workbench.components.actions.actions.NewAction.createFileInfoObject(NewAction.java:194)
       at com.sap.xmii.Illuminator.gui.workbench.components.actions.actions.NewAction$1.construct(NewAction.java:115)
       at com.sap.lhcommon.gui.ThreadCreator$2.run(ThreadCreator.java:96)
       at java.lang.Thread.run(Unknown Source)
  Caused by: java.security.AccessControlException: access denied ("java.lang.RuntimePermission" "accessClassInPackage.sun.security.action")
       at java.security.AccessControlContext.checkPermission(Unknown Source)
       at java.security.AccessController.checkPermission(Unknown Source)
       at java.lang.SecurityManager.checkPermission(Unknown Source)
       at java.lang.SecurityManager.checkPackageAccess(Unknown Source)
       at sun.misc.Launcher$AppClassLoader.loadClass(Unknown Source)
       at java.lang.ClassLoader.loadClass(Unknown Source)
       at com.sun.jnlp.JNLPPreverifyClassLoader.loadClass0(Unknown Source)
       at com.sun.jnlp.JNLPPreverifyClassLoader.loadClass(Unknown Source)
       at com.sun.jnlp.JNLPPreverifyClassLoader.loadClass(Unknown Source)
       at java.lang.ClassLoader.loadClass(Unknown Source)
       at java.lang.ClassLoader.loadClass(Unknown Source)
       at com.sap.lhcommon.expressioneval.functions.DecodeFunction.<clinit>(DecodeFunction.java:83)
       ... 14 more
  I also modified the 'java.policy' file. But it did not work. I am still getting the same error.
  Kindly advise..
  Thanks,
  Ritwika.

  I do not yet know the security implications of doing what I did to fix this issue, but here is my solution.
  I added the following to the jre7 java.policy file in the section "grant {":
  permission java.lang.RuntimePermission "accessClassInPackage.sun.security.action";

• What to do about the recent Java security issue?

  I am reading about the Java security issue. Do I need to do something with Safari?

  Open Safari preferences, click on the Security icon in the toolbar. Uncheck the Enable Java option.

• Upgrade to GnuTLS 3.2.12 to Avoid Security Vulnerability

  Per ArsTechnica, RedHat discovered a security vulnerability in GnuTLS and published an alert on March 3. Thanks to andyrtr, the safe version (3.2.12-1) was pushed into extra on March 3 (i.e., same day).
  You might consider updating GnuTLS.
  Further details
  http://arstechnica.com/security/2014/03 … sdropping/
  Last edited by snakeroot (2014-03-04 23:53:21)

  nourathar wrote:
  nomorewindows wrote:pacman -Qi gnutls would give this for installed applications that use it.
  Hi nomorewindows,
  $ pacman -Qi gnutls
  Name : gnutls
  Version : 3.2.12-1
  Description : A library which provides a secure layer over a reliable transport layer
  Architecture : x86_64
  URL : http://www.gnutls.org/
  Licenses : GPL3 LGPL2.1
  Groups : None
  Provides : None
  Depends On : gcc-libs libtasn1 readline zlib nettle p11-kit
  Optional Deps : None
  Required By : ffmpeg filezilla glib-networking gnome-vfs gst-plugins-bad libimobiledevice smbclient
  Optional For : None
  Conflicts With : None
  Replaces : None
  Installed Size : 4703.00 KiB
  Packager : Andreas Radke <[email protected]>
  Build Date : Mon 03 Mar 2014 04:09:47 PM CET
  Install Date : Tue 04 Mar 2014 11:24:30 PM CET
  Install Reason : Installed as a dependency for another package
  Install Script : Yes
  Validated By : Signature
  the output is very different though and in my case  it lists only 7 packages.
  It makes me really wonder what 'whoneeds' actually does ?
  I suppose 'whoneeds' lists all the packages I have installed that require one of these 7 and so recursively on ?
  ciao,
  J.
  Notice it said 49 of his 495 packages.  And also notice that the same ones listed in your output are also in his output above.

• SecureSocketListener: Could not setup context and create a secure socket on 142.182.112.123:5555 : java.security.cert.CertificateParsingException: PKIX: Unsupported OID in the AlgorithmIdentifier object: 1.2.840.113549.1.1.11. java.security.cert.Certifica

  HI Team,
  while starting the node manager in wls 8.1 and java1.4
  we are facing this issue plz help on this immediately.
  + CLASSPATH=/srvrs/bdv/patches/CR210310_81sp4.jar:/usr/java14/lib/tools.jar:/srvrs/bdv/bea/weblogic81/server/lib/weblogic_sp.jar:/srvrs/bdv/bea/weblogic81/server/lib/weblogic.jar::/srvrs/bdv/bea
  + export CLASSPATH
  + export PATH
  + set -x
  + [ 5555 !=  ]
  + [ 142.182.112.123 !=  ]
  + /usr/java14/bin/java -Xms32m -Xmx32m -Dweblogic.security.SSL.enforceConstraints=off -Djava.security.policy=/srvrs/bdv/bea/weblogic81/server/lib/weblogic.policy -Dweblogic.nodemanager.javaHome=/usr/java14 -DListenAddress=142.182.112.123 -DListenPort=5555 weblogic.NodeManager
  <Sep 15, 2013 7:35:26 AM EDT> <Info> <NodeManager> <NodeManager: for information on command line options,  try "java weblogic.NodeManager -h">
  <Sep 15, 2013 7:35:26 AM EDT> <Info> <NodeManager> <Starting NodeManager >
  <Sep 15, 2013 7:35:26 AM EDT> <Info> <NodeManager> <Setting listenAddress to 142.182.112.123..>
  <Sep 15, 2013 7:35:26 AM EDT> <Info> <NodeManager> <Setting listenPort to 5,555..>
  <Sep 15, 2013 7:35:26 AM EDT> <Info> <NodeManager> <Setting java home to '/usr/java14'>
  <Sep 15, 2013 7:35:26 AM EDT> <Info> <NodeManager> <Effective values of properties :
          ListenAddress=142.182.112.123
          ListenPort=5555
          ListenerType=secureSocket
          SavedLogsDirectory=NodeManagerLogs
          NativeVersionEnabled=true
          TrustedHosts=nodemanager.hosts
          StartTemplate=../../server/lib/unix/nodemanager.sh
          ReverseDnsEnabled=false
          ScavangerDelaySeconds=180
          PIDFileReadRetryCount=0
          WeblogicHome=null
          bea.home=null
          JavaHome=/usr/java14
          PropertiesVersion=8.1
  >
  <Sep 15, 2013 7:35:26 AM EDT> <Info> <NodeManager> <Saving logs in'NodeManagerLogs'>
  <Sep 15, 2013 7:35:31 AM EDT> <Info> <[email protected]:5555> <Reading private key and certificate chain from the keystore /srvrs/bdv/bea/weblogic81/server/lib/DemoIdentity.jks. KeyStore type = jks, Using keystore passphrase = true, Alias = DemoIdentity>
  <Sep 15, 2013 7:35:31 AM EDT> <Info> <[email protected]:5555> <Reading trusted CAs from the keystore /srvrs/bdv/bea/weblogic81/server/lib/DemoTrust.jks. KeyStore type = jks, Using keystore passphrase = true>
  <Sep 15, 2013 7:35:31 AM EDT> <Info> <[email protected]:5555> <Reading trusted CAs from the keystore /usr/java14/jre/lib/security/cacerts. KeyStore type = jks, Using keystore passphrase = false>
  SecureSocketListener: Could not setup context and create a secure socket on 142.182.112.123:5555 : java.security.cert.CertificateParsingException: PKIX: Unsupported OID in the AlgorithmIdentifier object: 1.2.840.113549.1.1.11.
  java.security.cert.CertificateParsingException: PKIX: Unsupported OID in the AlgorithmIdentifier object: 1.2.840.113549.1.1.11
          at com.certicom.security.cert.internal.x509.X509V3CertImpl.<init>(Unknown Source)
          at com.certicom.tls.interfaceimpl.CertificateSupport.addTrustedCertificate(Unknown Source)
          at com.certicom.net.ssl.SSLContext.addTrustedCertificate(Unknown Source)
          at com.bea.sslplus.CerticomSSLContext.addTrustedCA(Unknown Source)
          at weblogic.security.utils.SSLContextWrapper.addTrustedCA(SSLContextWrapper.java:52)
          at weblogic.nodemanager.internal.SecureSocketListener.run(SecureSocketListener.java:57)
          at weblogic.nodemanager.internal.GenericListener.startListener(GenericListener.java:16)
          at weblogic.nodemanager.NodeManager.startSecureSocketListener(NodeManager.java:461)
          at weblogic.nodemanager.NodeManager.init(NodeManager.java:305)
          at weblogic.nodemanager.NodeManager.run(NodeManager.java:511)
          at weblogic.NodeManager.main(NodeManager.java:31)
  Thanks,
  Eswar

  Hi,
  Did you find a solution to this? We are running into the same issue since upgrading to Weblogic 9.2.3 for WebCT Vista 8.0.4.
  Thanks,
  Ron

• JComboBox makes for nice security vulnerability under X11?

  I noticed a couple years ago that when I set a breakpoint inside a JComboBox state change event handler on a Java application or applet running under X11, the entire desktop would hang. Back then, I checked the Swing bug database and found an issue regarding this, but it was closed with an evaluation that pretty much simply said that the developer didn't know how to fix it.
  When I brought this up in the netbeans mailing list, someone suggested that this could be a security issue if someone intentionally/programmatically stopped all processing from within this event handler (perhaps from an applet). Perhaps, as a security vulnerability this bug would get more attention!
  Well, it's been over a year and the latest JDK 1.6b10 (build 25) still has this problem. So, obviously it's not bothering anyone, except me, enough to do anything about it. I could try to file this bug under Swing again (probably with same outcome) or try filing it as a security bug. What are people's thoughts?

  Hi
  Try going here:
  http://europe.nokia.com/A4423034
  Or alternatively : find the product pages for the 5700 by going to www.nokia.com/phones, then pick out 5700, then dip into "PC software" and "Music"
  Cheers

• Java PDK Bugs and Issues

  Here are some bugs and issues I've run across using the JPDK that I thought other
  developers should be aware of. The following information comes from using JPDK
  1.1 with Oracle Portal Version 3.0.6.3.3 Early Adopter on Windows 2000.
  1) Do not use a colon character (':') in the String value returned by the method getTitle( Locale l ) in the class Portlet. Registering the provider will appear to succeed, but when you view the Portlet Repository you will get the following error message:
  An Unhandled Exception has occurred. ORA-06502: PL/SQL: numeric or value error:
  character to number conversion error
  Your provider and its portlets will not appear in the Portlet Repository when this error occurs.
  Perhaps other characters will cause this error as well.
  2) The Provider class method initSession() is supposed to propagate the array of returned Cookies back to the browser. The Cookies are never propagated to the browser. This is a huge road-block for our application and we need to have this problem fixed as there is no workaround.
  3) There is a limit to the number of portlets you can have per provider. I initially wrote a provider class that managed 19 portlet classes. However, after registering the provider only 17 portlet classes were loaded by the provider and/or displayed by the Portlet Repository. I had to create a second provider to manage additional portlets. The second provider worked out fine for me because I have 5 portlets that are for "administrator" users only. Moving these portlets left 14 portlets for the first provider to manage.
  Note: I don't know if this error occurs using the provider.xml method of implementing a provider and its portlets. My provider and portlets are implemented directly using the Java class API's.
  4) Sometimes I will receive the error "Meta data missing for portlet ID=<number>" when a portlet is rendered for the first time. This error does not occur often but when the error happens two conditions are met:
  a) The portlet is being rendered for the first time
  b) The HTTP and Web Assistant NT services have recently been started.
  This error is obviously caused by some timeout but increasing the timeout values
  for both the provider and the portlet has no effect. This error may be restricted to the NT platform.
  The following notes are not bugs but issues to be aware of:
  1) Make sure you have the "sessiontimeout" parameter defined when declaring the initArgs of a servlet in the zone.properties file and you intend to register your provider with a "Login Frequency" of "Once per User Session". For example:
  servlet.urlservlet.initArgs=debuglevel=1,sessiontimeout=1800000
  If you leave off the session timeout, Oracle Portal will call your provider's initSession() method for every request constantly generating new a session ID.
  2) Currently there is no means to check whether a ProviderUser has administrative
  privileges. This feature would be extremely helpful for restricting which portlets a user has access to when the provider's getPortlets() method is called.
  3) Currently there is no Java API for storing user and global preferences in the
  Oracle database. The JPDK provides a PersonalizationManager class but the method
  of storing the preferences needs to be implemented by the developer.
  The default Personalization Manager persists user preferences as a file
  to disk. However, this method opens up security holes and hinders scaleability.
  We got around the security and scalability issues by using Oracle's JDBC
  driver to persist user and global preferences to custom tables in the underlying Oracle database.
  I would appreciate hearing from anyone who has run across the cookie propagation issue and has any further insights.
  Thanks...
  Dave White
  null

  David,
  Thank you for your feedback on the JPDK. The information you provide helps us understand how customers are using 9iAS
  Portal and its development kits. I apologize for the delay in getting back with you. Since you are using the Early Adopters
  release, we wanted to test a few of the bugs and issues on the production release of 9iAS Portal.
  1) Using a colon character (:) in the String value returned by the method getTitle(Locale l) returned the ORA-06502 error is a
  known issue. This issue actually occurs within 9iAS Portal and should be resolved in the first maintenance release scheduled
  for 9iAS Portal.
  Waiting on reply from Nilay on #1
  2) The Provider class method initSession() not propagating the array of returned cookies back to the browser is an issue that we are currently working on. This bug has been fixed for most cases in the first maintenance release. A 100% fix of this issue is still being worked on.
  3) The limit to the number of portlets you can have per provider was an issue in the Early Adopter release, but is no longer an issue with 9iAS Portal production. Upgrade to the production release and you should no longer see this problem.
  4) The error "Meta data missing for portlet ID=<number>". I have not seen or heard about others receiving this same message. For this error, can you upgrade to the production version and let me know if you still receive this error message. At that time we can check for differences within the configuration.
  Not bug, but issues......
  1) You have made a good point with the sessiontimeout parameter. The JPDK uses servlet 2.0 APIs which does not provide access to the sessiontimeout. Currently, you will need to specify the sessiontimeout parameter in the zone.properties file.
  2) This is true. Currently there is no means to check whether a ProviderUser has administrative privileges. This is on our features list for future enhancements.
  3) This is also true. The DefaultPortletPersonalizationManager was created as a default runtime for developers not used to writing portlet code. It allows developers to write portlet code without concentrating on the underlying framework. Once a developer becomes more experienced with the JPDK and portlet environment, we encourage them to create their own
  customization manager. This includes changing how the portlet repository is stored or changing how the user customization is
  handled and where it is stored. You have no limitations as long as you follow the guidelines of the PortletPersonalizationManager interface.
  I hope this information helped. Again, we appreciate and welcome this type of feedback, it helps us not only locate bugs and issues, but also helps prioritize our enhancement list.
  Sue

• Re: java.security.AccessControlException: access denied (java.util.PropertyPermission weblogic.kernel.allowQueueThrottling read)

  This looks like it might be a bug in 6.1SP5,
            weblogic/kernel/Kernel.java at line 85.
            It's trying to do the right thing to ignore an exception if in
            an applet but it's ignoring the wrong exception
            (SecurityException, when it looks like the stack
            trace is throwing a java.security.AccessControlException).
            If you need a fix, this would need to go through support
            and be filed as a problem with WLS Core.
            "Ram Gopal" <[email protected]> wrote in message
            news:[email protected]...
            >
            > We are in the process of migrating from Weblogic 6.1 SP2 to SP5. We have
            an applet
            > that subscribes to a JMS Topic.
            > The applet is throwing the following exception with SP5:
            >
            > java.lang.ExceptionInInitializerError:
            java.security.AccessControlException: access
            > denied (java.util.PropertyPermission weblogic.kernel.allowQueueThrottling
            read)
            >
            > at java.security.AccessControlContext.checkPermission(Unknown Source)
            >
            > at java.security.AccessController.checkPermission(Unknown Source)
            >
            > at java.lang.SecurityManager.checkPermission(Unknown Source)
            >
            > at java.lang.SecurityManager.checkPropertyAccess(Unknown Source)
            >
            > at java.lang.System.getProperty(Unknown Source)
            >
            > at weblogic.kernel.Kernel.initAllowThrottleProp(Kernel.java:79)
            >
            > at weblogic.kernel.Kernel.<clinit>(Kernel.java:54)
            >
            > at
            weblogic.jndi.WLInitialContextFactoryDelegate.<init>(WLInitialContextFactory
            Delegate.java:166)
            >
            > at java.lang.Class.newInstance0(Native Method)
            >
            > at java.lang.Class.newInstance(Unknown Source)
            >
            > at
            weblogic.jndi.WLInitialContextFactory.getInitialContext(WLInitialContextFact
            ory.java:147)
            >
            > at javax.naming.spi.NamingManager.getInitialContext(Unknown Source)
            >
            > at javax.naming.InitialContext.getDefaultInitCtx(Unknown Source)
            >
            > at javax.naming.InitialContext.init(Unknown Source)
            >
            > at javax.naming.InitialContext.<init>(Unknown Source)
            >
            > at
            com.fedex.efm.frontend.model.JMSMessageProcessor.<init>(JMSMessageProcessor.
            java:266)
            >
            > at
            com.fedex.efm.frontend.view.EFMAbstractApplet.startMessageProcessor(EFMAbstr
            actApplet.java:81)
            >
            > at
            com.fedex.efm.frontend.view.EFMAbstractApplet.start(EFMAbstractApplet.java:1
            87)
            >
            > at com.fedex.efm.frontend.view.EFMApplet.start(EFMApplet.java:430)
            >
            > at sun.applet.AppletPanel.run(Unknown Source)
            >
            > at java.lang.Thread.run(Unknown Source)
            >
            >
            > Any ideas as to what I am missing?
            >
            > Thanks,
            > Ram
            

  I suggest going through customer support, I don't know what
            the resolution was. You might also try the security newsgroup,
            as no JMS code has been called by the application yet at
            the point the exception is thrown.
            Tom
            lee wrote:
            > All:
            > We are upgrading weblogic 6.0 to weblogic 6.1 and encounted exactly the same error. Just wondering if you guys were able to fix the issue with bea.
            >
            > Your response is highly appreciated.
            >
            > Thanks!
            >
            > Li
            

• Java.security.InvalidKeyException: Illegal key size

  Hi,
  I have developed an adf application using jdeveloper 11g which hosts weblogic 10.3.3.0.
  My adf application has to connect to an external application for credit card validation.
  To achieve this i am using a HTTPURLConnection and passing the external address and attributes that has to be written to it.
  The external application which i am trying to connect is secured starts with https://..
  I get an error as soon i am trying to open the "connection.getOutputStream()".
  Following is the error i am getting
  <Oct 8, 2010 10:32:54 AM CDT> <Notice> <Security> <BEA-090898> <Ignoring the trusted CA certificate "CN=T-TeleSec GlobalRoot Class 3,OU=T-Systems Trust Center,O=T-Systems Enterprise Services GmbH,C=DE". The loading of the trusted certificate list raised a certificate parsing exception PKIX: Unsupported OID in the AlgorithmIdentifier object: 1.2.840.113549.1.1.11.>
  <Oct 8, 2010 10:32:54 AM CDT> <Notice> <Security> <BEA-090898> <Ignoring the trusted CA certificate "CN=T-TeleSec GlobalRoot Class 2,OU=T-Systems Trust Center,O=T-Systems Enterprise Services GmbH,C=DE". The loading of the trusted certificate list raised a certificate parsing exception PKIX: Unsupported OID in the AlgorithmIdentifier object: 1.2.840.113549.1.1.11.>
  <Oct 8, 2010 10:32:54 AM CDT> <Notice> <Security> <BEA-090898> <Ignoring the trusted CA certificate "CN=GlobalSign,O=GlobalSign,OU=GlobalSign Root CA - R3". The loading of the trusted certificate list raised a certificate parsing exception PKIX: Unsupported OID in the AlgorithmIdentifier object: 1.2.840.113549.1.1.11.>
  <Oct 8, 2010 10:32:54 AM CDT> <Notice> <Security> <BEA-090898> <Ignoring the trusted CA certificate "OU=Security Communication RootCA2,O=SECOM Trust Systems CO.\,LTD.,C=JP". The loading of the trusted certificate list raised a certificate parsing exception PKIX: Unsupported OID in the AlgorithmIdentifier object: 1.2.840.113549.1.1.11.>
  <Oct 8, 2010 10:32:54 AM CDT> <Notice> <Security> <BEA-090898> <Ignoring the trusted CA certificate "CN=KEYNECTIS ROOT CA,OU=ROOT,O=KEYNECTIS,C=FR". The loading of the trusted certificate list raised a certificate parsing exception PKIX: Unsupported OID in the AlgorithmIdentifier object: 1.2.840.113549.1.1.11.>
  java.security.InvalidKeyException: Illegal key size
       at javax.crypto.Cipher.a(DashoA13*..)
       at javax.crypto.Cipher.init(DashoA13*..)
       at javax.crypto.Cipher.init(DashoA13*..)
       at com.certicom.tls.provider.Cipher.init(Unknown Source)
       at com.certicom.tls.ciphersuite.SecurityParameters.createWriteCipher(Unknown Source)
       at com.certicom.tls.record.handshake.HandshakeHandler.changeCipherSpec(Unknown Source)
       at com.certicom.tls.record.handshake.ClientStateReceivedCertificate.handle(Unknown Source)
       at com.certicom.tls.record.handshake.HandshakeHandler.handleHandshakeMessage(Unknown Source)
       at com.certicom.tls.record.handshake.HandshakeHandler.handleHandshakeMessages(Unknown Source)
       at com.certicom.tls.record.MessageInterpreter.interpretContent(Unknown Source)
       at com.certicom.tls.record.MessageInterpreter.decryptMessage(Unknown Source)
       at com.certicom.tls.record.ReadHandler.processRecord(Unknown Source)
       at com.certicom.tls.record.ReadHandler.readRecord(Unknown Source)
       at com.certicom.tls.record.ReadHandler.readUntilHandshakeComplete(Unknown Source)
       at com.certicom.tls.interfaceimpl.TLSConnectionImpl.completeHandshake(Unknown Source)
       at com.certicom.tls.record.WriteHandler.write(Unknown Source)
       at com.certicom.io.OutputSSLIOStreamWrapper.write(Unknown Source)
       at java.io.BufferedOutputStream.flushBuffer(BufferedOutputStream.java:66)
       at java.io.BufferedOutputStream.flush(BufferedOutputStream.java:124)The code i am using to connect to the external website is as follows.
      URL url;  
      HttpURLConnection connection = null; 
      try {    
        //Create connection  
        url = new URL(targetURL); 
        connection = (HttpURLConnection)url.openConnection();   
        connection.setRequestMethod("POST");
        connection.setRequestProperty("Content-Type", "application/x-www-form-urlencoded");
       connection.setRequestProperty("Content-Length", "" + Integer.toString(urlParameters.getBytes().length));
        connection.setRequestProperty("Content-Language", "en-US");  
        connection.setUseCaches (false); 
         connection.setDoOutput(true); 
         DataOutputStream wr = new DataOutputStream (      
             connection.getOutputStream ());
              wr.writeBytes (urlParameters);  
              wr.flush ();  
        wr.close ();   
              //Get Response   
        InputStream is = connection.getInputStream();  
        System.out.println("after getting input stream");
      BufferedReader rd = new BufferedReader(new InputStreamReader(is));  
        System.out.println("after BUffered reader");
      String line;  
      StringBuffer response = new StringBuffer();  
        System.out.println("after String buffer");
      while((line = rd.readLine()) != null) {     
        response.append(line);   
        response.append('\r');  
        }      rd.close();  
      return response.toString();
      } catch (Exception e) { 
        e.printStackTrace();   
        return null; 
        } finally { 
        if(connection != null) {      
          connection.disconnect();  
      }I am currently totally clueless , i dont understand what steps should i take. Is this error due to some keystore stuff??
  I even tried to replace the policy files in jre as per some blogs but it still does not work.
  I have very limited knowledge of the security issues with weblogic , i will really appreciate if i can get any links or any help in this matter.
  Thanks in advance
  ash

  The messages prior to the exception are very significant:
  <Oct 8, 2010 10:32:54 AM CDT> <Notice> <Security> <BEA-090898> <Ignoring the trusted CA certificate "CN=T-TeleSec GlobalRoot Class 3,OU=T-Systems Trust Center,O=T-Systems Enterprise Services GmbH,C=DE". The loading of the trusted certificate list raised a certificate parsing exception PKIX: Unsupported OID in the AlgorithmIdentifier object: 1.2.840.113549.1.1.11.>
  <Oct 8, 2010 10:32:54 AM CDT> <Notice> <Security> <BEA-090898> <Ignoring the trusted CA certificate "CN=T-TeleSec GlobalRoot Class 2,OU=T-Systems Trust Center,O=T-Systems Enterprise Services GmbH,C=DE". The loading of the trusted certificate list raised a certificate parsing exception PKIX: Unsupported OID in the AlgorithmIdentifier object: 1.2.840.113549.1.1.11.>
  <Oct 8, 2010 10:32:54 AM CDT> <Notice> <Security> <BEA-090898> <Ignoring the trusted CA certificate "CN=GlobalSign,O=GlobalSign,OU=GlobalSign Root CA - R3". The loading of the trusted certificate list raised a certificate parsing exception PKIX: Unsupported OID in the AlgorithmIdentifier object: 1.2.840.113549.1.1.11.>
  <Oct 8, 2010 10:32:54 AM CDT> <Notice> <Security> <BEA-090898> <Ignoring the trusted CA certificate "OU=Security Communication RootCA2,O=SECOM Trust Systems CO.\,LTD.,C=JP". The loading of the trusted certificate list raised a certificate parsing exception PKIX: Unsupported OID in the AlgorithmIdentifier object: 1.2.840.113549.1.1.11.>
  <Oct 8, 2010 10:32:54 AM CDT> <Notice> <Security> <BEA-090898> <Ignoring the trusted CA certificate "CN=KEYNECTIS ROOT CA,OU=ROOT,O=KEYNECTIS,C=FR". The loading of the trusted certificate list raised a certificate parsing exception PKIX: Unsupported OID in the AlgorithmIdentifier object: 1.2.840.113549.1.1.11.>
  java.security.InvalidKeyException: Illegal key size
  So there are at least 4 certificates in your server's truststore that are causing issues.
  Is your weblogic server using CustomIdentityAndStandardTrust? If so, the the keystore is the $JAVA_HOME/jre/lib/security/cacerts
  You should familiarize yourself with keytool ( in $JAVA_HOME/bin ) and consider removing entries from your trust store unless you absolutely need them and are willing to trust any cert signed by them. There's been a thread about some newer Certificate Authorities ( CAs ) that were included as part of a recent java upgrade which have caused similar "unknown OID" issues.
  For your specific endpoint, you can use your browser to invoke the services' wsdl; this will cause your browser to fetch the certificate from that server
  You can then see what CA is used to sign it. Then see whether that CA is in your truststore.
  There is also a thread with a very simple class to test the SSL handshake:
  Re: Use Server Cert in Managed server not working

• I received a phishing email from what I thought was my bank.  Do I need to do anything to my MAC for security?

  I received a phishing email from what I thought was my bank.  Do I need to do anything to my MAC for security? I have no anti-virus software.

  Evelyn, there is nothing that can prevent you or anyone from falling victim to those attempts to defraud you – other than you.
  "Phishing" scams are the most common way of getting people to voluntarily supply information that should be kept as secure as any other personal possession. "Anti-virus" solutions can't possibly prevent that sort of fraud, and if anything can only lull you into falsely believing you're being protected from threats, be they real or perceived.
  Do you have any further advice so that I don't fear my Mac?
  There is no reason to fear your Mac; it's a tool to be used for your sole benefit. Like any tool though, it can be misused. If there is any explanation for fear, it's a lack of education. Knowledge conquers fear and renders it inert. Learn what real threats actually exist, how to defend yourself from them, and how to distinguish them from those propagated by fear mongering psychopaths that justify their existence by keeping others misinformed. There are an abundance of the latter.
  There will always be threats to your information security associated with using any Internet - connected communications tool:
  You can mitigate those threats by following commonsense practices
  Delegating that responsibility to software is an ineffective defense
  Assuming that any product will protect you from those threats is a hazardous attitude that is likely to result in neglecting point #1 above.
  OS X already includes everything it needs to protect itself from viruses and malware. Keep it that way with software updates from Apple.
  A much better question is "how should I protect my Mac":
  Never install any product that claims to "clean up", "speed up",  "optimize", "boost" or "accelerate" your Mac; to "wash" it, "tune" it, or to make it "shiny". Those claims are absurd.Such products are very aggressively marketed. They are all scams.
  Never install pirated or "cracked" software, software obtained from dubious websites, or other questionable sources.
  Illegally obtained software is almost certain to contain malware.
  "Questionable sources" include but are not limited to spontaneously appearing web pages or popups, download hosting sites such as C net dot com, Softonic dot com, Soft pedia dot com, Download dot com, Mac Update dot com, or any other site whose revenue is primarily derived from junk product advertisements
  If you need to install software that isn't available from the Mac App Store, obtain it only from legitimate sources authorized by the software's developer.
  Don’t supply your password in response to a popup window requesting it, unless you know what it is and the reason your credentials are required.
  Don’t open email attachments from email addresses that you do not recognize, or click links contained in an email:
  Most of these are scams that direct you to fraudulent sites that attempt to convince you to disclose personal information.
  Such "phishing" attempts are the 21st century equivalent of a social exploit that has existed since the dawn of civilization. Don’t fall for it.
  Apple will never ask you to reveal personal information in an email. If you receive an unexpected email from Apple saying your account will be closed unless you take immediate action, just ignore it. If your iCloud, iTunes, or App Store account becomes disabled for valid reasons, you will know when you try to buy something or log in to this support site, and are unable to.
  Don’t install browser extensions unless you understand their purpose. Go to the Safari menu > Preferences > Extensions. If you see any extensions that you do not recognize or understand, simply click the Uninstall button and they will be gone.
  Don’t install Java unless you are certain that you need it:
  Java, a non-Apple product, is a potential vector for malware. If you are required to use Java, be mindful of that possibility.
  Java can be disabled in System Preferences.
  Despite its name JavaScript is unrelated to Java. No malware can infect your Mac through JavaScript. It’s OK to leave it enabled.
  Beware spontaneous popups: Safari menu > Preferences > Security > check "Block popup windows".
  Popup windows are useful and required for some websites, but unsolicited popups are commonly used to deceive people into installing unwanted software they would never intentionally install.
  Popups themselves cannot infect your Mac, but many contain resource-hungry code that will slow down Internet browsing.
  If you ever receive a popup window indicating that your Mac is infected with some ick or that you won some prize, it is 100% fraudulent. Ignore it. The more insistent it is that you upgrade or install something, the more likely it is to be a scam. Close the window or tab and forget it.
  Ignore hyperventilating popular media outlets that thrive by promoting fear and discord with entertainment products arrogantly presented as "news". Learn what real threats actually exist and how to arm yourself against them:
  The most serious threat to your data security is phishing. Most of these attempts are pathetic and are easily recognized, but that hasn't stopped prominent public figures from recently succumbing to this age-old scam.
  OS X viruses do not exist, but intentionally malicious or poorly written code, created by either nefarious or inept individuals, is nothing new.
  Never install something without first knowing what it is, what it does, how it works, and how to get rid of it when you don’t want it any more.
  If you elect to use "anti-virus" software, familiarize yourself with its limitations and potential to cause adverse effects, and apply the principle immediately preceding this one.
  Most such utilities will only slow down and destabilize your Mac while they look for viruses that do not exist, conveying no benefit whatsoever - other than to make you "feel good" about security, when you should actually be exercising sound judgment, derived from accurate knowledge, based on verifiable facts.
  Do install updates from Apple as they become available. No one knows more about Macs and how to protect them than the company that builds them.
  Summary: Use common sense and caution when you use your Mac, just like you would in any social context. There is no product, utility, or magic talisman that can protect you from all the evils of mankind.

• OAM ps1 upgrade issue

  Has anyone faced this issue??I am doing upgrade from OAM 11g r2 to OAM 11g r2 PS1
  copyMbeanXmlFiles('/app01/oracle/Middleware/user_projects/domains/IAM','/app01/oracle/Middleware/IAM_IDM') wls:/DIAM/serverConfig>
  java.io.FileNotFoundException: /app01/oracle/Middleware/user_projects/domains/IAM/output/upgrade/ovd-default-mbeans.xml (No such file or directory)
          at java.io.FileOutputStream.open(Native Method)
          at java.io.FileOutputStream.<init>(FileOutputStream.java:194)
          at java.io.FileOutputStream.<init>(FileOutputStream.java:145)
          at oracle.security.am.upgrade.plugin.util.UpgradeCommonUtil.copyFilesFromSrc(Unknown Source)
          at oracle.security.am.wlst.util.WLSTServerUtil.copyMbeanXmlFiles(WLSTServerUtil.java:1214)
          at oracle.security.am.wlst.util.WLSTServerUtil.executeCommand(WLSTServerUtil.java:208)
          at oracle.security.am.wlst.WLSTWrapper.executeCommand(WLSTWrapper.java:151)
          at oracle.security.am.wlst.WLSTWrapper.execute(WLSTWrapper.java:106)
          at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
          at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
          at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
          at java.lang.reflect.Method.invoke(Method.java:597)
          at org.python.core.PyReflectedFunction.__call__(Unknown Source)
          at org.python.core.PyReflectedFunction.__call__(Unknown Source)
          at org.python.core.PyObject.__call__(Unknown Source)
          at org.python.core.PyObject.invoke(Unknown Source)
          at OamInternal_handler$py.copyMbeanXmlFilesImpl$70(/app01/oracle/Middleware/IAM_IDM/common/script_handlers/OamInternal_handler.py:1179)
          at OamInternal_handler$py.call_function(/app01/oracle/Middleware/IAM_IDM/common/script_handlers/OamInternal_handler.py)
          at org.python.core.PyTableCode.call(Unknown Source)
          at org.python.core.PyTableCode.call(Unknown Source)
          at org.python.core.PyFunction.__call__(Unknown Source)
          at org.python.core.PyObject.invoke(Unknown Source)
          at Oam_common$py.copyMbeanXmlFiles$66(/app01/oracle/Middleware/IAM_IDM/common/script_handlers/Oam_common.py:808)
          at Oam_common$py.call_function(/app01/oracle/Middleware/IAM_IDM/common/script_handlers/Oam_common.py)
          at org.python.core.PyTableCode.call(Unknown Source)
          at org.python.core.PyTableCode.call(Unknown Source)
          at org.python.core.PyFunction.__call__(Unknown Source)
          at org.python.core.PyObject.__call__(Unknown Source)
          at org.python.core.PyObject.invoke(Unknown Source)

  Hi,
  I don't think I've seen that before. Have you performed the post patching step mentioned here: Applying the Latest Oracle Fusion Middleware Patch Set - 11g Release 2 (11.1.2.1)
  In addition to copying the files, it will also save the original ones in the .../output/upgrade directory (See Note 1563490.1), and it looks like a subsequent step is expecting at least one of them to be there.
  Regards,
  Colin

• Java.security.AccessControlException: No READ permission

  I got this a lot after the deployment. Is there a way to correct this?
  Thanks,
  java.security.AccessControlException: No READ permission for key: "weblogic.diagnostics.DiagnosticContext"
  at weblogic.workarea.WorkContextLocalMap.get(WorkContextLocalMap.java:61)
  at weblogic.workarea.WorkContextMapImpl.get(WorkContextMapImpl.java:66)
  at weblogic.diagnostics.context.DiagnosticContextFactory.findOrCreateDiagnosticContext(DiagnosticContextFactory.java
  at weblogic.diagnostics.context.DiagnosticContextFactory.findOrCreateDiagnosticContext(DiagnosticContextFactory.java
  at weblogic.diagnostics.context.DiagnosticContextHelper.getContextId(DiagnosticContextHelper.java:32)
  at weblogic.logging.LogEntryInitializer.getCurrentDiagnosticContextId(LogEntryInitializer.java:104)
  at weblogic.logging.LogEntryInitializer.initializeLogEntry(LogEntryInitializer.java:61)
  at weblogic.logging.WLLogger.log(WLLogger.java:38)
  at weblogic.logging.j2ee.ServletContextLogger.log(ServletContextLogger.java:84)
  at weblogic.servlet.internal.WebAppServletContext.log(WebAppServletContext.java:798)
  at org.springframework.web.servlet.FrameworkServlet.initWebApplicationContext(FrameworkServlet.java:251)
  at org.springframework.web.servlet.FrameworkServlet.initServletBean(FrameworkServlet.java:222)
  at org.springframework.web.servlet.HttpServletBean.init(HttpServletBean.java:117)
  at javax.servlet.GenericServlet.init(GenericServlet.java:256)
  at weblogic.servlet.internal.StubSecurityHelper$ServletInitAction.run(StubSecurityHelper.java:276)
  at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:321)
  at weblogic.security.service.SecurityManager.runAs(SecurityManager.java:121)
  at weblogic.servlet.internal.StubSecurityHelper.createServlet(StubSecurityHelper.java:68)
  at weblogic.servlet.internal.StubLifecycleHelper.createOneInstance(StubLifecycleHelper.java:58)
  at weblogic.servlet.internal.StubLifecycleHelper.<init>(StubLifecycleHelper.java:48)
  at weblogic.servlet.internal.ServletStubImpl.prepareServlet(ServletStubImpl.java:504)
  at weblogic.servlet.internal.WebAppServletContext.preloadServlet(WebAppServletContext.java:1698)
  at weblogic.servlet.internal.WebAppServletContext.loadServletsOnStartup(WebAppServletContext.java:1675)
  at weblogic.servlet.internal.WebAppServletContext.preloadResources(WebAppServletContext.java:1595)
  at weblogic.servlet.internal.WebAppServletContext.start(WebAppServletContext.java:2734)
  at weblogic.servlet.internal.WebAppModule.startContexts(WebAppModule.java:892)
  at weblogic.servlet.internal.WebAppModule.start(WebAppModule.java:336)
  at weblogic.application.internal.flow.ModuleStateDriver$3.next(ModuleStateDriver.java:204)
  at weblogic.application.utils.StateMachineDriver.nextState(StateMachineDriver.java:26)
  at weblogic.application.internal.flow.ModuleStateDriver.start(ModuleStateDriver.java:60)
  at weblogic.application.internal.flow.ScopedModuleDriver.start(ScopedModuleDriver.java:200)
  at weblogic.application.internal.flow.ModuleListenerInvoker.start(ModuleListenerInvoker.java:117)
  at weblogic.application.internal.flow.ModuleStateDriver$3.next(ModuleStateDriver.java:204)
  at weblogic.application.utils.StateMachineDriver.nextState(StateMachineDriver.java:26)
  at weblogic.application.internal.flow.ModuleStateDriver.start(ModuleStateDriver.java:60)
  at weblogic.application.internal.flow.StartModulesFlow.activate(StartModulesFlow.java:26)
  at weblogic.application.internal.BaseDeployment$2.next(BaseDeployment.java:641)
  at weblogic.application.utils.StateMachineDriver.nextState(StateMachineDriver.java:26)
  at weblogic.application.internal.BaseDeployment.activate(BaseDeployment.java:229)
  at weblogic.application.internal.DeploymentStateChecker.activate(DeploymentStateChecker.java:154)
  at weblogic.deploy.internal.targetserver.AppContainerInvoker.activate(AppContainerInvoker.java:80)
  at weblogic.deploy.internal.targetserver.BasicDeployment.activate(BasicDeployment.java:181)
  at weblogic.deploy.internal.targetserver.BasicDeployment.activateFromServerLifecycle(BasicDeployment.java:352)
  at weblogic.management.deploy.internal.DeploymentAdapter$1.doActivate(DeploymentAdapter.java:52)
  at weblogic.management.deploy.internal.DeploymentAdapter.activate(DeploymentAdapter.java:186)
  at weblogic.management.deploy.internal.AppTransition$2.transitionApp(AppTransition.java:30)
  at weblogic.management.deploy.internal.ConfiguredDeployments.transitionApps(ConfiguredDeployments.java:233)
  at weblogic.management.deploy.internal.ConfiguredDeployments.activate(ConfiguredDeployments.java:169)
  at weblogic.management.deploy.internal.ConfiguredDeployments.deploy(ConfiguredDeployments.java:123)
  at weblogic.management.deploy.internal.DeploymentServerService.resume(DeploymentServerService.java:173)
  at weblogic.management.deploy.internal.DeploymentServerService.start(DeploymentServerService.java:89)
  at weblogic.t3.srvr.SubsystemRequest.run(SubsystemRequest.java:67)
  at weblogic.work.ExecuteThread.execute(ExecuteThread.java:209)
  at weblogic.work.ExecuteThread.run(ExecuteThread.java:183)
  at weblogic.servlet.internal.WebAppModule.startContexts(WebAppModule.java:894)
  at weblogic.servlet.internal.WebAppModule.start(WebAppModule.java:336)
  at weblogic.application.internal.flow.ModuleStateDriver$3.next(ModuleStateDriver.java:204)
  at weblogic.application.utils.StateMachineDriver.nextState(StateMachineDriver.java:26)
  at weblogic.application.internal.flow.ModuleStateDriver.start(ModuleStateDriver.java:60)
  Truncated. see log file for complete stacktrace
  java.security.AccessControlException: No READ permission for key: "weblogic.diagnostics.DiagnosticContext"
  at weblogic.workarea.WorkContextLocalMap.get(WorkContextLocalMap.java:61)

  I am having similar issue with, when trying to get anything from JNDI.
  Here is the error and I upgraded wls 8.1 to wls 9.2.
  Thanks.
  <2007-11-02 09:39:44,269> [ERROR] - Error retrieving system parameters (ViewpointProperties.java:<init>:496)
  java.security.AccessControlException: No READ permission for key: "weblogic.app.internal.AdminMode"
  at weblogic.workarea.WorkContextLocalMap.get(WorkContextLocalMap.java:61)
  at weblogic.workarea.WorkContextMapImpl.get(WorkContextMapImpl.java:66)
  at weblogic.application.utils.ApplicationVersionUtils.getCurrentAdminMode(ApplicationVersionUtils.java:469)
  at weblogic.application.utils.ApplicationVersionUtils.isAdminModeRequest(ApplicationVersionUtils.java:485)
  at weblogic.jndi.internal.AdminModeHandler.checkLookup(AdminModeHandler.java:103)
  at weblogic.jndi.internal.ServerNamingNode.lookupHere(ServerNamingNode.java:170)
  at weblogic.jndi.internal.BasicNamingNode.lookup(BasicNamingNode.java:206)
  at weblogic.jndi.internal.WLEventContextImpl.lookup(WLEventContextImpl.java:269)
  at weblogic.jndi.internal.WLContextImpl.lookup(WLContextImpl.java:362)
  at javax.naming.InitialContext.lookup(InitialContext.java:351)