Oracle updates Java version numbering in light of recent security vulnerabilities
Finally Oracle have bowed to growing pressure and come up with a quick-fix to the security problems besieging Java.
As announced in a company bulletin last Tuesday, the company explained the type of releases wouldn’t change but their frequency and numbering would.
From now on, Limited Update releases will be numbered in multiples of 20, while CPUs will be in multiples of 5 following on from the prior Limited Update, adding one when it falls on an even number.
Therefore, the upcoming schedule for JDK 7 is as follows:7u40 then 7u45, 7u51, 7u55.
The cycle after that will be Limited Update 7u60, succeeded by CPUs 7u65, 7u71 and 7u75.
Crystal clear right?
Oracle say the new strategy allows them to insert security patches when necessary, without having a knock-on effect later in the order. The solution also retains backward compatibility with legacy systems.
Java’s steward admitted that the solution was a “compromise” with “a more elegant” option of “changing the version format of the JDK to accommodate multiple types of releases” impossible until a future major release comes along. It would be a seismic shift which would cause incompatibilities and would also need adequate time for developers to adjust.
While some might be confused by this approach or say that it doesn’t go far enough, it’s the only option left on the table for Oracle. Continuing to endure the negative press and the wrath of the community as more security vulnerabilities are found isn’t ideal, but neither is more upheaval than necessary just at the moment. With Java 8 falling foul of security issues last month, it’s now or never.
Image courtesy of CarbonNYC