The remote host is missing updates announced in advisory GLSA 200506-14.

All Sun JDK users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose '>=dev-java/sun-jdk-1.4.2.08' All Sun JRE users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose '>=dev-java/sun-jre-bin-1.4.2.08' All Blackdown JDK users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose '>=dev-java/blackdown-jdk-1.4.2.02' All Blackdown JRE users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose '>=dev-java/blackdown-jre-1.4.2.02' Note to SPARC users: There is no stable secure Blackdown Java for the SPARC architecture. Affected users should remove the package until a SPARC package is released. http://www.securityspace.com/smysecure/catid.html?in=GLSA%20200506-14 http://bugs.gentoo.org/show_bug.cgi?id=96092 http://bugs.gentoo.org/show_bug.cgi?id=96229 http://sunsolve.sun.com/search/document.do?assetkey=1-26-101749-1 http://www.blackdown.org/java-linux/java2-status/security/Blackdown-SA-2005-02.txt

Sun's and Blackdown's JDK or JRE may allow untrusted applets to elevate their privileges.