The IBM 1.4.2 SR13-FP8 Java release includes the IBM Java 2 RuntimeEnvironment and the IBM Java 2 Software Development Kit.A denial of service flaw was found in the way certain strings wereconverted to Double objects. A remote attacker could use this flaw to causeJava based applications to hang, for example, if they parsed Double valuesin a specially-crafted HTTP request. (CVE-2010-4476)Note: The java-1.4.2-ibm packages were renamed to java-1.4.2-ibm-sap tocorrect a naming overlap; however, java-1.4.2-ibm-sap does notautomatically obsolete the previous java-1.4.2-ibm packages for Red HatEnterprise Linux 4 and 5 for SAP. Refer to the RHBA-2010:0491 andRHBA-2010:0530 advisories, listed in the References, for furtherinformation.All users of java-1.4.2-ibm-sap for Red Hat Enterprise Linux 4, 5 and 6 forSAP are advised to upgrade to these updated packages, which contain the IBM1.4.2 SR13-FP8 Java release. All running instances of IBM Java must berestarted for this update to take effect.