The Java Runtime Environment (JRE) contains the software and tools that
users need to run applets and applications written using the Java
programming language.
A vulnerability was found in in Java Web Start. If a user visits a
malicious website, an attacker could misuse this flaw to execute arbitrary
code. (CVE-2008-2086)
Additionally, these packages fix several other vulnerabilities. These are
summarized in the “Advance notification of Security Updates for Java SE”
from Sun Microsystems.
Users of java-1.5.0-sun should upgrade to these updated packages, which
correct these issues.