[ https://issues.apache.org/jira/browse/HADOOP-9282?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13786046#comment-13786046 ]
Steve Loughran commented on HADOOP-9282: ---------------------------------------- @Kevin: the security issues are all related to sandbox-breaches in the Java browser plugins. What oracle mean is "they will no longer issue monthly or emergency patches for the latest set of 0-day exploits being seen in the field" # this is not relevant to server-side Java at all # everyone should always turn off the java browser plugin, because the oracle patches trail the exploits by 0-31 days. This doesn't mean that anyone wants to stay with Java6, only that Hadoop places load on the JVMs in a way that almost nothing before has done, and that can find and break a JVM in odd ways -which is also why everyone is keen to point out the specific java versions used. A lot of people are using it on Java7, openjdk7, and we should update the docs for hadoop 2.1 to say that > Java 7 support > -------------- > > Key: HADOOP-9282 > URL: https://issues.apache.org/jira/browse/HADOOP-9282 > Project: Hadoop Common > Issue Type: Bug > Components: documentation > Reporter: Kevin Lyda > > The Hadoop Java Versions page makes no mention of Java 7. > http://wiki.apache.org/hadoop/HadoopJavaVersions > Java 6 is EOL as of this month ( > http://www.java.com/en/download/faq/java_6.xml ) and that's after extending > the date twice: https://blogs.oracle.com/henrik/entry/java_6_eol_h_h While > Oracle has recently released a number of security patches, chances are more > security issues will come up and we'll be left running clusters we can't > patch if we stay with Java 6. > Does Hadoop support Java 7 and if so could the docs be changed to indicate > that? -- This message was sent by Atlassian JIRA (v6.1#6144)