CA-96.05.README
Issue date: March 5, 1996

Revision history
  Mar. 15, 1996   Pointers to Netscape Version 2.01 

This file is a supplement to CERT advisory CA-96.05, "Java Implementations Can
Allow Connections to an Arbitrary Host." We update this file as additional
information becomes available.

Note: We recommend checking with your vendor for current MD5 checksum values.
      After we publish checksums in advisories and READMEs, the checksums may
      become obsolete because the files they refer to have been updated.


~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Added March 15, 1996

Although our CA-96.05 CERT advisory does not discuss JavaScript, there have
been a series of recent postings to newsgroups concerning a vulnerability in
the way Netscape Navigator (Version 2.0) supports JavaScript.

As a clarification to our readers, this problem is different from the problem
described in advisory CA-96.05.

Netscape Version 2.01 is now available. This version addresses the Java Applet
Security Manager and the JavaScript problems recently discussed.  For
additional information about these issues and to obtain the new release,
please see:

	 http://home.netscape.com/eng/mozilla/2.01/relnotes/


~~~~~~~~~~~~~~~~~~~~~~~~~~~~~