Oracle has released new Java 7 CPU (see meaning here) release: 7u25.
The release contains, in addition to usual security bug fixes, several changes that are also targeted to improve security.
The complete list of changes is here but let me remark the most important changes:
- several changes on signed jar management including the check, before execution, that the certificate is valid (not revoked). The check can delay applet/application startup.
- new attributes on JAR manifest file (permissions, to control jar execution authorizations, and codebase,to control who is using the JAR) has been introduced to let JAR author to better control JAR usage.
Other 40 bug fixes are documented here.