CERT has just put out an alert regarding exploits possible in both the Java Developer's Kit and Java Runtime Environment. These affect both versions 5 and 6. Sun has updates available now.
Since at least JRE is installed on most systems with web browsers, and there are apparently malicious sites already exploiting the holes, it's important to get the latest versions included in Vector repositories.
I'd also like to make a plea that the Vector 5.8 packages be updated as well.