A vulnerability in the Java Runtime Environment provided by dev-java/sun-jdk-1.4.2.07-r1 may allow an untrusted applet to elevate its privileges. For example, an applet may grant itself permissions to read and write local files or execute local applications that are accessible to the user running the untrusted applet. For further details please have a look at the URL specified. Affected are all Sun 1.4 JDKs <=1.4.2_07, so it hits dev-java/sun-jdk-1.4.2.07-r1. The actual stable-lead dev-java/sun-jdk-1.4.2.08 seems to be fine, so removing or hard masking dev-java/sun-jdk-1.4.2.07-r1 should do the trick. Also other JDKs like dev-java/blackdown-jdk or dev-java/compaq-jdk might be affected, this should be investigated.
Java please advise also on other Java flavors.
1.4.2.08 is released and stable on the right platforms. I would say this is ready for a common GLSA with bug 96229.
removed the vulnerable version
GLSA 200506-14