On February 1, Oracle pulled the trigger early on the February release, which had originally been scheduled for February 19, due to a serious vulnerability that affected Java at the browser level.Source: PC World
As a result of the hastened release, Oracle didn't manage to include a "small number" of fixes that had been planned for inclusion, according to the blog.
Critical patch releases for Java SE are cumulative in nature, meaning that any user who didn't apply the group released on February 1 will get everything at once in the February 19 batch, according to the post.
More Java security updates on the way
Posted on Monday, February 11 2013 @ 11:28 CET by Thomas De Maesschalck