FAQ Search Today's Posts Mark Forums Read
» Video Reviews

» Linux Archive

Linux-archive is a website aiming to archive linux email lists and to make them easily accessible for linux users/developers.


» Sponsor

» Partners

» Sponsor

Go Back   Linux Archive > Redhat > Enterprise Watch List

 
 
LinkBack Thread Tools
 
Old 11-16-2009, 02:52 PM
 
Default Important: java-1.6.0-openjdk security update

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

================================================== ===================
Red Hat Security Advisory

Synopsis: Important: java-1.6.0-openjdk security update
Advisory ID: RHSA-2009:1584-01
Product: Red Hat Enterprise Linux
Advisory URL: https://rhn.redhat.com/errata/RHSA-2009-1584.html
Issue date: 2009-11-16
CVE Names: CVE-2009-2409 CVE-2009-3728 CVE-2009-3869
CVE-2009-3871 CVE-2009-3873 CVE-2009-3874
CVE-2009-3875 CVE-2009-3876 CVE-2009-3877
CVE-2009-3879 CVE-2009-3880 CVE-2009-3881
CVE-2009-3882 CVE-2009-3883 CVE-2009-3884
================================================== ===================

1. Summary:

Updated java-1.6.0-openjdk packages that fix several security issues are
now available for Red Hat Enterprise Linux 5.

This update has been rated as having important security impact by the Red
Hat Security Response Team.

2. Relevant releases/architectures:

Red Hat Enterprise Linux (v. 5 server) - i386, x86_64
Red Hat Enterprise Linux Desktop (v. 5 client) - i386, x86_64

3. Description:

These packages provide the OpenJDK 6 Java Runtime Environment and the
OpenJDK 6 Software Development Kit. The Java Runtime Environment (JRE)
contains the software and tools that users need to run applications written
using the Java programming language.

An integer overflow flaw and buffer overflow flaws were found in the way
the JRE processed image files. An untrusted applet or application could use
these flaws to extend its privileges, allowing it to read and write local
files, as well as to execute local applications with the privileges of the
user running the applet or application. (CVE-2009-3869, CVE-2009-3871,
CVE-2009-3873, CVE-2009-3874)

An information leak was found in the JRE. An untrusted applet or
application could use this flaw to extend its privileges, allowing it to
read and write local files, as well as to execute local applications with
the privileges of the user running the applet or application. (CVE-2009-3881)

It was discovered that the JRE still accepts certificates with MD2 hash
signatures, even though MD2 is no longer considered a cryptographically
strong algorithm. This could make it easier for an attacker to create a
malicious certificate that would be treated as trusted by the JRE. With
this update, the JRE disables the use of the MD2 algorithm inside
signatures by default. (CVE-2009-2409)

A timing attack flaw was found in the way the JRE processed HMAC digests.
This flaw could aid an attacker using forged digital signatures to bypass
authentication checks. (CVE-2009-3875)

Two denial of service flaws were found in the JRE. These could be exploited
in server-side application scenarios that process DER-encoded
(Distinguished Encoding Rules) data. (CVE-2009-3876, CVE-2009-3877)

An information leak was found in the way the JRE handled color profiles. An
attacker could use this flaw to discover the existence of files outside of
the color profiles directory. (CVE-2009-3728)

A flaw in the JRE with passing arrays to the X11GraphicsDevice API was
found. An untrusted applet or application could use this flaw to access and
modify the list of supported graphics configurations. This flaw could also
lead to sensitive information being leaked to unprivileged code.
(CVE-2009-3879)

It was discovered that the JRE passed entire objects to the logging API.
This could lead to sensitive information being leaked to either untrusted
or lower-privileged code from an attacker-controlled applet which has
access to the logging API and is therefore able to manipulate (read and/or
call) the passed objects. (CVE-2009-3880)

Potential information leaks were found in various mutable static variables.
These could be exploited in application scenarios that execute untrusted
scripting code. (CVE-2009-3882, CVE-2009-3883)

An information leak was found in the way the TimeZone.getTimeZone method
was handled. This method could load time zone files that are outside of the
[JRE_HOME]/lib/zi/ directory, allowing a remote attacker to probe the local
file system. (CVE-2009-3884)

Note: The flaws concerning applets in this advisory, CVE-2009-3869,
CVE-2009-3871, CVE-2009-3873, CVE-2009-3874, CVE-2009-3879, CVE-2009-3880,
CVE-2009-3881 and CVE-2009-3884, can only be triggered in
java-1.6.0-openjdk by calling the "appletviewer" application.

All users of java-1.6.0-openjdk are advised to upgrade to these updated
packages, which resolve these issues. All running instances of OpenJDK Java
must be restarted for the update to take effect.

4. Solution:

Before applying this update, make sure that all previously-released
errata relevant to your system have been applied.

This update is available via Red Hat Network. Details on how to use
the Red Hat Network to apply this update are available at
http://kbase.redhat.com/faq/docs/DOC-11259

5. Bugs fixed (http://bugzilla.redhat.com/):

510197 - CVE-2009-2409 deprecate MD2 in SSL cert validation (Kaminsky)
530053 - CVE-2009-3873 OpenJDK JPEG Image Writer quantization problem (6862968)
530057 - CVE-2009-3875 OpenJDK MessageDigest.isEqual introduces timing attack vulnerabilities (6863503)
530061 - CVE-2009-3876 OpenJDK ASN.1/DER input stream parser denial of service (6864911) CVE-2009-3877
530062 - CVE-2009-3869 OpenJDK JRE AWT setDifflCM stack overflow (6872357)
530063 - CVE-2009-3871 OpenJDK JRE AWT setBytePixels heap overflow (6872358)
530067 - CVE-2009-3874 OpenJDK ImageI/O JPEG heap overflow (6874643)
530098 - CVE-2009-3728 OpenJDK ICC_Profile file existence detection information leak (6631533)
530173 - CVE-2009-3881 OpenJDK resurrected classloaders can still have children (6636650)
530175 - CVE-2009-3882 CVE-2009-3883 OpenJDK information leaks in mutable variables (6657026,6657138)
530296 - CVE-2009-3880 OpenJDK UI logging information leakage(6664512)
530297 - CVE-2009-3879 OpenJDK GraphicsConfiguration information leak(6822057)
530300 - CVE-2009-3884 OpenJDK zoneinfo file existence information leak (6824265)

6. Package List:

Red Hat Enterprise Linux Desktop (v. 5 client):

Source:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Client/en/os/SRPMS/java-1.6.0-openjdk-1.6.0.0-1.7.b09.el5.src.rpm

i386:
java-1.6.0-openjdk-1.6.0.0-1.7.b09.el5.i386.rpm
java-1.6.0-openjdk-debuginfo-1.6.0.0-1.7.b09.el5.i386.rpm
java-1.6.0-openjdk-demo-1.6.0.0-1.7.b09.el5.i386.rpm
java-1.6.0-openjdk-devel-1.6.0.0-1.7.b09.el5.i386.rpm
java-1.6.0-openjdk-javadoc-1.6.0.0-1.7.b09.el5.i386.rpm
java-1.6.0-openjdk-src-1.6.0.0-1.7.b09.el5.i386.rpm

x86_64:
java-1.6.0-openjdk-1.6.0.0-1.7.b09.el5.x86_64.rpm
java-1.6.0-openjdk-debuginfo-1.6.0.0-1.7.b09.el5.x86_64.rpm
java-1.6.0-openjdk-demo-1.6.0.0-1.7.b09.el5.x86_64.rpm
java-1.6.0-openjdk-devel-1.6.0.0-1.7.b09.el5.x86_64.rpm
java-1.6.0-openjdk-javadoc-1.6.0.0-1.7.b09.el5.x86_64.rpm
java-1.6.0-openjdk-src-1.6.0.0-1.7.b09.el5.x86_64.rpm

Red Hat Enterprise Linux (v. 5 server):

Source:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Server/en/os/SRPMS/java-1.6.0-openjdk-1.6.0.0-1.7.b09.el5.src.rpm

i386:
java-1.6.0-openjdk-1.6.0.0-1.7.b09.el5.i386.rpm
java-1.6.0-openjdk-debuginfo-1.6.0.0-1.7.b09.el5.i386.rpm
java-1.6.0-openjdk-demo-1.6.0.0-1.7.b09.el5.i386.rpm
java-1.6.0-openjdk-devel-1.6.0.0-1.7.b09.el5.i386.rpm
java-1.6.0-openjdk-javadoc-1.6.0.0-1.7.b09.el5.i386.rpm
java-1.6.0-openjdk-src-1.6.0.0-1.7.b09.el5.i386.rpm

x86_64:
java-1.6.0-openjdk-1.6.0.0-1.7.b09.el5.x86_64.rpm
java-1.6.0-openjdk-debuginfo-1.6.0.0-1.7.b09.el5.x86_64.rpm
java-1.6.0-openjdk-demo-1.6.0.0-1.7.b09.el5.x86_64.rpm
java-1.6.0-openjdk-devel-1.6.0.0-1.7.b09.el5.x86_64.rpm
java-1.6.0-openjdk-javadoc-1.6.0.0-1.7.b09.el5.x86_64.rpm
java-1.6.0-openjdk-src-1.6.0.0-1.7.b09.el5.x86_64.rpm

These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://www.redhat.com/security/team/key/#package

7. References:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2409
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3728
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3869
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3871
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3873
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3874
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3875
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3876
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3877
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3879
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3880
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3881
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3882
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3883
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3884
http://www.redhat.com/security/updates/classification/#important
http://blogs.sun.com/security/entry/advance_notification_of_security_updates6

8. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact
details at https://www.redhat.com/security/team/contact/

Copyright 2009 Red Hat, Inc.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.4 (GNU/Linux)

iD8DBQFLAXUeXlSAg2UNWIIRAvmLAJ9PWshPNP+NNBHdHun60+ HomuWmxwCfT4lc
PbIVgG8m8W70pLuSl/kC/Hc=
=895T
-----END PGP SIGNATURE-----


--
Enterprise-watch-list mailing list
Enterprise-watch-list@redhat.com
https://www.redhat.com/mailman/listinfo/enterprise-watch-list
 
Old 04-01-2010, 03:16 AM
 
Default Important: java-1.6.0-openjdk security update

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

================================================== ===================
Red Hat Security Advisory

Synopsis: Important: java-1.6.0-openjdk security update
Advisory ID: RHSA-2010:0339-01
Product: Red Hat Enterprise Linux
Advisory URL: https://rhn.redhat.com/errata/RHSA-2010-0339.html
Issue date: 2010-03-31
CVE Names: CVE-2009-3555 CVE-2010-0082 CVE-2010-0084
CVE-2010-0085 CVE-2010-0088 CVE-2010-0091
CVE-2010-0092 CVE-2010-0093 CVE-2010-0094
CVE-2010-0095 CVE-2010-0837 CVE-2010-0838
CVE-2010-0840 CVE-2010-0845 CVE-2010-0847
CVE-2010-0848
================================================== ===================

1. Summary:

Updated java-1.6.0-openjdk packages that fix several security issues are
now available for Red Hat Enterprise Linux 5.

The Red Hat Security Response Team has rated this update as having
important security impact. Common Vulnerability Scoring System (CVSS) base
scores, which give detailed severity ratings, are available for each
vulnerability from the CVE links in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux (v. 5 server) - i386, x86_64
Red Hat Enterprise Linux Desktop (v. 5 client) - i386, x86_64

3. Description:

These packages provide the OpenJDK 6 Java Runtime Environment and the
OpenJDK 6 Software Development Kit. The Java Runtime Environment (JRE)
contains the software and tools that users need to run applications written
using the Java programming language.

A flaw was found in the way the TLS/SSL (Transport Layer Security/Secure
Sockets Layer) protocols handle session renegotiation. A man-in-the-middle
attacker could use this flaw to prefix arbitrary plain text to a client's
session (for example, an HTTPS connection to a website). This could force
the server to process an attacker's request as if authenticated using the
victim's credentials. (CVE-2009-3555)

This update disables renegotiation in the Java Secure Socket Extension
(JSSE) component. Unsafe renegotiation can be re-enabled using the
sun.security.ssl.allowUnsafeRenegotiation property. Refer to the following
Knowledgebase article for details:
http://kbase.redhat.com/faq/docs/DOC-20491

A number of flaws have been fixed in the Java Virtual Machine (JVM) and in
various Java class implementations. These flaws could allow an unsigned
applet or application to bypass intended access restrictions.
(CVE-2010-0082, CVE-2010-0084, CVE-2010-0085, CVE-2010-0088, CVE-2010-0094)

An untrusted applet could access clipboard information if a drag operation
was performed over that applet's canvas. This could lead to an information
leak. (CVE-2010-0091)

The rawIndex operation incorrectly handled large values, causing the
corruption of internal memory structures, resulting in an untrusted applet
or application crashing. (CVE-2010-0092)

The System.arraycopy operation incorrectly handled large index values,
potentially causing array corruption in an untrusted applet or application.
(CVE-2010-0093)

Subclasses of InetAddress may incorrectly interpret network addresses,
allowing an untrusted applet or application to bypass network access
restrictions. (CVE-2010-0095)

In certain cases, type assignments could result in "non-exact" interface
types. This could be used to bypass type-safety restrictions.
(CVE-2010-0845)

A buffer overflow flaw in LittleCMS (embedded in OpenJDK) could cause an
untrusted applet or application using color profiles from untrusted sources
to crash. (CVE-2010-0838)

An input validation flaw was found in the JRE unpack200 functionality. An
untrusted applet or application could use this flaw to elevate its
privileges. (CVE-2010-0837)

Deferred calls to trusted applet methods could be granted incorrect
permissions, allowing an untrusted applet or application to extend its
privileges. (CVE-2010-0840)

A missing input validation flaw in the JRE could allow an attacker to crash
an untrusted applet or application. (CVE-2010-0848)

A flaw in Java2D could allow an attacker to execute arbitrary code with the
privileges of a user running an untrusted applet or application that uses
Java2D. (CVE-2010-0847)

Note: The flaws concerning applets in this advisory, CVE-2010-0082,
CVE-2010-0084, CVE-2010-0085, CVE-2010-0088, CVE-2010-0091, CVE-2010-0092,
CVE-2010-0093, CVE-2010-0094, CVE-2010-0095, CVE-2010-0837, CVE-2010-0838,
CVE-2010-0840, CVE-2010-0847, and CVE-2010-0848, can only be triggered in
java-1.6.0-openjdk by calling the "appletviewer" application.

This update also provides three defense in depth patches. (BZ#575745,
BZ#575861, BZ#575789)

All users of java-1.6.0-openjdk are advised to upgrade to these updated
packages, which resolve these issues. All running instances of OpenJDK Java
must be restarted for the update to take effect.

4. Solution:

Before applying this update, make sure all previously-released errata
relevant to your system have been applied.

This update is available via the Red Hat Network. Details on how to
use the Red Hat Network to apply this update are available at
http://kbase.redhat.com/faq/docs/DOC-11259

5. Bugs fixed (http://bugzilla.redhat.com/):

533125 - CVE-2009-3555 TLS: MITM attacks via session renegotiation
575736 - CVE-2010-0082 OpenJDK Loader-constraint table allows arrays instead of only the base-classes (6626217)
575740 - CVE-2010-0084 OpenJDK Policy/PolicyFile leak dynamic ProtectionDomains. (6633872)
575747 - CVE-2010-0085 OpenJDK File TOCTOU deserialization vulnerability (6736390)
575755 - CVE-2010-0088 OpenJDK Inflater/Deflater clone issues (6745393)
575756 - CVE-2010-0091 OpenJDK Unsigned applet can retrieve the dragged information before drop action occurs(6887703)
575760 - CVE-2010-0092 OpenJDK AtomicReferenceArray causes SIGSEGV -> SEGV_MAPERR error (6888149)
575764 - CVE-2010-0093 OpenJDK System.arraycopy unable to reference elements beyond Integer.MAX_VALUE bytes (6892265)
575769 - CVE-2010-0094 OpenJDK Deserialization of RMIConnectionImpl objects should enforce stricter checks (6893947)
575772 - CVE-2010-0095 OpenJDK Subclasses of InetAddress may incorrectly interpret network addresses (6893954)
575775 - CVE-2010-0845 OpenJDK No ClassCastException for HashAttributeSet constructors if run with -Xcomp (6894807)
575808 - CVE-2010-0838 OpenJDK CMM readMabCurveData Buffer Overflow Vulnerability (6899653)
575818 - CVE-2010-0837 OpenJDK JAR "unpack200" must verify input parameters (6902299)
575846 - CVE-2010-0840 OpenJDK Applet Trusted Methods Chaining Privilege Escalation Vulnerability (6904691)
575865 - CVE-2010-0848 OpenJDK AWT Library Invalid Index Vulnerability (6914823)
575871 - CVE-2010-0847 OpenJDK ImagingLib arbitrary code execution vulnerability (6914866)

6. Package List:

Red Hat Enterprise Linux Desktop (v. 5 client):

Source:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Client/en/os/SRPMS/java-1.6.0-openjdk-1.6.0.0-1.11.b16.el5.src.rpm

i386:
java-1.6.0-openjdk-1.6.0.0-1.11.b16.el5.i386.rpm
java-1.6.0-openjdk-debuginfo-1.6.0.0-1.11.b16.el5.i386.rpm
java-1.6.0-openjdk-demo-1.6.0.0-1.11.b16.el5.i386.rpm
java-1.6.0-openjdk-devel-1.6.0.0-1.11.b16.el5.i386.rpm
java-1.6.0-openjdk-javadoc-1.6.0.0-1.11.b16.el5.i386.rpm
java-1.6.0-openjdk-src-1.6.0.0-1.11.b16.el5.i386.rpm

x86_64:
java-1.6.0-openjdk-1.6.0.0-1.11.b16.el5.x86_64.rpm
java-1.6.0-openjdk-debuginfo-1.6.0.0-1.11.b16.el5.x86_64.rpm
java-1.6.0-openjdk-demo-1.6.0.0-1.11.b16.el5.x86_64.rpm
java-1.6.0-openjdk-devel-1.6.0.0-1.11.b16.el5.x86_64.rpm
java-1.6.0-openjdk-javadoc-1.6.0.0-1.11.b16.el5.x86_64.rpm
java-1.6.0-openjdk-src-1.6.0.0-1.11.b16.el5.x86_64.rpm

Red Hat Enterprise Linux (v. 5 server):

Source:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Server/en/os/SRPMS/java-1.6.0-openjdk-1.6.0.0-1.11.b16.el5.src.rpm

i386:
java-1.6.0-openjdk-1.6.0.0-1.11.b16.el5.i386.rpm
java-1.6.0-openjdk-debuginfo-1.6.0.0-1.11.b16.el5.i386.rpm
java-1.6.0-openjdk-demo-1.6.0.0-1.11.b16.el5.i386.rpm
java-1.6.0-openjdk-devel-1.6.0.0-1.11.b16.el5.i386.rpm
java-1.6.0-openjdk-javadoc-1.6.0.0-1.11.b16.el5.i386.rpm
java-1.6.0-openjdk-src-1.6.0.0-1.11.b16.el5.i386.rpm

x86_64:
java-1.6.0-openjdk-1.6.0.0-1.11.b16.el5.x86_64.rpm
java-1.6.0-openjdk-debuginfo-1.6.0.0-1.11.b16.el5.x86_64.rpm
java-1.6.0-openjdk-demo-1.6.0.0-1.11.b16.el5.x86_64.rpm
java-1.6.0-openjdk-devel-1.6.0.0-1.11.b16.el5.x86_64.rpm
java-1.6.0-openjdk-javadoc-1.6.0.0-1.11.b16.el5.x86_64.rpm
java-1.6.0-openjdk-src-1.6.0.0-1.11.b16.el5.x86_64.rpm

These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://www.redhat.com/security/team/key/#package

7. References:

https://www.redhat.com/security/data/cve/CVE-2009-3555.html
https://www.redhat.com/security/data/cve/CVE-2010-0082.html
https://www.redhat.com/security/data/cve/CVE-2010-0084.html
https://www.redhat.com/security/data/cve/CVE-2010-0085.html
https://www.redhat.com/security/data/cve/CVE-2010-0088.html
https://www.redhat.com/security/data/cve/CVE-2010-0091.html
https://www.redhat.com/security/data/cve/CVE-2010-0092.html
https://www.redhat.com/security/data/cve/CVE-2010-0093.html
https://www.redhat.com/security/data/cve/CVE-2010-0094.html
https://www.redhat.com/security/data/cve/CVE-2010-0095.html
https://www.redhat.com/security/data/cve/CVE-2010-0837.html
https://www.redhat.com/security/data/cve/CVE-2010-0838.html
https://www.redhat.com/security/data/cve/CVE-2010-0840.html
https://www.redhat.com/security/data/cve/CVE-2010-0845.html
https://www.redhat.com/security/data/cve/CVE-2010-0847.html
https://www.redhat.com/security/data/cve/CVE-2010-0848.html
http://www.redhat.com/security/updates/classification/#important
http://kbase.redhat.com/faq/docs/DOC-20491

8. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact
details at https://www.redhat.com/security/team/contact/

Copyright 2010 Red Hat, Inc.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.4 (GNU/Linux)

iD8DBQFLtBAgXlSAg2UNWIIRAt2mAJ4klxIvRWik1FJYPs8FUr MLZrmWBQCgm+iF
b4ZTkfaf8Sz7v/xU89JhShE=
=dEPT
-----END PGP SIGNATURE-----


--
Enterprise-watch-list mailing list
Enterprise-watch-list@redhat.com
https://www.redhat.com/mailman/listinfo/enterprise-watch-list
 
Old 02-17-2011, 05:43 PM
 
Default Important: java-1.6.0-openjdk security update

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

================================================== ===================
Red Hat Security Advisory

Synopsis: Important: java-1.6.0-openjdk security update
Advisory ID: RHSA-2011:0281-01
Product: Red Hat Enterprise Linux
Advisory URL: https://rhn.redhat.com/errata/RHSA-2011-0281.html
Issue date: 2011-02-17
CVE Names: CVE-2010-4448 CVE-2010-4450 CVE-2010-4465
CVE-2010-4469 CVE-2010-4470 CVE-2010-4472
================================================== ===================

1. Summary:

Updated java-1.6.0-openjdk packages that fix several security issues are
now available for Red Hat Enterprise Linux 5 and 6.

The Red Hat Security Response Team has rated this update as having
important security impact. Common Vulnerability Scoring System (CVSS) base
scores, which give detailed severity ratings, are available for each
vulnerability from the CVE links in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux (v. 5 server) - i386, x86_64
Red Hat Enterprise Linux Desktop (v. 5 client) - i386, x86_64
Red Hat Enterprise Linux Desktop (v. 6) - i386, x86_64
Red Hat Enterprise Linux Desktop Optional (v. 6) - i386, x86_64
Red Hat Enterprise Linux HPC Node (v. 6) - x86_64
Red Hat Enterprise Linux HPC Node Optional (v. 6) - x86_64
Red Hat Enterprise Linux Server (v. 6) - i386, x86_64
Red Hat Enterprise Linux Server Optional (v. 6) - i386, x86_64
Red Hat Enterprise Linux Workstation (v. 6) - i386, x86_64
Red Hat Enterprise Linux Workstation Optional (v. 6) - i386, x86_64

3. Description:

These packages provide the OpenJDK 6 Java Runtime Environment and the
OpenJDK 6 Software Development Kit.

A flaw was found in the Swing library. Forged TimerEvents could be used to
bypass SecurityManager checks, allowing access to otherwise blocked files
and directories. (CVE-2010-4465)

A flaw was found in the HotSpot component in OpenJDK. Certain bytecode
instructions confused the memory management within the Java Virtual Machine
(JVM), which could lead to heap corruption. (CVE-2010-4469)

A flaw was found in the way JAXP (Java API for XML Processing) components
were handled, allowing them to be manipulated by untrusted applets. This
could be used to elevate privileges and bypass secure XML processing
restrictions. (CVE-2010-4470)

It was found that untrusted applets could create and place cache entries in
the name resolution cache. This could allow an attacker targeted
manipulation over name resolution until the OpenJDK VM is restarted.
(CVE-2010-4448)

It was found that the Java launcher provided by OpenJDK did not check the
LD_LIBRARY_PATH environment variable for insecure empty path elements. A
local attacker able to trick a user into running the Java launcher while
working from an attacker-writable directory could use this flaw to load an
untrusted library, subverting the Java security model. (CVE-2010-4450)

A flaw was found in the XML Digital Signature component in OpenJDK.
Untrusted code could use this flaw to replace the Java Runtime Environment
(JRE) XML Digital Signature Transform or C14N algorithm implementations to
intercept digital signature operations. (CVE-2010-4472)

Note: All of the above flaws can only be remotely triggered in OpenJDK by
calling the "appletviewer" application.

This update also provides one defense in depth patch. (BZ#676019)

All users of java-1.6.0-openjdk are advised to upgrade to these updated
packages, which resolve these issues. All running instances of OpenJDK Java
must be restarted for the update to take effect.

4. Solution:

Before applying this update, make sure all previously-released errata
relevant to your system have been applied.

This update is available via the Red Hat Network. Details on how to
use the Red Hat Network to apply this update are available at
http://kbase.redhat.com/faq/docs/DOC-11259

5. Bugs fixed (http://bugzilla.redhat.com/):

675942 - CVE-2010-4472 OpenJDK untrusted code allowed to replace DSIG/C14N implementation (6994263)
675958 - CVE-2010-4469 OpenJDK Hotspot verifier heap corruption (6878713)
675984 - CVE-2010-4465 OpenJDK Swing timer-based security manager bypass (6907662)
676005 - CVE-2010-4470 OpenJDK JAXP untrusted component state manipulation (6927050)
676019 - CVE-2010-4471 OpenJDK Java2D font-related system property leak (6985453)
676023 - CVE-2010-4448 OpenJDK DNS cache poisoning by untrusted applets (6981922)
676026 - CVE-2010-4450 OpenJDK Launcher incorrect processing of empty library path entries (6983554)

6. Package List:

Red Hat Enterprise Linux Desktop (v. 5 client):

Source:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Client/en/os/SRPMS/java-1.6.0-openjdk-1.6.0.0-1.20.b17.el5.src.rpm

i386:
java-1.6.0-openjdk-1.6.0.0-1.20.b17.el5.i386.rpm
java-1.6.0-openjdk-debuginfo-1.6.0.0-1.20.b17.el5.i386.rpm
java-1.6.0-openjdk-demo-1.6.0.0-1.20.b17.el5.i386.rpm
java-1.6.0-openjdk-devel-1.6.0.0-1.20.b17.el5.i386.rpm
java-1.6.0-openjdk-javadoc-1.6.0.0-1.20.b17.el5.i386.rpm
java-1.6.0-openjdk-src-1.6.0.0-1.20.b17.el5.i386.rpm

x86_64:
java-1.6.0-openjdk-1.6.0.0-1.20.b17.el5.x86_64.rpm
java-1.6.0-openjdk-debuginfo-1.6.0.0-1.20.b17.el5.x86_64.rpm
java-1.6.0-openjdk-demo-1.6.0.0-1.20.b17.el5.x86_64.rpm
java-1.6.0-openjdk-devel-1.6.0.0-1.20.b17.el5.x86_64.rpm
java-1.6.0-openjdk-javadoc-1.6.0.0-1.20.b17.el5.x86_64.rpm
java-1.6.0-openjdk-src-1.6.0.0-1.20.b17.el5.x86_64.rpm

Red Hat Enterprise Linux (v. 5 server):

Source:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Server/en/os/SRPMS/java-1.6.0-openjdk-1.6.0.0-1.20.b17.el5.src.rpm

i386:
java-1.6.0-openjdk-1.6.0.0-1.20.b17.el5.i386.rpm
java-1.6.0-openjdk-debuginfo-1.6.0.0-1.20.b17.el5.i386.rpm
java-1.6.0-openjdk-demo-1.6.0.0-1.20.b17.el5.i386.rpm
java-1.6.0-openjdk-devel-1.6.0.0-1.20.b17.el5.i386.rpm
java-1.6.0-openjdk-javadoc-1.6.0.0-1.20.b17.el5.i386.rpm
java-1.6.0-openjdk-src-1.6.0.0-1.20.b17.el5.i386.rpm

x86_64:
java-1.6.0-openjdk-1.6.0.0-1.20.b17.el5.x86_64.rpm
java-1.6.0-openjdk-debuginfo-1.6.0.0-1.20.b17.el5.x86_64.rpm
java-1.6.0-openjdk-demo-1.6.0.0-1.20.b17.el5.x86_64.rpm
java-1.6.0-openjdk-devel-1.6.0.0-1.20.b17.el5.x86_64.rpm
java-1.6.0-openjdk-javadoc-1.6.0.0-1.20.b17.el5.x86_64.rpm
java-1.6.0-openjdk-src-1.6.0.0-1.20.b17.el5.x86_64.rpm

Red Hat Enterprise Linux Desktop (v. 6):

Source:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Client/en/os/SRPMS/java-1.6.0-openjdk-1.6.0.0-1.39.b17.el6_0.src.rpm

i386:
java-1.6.0-openjdk-1.6.0.0-1.39.b17.el6_0.i686.rpm
java-1.6.0-openjdk-debuginfo-1.6.0.0-1.39.b17.el6_0.i686.rpm

x86_64:
java-1.6.0-openjdk-1.6.0.0-1.39.b17.el6_0.x86_64.rpm
java-1.6.0-openjdk-debuginfo-1.6.0.0-1.39.b17.el6_0.x86_64.rpm

Red Hat Enterprise Linux Desktop Optional (v. 6):

Source:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Client/en/os/SRPMS/java-1.6.0-openjdk-1.6.0.0-1.39.b17.el6_0.src.rpm

i386:
java-1.6.0-openjdk-debuginfo-1.6.0.0-1.39.b17.el6_0.i686.rpm
java-1.6.0-openjdk-demo-1.6.0.0-1.39.b17.el6_0.i686.rpm
java-1.6.0-openjdk-devel-1.6.0.0-1.39.b17.el6_0.i686.rpm
java-1.6.0-openjdk-javadoc-1.6.0.0-1.39.b17.el6_0.i686.rpm
java-1.6.0-openjdk-src-1.6.0.0-1.39.b17.el6_0.i686.rpm

x86_64:
java-1.6.0-openjdk-debuginfo-1.6.0.0-1.39.b17.el6_0.x86_64.rpm
java-1.6.0-openjdk-demo-1.6.0.0-1.39.b17.el6_0.x86_64.rpm
java-1.6.0-openjdk-devel-1.6.0.0-1.39.b17.el6_0.x86_64.rpm
java-1.6.0-openjdk-javadoc-1.6.0.0-1.39.b17.el6_0.x86_64.rpm
java-1.6.0-openjdk-src-1.6.0.0-1.39.b17.el6_0.x86_64.rpm

Red Hat Enterprise Linux HPC Node (v. 6):

Source:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6ComputeNode/en/os/SRPMS/java-1.6.0-openjdk-1.6.0.0-1.39.b17.el6_0.src.rpm

x86_64:
java-1.6.0-openjdk-1.6.0.0-1.39.b17.el6_0.x86_64.rpm
java-1.6.0-openjdk-debuginfo-1.6.0.0-1.39.b17.el6_0.x86_64.rpm

Red Hat Enterprise Linux HPC Node Optional (v. 6):

Source:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6ComputeNode/en/os/SRPMS/java-1.6.0-openjdk-1.6.0.0-1.39.b17.el6_0.src.rpm

x86_64:
java-1.6.0-openjdk-debuginfo-1.6.0.0-1.39.b17.el6_0.x86_64.rpm
java-1.6.0-openjdk-demo-1.6.0.0-1.39.b17.el6_0.x86_64.rpm
java-1.6.0-openjdk-devel-1.6.0.0-1.39.b17.el6_0.x86_64.rpm
java-1.6.0-openjdk-javadoc-1.6.0.0-1.39.b17.el6_0.x86_64.rpm
java-1.6.0-openjdk-src-1.6.0.0-1.39.b17.el6_0.x86_64.rpm

Red Hat Enterprise Linux Server (v. 6):

Source:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/os/SRPMS/java-1.6.0-openjdk-1.6.0.0-1.39.b17.el6_0.src.rpm

i386:
java-1.6.0-openjdk-1.6.0.0-1.39.b17.el6_0.i686.rpm
java-1.6.0-openjdk-debuginfo-1.6.0.0-1.39.b17.el6_0.i686.rpm
java-1.6.0-openjdk-devel-1.6.0.0-1.39.b17.el6_0.i686.rpm
java-1.6.0-openjdk-javadoc-1.6.0.0-1.39.b17.el6_0.i686.rpm

x86_64:
java-1.6.0-openjdk-1.6.0.0-1.39.b17.el6_0.x86_64.rpm
java-1.6.0-openjdk-debuginfo-1.6.0.0-1.39.b17.el6_0.x86_64.rpm
java-1.6.0-openjdk-devel-1.6.0.0-1.39.b17.el6_0.x86_64.rpm
java-1.6.0-openjdk-javadoc-1.6.0.0-1.39.b17.el6_0.x86_64.rpm

Red Hat Enterprise Linux Server Optional (v. 6):

Source:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/os/SRPMS/java-1.6.0-openjdk-1.6.0.0-1.39.b17.el6_0.src.rpm

i386:
java-1.6.0-openjdk-debuginfo-1.6.0.0-1.39.b17.el6_0.i686.rpm
java-1.6.0-openjdk-demo-1.6.0.0-1.39.b17.el6_0.i686.rpm
java-1.6.0-openjdk-src-1.6.0.0-1.39.b17.el6_0.i686.rpm

x86_64:
java-1.6.0-openjdk-debuginfo-1.6.0.0-1.39.b17.el6_0.x86_64.rpm
java-1.6.0-openjdk-demo-1.6.0.0-1.39.b17.el6_0.x86_64.rpm
java-1.6.0-openjdk-src-1.6.0.0-1.39.b17.el6_0.x86_64.rpm

Red Hat Enterprise Linux Workstation (v. 6):

Source:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Workstation/en/os/SRPMS/java-1.6.0-openjdk-1.6.0.0-1.39.b17.el6_0.src.rpm

i386:
java-1.6.0-openjdk-1.6.0.0-1.39.b17.el6_0.i686.rpm
java-1.6.0-openjdk-debuginfo-1.6.0.0-1.39.b17.el6_0.i686.rpm
java-1.6.0-openjdk-devel-1.6.0.0-1.39.b17.el6_0.i686.rpm
java-1.6.0-openjdk-javadoc-1.6.0.0-1.39.b17.el6_0.i686.rpm

x86_64:
java-1.6.0-openjdk-1.6.0.0-1.39.b17.el6_0.x86_64.rpm
java-1.6.0-openjdk-debuginfo-1.6.0.0-1.39.b17.el6_0.x86_64.rpm
java-1.6.0-openjdk-devel-1.6.0.0-1.39.b17.el6_0.x86_64.rpm
java-1.6.0-openjdk-javadoc-1.6.0.0-1.39.b17.el6_0.x86_64.rpm

Red Hat Enterprise Linux Workstation Optional (v. 6):

Source:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Workstation/en/os/SRPMS/java-1.6.0-openjdk-1.6.0.0-1.39.b17.el6_0.src.rpm

i386:
java-1.6.0-openjdk-debuginfo-1.6.0.0-1.39.b17.el6_0.i686.rpm
java-1.6.0-openjdk-demo-1.6.0.0-1.39.b17.el6_0.i686.rpm
java-1.6.0-openjdk-src-1.6.0.0-1.39.b17.el6_0.i686.rpm

x86_64:
java-1.6.0-openjdk-debuginfo-1.6.0.0-1.39.b17.el6_0.x86_64.rpm
java-1.6.0-openjdk-demo-1.6.0.0-1.39.b17.el6_0.x86_64.rpm
java-1.6.0-openjdk-src-1.6.0.0-1.39.b17.el6_0.x86_64.rpm

These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/#package

7. References:

https://www.redhat.com/security/data/cve/CVE-2010-4448.html
https://www.redhat.com/security/data/cve/CVE-2010-4450.html
https://www.redhat.com/security/data/cve/CVE-2010-4465.html
https://www.redhat.com/security/data/cve/CVE-2010-4469.html
https://www.redhat.com/security/data/cve/CVE-2010-4470.html
https://www.redhat.com/security/data/cve/CVE-2010-4472.html
https://access.redhat.com/security/updates/classification/#important

8. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact
details at https://www.redhat.com/security/team/contact/

Copyright 2011 Red Hat, Inc.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.4 (GNU/Linux)

iD8DBQFNXWtmXlSAg2UNWIIRAqpdAKDCCXlDTtOuTC5P0jxFUR GMj3z2mwCfX+4j
NWjZPNAJCcHgorBut6xD2jo=
=9zIQ
-----END PGP SIGNATURE-----


--
Enterprise-watch-list mailing list
Enterprise-watch-list@redhat.com
https://www.redhat.com/mailman/listinfo/enterprise-watch-list
 
Old 06-08-2011, 03:36 PM
 
Default Important: java-1.6.0-openjdk security update

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

================================================== ===================
Red Hat Security Advisory

Synopsis: Important: java-1.6.0-openjdk security update
Advisory ID: RHSA-2011:0857-01
Product: Red Hat Enterprise Linux
Advisory URL: https://rhn.redhat.com/errata/RHSA-2011-0857.html
Issue date: 2011-06-08
CVE Names: CVE-2011-0862 CVE-2011-0864 CVE-2011-0865
CVE-2011-0867 CVE-2011-0868 CVE-2011-0869
CVE-2011-0871
================================================== ===================

1. Summary:

Updated java-1.6.0-openjdk packages that fix several security issues are
now available for Red Hat Enterprise Linux 5.

The Red Hat Security Response Team has rated this update as having
important security impact. Common Vulnerability Scoring System (CVSS) base
scores, which give detailed severity ratings, are available for each
vulnerability from the CVE links in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux (v. 5 server) - i386, x86_64
Red Hat Enterprise Linux Desktop (v. 5 client) - i386, x86_64

3. Description:

These packages provide the OpenJDK 6 Java Runtime Environment and the
OpenJDK 6 Software Development Kit.

Integer overflow flaws were found in the way Java2D parsed JPEG images and
user-supplied fonts. An attacker could use these flaws to execute arbitrary
code with the privileges of the user running an untrusted applet or
application. (CVE-2011-0862)

It was found that the MediaTracker implementation created Component
instances with unnecessary access privileges. A remote attacker could use
this flaw to elevate their privileges by utilizing an untrusted applet or
application that uses Swing. (CVE-2011-0871)

A flaw was found in the HotSpot component in OpenJDK. Certain bytecode
instructions confused the memory management within the Java Virtual Machine
(JVM), resulting in an applet or application crashing. (CVE-2011-0864)

An information leak flaw was found in the NetworkInterface class. An
untrusted applet or application could use this flaw to access information
about available network interfaces that should only be available to
privileged code. (CVE-2011-0867)

An incorrect float-to-long conversion, leading to an overflow, was found
in the way certain objects (such as images and text) were transformed in
Java2D. A remote attacker could use this flaw to crash an untrusted applet
or application that uses Java2D. (CVE-2011-0868)

It was found that untrusted applets and applications could misuse a SOAP
connection to incorrectly set global HTTP proxy settings instead of
setting them in a local scope. This flaw could be used to intercept HTTP
requests. (CVE-2011-0869)

A flaw was found in the way signed objects were deserialized. If trusted
and untrusted code were running in the same Java Virtual Machine (JVM), and
both were deserializing the same signed object, the untrusted code could
modify said object by using this flaw to bypass the validation checks on
signed objects. (CVE-2011-0865)

Note: All of the above flaws can only be remotely triggered in OpenJDK by
calling the "appletviewer" application.

All users of java-1.6.0-openjdk are advised to upgrade to these updated
packages, which provide OpenJDK 6 b20 / IcedTea 1.9.8 and resolve these
issues. All running instances of OpenJDK Java must be restarted for the
update to take effect.

4. Solution:

Before applying this update, make sure all previously-released errata
relevant to your system have been applied.

This update is available via the Red Hat Network. Details on how to
use the Red Hat Network to apply this update are available at
https://access.redhat.com/kb/docs/DOC-11259

5. Bugs fixed (http://bugzilla.redhat.com/):

706106 - CVE-2011-0865 OpenJDK: Deserialization allows creation of mutable SignedObject (Deserialization, 6618658)
706139 - CVE-2011-0862 OpenJDK: integer overflows in JPEGImageReader and font SunLayoutEngine (2D, 7013519)
706153 - CVE-2011-0867 OpenJDK: NetworkInterface information leak (Networking, 7013969)
706234 - CVE-2011-0869 OpenJDK: unprivileged proxy settings change via SOAPConnection (SAAJ, 7013971)
706241 - CVE-2011-0868 OpenJDK: incorrect numeric type conversion in TransformHelper (2D, 7016495)
706245 - CVE-2011-0864 OpenJDK: JVM memory corruption via certain bytecode (HotSpot, 7020373)
706248 - CVE-2011-0871 OpenJDK: MediaTracker created Component instances with unnecessary privileges (Swing, 7020198)

6. Package List:

Red Hat Enterprise Linux Desktop (v. 5 client):

Source:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Client/en/os/SRPMS/java-1.6.0-openjdk-1.6.0.0-1.22.1.9.8.el5_6.src.rpm

i386:
java-1.6.0-openjdk-1.6.0.0-1.22.1.9.8.el5_6.i386.rpm
java-1.6.0-openjdk-debuginfo-1.6.0.0-1.22.1.9.8.el5_6.i386.rpm
java-1.6.0-openjdk-demo-1.6.0.0-1.22.1.9.8.el5_6.i386.rpm
java-1.6.0-openjdk-devel-1.6.0.0-1.22.1.9.8.el5_6.i386.rpm
java-1.6.0-openjdk-javadoc-1.6.0.0-1.22.1.9.8.el5_6.i386.rpm
java-1.6.0-openjdk-src-1.6.0.0-1.22.1.9.8.el5_6.i386.rpm

x86_64:
java-1.6.0-openjdk-1.6.0.0-1.22.1.9.8.el5_6.x86_64.rpm
java-1.6.0-openjdk-debuginfo-1.6.0.0-1.22.1.9.8.el5_6.x86_64.rpm
java-1.6.0-openjdk-demo-1.6.0.0-1.22.1.9.8.el5_6.x86_64.rpm
java-1.6.0-openjdk-devel-1.6.0.0-1.22.1.9.8.el5_6.x86_64.rpm
java-1.6.0-openjdk-javadoc-1.6.0.0-1.22.1.9.8.el5_6.x86_64.rpm
java-1.6.0-openjdk-src-1.6.0.0-1.22.1.9.8.el5_6.x86_64.rpm

Red Hat Enterprise Linux (v. 5 server):

Source:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Server/en/os/SRPMS/java-1.6.0-openjdk-1.6.0.0-1.22.1.9.8.el5_6.src.rpm

i386:
java-1.6.0-openjdk-1.6.0.0-1.22.1.9.8.el5_6.i386.rpm
java-1.6.0-openjdk-debuginfo-1.6.0.0-1.22.1.9.8.el5_6.i386.rpm
java-1.6.0-openjdk-demo-1.6.0.0-1.22.1.9.8.el5_6.i386.rpm
java-1.6.0-openjdk-devel-1.6.0.0-1.22.1.9.8.el5_6.i386.rpm
java-1.6.0-openjdk-javadoc-1.6.0.0-1.22.1.9.8.el5_6.i386.rpm
java-1.6.0-openjdk-src-1.6.0.0-1.22.1.9.8.el5_6.i386.rpm

x86_64:
java-1.6.0-openjdk-1.6.0.0-1.22.1.9.8.el5_6.x86_64.rpm
java-1.6.0-openjdk-debuginfo-1.6.0.0-1.22.1.9.8.el5_6.x86_64.rpm
java-1.6.0-openjdk-demo-1.6.0.0-1.22.1.9.8.el5_6.x86_64.rpm
java-1.6.0-openjdk-devel-1.6.0.0-1.22.1.9.8.el5_6.x86_64.rpm
java-1.6.0-openjdk-javadoc-1.6.0.0-1.22.1.9.8.el5_6.x86_64.rpm
java-1.6.0-openjdk-src-1.6.0.0-1.22.1.9.8.el5_6.x86_64.rpm

These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/#package

7. References:

https://www.redhat.com/security/data/cve/CVE-2011-0862.html
https://www.redhat.com/security/data/cve/CVE-2011-0864.html
https://www.redhat.com/security/data/cve/CVE-2011-0865.html
https://www.redhat.com/security/data/cve/CVE-2011-0867.html
https://www.redhat.com/security/data/cve/CVE-2011-0868.html
https://www.redhat.com/security/data/cve/CVE-2011-0869.html
https://www.redhat.com/security/data/cve/CVE-2011-0871.html
https://access.redhat.com/security/updates/classification/#important
http://www.oracle.com/technetwork/topics/security/javacpujune2011-313339.html

8. Contact:

The Red Hat security contact is &lt;secalert@redhat.com&gt;. More contact
details at https://access.redhat.com/security/team/contact/

Copyright 2011 Red Hat, Inc.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.4 (GNU/Linux)

iD4DBQFN75bYXlSAg2UNWIIRAme0AJ4+XFg2MszHJ5Yln/WmTpYZUJ1bhACYse40
VXJYHPfgwdZZvyYtU0lj4g==
=g6w8
-----END PGP SIGNATURE-----


--
Enterprise-watch-list mailing list
Enterprise-watch-list@redhat.com
https://www.redhat.com/mailman/listinfo/enterprise-watch-list
 
Old 02-21-2012, 09:34 PM
 
Default Important: java-1.6.0-openjdk security update

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

================================================== ===================
Red Hat Security Advisory

Synopsis: Important: java-1.6.0-openjdk security update
Advisory ID: RHSA-2012:0322-01
Product: Red Hat Enterprise Linux
Advisory URL: https://rhn.redhat.com/errata/RHSA-2012-0322.html
Issue date: 2012-02-21
CVE Names: CVE-2011-3563 CVE-2011-3571 CVE-2011-5035
CVE-2012-0497 CVE-2012-0501 CVE-2012-0502
CVE-2012-0503 CVE-2012-0505 CVE-2012-0506
================================================== ===================

1. Summary:

Updated java-1.6.0-openjdk packages that fix several security issues are
now available for Red Hat Enterprise Linux 5.

The Red Hat Security Response Team has rated this update as having
important security impact. Common Vulnerability Scoring System (CVSS) base
scores, which give detailed severity ratings, are available for each
vulnerability from the CVE links in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux (v. 5 server) - i386, x86_64
Red Hat Enterprise Linux Desktop (v. 5 client) - i386, x86_64

3. Description:

These packages provide the OpenJDK 6 Java Runtime Environment and the
OpenJDK 6 Software Development Kit.

It was discovered that Java2D did not properly check graphics rendering
objects before passing them to the native renderer. Malicious input, or an
untrusted Java application or applet could use this flaw to crash the Java
Virtual Machine (JVM), or bypass Java sandbox restrictions. (CVE-2012-0497)

It was discovered that the exception thrown on deserialization failure did
not always contain a proper identification of the cause of the failure. An
untrusted Java application or applet could use this flaw to bypass Java
sandbox restrictions. (CVE-2012-0505)

The AtomicReferenceArray class implementation did not properly check if
the array was of the expected Object[] type. A malicious Java application
or applet could use this flaw to bypass Java sandbox restrictions.
(CVE-2011-3571)

It was discovered that the use of TimeZone.setDefault() was not restricted
by the SecurityManager, allowing an untrusted Java application or applet to
set a new default time zone, and hence bypass Java sandbox restrictions.
(CVE-2012-0503)

The HttpServer class did not limit the number of headers read from HTTP
requests. A remote attacker could use this flaw to make an application
using HttpServer use an excessive amount of CPU time via a
specially-crafted request. This update introduces a header count limit
controlled using the sun.net.httpserver.maxReqHeaders property. The default
value is 200. (CVE-2011-5035)

The Java Sound component did not properly check buffer boundaries.
Malicious input, or an untrusted Java application or applet could use this
flaw to cause the Java Virtual Machine (JVM) to crash or disclose a portion
of its memory. (CVE-2011-3563)

A flaw was found in the AWT KeyboardFocusManager that could allow an
untrusted Java application or applet to acquire keyboard focus and possibly
steal sensitive information. (CVE-2012-0502)

It was discovered that the CORBA (Common Object Request Broker
Architecture) implementation in Java did not properly protect repository
identifiers on certain CORBA objects. This could have been used to modify
immutable object data. (CVE-2012-0506)

An off-by-one flaw, causing a stack overflow, was found in the unpacker for
ZIP files. A specially-crafted ZIP archive could cause the Java Virtual
Machine (JVM) to crash when opened. (CVE-2012-0501)

This erratum also upgrades the OpenJDK package to IcedTea6 1.10.6. Refer to
the NEWS file, linked to in the References, for further information.

All users of java-1.6.0-openjdk are advised to upgrade to these updated
packages, which resolve these issues. All running instances of OpenJDK Java
must be restarted for the update to take effect.

4. Solution:

Before applying this update, make sure all previously-released errata
relevant to your system have been applied.

This update is available via the Red Hat Network. Details on how to
use the Red Hat Network to apply this update are available at
https://access.redhat.com/kb/docs/DOC-11259

5. Bugs fixed (http://bugzilla.redhat.com/):

788606 - CVE-2011-5035 OpenJDK: HttpServer no header count limit (Lightweight HTTP Server, 7126960)
788624 - CVE-2012-0501 OpenJDK: off-by-one bug in ZIP reading code (JRE, 7118283)
788976 - CVE-2012-0503 OpenJDK: unrestricted use of TimeZone.setDefault() (i18n, 7110687)
788994 - CVE-2011-3571 OpenJDK: AtomicReferenceArray insufficient array type check (Concurrency, 7082299)
789295 - CVE-2011-3563 OpenJDK: JavaSound incorrect bounds check (Sound, 7088367)
789297 - CVE-2012-0502 OpenJDK: KeyboardFocusManager focus stealing (AWT, 7110683)
789299 - CVE-2012-0505 OpenJDK: incomplete info in the deserialization exception (Serialization, 7110700)
789300 - CVE-2012-0506 OpenJDK: mutable repository identifiers (CORBA, 7110704)
789301 - CVE-2012-0497 OpenJDK: insufficient checking of the graphics rendering object (2D, 7112642)

6. Package List:

Red Hat Enterprise Linux Desktop (v. 5 client):

Source:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Client/en/os/SRPMS/java-1.6.0-openjdk-1.6.0.0-1.25.1.10.6.el5_8.src.rpm

i386:
java-1.6.0-openjdk-1.6.0.0-1.25.1.10.6.el5_8.i386.rpm
java-1.6.0-openjdk-debuginfo-1.6.0.0-1.25.1.10.6.el5_8.i386.rpm
java-1.6.0-openjdk-demo-1.6.0.0-1.25.1.10.6.el5_8.i386.rpm
java-1.6.0-openjdk-devel-1.6.0.0-1.25.1.10.6.el5_8.i386.rpm
java-1.6.0-openjdk-javadoc-1.6.0.0-1.25.1.10.6.el5_8.i386.rpm
java-1.6.0-openjdk-src-1.6.0.0-1.25.1.10.6.el5_8.i386.rpm

x86_64:
java-1.6.0-openjdk-1.6.0.0-1.25.1.10.6.el5_8.x86_64.rpm
java-1.6.0-openjdk-debuginfo-1.6.0.0-1.25.1.10.6.el5_8.x86_64.rpm
java-1.6.0-openjdk-demo-1.6.0.0-1.25.1.10.6.el5_8.x86_64.rpm
java-1.6.0-openjdk-devel-1.6.0.0-1.25.1.10.6.el5_8.x86_64.rpm
java-1.6.0-openjdk-javadoc-1.6.0.0-1.25.1.10.6.el5_8.x86_64.rpm
java-1.6.0-openjdk-src-1.6.0.0-1.25.1.10.6.el5_8.x86_64.rpm

Red Hat Enterprise Linux (v. 5 server):

Source:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Server/en/os/SRPMS/java-1.6.0-openjdk-1.6.0.0-1.25.1.10.6.el5_8.src.rpm

i386:
java-1.6.0-openjdk-1.6.0.0-1.25.1.10.6.el5_8.i386.rpm
java-1.6.0-openjdk-debuginfo-1.6.0.0-1.25.1.10.6.el5_8.i386.rpm
java-1.6.0-openjdk-demo-1.6.0.0-1.25.1.10.6.el5_8.i386.rpm
java-1.6.0-openjdk-devel-1.6.0.0-1.25.1.10.6.el5_8.i386.rpm
java-1.6.0-openjdk-javadoc-1.6.0.0-1.25.1.10.6.el5_8.i386.rpm
java-1.6.0-openjdk-src-1.6.0.0-1.25.1.10.6.el5_8.i386.rpm

x86_64:
java-1.6.0-openjdk-1.6.0.0-1.25.1.10.6.el5_8.x86_64.rpm
java-1.6.0-openjdk-debuginfo-1.6.0.0-1.25.1.10.6.el5_8.x86_64.rpm
java-1.6.0-openjdk-demo-1.6.0.0-1.25.1.10.6.el5_8.x86_64.rpm
java-1.6.0-openjdk-devel-1.6.0.0-1.25.1.10.6.el5_8.x86_64.rpm
java-1.6.0-openjdk-javadoc-1.6.0.0-1.25.1.10.6.el5_8.x86_64.rpm
java-1.6.0-openjdk-src-1.6.0.0-1.25.1.10.6.el5_8.x86_64.rpm

These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/#package

7. References:

https://www.redhat.com/security/data/cve/CVE-2011-3563.html
https://www.redhat.com/security/data/cve/CVE-2011-3571.html
https://www.redhat.com/security/data/cve/CVE-2011-5035.html
https://www.redhat.com/security/data/cve/CVE-2012-0497.html
https://www.redhat.com/security/data/cve/CVE-2012-0501.html
https://www.redhat.com/security/data/cve/CVE-2012-0502.html
https://www.redhat.com/security/data/cve/CVE-2012-0503.html
https://www.redhat.com/security/data/cve/CVE-2012-0505.html
https://www.redhat.com/security/data/cve/CVE-2012-0506.html
https://access.redhat.com/security/updates/classification/#important
http://icedtea.classpath.org/hg/release/icedtea6-1.10/file/icedtea6-1.10.6/NEWS
http://www.oracle.com/technetwork/topics/security/javacpufeb2012-366318.html

8. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact
details at https://access.redhat.com/security/team/contact/

Copyright 2012 Red Hat, Inc.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.4 (GNU/Linux)

iD8DBQFPRBvTXlSAg2UNWIIRArkfAJ9B74k5cUjTIZGepTvbu+ 3kEcMpIgCgo2FR
eIi8N5jfo4lIBLPu4EKFpVo=
=ChsF
-----END PGP SIGNATURE-----


--
Enterprise-watch-list mailing list
Enterprise-watch-list@redhat.com
https://www.redhat.com/mailman/listinfo/enterprise-watch-list
 
Old 09-03-2012, 01:12 PM
 
Default Important: java-1.6.0-openjdk security update

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

================================================== ===================
Red Hat Security Advisory

Synopsis: Important: java-1.6.0-openjdk security update
Advisory ID: RHSA-2012:1222-01
Product: Red Hat Enterprise Linux
Advisory URL: https://rhn.redhat.com/errata/RHSA-2012-1222.html
Issue date: 2012-09-03
CVE Names: CVE-2012-0547 CVE-2012-1682
================================================== ===================

1. Summary:

Updated java-1.6.0-openjdk packages that fix two security issues are now
available for Red Hat Enterprise Linux 5.

The Red Hat Security Response Team has rated this update as having
important security impact. Common Vulnerability Scoring System (CVSS) base
scores, which give detailed severity ratings, are available for each
vulnerability from the CVE links in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux (v. 5 server) - i386, x86_64
Red Hat Enterprise Linux Desktop (v. 5 client) - i386, x86_64

3. Description:

These packages provide the OpenJDK 6 Java Runtime Environment and the
OpenJDK 6 Software Development Kit.

It was discovered that the Beans component in OpenJDK did not perform
permission checks properly. An untrusted Java application or applet could
use this flaw to use classes from restricted packages, allowing it to
bypass Java sandbox restrictions. (CVE-2012-1682)

A hardening fix was applied to the AWT component in OpenJDK, removing
functionality from the restricted SunToolkit class that was used in
combination with other flaws to bypass Java sandbox restrictions.
(CVE-2012-0547)

This erratum also upgrades the OpenJDK package to IcedTea6 1.10.9. Refer to
the NEWS file, linked to in the References, for further information.

All users of java-1.6.0-openjdk are advised to upgrade to these updated
packages, which resolve these issues. All running instances of OpenJDK Java
must be restarted for the update to take effect.

4. Solution:

Before applying this update, make sure all previously-released errata
relevant to your system have been applied.

This update is available via the Red Hat Network. Details on how to
use the Red Hat Network to apply this update are available at
https://access.redhat.com/knowledge/articles/11258

5. Bugs fixed (http://bugzilla.redhat.com/):

846709 - Kerberos auth failing to work in openjdk due to two upstream bugs
853097 - CVE-2012-1682 OpenJDK: beans ClassFinder insufficient permission checks (beans, 7162476)
853228 - CVE-2012-0547 OpenJDK: AWT hardening fixes (AWT, 7163201)

6. Package List:

Red Hat Enterprise Linux Desktop (v. 5 client):

Source:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Client/en/os/SRPMS/java-1.6.0-openjdk-1.6.0.0-1.28.1.10.9.el5_8.src.rpm

i386:
java-1.6.0-openjdk-1.6.0.0-1.28.1.10.9.el5_8.i386.rpm
java-1.6.0-openjdk-debuginfo-1.6.0.0-1.28.1.10.9.el5_8.i386.rpm
java-1.6.0-openjdk-demo-1.6.0.0-1.28.1.10.9.el5_8.i386.rpm
java-1.6.0-openjdk-devel-1.6.0.0-1.28.1.10.9.el5_8.i386.rpm
java-1.6.0-openjdk-javadoc-1.6.0.0-1.28.1.10.9.el5_8.i386.rpm
java-1.6.0-openjdk-src-1.6.0.0-1.28.1.10.9.el5_8.i386.rpm

x86_64:
java-1.6.0-openjdk-1.6.0.0-1.28.1.10.9.el5_8.x86_64.rpm
java-1.6.0-openjdk-debuginfo-1.6.0.0-1.28.1.10.9.el5_8.x86_64.rpm
java-1.6.0-openjdk-demo-1.6.0.0-1.28.1.10.9.el5_8.x86_64.rpm
java-1.6.0-openjdk-devel-1.6.0.0-1.28.1.10.9.el5_8.x86_64.rpm
java-1.6.0-openjdk-javadoc-1.6.0.0-1.28.1.10.9.el5_8.x86_64.rpm
java-1.6.0-openjdk-src-1.6.0.0-1.28.1.10.9.el5_8.x86_64.rpm

Red Hat Enterprise Linux (v. 5 server):

Source:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Server/en/os/SRPMS/java-1.6.0-openjdk-1.6.0.0-1.28.1.10.9.el5_8.src.rpm

i386:
java-1.6.0-openjdk-1.6.0.0-1.28.1.10.9.el5_8.i386.rpm
java-1.6.0-openjdk-debuginfo-1.6.0.0-1.28.1.10.9.el5_8.i386.rpm
java-1.6.0-openjdk-demo-1.6.0.0-1.28.1.10.9.el5_8.i386.rpm
java-1.6.0-openjdk-devel-1.6.0.0-1.28.1.10.9.el5_8.i386.rpm
java-1.6.0-openjdk-javadoc-1.6.0.0-1.28.1.10.9.el5_8.i386.rpm
java-1.6.0-openjdk-src-1.6.0.0-1.28.1.10.9.el5_8.i386.rpm

x86_64:
java-1.6.0-openjdk-1.6.0.0-1.28.1.10.9.el5_8.x86_64.rpm
java-1.6.0-openjdk-debuginfo-1.6.0.0-1.28.1.10.9.el5_8.x86_64.rpm
java-1.6.0-openjdk-demo-1.6.0.0-1.28.1.10.9.el5_8.x86_64.rpm
java-1.6.0-openjdk-devel-1.6.0.0-1.28.1.10.9.el5_8.x86_64.rpm
java-1.6.0-openjdk-javadoc-1.6.0.0-1.28.1.10.9.el5_8.x86_64.rpm
java-1.6.0-openjdk-src-1.6.0.0-1.28.1.10.9.el5_8.x86_64.rpm

These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/#package

7. References:

https://www.redhat.com/security/data/cve/CVE-2012-0547.html
https://www.redhat.com/security/data/cve/CVE-2012-1682.html
https://access.redhat.com/security/updates/classification/#important
http://www.oracle.com/technetwork/topics/security/alert-cve-2012-4681-1835715.html
http://icedtea.classpath.org/hg/release/icedtea6-1.10/file/icedtea6-1.10.9/NEWS

8. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact
details at https://access.redhat.com/security/team/contact/

Copyright 2012 Red Hat, Inc.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.4 (GNU/Linux)

iD8DBQFQRKx0XlSAg2UNWIIRAvYLAKDDSO9dy44uzKkJIqo3l4 S1J0T6lgCdHkqG
XqkxJT8OdIpLqE4b/b5pAGg=
=96Z2
-----END PGP SIGNATURE-----


--
Enterprise-watch-list mailing list
Enterprise-watch-list@redhat.com
https://www.redhat.com/mailman/listinfo/enterprise-watch-list
 

Thread Tools




All times are GMT. The time now is 09:39 AM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.
Copyright 2007 - 2008, www.linux-archive.org