Alerts This Week
Warning Icon 1 646
Alerts This Week
Warning Icon 1 646

Fedora 10: JAVA-1.6.0-OPENJDK Moderate: Privilege Escalation Threat

fedora
Calendar Grey February 4, 2009
Dist Fedora Esm H88
This release of Python in Ubuntu rectifies a serious vulnerability in the libraries handling of JSON. Enhancements and corrections also implemented.
This fixes a default security policy, that allowed unsigned applets to access the gnome-java-bridge, allowing a privilege escalation (#474431)

Summary

The OpenJDK runtime environment.

This fixes a default security policy, that allowed unsigned applets to access

the gnome-java-bridge, allowing a privilege escalation (#474431). There are

also several bug fixes included in this update.

* Mon Jan 26 2009 Lillian Angel - 1:1.6.0-10.b14

- Updated sources.

* Fri Jan 23 2009 Lillian Angel - 1:1.6.0-10.b14

- Added accessibility patch.

* Thu Jan 22 2009 Lillian Angel - 1:1.6.0-10.b14

- Updated to icedtea-1.4 snapshot.

- Updated release.

- Removed netbeans and visualvm.

- Added hotspot source.

- Added --with-hotspot-src-zip build option.

- Set runtests to 1.

- Updated jtreg log.

- Updated openjdkver.

- Updated openjdkdate.

- Added new patch to add GNOME to java.security.

- Resolves: rhbz#472953

- Resolves: rhbz#475081

- Resolves: rhbz#452573

- Resolves: rhbz#474431

- Resolves: rhbz#474503

- Resolves: rhbz#472862

- Resolves: rhbz#477351

- Resolves: rhbz#475109

- Resolves: rhbz#476462

* Sun Jan 11 2009 Lillian Angel - 1:1.6.0-8.b12

- Removed README.plugin, updated source list.

- Updated release.

[ 1 ] Bug #476462 - IcedTea Web Browser Plugin applet issue when loading in SSL

https://bugzilla.redhat.com/show_bug.cgi?id=476462

[ 2 ] Bug #452573 - Bad window size calculation after using pack()

https://bugzilla.redhat.com/show_bug.cgi?id=452573

[ 3 ] Bug #475109 - NullPointerException when launching JNLP file

https://bugzilla.redhat.com/show_bug.cgi?id=475109

[ 4 ] Bug #472953 - Java plugin fails when visiting an https site whose certificate is not in the trust path

https://bugzilla.redhat.com/show_bug.cgi?id=472953

[ 5 ] Bug #475081 - Komercni banka's online banking does not work

https://bugzilla.redhat.com/show_bug.cgi?id=475081

[ 6 ] Bug #474431 - Untrusted applets can access the gnome-java-bridge

https://bugzilla.redhat.com/show_bug.cgi?id=474431

[ 7 ] Bug #474503 - RFE: Update HotSpot

https://bugzilla.redhat.com/show_bug.cgi?id=474503

[ 8 ] Bug #472862 - Run tests and include jtreg-check summary

https://bugzilla.redhat.com/show_bug.cgi?id=472862

su -c 'yum update java-1.6.0-openjdk' at the command line.

For more information, refer to "Managing Software with yum",

available at .

All packages are signed with the Fedora Project GPG key. More details on the

GPG keys used by the Fedora Project can be found at

https://fedoraproject.org/security/

Fedora-package-announce mailing list

Fedora-package-announce@redhat.com

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/

Topics%20covered

Topics Covered

security advisory Fedora privilege escalation security fix java applet policy

Change Log

References

Update Instructions

Severity
important
Lowest
Low
Medium
High
Critical

Product: Fedora 10
Version: 1.6.0.0
Release: 9.b14.fc10
URL: https://icedtea.classpath.org/
Summary: OpenJDK Runtime Environment

Topics%20covered

Topics Covered

security advisory Fedora privilege escalation security fix java applet policy

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Related News

Your message here