Alerts This Week
Warning Icon 1 681
Alerts This Week
Warning Icon 1 681

Fedora 11 FEDORA-2009-8329 Critical: OpenJDK Security Issues Fix

fedora
Calendar Grey August 7, 2009
Dist Fedora Esm H88
Timely patches for Ubuntu 20's OpenJDK feature essential safety fixes. Update promptly to maintain system security.
Urgent security updates have been included

Summary

The OpenJDK runtime environment.

Update Information:

Urgent security updates have been included

Topics%20covered

Topics Covered

security advisory security issue critical Fedora threat resolution urgent update OpenJDK

Change Log

* Tue Aug 4 2009 Lillian Angel - 1:1.6.0-27.b16 - Updated java-1.6.0-openjdk-netx.patch, and renamed to java-1.6.0-openjdk-netxandplugin.patch. - Added java-1.6.0-openjdk-securitypatches.patch. - Resolves: rhbz#512101 - Resolves: rhbz#512896 - Resolves: rhbz#512914 - Resolves: rhbz#512907 - Resolves: rhbz#512921 - Resolves: rhbz#511915 - Resolves: rhbz#512915 - Resolves: rhbz#512920 - Resolves: rhbz#512714 - Resolves: rhbz#513215 - Resolves: rhbz#513220 - Resolves: rhbz#513222 - Resolves: rhbz#513223 - Resolves: rhbz#503794 * Mon Aug 3 2009 Christopher Aillon - 1:1.6.0.0-26.b16 - Rebuild against newer gecko * Fri Jul 17 2009 Jan Horak - 1:1.6.0.0-25.b16 - Rebuild against newer gecko * Thu Jul 9 2009 Lillian Angel - 1:1.6.0-24.b16 - Added java-1.6.0-openjdk-netx.patch - Moved policytool to devel package. - Updated release. - Resolves: rhbz#507870 - Resolves: rhbz#471346 * Tue Jun 30 2009 Christopher Aillon - 1:1.6.0.0-23.b16 - Rebuild against newer gecko * Fri May 29 2009 Lillian Angel - 1:1.6.0-22.b16 - Fixed abs-install-dir to be %{_jvmdir}/java-1.6.0-openjdk-1.6.0.0 * Tue May 19 2009 Lillian Angel - 1:1.6.0-21.b16 - Removed java-1.6.0-openjdk-lcms.patch java-1.6.0-openjdk-securitypatches.patch java-1.6.0-openjdk-pulsejava.patch. - Updated visualvm source. - Updated sparc patches. - Updated release. - Updated icedteaver. - Updated openjdkver. - Updated openjdkdate. - Adjusted buildoutputdir. - Set runtests to 0. Hanging test causing problems. - Include systemtap support, install hotspot tapset. - Resolves: rhbz#479041 - Resolves: rhbz#480075 - Resolves: rhbz#483095 - Resolves: rhbz#487872 - Resolves: rhbz#467591 - Resolves: rhbz#487452 - Resolves: rhbz#498109 - Resolves: rhbz#497191 - Resolves: rhbz#462876 - Resolves: rhbz#489586 - Resolves: rhbz#501391 * Wed May 6 2009 Lillian Angel - 1:1.6.0.0-20.b14 - Added devel requirement for netbeans-platform

References


[ 1 ] Bug #511915 - CVE-2009-0217 xmlsec1, mono, xml-security-c, xml-security-1.3.0-1jpp.ep1.*: XMLDsig HMAC-based signatures spoofing and authentication bypass https://bugzilla.redhat.com/show_bug.cgi?id=511915 [ 2 ] Bug #513215 - CVE-2009-2475 OpenJDK information leaks in mutable variables (6588003,6656586,6656610,6656625,6657133,6657619,6657625,6657695,6660049,6660539,6813167) https://bugzilla.redhat.com/show_bug.cgi?id=513215 [ 3 ] Bug #513220 - CVE-2009-2476 OpenJDK OpenType checks can be bypassed (6736293) https://bugzilla.redhat.com/show_bug.cgi?id=513220 [ 4 ] Bug #512921 - CVE-2009-2625 OpenJDK XML parsing Denial-Of-Service (6845701) https://bugzilla.redhat.com/show_bug.cgi?id=512921 [ 5 ] Bug #512896 - CVE-2009-2670 OpenJDK Untrusted applet System properties access (6738524) https://bugzilla.redhat.com/show_bug.cgi?id=512896 [ 6 ] Bug #512907 - CVE-2009-2671 CVE-2009-2672 OpenJDK Proxy mechanism information leaks (680107...

Read the Full Advisory

Update Instructions

This update can be installed with the "yum" update program. Use su -c 'yum update java-1.6.0-openjdk' at the command line. For more information, refer to "Managing Software with yum", available at .

Severity
critical
Lowest
Low
Medium
High
Critical

Name: java-1.6.0-openjdk
Product: Fedora 11
Version: 1.6.0.0
Release: 27.b16.fc11
URL: https://icedtea.classpath.org/
Summary: OpenJDK Runtime Environment

Topics%20covered

Topics Covered

security advisory security issue critical Fedora threat resolution urgent update OpenJDK

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Related News

Your message here