Alerts This Week
Warning Icon 1 637
Alerts This Week
Warning Icon 1 637

openSUSE 11.3 & 11.4: 2011:0706-1 Important: Java 1.6.0 Security Fix

opensuse
Calendar Grey June 28, 2011
Dist Opensuse Esm H88
An update bulletin for Mandriva outlines patches addressing multiple security flaws in the python-3_6 package.
An update that fixes 11 vulnerabilities is now available

Description

Icedtea as included in java-1_6_0-openjdk was updated to

fix several security issues:

* S6213702, CVE-2011-0872: (so) non-blocking sockets with

TCP urgent disabled get still selected for read ops (win)

* S6618658, CVE-2011-0865: Vulnerability in deserialization

* S7012520, CVE-2011-0815: Heap overflow vulnerability in

FileDialog.show()

* S7013519, CVE-2011-0822, CVE-2011-0862: Integer overflows

in 2D code

* S7013969, CVE-2011-0867: NetworkInterface.toString can

reveal bindings

* S7013971, CVE-2011-0869: Vulnerability in SAAJ

* S7016340, CVE-2011-0870: Vulnerability in SAAJ

* S7016495, CVE-2011-0868: Crash in Java 2D transforming an

image with scale close to zero

* S7020198, CVE-2011-0871: ImageIcon creates Component with

null acc

* S7020373, CVE-2011-0864: JSR rewriting can overflow

memory address size

Topics%20covered

Topics Covered

security advisory security issue important java openSUSE patch instructions icedtea

Patch

Patch Instructions:

To install this openSUSE Security Update use YaST online_update.

Alternatively you can run the command listed for your product:

- openSUSE 11.4:

zypper in -t patch icedtea-web-4788

- openSUSE 11.3:

zypper in -t patch icedtea-web-4788

To bring your system up-to-date, use "zypper patch".

Package List

- openSUSE 11.4 (i586 x86_64):

icedtea-web-1.1-0.2.1

java-1_6_0-openjdk-1.6.0.0_b22.1.10.2-4.3.1

java-1_6_0-openjdk-devel-1.6.0.0_b22.1.10.2-4.3.1

- openSUSE 11.4 (noarch):

icedtea-web-javadoc-1.1-0.2.1

java-1_6_0-openjdk-demo-1.6.0.0_b22.1.10.2-4.3.1

java-1_6_0-openjdk-javadoc-1.6.0.0_b22.1.10.2-4.3.1

java-1_6_0-openjdk-src-1.6.0.0_b22.1.10.2-4.3.1

- openSUSE 11.3 (i586 x86_64):

icedtea-web-1.1-0.2.1

java-1_6_0-openjdk-1.6.0.0_b22.1.10.2-4.2.1

java-1_6_0-openjdk-devel-1.6.0.0_b22.1.10.2-4.2.1

- openSUSE 11.3 (noarch):

icedtea-web-javadoc-1.1-0.2.1

java-1_6_0-openjdk-demo-1.6.0.0_b22.1.10.2-4.2.1

java-1_6_0-openjdk-javadoc-1.6.0.0_b22.1.10.2-4.2.1

java-1_6_0-openjdk-src-1.6.0.0_b22.1.10.2-4.2.1

References

https://www.suse.com/security/cve/CVE-2011-0815.html

https://www.suse.com/security/cve/CVE-2011-0822.html

https://www.suse.com/security/cve/CVE-2011-0862.html

https://www.suse.com/security/cve/CVE-2011-0864.html

https://www.suse.com/security/cve/CVE-2011-0865.html

https://www.suse.com/security/cve/CVE-2011-0867.html

https://www.suse.com/security/cve/CVE-2011-0868.html

https://www.suse.com/security/cve/CVE-2011-0869.html

https://www.suse.com/security/cve/CVE-2011-0870.html

https://www.suse.com/security/cve/CVE-2011-0871.html

https://www.suse.com/security/cve/CVE-2011-0872.html

Severity
important
Lowest
Low
Medium
High
Critical

Announcement ID: openSUSE-SU-2011:0706-1
Rating: important
Affected Products: openSUSE 11.4 openSUSE 11.3 .

Topics%20covered

Topics Covered

security advisory security issue important java openSUSE patch instructions icedtea

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Related News

Your message here