Stay Vigilant with Timely Linux Security Advisories

security advisorysoftware updateimportant patch

openSUSE 15.3 & 15.4: Security Update for OpenJDK Java 1.8 Important Patch

An update that solves 13 vulnerabilities and has three fixes is now available. . openSUSE Security Update: Security update for java-1_8_0-openjdk ______________________________________________________________________________ Announcement ID: openSUSE-SU-2022:0873-1 Rating: important References: #1193314 #1193444 #1193491 #1194926 #1194928 #1194929 #1194931 #1194932 #1194933 #1194934 #1194935 #1194937 #1194939 #1194940 #1194941 #1195163 Cross-References: CVE-2022-21248 CVE-2022-21282 CVE-2022-21283 CVE-2022-21293 CVE-2022-21294 CVE-2022-21296 CVE-2022-21299 CVE-2022-21305 CVE-2022-21340 CVE-2022-21341 CVE-2022-21349 CVE-2022-21360 CVE-2022-21365 CVSS scores: CVE-2022-21248 (NVD) : 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N CVE-2022-21248 (SUSE): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N CVE-2022-21282 (NVD) : 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N CVE-2022-21282 (SUSE): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N CVE-2022-21283 (NVD) : 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L CVE-2022-21283 (SUSE): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L CVE-2022-21293 (NVD) : 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L CVE-2022-21293 (SUSE): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L CVE-2022-21294 (NVD) : 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L CVE-2022-21294 (SUSE): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L CVE-2022-21296 (NVD) : 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N CVE-2022-21296 (SUSE): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N CVE-2022-21299 (NVD) : 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L CVE-2022-21299 (SUSE): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L CVE-2022-21305 (NVD) : 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N CVE-2022-21305 (SUSE): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N CVE-2022-21340 (NVD) : 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L CVE-2022-21340 (SUSE): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L CVE-2022-21341 (NVD) : 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L CVE-2022-21341 (SUSE): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L CVE-2022-21349 (NVD) : 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L CVE-2022-21349 (SUSE): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L CVE-2022-21360 (NVD) : 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L CVE-2022-21360 (SUSE): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L CVE-2022-21365 (NVD) : 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L CVE-2022-21365 (SUSE): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L Affected Products: openSUSE Leap 15.3 openSUSE Leap 15.4 ______________________________________________________________________________ An update that solves 13 vulnerabilities and has three fixes is now available. Description: This update for java-1_8_0-openjdk fixes the following issues: Update to version jdk8u322 (icedtea-3.22.0) Including the following security fixes: - CVE-2022-21248, bsc#1194926: Enhance cross VM serialization - CVE-2022-21283, bsc#1194937: Better String matching - CVE-2022-21293, bsc#1194935: Improve String constructions - CVE-2022-21294, bsc#1194934: Enhance construction of Identity maps - CVE-2022-21282, bsc#1194933: Better resolution of URIs - CVE-2022-21296, bsc#1194932: Improve SAX Parser configuration management - CVE-2022-21299,bsc#1194931: Improved scanning of XML entities - CVE-2022-21305, bsc#1194939: Better array indexing - CVE-2022-21340, bsc#1194940: Verify Jar Verification - CVE-2022-21341, bsc#1194941: Improve serial forms for transport - CVE-2022-21349: Improve Solaris font rendering - CVE-2022-21360, bsc#1194929: Enhance BMP image support - CVE-2022-21365, bsc#1194928: Enhanced BMP processing Patch Instructions: To install this openSUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Leap 15.4: zypper in -t patch openSUSE-SLE-15.4-2022-873=1 - openSUSE Leap 15.3: zypper in -t patch openSUSE-SLE-15.3-2022-873=1 Package List: - openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64): java-1_8_0-openjdk-1.8.0.322-3.64.2 java-1_8_0-openjdk-accessibility-1.8.0.322-3.64.2 java-1_8_0-openjdk-debuginfo-1.8.0.322-3.64.2 java-1_8_0-openjdk-debugsource-1.8.0.322-3.64.2 java-1_8_0-openjdk-demo-1.8.0.322-3.64.2 java-1_8_0-openjdk-demo-debuginfo-1.8.0.322-3.64.2 java-1_8_0-openjdk-devel-1.8.0.322-3.64.2 java-1_8_0-openjdk-devel-debuginfo-1.8.0.322-3.64.2 java-1_8_0-openjdk-headless-1.8.0.322-3.64.2 java-1_8_0-openjdk-headless-debuginfo-1.8.0.322-3.64.2 java-1_8_0-openjdk-src-1.8.0.322-3.64.2 - openSUSE Leap 15.4 (noarch): java-1_8_0-openjdk-javadoc-1.8.0.322-3.64.2 - openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64): java-1_8_0-openjdk-1.8.0.322-3.64.2 java-1_8_0-openjdk-accessibility-1.8.0.322-3.64.2 java-1_8_0-openjdk-debuginfo-1.8.0.322-3.64.2 java-1_8_0-openjdk-debugsource-1.8.0.322-3.64.2 java-1_8_0-openjdk-demo-1.8.0.322-3.64.2 java-1_8_0-openjdk-demo-debuginfo-1.8.0.322-3.64.2 java-1_8_0-openjdk-devel-1.8.0.322-3.64.2 java-1_8_0-openjdk-devel-debuginfo-1.8.0.322-3.64.2 java-1_8_0-openjdk-headless-1.8.0.322-3.64.2 java-1_8_0-openjdk-headless-debuginfo-1.8.0.322-3.64.2 java-1_8_0-openjdk-src-1.8.0.322-3.64.2 - openSUSE Leap 15.3 (noarch): java-1_8_0-openjdk-javadoc-1.8.0.322-3.64.2 References: https://www.suse.com/security/cve/CVE-2022-21248.html https://www.suse.com/security/cve/CVE-2022-21282.html https://www.suse.com/security/cve/CVE-2022-21283.html https://www.suse.com/security/cve/CVE-2022-21293.html https://www.suse.com/security/cve/CVE-2022-21294.html https://www.suse.com/security/cve/CVE-2022-21296.html https://www.suse.com/security/cve/CVE-2022-21299.html https://www.suse.com/security/cve/CVE-2022-21305.html https://www.suse.com/security/cve/CVE-2022-21340.html https://www.suse.com/security/cve/CVE-2022-21341.html https://www.suse.com/security/cve/CVE-2022-21349.html https://www.suse.com/security/cve/CVE-2022-21360.html https://www.suse.com/security/cve/CVE-2022-21365.html https://bugzilla.suse.com/1193314 https://bugzilla.suse.com/1193444 https://bugzilla.suse.com/1193491 https://bugzilla.suse.com/1194926 https://bugzilla.suse.com/1194928 https://bugzilla.suse.com/1194929 https://bugzilla.suse.com/1194931 https://bugzilla.suse.com/1194932 https://bugzilla.suse.com/1194933 https://bugzilla.suse.com/1194934 https://bugzilla.suse.com/1194935 https://bugzilla.suse.com/1194937 https://bugzilla.suse.com/1194939 https://bugzilla.suse.com/1194940 https://bugzilla.suse.com/1194941 https://bugzilla.suse.com/1195163 . A vital patch has been released for openSUSE java-1_8_0-openjdk, tackling 13 vulnerabilities and delivering essential corrections.. openSUSE Security, java Update, Software Patch, Security Fixes, OpenJDK. . Severity: Important. LinuxSecurity.com Team

Mar 16, 2022 •Important OpenSUSE

security advisoryRed Hatsecurity fix

Red Hat Enterprise Linux 7 RHSA-2021-2784-01 Critical Java Security

An update for java-11-openjdk is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ==================================================================== Red Hat Security Advisory Synopsis: Important: java-11-openjdk security update Advisory ID: RHSA-2021:2784-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2021:2784 Issue date: 2021-07-21 CVE Names: CVE-2021-2341 CVE-2021-2369 CVE-2021-2388 ==================================================================== 1. Summary: An update for java-11-openjdk is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Client (v. 7) - x86_64 Red Hat Enterprise Linux Client Optional (v. 7) - x86_64 Red Hat Enterprise Linux ComputeNode (v. 7) - x86_64 Red Hat Enterprise Linux ComputeNode Optional (v. 7) - x86_64 Red Hat Enterprise Linux Server (v. 7) - ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Server Optional (v. 7) - ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Workstation (v. 7) - x86_64 Red Hat Enterprise Linux Workstation Optional (v. 7) - x86_64 3. Description: The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. Security Fix(es): * OpenJDK: Incorrect comparison during range check elimination (Hotspot, 8264066) (CVE-2021-2388) * OpenJDK: FTP PASV command response can cause FtpClient to connect to arbitrary host (Networking, 8258432) (CVE-2021-2341) *OpenJDK: Incorrect verification of JAR files with multiple MANIFEST.MF files (Library, 8260967) (CVE-2021-2369) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 All running instances of OpenJDK Java must be restarted for this update to take effect. 5. Bugs fixed (https://bugzilla.redhat.com/): 1967811 - Prepare for the next quarterly OpenJDK upstream release (2021-07, 11.0.12) [rhel-7] 1982874 - CVE-2021-2341 OpenJDK: FTP PASV command response can cause FtpClient to connect to arbitrary host (Networking, 8258432) 1982879 - CVE-2021-2369 OpenJDK: Incorrect verification of JAR files with multiple MANIFEST.MF files (Library, 8260967) 1983075 - CVE-2021-2388 OpenJDK: Incorrect comparison during range check elimination (Hotspot, 8264066) 6. Package List: Red Hat Enterprise Linux Client (v. 7): Source: java-11-openjdk-11.0.12.0.7-0.el7_9.src.rpm x86_64: java-11-openjdk-11.0.12.0.7-0.el7_9.i686.rpm java-11-openjdk-11.0.12.0.7-0.el7_9.x86_64.rpm java-11-openjdk-debuginfo-11.0.12.0.7-0.el7_9.i686.rpm java-11-openjdk-debuginfo-11.0.12.0.7-0.el7_9.x86_64.rpm java-11-openjdk-headless-11.0.12.0.7-0.el7_9.i686.rpm java-11-openjdk-headless-11.0.12.0.7-0.el7_9.x86_64.rpm Red Hat Enterprise Linux Client Optional (v.7): x86_64: java-11-openjdk-debuginfo-11.0.12.0.7-0.el7_9.i686.rpm java-11-openjdk-debuginfo-11.0.12.0.7-0.el7_9.x86_64.rpm java-11-openjdk-demo-11.0.12.0.7-0.el7_9.i686.rpm java-11-openjdk-demo-11.0.12.0.7-0.el7_9.x86_64.rpm java-11-openjdk-devel-11.0.12.0.7-0.el7_9.i686.rpm java-11-openjdk-devel-11.0.12.0.7-0.el7_9.x86_64.rpm java-11-openjdk-javadoc-11.0.12.0.7-0.el7_9.i686.rpm java-11-openjdk-javadoc-11.0.12.0.7-0.el7_9.x86_64.rpm java-11-openjdk-javadoc-zip-11.0.12.0.7-0.el7_9.i686.rpm java-11-openjdk-javadoc-zip-11.0.12.0.7-0.el7_9.x86_64.rpm java-11-openjdk-jmods-11.0.12.0.7-0.el7_9.i686.rpm java-11-openjdk-jmods-11.0.12.0.7-0.el7_9.x86_64.rpm java-11-openjdk-src-11.0.12.0.7-0.el7_9.i686.rpm java-11-openjdk-src-11.0.12.0.7-0.el7_9.x86_64.rpm java-11-openjdk-static-libs-11.0.12.0.7-0.el7_9.i686.rpm java-11-openjdk-static-libs-11.0.12.0.7-0.el7_9.x86_64.rpm Red Hat Enterprise Linux ComputeNode (v. 7): Source: java-11-openjdk-11.0.12.0.7-0.el7_9.src.rpm x86_64: java-11-openjdk-11.0.12.0.7-0.el7_9.i686.rpm java-11-openjdk-11.0.12.0.7-0.el7_9.x86_64.rpm java-11-openjdk-debuginfo-11.0.12.0.7-0.el7_9.i686.rpm java-11-openjdk-debuginfo-11.0.12.0.7-0.el7_9.x86_64.rpm java-11-openjdk-headless-11.0.12.0.7-0.el7_9.i686.rpm java-11-openjdk-headless-11.0.12.0.7-0.el7_9.x86_64.rpm Red Hat Enterprise Linux ComputeNode Optional (v.7): x86_64: java-11-openjdk-debuginfo-11.0.12.0.7-0.el7_9.i686.rpm java-11-openjdk-debuginfo-11.0.12.0.7-0.el7_9.x86_64.rpm java-11-openjdk-demo-11.0.12.0.7-0.el7_9.i686.rpm java-11-openjdk-demo-11.0.12.0.7-0.el7_9.x86_64.rpm java-11-openjdk-devel-11.0.12.0.7-0.el7_9.i686.rpm java-11-openjdk-devel-11.0.12.0.7-0.el7_9.x86_64.rpm java-11-openjdk-javadoc-11.0.12.0.7-0.el7_9.i686.rpm java-11-openjdk-javadoc-11.0.12.0.7-0.el7_9.x86_64.rpm java-11-openjdk-javadoc-zip-11.0.12.0.7-0.el7_9.i686.rpm java-11-openjdk-javadoc-zip-11.0.12.0.7-0.el7_9.x86_64.rpm java-11-openjdk-jmods-11.0.12.0.7-0.el7_9.i686.rpm java-11-openjdk-jmods-11.0.12.0.7-0.el7_9.x86_64.rpm java-11-openjdk-src-11.0.12.0.7-0.el7_9.i686.rpm java-11-openjdk-src-11.0.12.0.7-0.el7_9.x86_64.rpm java-11-openjdk-static-libs-11.0.12.0.7-0.el7_9.i686.rpm java-11-openjdk-static-libs-11.0.12.0.7-0.el7_9.x86_64.rpm Red Hat Enterprise Linux Server (v.7): Source: java-11-openjdk-11.0.12.0.7-0.el7_9.src.rpm ppc64: java-11-openjdk-11.0.12.0.7-0.el7_9.ppc64.rpm java-11-openjdk-debuginfo-11.0.12.0.7-0.el7_9.ppc64.rpm java-11-openjdk-devel-11.0.12.0.7-0.el7_9.ppc64.rpm java-11-openjdk-headless-11.0.12.0.7-0.el7_9.ppc64.rpm ppc64le: java-11-openjdk-11.0.12.0.7-0.el7_9.ppc64le.rpm java-11-openjdk-debuginfo-11.0.12.0.7-0.el7_9.ppc64le.rpm java-11-openjdk-devel-11.0.12.0.7-0.el7_9.ppc64le.rpm java-11-openjdk-headless-11.0.12.0.7-0.el7_9.ppc64le.rpm s390x: java-11-openjdk-11.0.12.0.7-0.el7_9.s390x.rpm java-11-openjdk-debuginfo-11.0.12.0.7-0.el7_9.s390x.rpm java-11-openjdk-devel-11.0.12.0.7-0.el7_9.s390x.rpm java-11-openjdk-headless-11.0.12.0.7-0.el7_9.s390x.rpm x86_64: java-11-openjdk-11.0.12.0.7-0.el7_9.i686.rpm java-11-openjdk-11.0.12.0.7-0.el7_9.x86_64.rpm java-11-openjdk-debuginfo-11.0.12.0.7-0.el7_9.i686.rpm java-11-openjdk-debuginfo-11.0.12.0.7-0.el7_9.x86_64.rpm java-11-openjdk-devel-11.0.12.0.7-0.el7_9.i686.rpm java-11-openjdk-devel-11.0.12.0.7-0.el7_9.x86_64.rpm java-11-openjdk-headless-11.0.12.0.7-0.el7_9.i686.rpm java-11-openjdk-headless-11.0.12.0.7-0.el7_9.x86_64.rpm Red Hat Enterprise Linux Server Optional (v.7): ppc64: java-11-openjdk-debuginfo-11.0.12.0.7-0.el7_9.ppc64.rpm java-11-openjdk-demo-11.0.12.0.7-0.el7_9.ppc64.rpm java-11-openjdk-javadoc-11.0.12.0.7-0.el7_9.ppc64.rpm java-11-openjdk-javadoc-zip-11.0.12.0.7-0.el7_9.ppc64.rpm java-11-openjdk-jmods-11.0.12.0.7-0.el7_9.ppc64.rpm java-11-openjdk-src-11.0.12.0.7-0.el7_9.ppc64.rpm java-11-openjdk-static-libs-11.0.12.0.7-0.el7_9.ppc64.rpm ppc64le: java-11-openjdk-debuginfo-11.0.12.0.7-0.el7_9.ppc64le.rpm java-11-openjdk-demo-11.0.12.0.7-0.el7_9.ppc64le.rpm java-11-openjdk-javadoc-11.0.12.0.7-0.el7_9.ppc64le.rpm java-11-openjdk-javadoc-zip-11.0.12.0.7-0.el7_9.ppc64le.rpm java-11-openjdk-jmods-11.0.12.0.7-0.el7_9.ppc64le.rpm java-11-openjdk-src-11.0.12.0.7-0.el7_9.ppc64le.rpm java-11-openjdk-static-libs-11.0.12.0.7-0.el7_9.ppc64le.rpm s390x: java-11-openjdk-debuginfo-11.0.12.0.7-0.el7_9.s390x.rpm java-11-openjdk-demo-11.0.12.0.7-0.el7_9.s390x.rpm java-11-openjdk-javadoc-11.0.12.0.7-0.el7_9.s390x.rpm java-11-openjdk-javadoc-zip-11.0.12.0.7-0.el7_9.s390x.rpm java-11-openjdk-jmods-11.0.12.0.7-0.el7_9.s390x.rpm java-11-openjdk-src-11.0.12.0.7-0.el7_9.s390x.rpm java-11-openjdk-static-libs-11.0.12.0.7-0.el7_9.s390x.rpm x86_64: java-11-openjdk-debuginfo-11.0.12.0.7-0.el7_9.i686.rpm java-11-openjdk-debuginfo-11.0.12.0.7-0.el7_9.x86_64.rpm java-11-openjdk-demo-11.0.12.0.7-0.el7_9.i686.rpm java-11-openjdk-demo-11.0.12.0.7-0.el7_9.x86_64.rpm java-11-openjdk-javadoc-11.0.12.0.7-0.el7_9.i686.rpm java-11-openjdk-javadoc-11.0.12.0.7-0.el7_9.x86_64.rpm java-11-openjdk-javadoc-zip-11.0.12.0.7-0.el7_9.i686.rpm java-11-openjdk-javadoc-zip-11.0.12.0.7-0.el7_9.x86_64.rpm java-11-openjdk-jmods-11.0.12.0.7-0.el7_9.i686.rpm java-11-openjdk-jmods-11.0.12.0.7-0.el7_9.x86_64.rpm java-11-openjdk-src-11.0.12.0.7-0.el7_9.i686.rpm java-11-openjdk-src-11.0.12.0.7-0.el7_9.x86_64.rpm java-11-openjdk-static-libs-11.0.12.0.7-0.el7_9.i686.rpm java-11-openjdk-static-libs-11.0.12.0.7-0.el7_9.x86_64.rpm Red Hat Enterprise Linux Workstation (v.7): Source: java-11-openjdk-11.0.12.0.7-0.el7_9.src.rpm x86_64: java-11-openjdk-11.0.12.0.7-0.el7_9.i686.rpm java-11-openjdk-11.0.12.0.7-0.el7_9.x86_64.rpm java-11-openjdk-debuginfo-11.0.12.0.7-0.el7_9.i686.rpm java-11-openjdk-debuginfo-11.0.12.0.7-0.el7_9.x86_64.rpm java-11-openjdk-devel-11.0.12.0.7-0.el7_9.i686.rpm java-11-openjdk-devel-11.0.12.0.7-0.el7_9.x86_64.rpm java-11-openjdk-headless-11.0.12.0.7-0.el7_9.i686.rpm java-11-openjdk-headless-11.0.12.0.7-0.el7_9.x86_64.rpm Red Hat Enterprise Linux Workstation Optional (v. 7): x86_64: java-11-openjdk-debuginfo-11.0.12.0.7-0.el7_9.i686.rpm java-11-openjdk-debuginfo-11.0.12.0.7-0.el7_9.x86_64.rpm java-11-openjdk-demo-11.0.12.0.7-0.el7_9.i686.rpm java-11-openjdk-demo-11.0.12.0.7-0.el7_9.x86_64.rpm java-11-openjdk-javadoc-11.0.12.0.7-0.el7_9.i686.rpm java-11-openjdk-javadoc-11.0.12.0.7-0.el7_9.x86_64.rpm java-11-openjdk-javadoc-zip-11.0.12.0.7-0.el7_9.i686.rpm java-11-openjdk-javadoc-zip-11.0.12.0.7-0.el7_9.x86_64.rpm java-11-openjdk-jmods-11.0.12.0.7-0.el7_9.i686.rpm java-11-openjdk-jmods-11.0.12.0.7-0.el7_9.x86_64.rpm java-11-openjdk-src-11.0.12.0.7-0.el7_9.i686.rpm java-11-openjdk-src-11.0.12.0.7-0.el7_9.x86_64.rpm java-11-openjdk-static-libs-11.0.12.0.7-0.el7_9.i686.rpm java-11-openjdk-static-libs-11.0.12.0.7-0.el7_9.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key 7. References: https://access.redhat.com/security/cve/CVE-2021-2341 https://access.redhat.com/security/cve/CVE-2021-2369 https://access.redhat.com/security/cve/CVE-2021-2388 https://access.redhat.com/security/updates/classification#important 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact Copyright 2021 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPGv1 iQIVAwUBYPfqwNzjgjWX9erEAQgNmA/+Jy9kklIZkm56LvGQqWrqhHe9UMsu7Nid PZ+XXaoNJ++azIIsAYHvvIWBQplFMcxpBMcBbg6wUOJqEKkwPxw8N/pBPg7O9v+M nEopmZYX0JbyA1c2RrWbB0d7WpcmaC1aCjCuq9U5iqWAYkou/4VFqg+gz5btvlhj 5b4x7cpEraR2MEBM8nGIoDk2VeLgykKZr4tElsWzSSheE7lm/bTB5wrgx6w1WWvy YrK8uzoVBjKdJ6qIL9VJ1c9i9ONeIOGKDJ93gAI/Uj0hD8AHewDW5mkC1HQJPPwe T+COVsqS4jgOtAzTSnnDwDN/ZUEsW0yKB1PIocOmWe4KPFYMvBhEZcFZWdm5t/45 VHY8/tNrYfGkCFR+4/SQC564gvGKv3DYbo0EMe2/SPGPcORMEwXmInNPRtLDLPS8 AYEUrPmhXbUmI4Z6H9Ib9wCpdzEYCW/x2lSXec1QW1zTtKs1Ex0aSg9MaC+vSs2N 5ObTCS4J7bWRs/Mjx9g76FfEQcgEX6Ob+4yT9JWJCWLi0hPxPeRT4XAHOr8yvnfZ IyMQjcvkqg037cDcrxZdW2BetaHKwziKaD0tuF7Tr6XJdHkGlMGr5h7iYwCY+2R2 X5McTcHH93VzWe45cepY0RXc8KCdPhWT2YI30EN2SmA72LkRMtNb/4ukquNfA/W5 7HnKQw5TGkY=YI4N -----END PGP SIGNATURE----- -- RHSA-announce mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. . Critical patch release issued for java-11-openjdk on Red Hat Enterprise Linux 7 tackling multiple vulnerabilities comprehensively.. Java Security Update, OpenJDK Security Fix, Red Hat Enterprise Linux. . Severity: Important. LinuxSecurity.com Team

Jul 21, 2021 •Important Red Hat

Banner 2 1028x280 1708121730 1 1771599631

security advisoryRed Hat Enterprise Linuximportant

RedHat Enterprise Linux 7: RHSA-2020-1512:01 Important: OpenJDK TLS Issue

An update for java-1.8.0-openjdk is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ==================================================================== Red Hat Security Advisory Synopsis: Important: java-1.8.0-openjdk security update Advisory ID: RHSA-2020:1512-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2020:1512 Issue date: 2020-04-21 CVE Names: CVE-2020-2754 CVE-2020-2755 CVE-2020-2756 CVE-2020-2757 CVE-2020-2773 CVE-2020-2781 CVE-2020-2800 CVE-2020-2803 CVE-2020-2805 CVE-2020-2830 ==================================================================== 1. Summary: An update for java-1.8.0-openjdk is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Client (v. 7) - x86_64 Red Hat Enterprise Linux Client Optional (v. 7) - noarch, x86_64 Red Hat Enterprise Linux ComputeNode (v. 7) - x86_64 Red Hat Enterprise Linux ComputeNode Optional (v. 7) - noarch, x86_64 Red Hat Enterprise Linux Server (v. 7) - ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Server Optional (v. 7) - noarch, ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Workstation (v. 7) - x86_64 Red Hat Enterprise Linux Workstation Optional (v. 7) - noarch, x86_64 3. Description: The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Security Fix(es): * OpenJDK: Incorrect boundschecks in NIO Buffers (Libraries, 8234841) (CVE-2020-2803) * OpenJDK: Incorrect type checks in MethodType.readObject() (Libraries, 8235274) (CVE-2020-2805) * OpenJDK: Unexpected exceptions raised by DOMKeyInfoFactory and DOMXMLSignatureFactory (Security, 8231415) (CVE-2020-2773) * OpenJDK: Re-use of single TLS session for new connections (JSSE, 8234408) (CVE-2020-2781) * OpenJDK: CRLF injection into HTTP headers in HttpServer (Lightweight HTTP Server, 8234825) (CVE-2020-2800) * OpenJDK: Regular expression DoS in Scanner (Concurrency, 8236201) (CVE-2020-2830) * OpenJDK: Misplaced regular expression syntax error check in RegExpScanner (Scripting, 8223898) (CVE-2020-2754) * OpenJDK: Incorrect handling of empty string nodes in regular expression Parser (Scripting, 8223904) (CVE-2020-2755) * OpenJDK: Incorrect handling of references to uninitialized class descriptors during deserialization (Serialization, 8224541) (CVE-2020-2756) * OpenJDK: Uncaught InstantiationError exception in ObjectStreamClass (Serialization, 8224549) (CVE-2020-2757) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 All running instances of OpenJDK Java must be restarted for this update to take effect. 5. Bugs fixed (https://bugzilla.redhat.com/): 1823199 - CVE-2020-2754 OpenJDK: Misplaced regular expression syntax error check in RegExpScanner (Scripting, 8223898) 1823200 - CVE-2020-2755 OpenJDK: Incorrect handling of empty string nodes in regular expression Parser (Scripting, 8223904) 1823215 - CVE-2020-2756 OpenJDK: Incorrect handling of references to uninitialized class descriptors during deserialization (Serialization, 8224541) 1823216 - CVE-2020-2757 OpenJDK: Uncaught InstantiationError exception in ObjectStreamClass(Serialization, 8224549) 1823224 - CVE-2020-2773 OpenJDK: Unexpected exceptions raised by DOMKeyInfoFactory and DOMXMLSignatureFactory (Security, 8231415) 1823527 - CVE-2020-2800 OpenJDK: CRLF injection into HTTP headers in HttpServer (Lightweight HTTP Server, 8234825) 1823542 - CVE-2020-2830 OpenJDK: Regular expression DoS in Scanner (Concurrency, 8236201) 1823694 - CVE-2020-2803 OpenJDK: Incorrect bounds checks in NIO Buffers (Libraries, 8234841) 1823844 - CVE-2020-2805 OpenJDK: Incorrect type checks in MethodType.readObject() (Libraries, 8235274) 1823960 - CVE-2020-2781 OpenJDK: Re-use of single TLS session for new connections (JSSE, 8234408) 6. Package List: Red Hat Enterprise Linux Client (v. 7): Source: java-1.8.0-openjdk-1.8.0.252.b09-2.el7_8.src.rpm x86_64: java-1.8.0-openjdk-1.8.0.252.b09-2.el7_8.i686.rpm java-1.8.0-openjdk-1.8.0.252.b09-2.el7_8.x86_64.rpm java-1.8.0-openjdk-debuginfo-1.8.0.252.b09-2.el7_8.i686.rpm java-1.8.0-openjdk-debuginfo-1.8.0.252.b09-2.el7_8.x86_64.rpm java-1.8.0-openjdk-headless-1.8.0.252.b09-2.el7_8.i686.rpm java-1.8.0-openjdk-headless-1.8.0.252.b09-2.el7_8.x86_64.rpm Red Hat Enterprise Linux Client Optional (v. 7): noarch: java-1.8.0-openjdk-javadoc-1.8.0.252.b09-2.el7_8.noarch.rpm java-1.8.0-openjdk-javadoc-zip-1.8.0.252.b09-2.el7_8.noarch.rpm x86_64: java-1.8.0-openjdk-accessibility-1.8.0.252.b09-2.el7_8.i686.rpm java-1.8.0-openjdk-accessibility-1.8.0.252.b09-2.el7_8.x86_64.rpm java-1.8.0-openjdk-debuginfo-1.8.0.252.b09-2.el7_8.i686.rpm java-1.8.0-openjdk-debuginfo-1.8.0.252.b09-2.el7_8.x86_64.rpm java-1.8.0-openjdk-demo-1.8.0.252.b09-2.el7_8.i686.rpm java-1.8.0-openjdk-demo-1.8.0.252.b09-2.el7_8.x86_64.rpm java-1.8.0-openjdk-devel-1.8.0.252.b09-2.el7_8.i686.rpm java-1.8.0-openjdk-devel-1.8.0.252.b09-2.el7_8.x86_64.rpm java-1.8.0-openjdk-src-1.8.0.252.b09-2.el7_8.i686.rpm java-1.8.0-openjdk-src-1.8.0.252.b09-2.el7_8.x86_64.rpm Red Hat Enterprise Linux ComputeNode (v.7): Source: java-1.8.0-openjdk-1.8.0.252.b09-2.el7_8.src.rpm x86_64: java-1.8.0-openjdk-1.8.0.252.b09-2.el7_8.i686.rpm java-1.8.0-openjdk-1.8.0.252.b09-2.el7_8.x86_64.rpm java-1.8.0-openjdk-debuginfo-1.8.0.252.b09-2.el7_8.i686.rpm java-1.8.0-openjdk-debuginfo-1.8.0.252.b09-2.el7_8.x86_64.rpm java-1.8.0-openjdk-headless-1.8.0.252.b09-2.el7_8.i686.rpm java-1.8.0-openjdk-headless-1.8.0.252.b09-2.el7_8.x86_64.rpm Red Hat Enterprise Linux ComputeNode Optional (v. 7): noarch: java-1.8.0-openjdk-javadoc-1.8.0.252.b09-2.el7_8.noarch.rpm java-1.8.0-openjdk-javadoc-zip-1.8.0.252.b09-2.el7_8.noarch.rpm x86_64: java-1.8.0-openjdk-accessibility-1.8.0.252.b09-2.el7_8.i686.rpm java-1.8.0-openjdk-accessibility-1.8.0.252.b09-2.el7_8.x86_64.rpm java-1.8.0-openjdk-debuginfo-1.8.0.252.b09-2.el7_8.i686.rpm java-1.8.0-openjdk-debuginfo-1.8.0.252.b09-2.el7_8.x86_64.rpm java-1.8.0-openjdk-demo-1.8.0.252.b09-2.el7_8.i686.rpm java-1.8.0-openjdk-demo-1.8.0.252.b09-2.el7_8.x86_64.rpm java-1.8.0-openjdk-devel-1.8.0.252.b09-2.el7_8.i686.rpm java-1.8.0-openjdk-devel-1.8.0.252.b09-2.el7_8.x86_64.rpm java-1.8.0-openjdk-src-1.8.0.252.b09-2.el7_8.i686.rpm java-1.8.0-openjdk-src-1.8.0.252.b09-2.el7_8.x86_64.rpm Red Hat Enterprise Linux Server (v.7): Source: java-1.8.0-openjdk-1.8.0.252.b09-2.el7_8.src.rpm ppc64: java-1.8.0-openjdk-1.8.0.252.b09-2.el7_8.ppc64.rpm java-1.8.0-openjdk-debuginfo-1.8.0.252.b09-2.el7_8.ppc64.rpm java-1.8.0-openjdk-devel-1.8.0.252.b09-2.el7_8.ppc64.rpm java-1.8.0-openjdk-headless-1.8.0.252.b09-2.el7_8.ppc64.rpm ppc64le: java-1.8.0-openjdk-1.8.0.252.b09-2.el7_8.ppc64le.rpm java-1.8.0-openjdk-debuginfo-1.8.0.252.b09-2.el7_8.ppc64le.rpm java-1.8.0-openjdk-devel-1.8.0.252.b09-2.el7_8.ppc64le.rpm java-1.8.0-openjdk-headless-1.8.0.252.b09-2.el7_8.ppc64le.rpm s390x: java-1.8.0-openjdk-1.8.0.252.b09-2.el7_8.s390x.rpm java-1.8.0-openjdk-debuginfo-1.8.0.252.b09-2.el7_8.s390x.rpm java-1.8.0-openjdk-devel-1.8.0.252.b09-2.el7_8.s390x.rpm java-1.8.0-openjdk-headless-1.8.0.252.b09-2.el7_8.s390x.rpm x86_64: java-1.8.0-openjdk-1.8.0.252.b09-2.el7_8.i686.rpm java-1.8.0-openjdk-1.8.0.252.b09-2.el7_8.x86_64.rpm java-1.8.0-openjdk-debuginfo-1.8.0.252.b09-2.el7_8.i686.rpm java-1.8.0-openjdk-debuginfo-1.8.0.252.b09-2.el7_8.x86_64.rpm java-1.8.0-openjdk-devel-1.8.0.252.b09-2.el7_8.i686.rpm java-1.8.0-openjdk-devel-1.8.0.252.b09-2.el7_8.x86_64.rpm java-1.8.0-openjdk-headless-1.8.0.252.b09-2.el7_8.i686.rpm java-1.8.0-openjdk-headless-1.8.0.252.b09-2.el7_8.x86_64.rpm Red Hat Enterprise Linux Server Optional (v.7): noarch: java-1.8.0-openjdk-javadoc-1.8.0.252.b09-2.el7_8.noarch.rpm java-1.8.0-openjdk-javadoc-zip-1.8.0.252.b09-2.el7_8.noarch.rpm ppc64: java-1.8.0-openjdk-accessibility-1.8.0.252.b09-2.el7_8.ppc64.rpm java-1.8.0-openjdk-debuginfo-1.8.0.252.b09-2.el7_8.ppc64.rpm java-1.8.0-openjdk-demo-1.8.0.252.b09-2.el7_8.ppc64.rpm java-1.8.0-openjdk-src-1.8.0.252.b09-2.el7_8.ppc64.rpm ppc64le: java-1.8.0-openjdk-accessibility-1.8.0.252.b09-2.el7_8.ppc64le.rpm java-1.8.0-openjdk-debuginfo-1.8.0.252.b09-2.el7_8.ppc64le.rpm java-1.8.0-openjdk-demo-1.8.0.252.b09-2.el7_8.ppc64le.rpm java-1.8.0-openjdk-src-1.8.0.252.b09-2.el7_8.ppc64le.rpm s390x: java-1.8.0-openjdk-accessibility-1.8.0.252.b09-2.el7_8.s390x.rpm java-1.8.0-openjdk-debuginfo-1.8.0.252.b09-2.el7_8.s390x.rpm java-1.8.0-openjdk-demo-1.8.0.252.b09-2.el7_8.s390x.rpm java-1.8.0-openjdk-src-1.8.0.252.b09-2.el7_8.s390x.rpm x86_64: java-1.8.0-openjdk-accessibility-1.8.0.252.b09-2.el7_8.i686.rpm java-1.8.0-openjdk-accessibility-1.8.0.252.b09-2.el7_8.x86_64.rpm java-1.8.0-openjdk-debuginfo-1.8.0.252.b09-2.el7_8.i686.rpm java-1.8.0-openjdk-debuginfo-1.8.0.252.b09-2.el7_8.x86_64.rpm java-1.8.0-openjdk-demo-1.8.0.252.b09-2.el7_8.i686.rpm java-1.8.0-openjdk-demo-1.8.0.252.b09-2.el7_8.x86_64.rpm java-1.8.0-openjdk-src-1.8.0.252.b09-2.el7_8.i686.rpm java-1.8.0-openjdk-src-1.8.0.252.b09-2.el7_8.x86_64.rpm Red Hat Enterprise Linux Workstation (v. 7): Source: java-1.8.0-openjdk-1.8.0.252.b09-2.el7_8.src.rpm x86_64: java-1.8.0-openjdk-1.8.0.252.b09-2.el7_8.i686.rpm java-1.8.0-openjdk-1.8.0.252.b09-2.el7_8.x86_64.rpm java-1.8.0-openjdk-debuginfo-1.8.0.252.b09-2.el7_8.i686.rpm java-1.8.0-openjdk-debuginfo-1.8.0.252.b09-2.el7_8.x86_64.rpm java-1.8.0-openjdk-devel-1.8.0.252.b09-2.el7_8.i686.rpm java-1.8.0-openjdk-devel-1.8.0.252.b09-2.el7_8.x86_64.rpm java-1.8.0-openjdk-headless-1.8.0.252.b09-2.el7_8.i686.rpm java-1.8.0-openjdk-headless-1.8.0.252.b09-2.el7_8.x86_64.rpm Red Hat Enterprise Linux Workstation Optional (v.7): noarch: java-1.8.0-openjdk-javadoc-1.8.0.252.b09-2.el7_8.noarch.rpm java-1.8.0-openjdk-javadoc-zip-1.8.0.252.b09-2.el7_8.noarch.rpm x86_64: java-1.8.0-openjdk-accessibility-1.8.0.252.b09-2.el7_8.i686.rpm java-1.8.0-openjdk-accessibility-1.8.0.252.b09-2.el7_8.x86_64.rpm java-1.8.0-openjdk-debuginfo-1.8.0.252.b09-2.el7_8.i686.rpm java-1.8.0-openjdk-debuginfo-1.8.0.252.b09-2.el7_8.x86_64.rpm java-1.8.0-openjdk-demo-1.8.0.252.b09-2.el7_8.i686.rpm java-1.8.0-openjdk-demo-1.8.0.252.b09-2.el7_8.x86_64.rpm java-1.8.0-openjdk-src-1.8.0.252.b09-2.el7_8.i686.rpm java-1.8.0-openjdk-src-1.8.0.252.b09-2.el7_8.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key 7. References: https://access.redhat.com/security/cve/CVE-2020-2754 https://access.redhat.com/security/cve/CVE-2020-2755 https://access.redhat.com/security/cve/CVE-2020-2756 https://access.redhat.com/security/cve/CVE-2020-2757 https://access.redhat.com/security/cve/CVE-2020-2773 https://access.redhat.com/security/cve/CVE-2020-2781 https://access.redhat.com/security/cve/CVE-2020-2800 https://access.redhat.com/security/cve/CVE-2020-2803 https://access.redhat.com/security/cve/CVE-2020-2805 https://access.redhat.com/security/cve/CVE-2020-2830 https://access.redhat.com/security/updates/classification#important 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact Copyright 2020 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPGv1 iQIVAwUBXp7Zs9zjgjWX9erEAQijNg//Wv9fjFvkxHC42Hd5YcN8qnGcf6gdOYDW pAv6Tv6q9pstko1bcUZYa0V01XejJYe/5uAADu3QGe1aMihI0VMjXrlFULW1laNS QTRtsnzTac5Gm3cJZKDXIv1ITI+fgGBWOvwN9lketAQtO5su+JbPTPQ4S0rBy55D gAVa8RVPi6qQt85HmXDrrpaAI2N8EFVkJBpC9ZRRFtI5wTv//bVx29Qw/sthlN3N qXwO8KZI44Xbe+vb6QpGcNkly+Dh7CdeVFV1OVkqx8eOVA8Cj45NAeBgP1W8n2VQ zt0GiKCbrV49e2AsBgmK49/J3N2L9xalsHSn54+6N02rcjf4dseV5flz5/unSIDc gPqFCTRbGZcIdjFbilvsklGBVfBzXjw5SjUemMKYggXa+6L74O+kuH4TRZRXhmEX 70Kvn1w0ta8P1bxK0A6BM6ZnDo5f7jVIQipk2M/hw6SDzu7ZA5zbDRCg419AZ8qc syuuHWmdfpRRj0XlUw5eBfBUq8UL+huEfRvu85zBhvhTw/Pyu+T0nQ7iofSyqvob 2LlLyPV14RBOzGIWLqrt2tGBUYanKULxIdT+VtSu4gyuloGc84onSLTqU0Ucbc85 nxpY6nc9GxOYWCMDITnr4xiRXQuUuE5V4UVwsFlr+xsEYcsAXdPLzyXzw8S8sL+Z yPjQbJvoqgE=5P5C -----END PGP SIGNATURE----- -- RHSA-announce mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. . Crucial Java security patch for Red Hat Enterprise Linux 7 tackles various vulnerabilities, particularly concerning TLS session re-establishment.. Java Security Update, Red Hat, OpenJDK, Important Advisory. . Severity: Important. LinuxSecurity.com Team

Apr 21, 2020 •Important Red Hat

security advisoryupdateimportant

RedHat: RHSA-2020-0123-01 Critical: OpenJDK 8 Vulnerability Fix

An update for java-1.7.0-openjdk is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ==================================================================== Red Hat Security Advisory Synopsis: Important: java-1.7.0-openjdk security update Advisory ID: RHSA-2019:0791-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2019:0791 Issue date: 2019-04-22 CVE Names: CVE-2019-2602 CVE-2019-2684 CVE-2019-2698 ==================================================================== 1. Summary: An update for java-1.7.0-openjdk is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Client (v. 7) - x86_64 Red Hat Enterprise Linux Client Optional (v. 7) - noarch, x86_64 Red Hat Enterprise Linux ComputeNode (v. 7) - x86_64 Red Hat Enterprise Linux ComputeNode Optional (v. 7) - noarch, x86_64 Red Hat Enterprise Linux Server (v. 7) - ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Server Optional (v. 7) - noarch, ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Workstation (v. 7) - x86_64 Red Hat Enterprise Linux Workstation Optional (v. 7) - noarch, x86_64 Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7) - aarch64, ppc64le, s390x Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7) - aarch64, noarch, ppc64le, s390x 3. Description: The java-1.7.0-openjdk packages provide the OpenJDK 7 Java Runtime Environment and the OpenJDK 7 Java Software DevelopmentKit. Security Fix(es): * OpenJDK: Font layout engine out of bounds access setCurrGlyphID() (2D, 8219022) (CVE-2019-2698) * OpenJDK: Slow conversion of BigDecimal to long (Libraries, 8211936) (CVE-2019-2602) * OpenJDK: Incorrect skeleton selection in RMI registry server-side dispatch handling (RMI, 8218453) (CVE-2019-2684) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 All running instances of OpenJDK Java must be restarted for this update to take effect. 5. Bugs fixed (https://bugzilla.redhat.com/): 1700440 - CVE-2019-2602 OpenJDK: Slow conversion of BigDecimal to long (Libraries, 8211936) 1700447 - CVE-2019-2698 OpenJDK: Font layout engine out of bounds access setCurrGlyphID() (2D, 8219022) 1700564 - CVE-2019-2684 OpenJDK: Incorrect skeleton selection in RMI registry server-side dispatch handling (RMI, 8218453) 6. Package List: Red Hat Enterprise Linux Client (v. 7): Source: java-1.7.0-openjdk-1.7.0.221-2.6.18.0.el7_6.src.rpm x86_64: java-1.7.0-openjdk-1.7.0.221-2.6.18.0.el7_6.x86_64.rpm java-1.7.0-openjdk-debuginfo-1.7.0.221-2.6.18.0.el7_6.x86_64.rpm java-1.7.0-openjdk-headless-1.7.0.221-2.6.18.0.el7_6.x86_64.rpm Red Hat Enterprise Linux Client Optional (v. 7): noarch: java-1.7.0-openjdk-javadoc-1.7.0.221-2.6.18.0.el7_6.noarch.rpm x86_64: java-1.7.0-openjdk-accessibility-1.7.0.221-2.6.18.0.el7_6.x86_64.rpm java-1.7.0-openjdk-debuginfo-1.7.0.221-2.6.18.0.el7_6.x86_64.rpm java-1.7.0-openjdk-demo-1.7.0.221-2.6.18.0.el7_6.x86_64.rpm java-1.7.0-openjdk-devel-1.7.0.221-2.6.18.0.el7_6.x86_64.rpm java-1.7.0-openjdk-src-1.7.0.221-2.6.18.0.el7_6.x86_64.rpm Red Hat Enterprise Linux ComputeNode (v.7): Source: java-1.7.0-openjdk-1.7.0.221-2.6.18.0.el7_6.src.rpm x86_64: java-1.7.0-openjdk-1.7.0.221-2.6.18.0.el7_6.x86_64.rpm java-1.7.0-openjdk-debuginfo-1.7.0.221-2.6.18.0.el7_6.x86_64.rpm java-1.7.0-openjdk-headless-1.7.0.221-2.6.18.0.el7_6.x86_64.rpm Red Hat Enterprise Linux ComputeNode Optional (v. 7): noarch: java-1.7.0-openjdk-javadoc-1.7.0.221-2.6.18.0.el7_6.noarch.rpm x86_64: java-1.7.0-openjdk-accessibility-1.7.0.221-2.6.18.0.el7_6.x86_64.rpm java-1.7.0-openjdk-debuginfo-1.7.0.221-2.6.18.0.el7_6.x86_64.rpm java-1.7.0-openjdk-demo-1.7.0.221-2.6.18.0.el7_6.x86_64.rpm java-1.7.0-openjdk-devel-1.7.0.221-2.6.18.0.el7_6.x86_64.rpm java-1.7.0-openjdk-src-1.7.0.221-2.6.18.0.el7_6.x86_64.rpm Red Hat Enterprise Linux Server (v. 7): Source: java-1.7.0-openjdk-1.7.0.221-2.6.18.0.el7_6.src.rpm ppc64: java-1.7.0-openjdk-1.7.0.221-2.6.18.0.el7_6.ppc64.rpm java-1.7.0-openjdk-debuginfo-1.7.0.221-2.6.18.0.el7_6.ppc64.rpm java-1.7.0-openjdk-devel-1.7.0.221-2.6.18.0.el7_6.ppc64.rpm java-1.7.0-openjdk-headless-1.7.0.221-2.6.18.0.el7_6.ppc64.rpm ppc64le: java-1.7.0-openjdk-1.7.0.221-2.6.18.0.el7_6.ppc64le.rpm java-1.7.0-openjdk-debuginfo-1.7.0.221-2.6.18.0.el7_6.ppc64le.rpm java-1.7.0-openjdk-devel-1.7.0.221-2.6.18.0.el7_6.ppc64le.rpm java-1.7.0-openjdk-headless-1.7.0.221-2.6.18.0.el7_6.ppc64le.rpm s390x: java-1.7.0-openjdk-1.7.0.221-2.6.18.0.el7_6.s390x.rpm java-1.7.0-openjdk-debuginfo-1.7.0.221-2.6.18.0.el7_6.s390x.rpm java-1.7.0-openjdk-devel-1.7.0.221-2.6.18.0.el7_6.s390x.rpm java-1.7.0-openjdk-headless-1.7.0.221-2.6.18.0.el7_6.s390x.rpm x86_64: java-1.7.0-openjdk-1.7.0.221-2.6.18.0.el7_6.x86_64.rpm java-1.7.0-openjdk-debuginfo-1.7.0.221-2.6.18.0.el7_6.x86_64.rpm java-1.7.0-openjdk-devel-1.7.0.221-2.6.18.0.el7_6.x86_64.rpm java-1.7.0-openjdk-headless-1.7.0.221-2.6.18.0.el7_6.x86_64.rpm Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v.7): Source: java-1.7.0-openjdk-1.7.0.221-2.6.18.0.el7_6.src.rpm aarch64: java-1.7.0-openjdk-1.7.0.221-2.6.18.0.el7_6.aarch64.rpm java-1.7.0-openjdk-debuginfo-1.7.0.221-2.6.18.0.el7_6.aarch64.rpm java-1.7.0-openjdk-devel-1.7.0.221-2.6.18.0.el7_6.aarch64.rpm java-1.7.0-openjdk-headless-1.7.0.221-2.6.18.0.el7_6.aarch64.rpm ppc64le: java-1.7.0-openjdk-1.7.0.221-2.6.18.0.el7_6.ppc64le.rpm java-1.7.0-openjdk-debuginfo-1.7.0.221-2.6.18.0.el7_6.ppc64le.rpm java-1.7.0-openjdk-devel-1.7.0.221-2.6.18.0.el7_6.ppc64le.rpm java-1.7.0-openjdk-headless-1.7.0.221-2.6.18.0.el7_6.ppc64le.rpm s390x: java-1.7.0-openjdk-1.7.0.221-2.6.18.0.el7_6.s390x.rpm java-1.7.0-openjdk-debuginfo-1.7.0.221-2.6.18.0.el7_6.s390x.rpm java-1.7.0-openjdk-devel-1.7.0.221-2.6.18.0.el7_6.s390x.rpm java-1.7.0-openjdk-headless-1.7.0.221-2.6.18.0.el7_6.s390x.rpm Red Hat Enterprise Linux Server Optional (v. 7): noarch: java-1.7.0-openjdk-javadoc-1.7.0.221-2.6.18.0.el7_6.noarch.rpm ppc64: java-1.7.0-openjdk-accessibility-1.7.0.221-2.6.18.0.el7_6.ppc64.rpm java-1.7.0-openjdk-debuginfo-1.7.0.221-2.6.18.0.el7_6.ppc64.rpm java-1.7.0-openjdk-demo-1.7.0.221-2.6.18.0.el7_6.ppc64.rpm java-1.7.0-openjdk-src-1.7.0.221-2.6.18.0.el7_6.ppc64.rpm ppc64le: java-1.7.0-openjdk-accessibility-1.7.0.221-2.6.18.0.el7_6.ppc64le.rpm java-1.7.0-openjdk-debuginfo-1.7.0.221-2.6.18.0.el7_6.ppc64le.rpm java-1.7.0-openjdk-demo-1.7.0.221-2.6.18.0.el7_6.ppc64le.rpm java-1.7.0-openjdk-src-1.7.0.221-2.6.18.0.el7_6.ppc64le.rpm s390x: java-1.7.0-openjdk-accessibility-1.7.0.221-2.6.18.0.el7_6.s390x.rpm java-1.7.0-openjdk-debuginfo-1.7.0.221-2.6.18.0.el7_6.s390x.rpm java-1.7.0-openjdk-demo-1.7.0.221-2.6.18.0.el7_6.s390x.rpm java-1.7.0-openjdk-src-1.7.0.221-2.6.18.0.el7_6.s390x.rpm x86_64: java-1.7.0-openjdk-accessibility-1.7.0.221-2.6.18.0.el7_6.x86_64.rpm java-1.7.0-openjdk-debuginfo-1.7.0.221-2.6.18.0.el7_6.x86_64.rpm java-1.7.0-openjdk-demo-1.7.0.221-2.6.18.0.el7_6.x86_64.rpm java-1.7.0-openjdk-src-1.7.0.221-2.6.18.0.el7_6.x86_64.rpm Red Hat Enterprise Linux for ARM and IBM Power LE(POWER9) Server Optional (v. 7): aarch64: java-1.7.0-openjdk-accessibility-1.7.0.221-2.6.18.0.el7_6.aarch64.rpm java-1.7.0-openjdk-debuginfo-1.7.0.221-2.6.18.0.el7_6.aarch64.rpm java-1.7.0-openjdk-demo-1.7.0.221-2.6.18.0.el7_6.aarch64.rpm java-1.7.0-openjdk-src-1.7.0.221-2.6.18.0.el7_6.aarch64.rpm noarch: java-1.7.0-openjdk-javadoc-1.7.0.221-2.6.18.0.el7_6.noarch.rpm ppc64le: java-1.7.0-openjdk-accessibility-1.7.0.221-2.6.18.0.el7_6.ppc64le.rpm java-1.7.0-openjdk-debuginfo-1.7.0.221-2.6.18.0.el7_6.ppc64le.rpm java-1.7.0-openjdk-demo-1.7.0.221-2.6.18.0.el7_6.ppc64le.rpm java-1.7.0-openjdk-src-1.7.0.221-2.6.18.0.el7_6.ppc64le.rpm s390x: java-1.7.0-openjdk-accessibility-1.7.0.221-2.6.18.0.el7_6.s390x.rpm java-1.7.0-openjdk-debuginfo-1.7.0.221-2.6.18.0.el7_6.s390x.rpm java-1.7.0-openjdk-demo-1.7.0.221-2.6.18.0.el7_6.s390x.rpm java-1.7.0-openjdk-src-1.7.0.221-2.6.18.0.el7_6.s390x.rpm Red Hat Enterprise Linux Workstation (v. 7): Source: java-1.7.0-openjdk-1.7.0.221-2.6.18.0.el7_6.src.rpm x86_64: java-1.7.0-openjdk-1.7.0.221-2.6.18.0.el7_6.x86_64.rpm java-1.7.0-openjdk-debuginfo-1.7.0.221-2.6.18.0.el7_6.x86_64.rpm java-1.7.0-openjdk-devel-1.7.0.221-2.6.18.0.el7_6.x86_64.rpm java-1.7.0-openjdk-headless-1.7.0.221-2.6.18.0.el7_6.x86_64.rpm Red Hat Enterprise Linux Workstation Optional (v. 7): noarch: java-1.7.0-openjdk-javadoc-1.7.0.221-2.6.18.0.el7_6.noarch.rpm x86_64: java-1.7.0-openjdk-accessibility-1.7.0.221-2.6.18.0.el7_6.x86_64.rpm java-1.7.0-openjdk-debuginfo-1.7.0.221-2.6.18.0.el7_6.x86_64.rpm java-1.7.0-openjdk-demo-1.7.0.221-2.6.18.0.el7_6.x86_64.rpm java-1.7.0-openjdk-src-1.7.0.221-2.6.18.0.el7_6.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7.References: https://access.redhat.com/security/cve/CVE-2019-2602 https://access.redhat.com/security/cve/CVE-2019-2684 https://access.redhat.com/security/cve/CVE-2019-2698 https://access.redhat.com/security/updates/classification/#important 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2019 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIVAwUBXL3QONzjgjWX9erEAQhAORAAlEmDy/pMDy9tnkhgFY6OAik+HThI/sjy 5s+3nV2lqM0xGwwtm41Pj32/LsUEMZtIzMCSDBF4xAWW4jCPYx0hqEONuw9XZUTk yBstPfyNuyX4Gt9RIjcCUpL1Zm20ciVvlQgJsNf3JHiWD5Dq8yUsnibEwSn+IgeL NtgVDe6Mb06rttC7LZY9fppnsoiQsgUgVe8pLDZImuMGzqCFm03h5aeU83M3L0Ta gL5yACMbnSy8UB6QFDKmbJ2dh5FEk6sbDeh8sq4zJ602PoKuCZvQangM36Cv1HFS andLlz4+5DgeWKCHxZkl5Dzc45UT2hKNlqWQJ/yHkT/osGpef2Elo6atHx3u0H/q JcQ+1vcYePcskegC8rKK6K06srrRV47iVs10RTo+QC7d/ZY9QcSeE226UxV1/EmQ pGHekSsFiuPYg35Zsm2CGFZuYVd8zm885Gt00m/5ILzohsu4hz07+M53LOG1mCoJ +4U8tu03i5erksVxGcJ9BIslqnYnaRpR1qGoxGC9EVOBw6yPcZQwPYJDjnBdOR4l E2xc5oCmkbVgkCmN2aiTxcFKDAwgm48BiKi+oY/aGI6efBt0zjZqF1n+Y8D52p0q v1X4Fd4SkToOuZTesQGS+WroI3kZzxbwLvaHJtzzJh4fKGuksYfRjKPAz73AEFVt b18zTxa24sM=Wk9z -----END PGP SIGNATURE----- -- RHSA-announce mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. . A significant security patch has been released for java-1.7.0-openjdk to resolve severe vulnerabilities in Red Hat Enterprise Linux 7.. Java Update, Red Hat Security, OpenJDK Issues, Important Security Advisory. . Severity: Important. LinuxSecurity.com Team

Apr 22, 2019 •Important Red Hat

security advisorycriticalRed Hat Enterprise Linux

Red Hat Enterprise Linux 6 Critical: RHSA-2016-2659-01 Java Security Update

An update for java-1.6.0-ibm is now available for Red Hat Enterprise Linux 5 Supplementary and Red Hat Enterprise Linux 6 Supplementary. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ==================================================================== Red Hat Security Advisory Synopsis: Critical: java-1.6.0-ibm security update Advisory ID: RHSA-2016:2659-01 Product: Red Hat Enterprise Linux Supplementary Advisory URL: https://access.redhat.com/errata/RHSA-2016:2659.html Issue date: 2016-11-07 CVE Names: CVE-2016-5542 CVE-2016-5554 CVE-2016-5556 CVE-2016-5573 CVE-2016-5597 ==================================================================== 1. Summary: An update for java-1.6.0-ibm is now available for Red Hat Enterprise Linux 5 Supplementary and Red Hat Enterprise Linux 6 Supplementary. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Desktop Supplementary (v. 5) - i386, x86_64 Red Hat Enterprise Linux Desktop Supplementary (v. 6) - i386, x86_64 Red Hat Enterprise Linux HPC Node Supplementary (v. 6) - x86_64 Red Hat Enterprise Linux Server Supplementary (v. 5) - i386, ppc, s390x, x86_64 Red Hat Enterprise Linux Server Supplementary (v. 6) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux Workstation Supplementary (v. 6) - i386, x86_64 3. Description: IBM Java SE version 6 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update upgrades IBM Java SE 6 to version 6 SR16-FP35. Security Fix(es): * This update fixes multiple vulnerabilities in the IBMJava Runtime Environment and the IBM Java Software Development Kit. Further information about these flaws can be found on the IBM Java Security alerts page, listed in the References section. (CVE-2016-5542, CVE-2016-5554, CVE-2016-5556, CVE-2016-5573, CVE-2016-5597) 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 All running instances of IBM Java must be restarted for this update to take effect. 5. Bugs fixed (https://bugzilla.redhat.com/): 1385544 - CVE-2016-5573 OpenJDK: insufficient checks of JDWP packets (Hotspot, 8159519) 1385714 - CVE-2016-5554 OpenJDK: insufficient classloader consistency checks in ClassLoaderWithRepository (JMX, 8157739) 1385723 - CVE-2016-5542 OpenJDK: missing algorithm restrictions for jar verification (Libraries, 8155973) 1386103 - CVE-2016-5597 OpenJDK: exposure of server authentication credentials to proxy (Networking, 8160838) 1386408 - CVE-2016-5556 Oracle JDK: unspecified vulnerability fixed in 6u131, 7u121, and 8u111 (2D) 6. Package List: Red Hat Enterprise Linux Desktop Supplementary (v.5): i386: java-1.6.0-ibm-1.6.0.16.35-1jpp.1.el5_11.i386.rpm java-1.6.0-ibm-accessibility-1.6.0.16.35-1jpp.1.el5_11.i386.rpm java-1.6.0-ibm-demo-1.6.0.16.35-1jpp.1.el5_11.i386.rpm java-1.6.0-ibm-devel-1.6.0.16.35-1jpp.1.el5_11.i386.rpm java-1.6.0-ibm-javacomm-1.6.0.16.35-1jpp.1.el5_11.i386.rpm java-1.6.0-ibm-jdbc-1.6.0.16.35-1jpp.1.el5_11.i386.rpm java-1.6.0-ibm-plugin-1.6.0.16.35-1jpp.1.el5_11.i386.rpm java-1.6.0-ibm-src-1.6.0.16.35-1jpp.1.el5_11.i386.rpm x86_64: java-1.6.0-ibm-1.6.0.16.35-1jpp.1.el5_11.i386.rpm java-1.6.0-ibm-1.6.0.16.35-1jpp.1.el5_11.x86_64.rpm java-1.6.0-ibm-accessibility-1.6.0.16.35-1jpp.1.el5_11.x86_64.rpm java-1.6.0-ibm-demo-1.6.0.16.35-1jpp.1.el5_11.i386.rpm java-1.6.0-ibm-demo-1.6.0.16.35-1jpp.1.el5_11.x86_64.rpm java-1.6.0-ibm-devel-1.6.0.16.35-1jpp.1.el5_11.i386.rpm java-1.6.0-ibm-devel-1.6.0.16.35-1jpp.1.el5_11.x86_64.rpm java-1.6.0-ibm-javacomm-1.6.0.16.35-1jpp.1.el5_11.i386.rpm java-1.6.0-ibm-javacomm-1.6.0.16.35-1jpp.1.el5_11.x86_64.rpm java-1.6.0-ibm-jdbc-1.6.0.16.35-1jpp.1.el5_11.i386.rpm java-1.6.0-ibm-jdbc-1.6.0.16.35-1jpp.1.el5_11.x86_64.rpm java-1.6.0-ibm-plugin-1.6.0.16.35-1jpp.1.el5_11.i386.rpm java-1.6.0-ibm-plugin-1.6.0.16.35-1jpp.1.el5_11.x86_64.rpm java-1.6.0-ibm-src-1.6.0.16.35-1jpp.1.el5_11.i386.rpm java-1.6.0-ibm-src-1.6.0.16.35-1jpp.1.el5_11.x86_64.rpm Red Hat Enterprise Linux Server Supplementary (v.5): i386: java-1.6.0-ibm-1.6.0.16.35-1jpp.1.el5_11.i386.rpm java-1.6.0-ibm-accessibility-1.6.0.16.35-1jpp.1.el5_11.i386.rpm java-1.6.0-ibm-demo-1.6.0.16.35-1jpp.1.el5_11.i386.rpm java-1.6.0-ibm-devel-1.6.0.16.35-1jpp.1.el5_11.i386.rpm java-1.6.0-ibm-javacomm-1.6.0.16.35-1jpp.1.el5_11.i386.rpm java-1.6.0-ibm-jdbc-1.6.0.16.35-1jpp.1.el5_11.i386.rpm java-1.6.0-ibm-plugin-1.6.0.16.35-1jpp.1.el5_11.i386.rpm java-1.6.0-ibm-src-1.6.0.16.35-1jpp.1.el5_11.i386.rpm ppc: java-1.6.0-ibm-1.6.0.16.35-1jpp.1.el5_11.ppc.rpm java-1.6.0-ibm-1.6.0.16.35-1jpp.1.el5_11.ppc64.rpm java-1.6.0-ibm-accessibility-1.6.0.16.35-1jpp.1.el5_11.ppc.rpm java-1.6.0-ibm-demo-1.6.0.16.35-1jpp.1.el5_11.ppc.rpm java-1.6.0-ibm-demo-1.6.0.16.35-1jpp.1.el5_11.ppc64.rpm java-1.6.0-ibm-devel-1.6.0.16.35-1jpp.1.el5_11.ppc.rpm java-1.6.0-ibm-devel-1.6.0.16.35-1jpp.1.el5_11.ppc64.rpm java-1.6.0-ibm-javacomm-1.6.0.16.35-1jpp.1.el5_11.ppc.rpm java-1.6.0-ibm-javacomm-1.6.0.16.35-1jpp.1.el5_11.ppc64.rpm java-1.6.0-ibm-jdbc-1.6.0.16.35-1jpp.1.el5_11.ppc.rpm java-1.6.0-ibm-jdbc-1.6.0.16.35-1jpp.1.el5_11.ppc64.rpm java-1.6.0-ibm-plugin-1.6.0.16.35-1jpp.1.el5_11.ppc.rpm java-1.6.0-ibm-src-1.6.0.16.35-1jpp.1.el5_11.ppc.rpm java-1.6.0-ibm-src-1.6.0.16.35-1jpp.1.el5_11.ppc64.rpm s390x: java-1.6.0-ibm-1.6.0.16.35-1jpp.1.el5_11.s390.rpm java-1.6.0-ibm-1.6.0.16.35-1jpp.1.el5_11.s390x.rpm java-1.6.0-ibm-accessibility-1.6.0.16.35-1jpp.1.el5_11.s390x.rpm java-1.6.0-ibm-demo-1.6.0.16.35-1jpp.1.el5_11.s390.rpm java-1.6.0-ibm-demo-1.6.0.16.35-1jpp.1.el5_11.s390x.rpm java-1.6.0-ibm-devel-1.6.0.16.35-1jpp.1.el5_11.s390.rpm java-1.6.0-ibm-devel-1.6.0.16.35-1jpp.1.el5_11.s390x.rpm java-1.6.0-ibm-jdbc-1.6.0.16.35-1jpp.1.el5_11.s390.rpm java-1.6.0-ibm-jdbc-1.6.0.16.35-1jpp.1.el5_11.s390x.rpm java-1.6.0-ibm-src-1.6.0.16.35-1jpp.1.el5_11.s390.rpm java-1.6.0-ibm-src-1.6.0.16.35-1jpp.1.el5_11.s390x.rpm x86_64: java-1.6.0-ibm-1.6.0.16.35-1jpp.1.el5_11.i386.rpm java-1.6.0-ibm-1.6.0.16.35-1jpp.1.el5_11.x86_64.rpm java-1.6.0-ibm-accessibility-1.6.0.16.35-1jpp.1.el5_11.x86_64.rpm java-1.6.0-ibm-demo-1.6.0.16.35-1jpp.1.el5_11.i386.rpm java-1.6.0-ibm-demo-1.6.0.16.35-1jpp.1.el5_11.x86_64.rpm java-1.6.0-ibm-devel-1.6.0.16.35-1jpp.1.el5_11.i386.rpm java-1.6.0-ibm-devel-1.6.0.16.35-1jpp.1.el5_11.x86_64.rpm java-1.6.0-ibm-javacomm-1.6.0.16.35-1jpp.1.el5_11.i386.rpm java-1.6.0-ibm-javacomm-1.6.0.16.35-1jpp.1.el5_11.x86_64.rpm java-1.6.0-ibm-jdbc-1.6.0.16.35-1jpp.1.el5_11.i386.rpm java-1.6.0-ibm-jdbc-1.6.0.16.35-1jpp.1.el5_11.x86_64.rpm java-1.6.0-ibm-plugin-1.6.0.16.35-1jpp.1.el5_11.i386.rpm java-1.6.0-ibm-plugin-1.6.0.16.35-1jpp.1.el5_11.x86_64.rpm java-1.6.0-ibm-src-1.6.0.16.35-1jpp.1.el5_11.i386.rpm java-1.6.0-ibm-src-1.6.0.16.35-1jpp.1.el5_11.x86_64.rpm Red Hat Enterprise Linux Desktop Supplementary (v. 6): i386: java-1.6.0-ibm-1.6.0.16.35-1jpp.1.el6_8.i686.rpm java-1.6.0-ibm-demo-1.6.0.16.35-1jpp.1.el6_8.i686.rpm java-1.6.0-ibm-devel-1.6.0.16.35-1jpp.1.el6_8.i686.rpm java-1.6.0-ibm-javacomm-1.6.0.16.35-1jpp.1.el6_8.i686.rpm java-1.6.0-ibm-jdbc-1.6.0.16.35-1jpp.1.el6_8.i686.rpm java-1.6.0-ibm-plugin-1.6.0.16.35-1jpp.1.el6_8.i686.rpm java-1.6.0-ibm-src-1.6.0.16.35-1jpp.1.el6_8.i686.rpm x86_64: java-1.6.0-ibm-1.6.0.16.35-1jpp.1.el6_8.x86_64.rpm java-1.6.0-ibm-demo-1.6.0.16.35-1jpp.1.el6_8.x86_64.rpm java-1.6.0-ibm-devel-1.6.0.16.35-1jpp.1.el6_8.x86_64.rpm java-1.6.0-ibm-javacomm-1.6.0.16.35-1jpp.1.el6_8.x86_64.rpm java-1.6.0-ibm-jdbc-1.6.0.16.35-1jpp.1.el6_8.x86_64.rpm java-1.6.0-ibm-plugin-1.6.0.16.35-1jpp.1.el6_8.x86_64.rpm java-1.6.0-ibm-src-1.6.0.16.35-1jpp.1.el6_8.x86_64.rpm Red Hat Enterprise Linux HPC Node Supplementary (v. 6): x86_64: java-1.6.0-ibm-1.6.0.16.35-1jpp.1.el6_8.x86_64.rpm java-1.6.0-ibm-demo-1.6.0.16.35-1jpp.1.el6_8.x86_64.rpm java-1.6.0-ibm-devel-1.6.0.16.35-1jpp.1.el6_8.x86_64.rpm java-1.6.0-ibm-javacomm-1.6.0.16.35-1jpp.1.el6_8.x86_64.rpm java-1.6.0-ibm-src-1.6.0.16.35-1jpp.1.el6_8.x86_64.rpm Red Hat Enterprise Linux Server Supplementary (v.6): i386: java-1.6.0-ibm-1.6.0.16.35-1jpp.1.el6_8.i686.rpm java-1.6.0-ibm-demo-1.6.0.16.35-1jpp.1.el6_8.i686.rpm java-1.6.0-ibm-devel-1.6.0.16.35-1jpp.1.el6_8.i686.rpm java-1.6.0-ibm-javacomm-1.6.0.16.35-1jpp.1.el6_8.i686.rpm java-1.6.0-ibm-jdbc-1.6.0.16.35-1jpp.1.el6_8.i686.rpm java-1.6.0-ibm-plugin-1.6.0.16.35-1jpp.1.el6_8.i686.rpm java-1.6.0-ibm-src-1.6.0.16.35-1jpp.1.el6_8.i686.rpm ppc64: java-1.6.0-ibm-1.6.0.16.35-1jpp.1.el6_8.ppc64.rpm java-1.6.0-ibm-demo-1.6.0.16.35-1jpp.1.el6_8.ppc64.rpm java-1.6.0-ibm-devel-1.6.0.16.35-1jpp.1.el6_8.ppc64.rpm java-1.6.0-ibm-javacomm-1.6.0.16.35-1jpp.1.el6_8.ppc64.rpm java-1.6.0-ibm-jdbc-1.6.0.16.35-1jpp.1.el6_8.ppc64.rpm java-1.6.0-ibm-src-1.6.0.16.35-1jpp.1.el6_8.ppc64.rpm s390x: java-1.6.0-ibm-1.6.0.16.35-1jpp.1.el6_8.s390x.rpm java-1.6.0-ibm-demo-1.6.0.16.35-1jpp.1.el6_8.s390x.rpm java-1.6.0-ibm-devel-1.6.0.16.35-1jpp.1.el6_8.s390x.rpm java-1.6.0-ibm-jdbc-1.6.0.16.35-1jpp.1.el6_8.s390x.rpm java-1.6.0-ibm-src-1.6.0.16.35-1jpp.1.el6_8.s390x.rpm x86_64: java-1.6.0-ibm-1.6.0.16.35-1jpp.1.el6_8.x86_64.rpm java-1.6.0-ibm-demo-1.6.0.16.35-1jpp.1.el6_8.x86_64.rpm java-1.6.0-ibm-devel-1.6.0.16.35-1jpp.1.el6_8.x86_64.rpm java-1.6.0-ibm-javacomm-1.6.0.16.35-1jpp.1.el6_8.x86_64.rpm java-1.6.0-ibm-jdbc-1.6.0.16.35-1jpp.1.el6_8.x86_64.rpm java-1.6.0-ibm-plugin-1.6.0.16.35-1jpp.1.el6_8.x86_64.rpm java-1.6.0-ibm-src-1.6.0.16.35-1jpp.1.el6_8.x86_64.rpm Red Hat Enterprise Linux Workstation Supplementary (v.6): i386: java-1.6.0-ibm-1.6.0.16.35-1jpp.1.el6_8.i686.rpm java-1.6.0-ibm-demo-1.6.0.16.35-1jpp.1.el6_8.i686.rpm java-1.6.0-ibm-devel-1.6.0.16.35-1jpp.1.el6_8.i686.rpm java-1.6.0-ibm-javacomm-1.6.0.16.35-1jpp.1.el6_8.i686.rpm java-1.6.0-ibm-jdbc-1.6.0.16.35-1jpp.1.el6_8.i686.rpm java-1.6.0-ibm-plugin-1.6.0.16.35-1jpp.1.el6_8.i686.rpm java-1.6.0-ibm-src-1.6.0.16.35-1jpp.1.el6_8.i686.rpm x86_64: java-1.6.0-ibm-1.6.0.16.35-1jpp.1.el6_8.x86_64.rpm java-1.6.0-ibm-demo-1.6.0.16.35-1jpp.1.el6_8.x86_64.rpm java-1.6.0-ibm-devel-1.6.0.16.35-1jpp.1.el6_8.x86_64.rpm java-1.6.0-ibm-javacomm-1.6.0.16.35-1jpp.1.el6_8.x86_64.rpm java-1.6.0-ibm-jdbc-1.6.0.16.35-1jpp.1.el6_8.x86_64.rpm java-1.6.0-ibm-plugin-1.6.0.16.35-1jpp.1.el6_8.x86_64.rpm java-1.6.0-ibm-src-1.6.0.16.35-1jpp.1.el6_8.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key 7. References: https://access.redhat.com/security/cve/CVE-2016-5542 https://access.redhat.com/security/cve/CVE-2016-5554 https://access.redhat.com/security/cve/CVE-2016-5556 https://access.redhat.com/security/cve/CVE-2016-5573 https://access.redhat.com/security/cve/CVE-2016-5597 https://access.redhat.com/security/updates/classification#critical https://www.ibm.com/support/pages/java-sdk/ 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact Copyright 2016 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iD8DBQFYIIQvXlSAg2UNWIIRAuZaAKCDcNdjkrcQkSoUT9mSEiDSDWh5OQCgxBfm Jp7CboJWXxTP2eivUnijo4c=ULLW -----END PGP SIGNATURE----- -- Enterprise-watch-list mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. . Important security patch released for java-1.6.0-ibm on Red Hat Enterprise Linux impacts several versions. Discover all the details!. Java Security Update, Red Hat Enterprise Linux, Critical Security Issues, IBM Java Runtime, Update Advisory. . Severity: Critical. LinuxSecurity.com Team

Nov 07, 2016 •Critical Red Hat

security advisoryred hatsystem upgrade

Red Hat: RHSA-2012:1466-01 Critical: IBM Java Update Security Issue

Updated java-1.6.0-ibm packages that fix several security issues are now available for Red Hat Enterprise Linux 5 and 6 Supplementary. The Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scoring System (CVSS) base scores,. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ==================================================================== Red Hat Security Advisory Synopsis: Critical: java-1.6.0-ibm security update Advisory ID: RHSA-2012:1466-01 Product: Red Hat Enterprise Linux Extras Advisory URL: https://access.redhat.com/errata/RHSA-2012:1466.html Issue date: 2012-11-15 CVE Names: CVE-2012-0547 CVE-2012-1531 CVE-2012-1532 CVE-2012-1533 CVE-2012-1682 CVE-2012-3143 CVE-2012-3159 CVE-2012-3216 CVE-2012-4820 CVE-2012-4822 CVE-2012-4823 CVE-2012-5068 CVE-2012-5069 CVE-2012-5071 CVE-2012-5072 CVE-2012-5073 CVE-2012-5075 CVE-2012-5079 CVE-2012-5081 CVE-2012-5083 CVE-2012-5084 CVE-2012-5089 ==================================================================== 1. Summary: Updated java-1.6.0-ibm packages that fix several security issues are now available for Red Hat Enterprise Linux 5 and 6 Supplementary. The Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Desktop Supplementary (v. 5) - i386, x86_64 Red Hat Enterprise Linux Desktop Supplementary (v. 6) - i386, x86_64 Red Hat Enterprise Linux HPC Node Supplementary (v. 6) - x86_64 Red Hat Enterprise Linux Server Supplementary (v. 5) - i386, ppc, s390x, x86_64 Red Hat Enterprise Linux Server Supplementary (v. 6) - i386, ppc64,s390x, x86_64 Red Hat Enterprise Linux Workstation Supplementary (v. 6) - i386, x86_64 3. Description: IBM Java SE version 6 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update fixes several vulnerabilities in the IBM Java Runtime Environment and the IBM Java Software Development Kit. Detailed vulnerability descriptions are linked from the IBM Security alerts page, listed in the References section. (CVE-2012-0547, CVE-2012-1531, CVE-2012-1532, CVE-2012-1533, CVE-2012-1682, CVE-2012-3143, CVE-2012-3159, CVE-2012-3216, CVE-2012-4820, CVE-2012-4822, CVE-2012-4823, CVE-2012-5068, CVE-2012-5069, CVE-2012-5071, CVE-2012-5072, CVE-2012-5073, CVE-2012-5075, CVE-2012-5079, CVE-2012-5081, CVE-2012-5083, CVE-2012-5084, CVE-2012-5089) All users of java-1.6.0-ibm are advised to upgrade to these updated packages, containing the IBM Java SE 6 SR12 release. All running instances of IBM Java must be restarted for the update to take effect. 4. Solution: Before applying this update, make sure all previously-released errata relevant to your system have been applied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/knowledge/articles/11258 5. Bugs fixed (http://bugzilla.redhat.com/): 853097 - CVE-2012-1682 OpenJDK: beans ClassFinder insufficient permission checks (beans, 7162476) 853228 - CVE-2012-0547 OpenJDK: AWT hardening fixes (AWT, 7163201) 865346 - CVE-2012-3216 OpenJDK: java.io.FilePermission information leak (Libraries, 6631398) 865348 - CVE-2012-5068 OpenJDK: RhinoScriptEngine security bypass (Scripting, 7143535) 865357 - CVE-2012-5073 OpenJDK: LogManager security bypass (Libraries, 7169884) 865363 - CVE-2012-5075 OpenJDK: RMIConnectionImpl information disclosure (JMX, 7169888) 865365 - CVE-2012-5072 OpenJDK: AccessController.doPrivilegedWithCombiner() information disclosure (Security, 7172522) 865370 - CVE-2012-5081 OpenJDK: JSSE denial of service (JSSE,7186286) 865511 - CVE-2012-5084 OpenJDK: DefaultFormatter insufficient data validation (Swing, 7195194) 865514 - CVE-2012-5089 OpenJDK: RMIConnectionImpl insufficient access control checks (JMX, 7198296) 865519 - CVE-2012-5071 OpenJDK: DescriptorSupport insufficient package access checks (JMX, 7192975) 865531 - CVE-2012-5069 OpenJDK: Executors state handling issues (Concurrency, 7189103) 865568 - CVE-2012-5079 OpenJDK: ServiceLoader reject not subtype classes without instantiating (Libraries, 7195919) 867185 - CVE-2012-1531 Oracle JDK: unspecified vulnerability (2D) 867186 - CVE-2012-1532 Oracle JDK: unspecified vulnerability (Deployment) 867187 - CVE-2012-1533 Oracle JDK: unspecified vulnerability (Deployment) 867189 - CVE-2012-3143 Oracle JDK: unspecified vulnerability (JMX) 867190 - CVE-2012-3159 Oracle JDK: unspecified vulnerability (Deployment) 867193 - CVE-2012-5083 Oracle JDK: unspecified vulnerability (2D) 876386 - CVE-2012-4820 IBM JDK: java.lang.reflect.Method invoke() code execution 876388 - CVE-2012-4822 IBM JDK: java.lang.class code execution 876389 - CVE-2012-4823 IBM JDK: java.lang.ClassLoder defineClass() code execution 6. Package List: Red Hat Enterprise Linux Desktop Supplementary (v.5): i386: java-1.6.0-ibm-1.6.0.12.0-1jpp.1.el5_8.i386.rpm java-1.6.0-ibm-accessibility-1.6.0.12.0-1jpp.1.el5_8.i386.rpm java-1.6.0-ibm-demo-1.6.0.12.0-1jpp.1.el5_8.i386.rpm java-1.6.0-ibm-devel-1.6.0.12.0-1jpp.1.el5_8.i386.rpm java-1.6.0-ibm-javacomm-1.6.0.12.0-1jpp.1.el5_8.i386.rpm java-1.6.0-ibm-jdbc-1.6.0.12.0-1jpp.1.el5_8.i386.rpm java-1.6.0-ibm-plugin-1.6.0.12.0-1jpp.1.el5_8.i386.rpm java-1.6.0-ibm-src-1.6.0.12.0-1jpp.1.el5_8.i386.rpm x86_64: java-1.6.0-ibm-1.6.0.12.0-1jpp.1.el5_8.i386.rpm java-1.6.0-ibm-1.6.0.12.0-1jpp.1.el5_8.x86_64.rpm java-1.6.0-ibm-accessibility-1.6.0.12.0-1jpp.1.el5_8.x86_64.rpm java-1.6.0-ibm-demo-1.6.0.12.0-1jpp.1.el5_8.i386.rpm java-1.6.0-ibm-demo-1.6.0.12.0-1jpp.1.el5_8.x86_64.rpm java-1.6.0-ibm-devel-1.6.0.12.0-1jpp.1.el5_8.i386.rpm java-1.6.0-ibm-devel-1.6.0.12.0-1jpp.1.el5_8.x86_64.rpm java-1.6.0-ibm-javacomm-1.6.0.12.0-1jpp.1.el5_8.i386.rpm java-1.6.0-ibm-javacomm-1.6.0.12.0-1jpp.1.el5_8.x86_64.rpm java-1.6.0-ibm-jdbc-1.6.0.12.0-1jpp.1.el5_8.i386.rpm java-1.6.0-ibm-jdbc-1.6.0.12.0-1jpp.1.el5_8.x86_64.rpm java-1.6.0-ibm-plugin-1.6.0.12.0-1jpp.1.el5_8.i386.rpm java-1.6.0-ibm-plugin-1.6.0.12.0-1jpp.1.el5_8.x86_64.rpm java-1.6.0-ibm-src-1.6.0.12.0-1jpp.1.el5_8.i386.rpm java-1.6.0-ibm-src-1.6.0.12.0-1jpp.1.el5_8.x86_64.rpm Red Hat Enterprise Linux Server Supplementary (v.5): i386: java-1.6.0-ibm-1.6.0.12.0-1jpp.1.el5_8.i386.rpm java-1.6.0-ibm-accessibility-1.6.0.12.0-1jpp.1.el5_8.i386.rpm java-1.6.0-ibm-demo-1.6.0.12.0-1jpp.1.el5_8.i386.rpm java-1.6.0-ibm-devel-1.6.0.12.0-1jpp.1.el5_8.i386.rpm java-1.6.0-ibm-javacomm-1.6.0.12.0-1jpp.1.el5_8.i386.rpm java-1.6.0-ibm-jdbc-1.6.0.12.0-1jpp.1.el5_8.i386.rpm java-1.6.0-ibm-plugin-1.6.0.12.0-1jpp.1.el5_8.i386.rpm java-1.6.0-ibm-src-1.6.0.12.0-1jpp.1.el5_8.i386.rpm ppc: java-1.6.0-ibm-1.6.0.12.0-1jpp.1.el5_8.ppc.rpm java-1.6.0-ibm-1.6.0.12.0-1jpp.1.el5_8.ppc64.rpm java-1.6.0-ibm-accessibility-1.6.0.12.0-1jpp.1.el5_8.ppc.rpm java-1.6.0-ibm-demo-1.6.0.12.0-1jpp.1.el5_8.ppc.rpm java-1.6.0-ibm-demo-1.6.0.12.0-1jpp.1.el5_8.ppc64.rpm java-1.6.0-ibm-devel-1.6.0.12.0-1jpp.1.el5_8.ppc.rpm java-1.6.0-ibm-devel-1.6.0.12.0-1jpp.1.el5_8.ppc64.rpm java-1.6.0-ibm-javacomm-1.6.0.12.0-1jpp.1.el5_8.ppc.rpm java-1.6.0-ibm-javacomm-1.6.0.12.0-1jpp.1.el5_8.ppc64.rpm java-1.6.0-ibm-jdbc-1.6.0.12.0-1jpp.1.el5_8.ppc.rpm java-1.6.0-ibm-jdbc-1.6.0.12.0-1jpp.1.el5_8.ppc64.rpm java-1.6.0-ibm-plugin-1.6.0.12.0-1jpp.1.el5_8.ppc.rpm java-1.6.0-ibm-src-1.6.0.12.0-1jpp.1.el5_8.ppc.rpm java-1.6.0-ibm-src-1.6.0.12.0-1jpp.1.el5_8.ppc64.rpm s390x: java-1.6.0-ibm-1.6.0.12.0-1jpp.1.el5_8.s390.rpm java-1.6.0-ibm-1.6.0.12.0-1jpp.1.el5_8.s390x.rpm java-1.6.0-ibm-accessibility-1.6.0.12.0-1jpp.1.el5_8.s390x.rpm java-1.6.0-ibm-demo-1.6.0.12.0-1jpp.1.el5_8.s390.rpm java-1.6.0-ibm-demo-1.6.0.12.0-1jpp.1.el5_8.s390x.rpm java-1.6.0-ibm-devel-1.6.0.12.0-1jpp.1.el5_8.s390.rpm java-1.6.0-ibm-devel-1.6.0.12.0-1jpp.1.el5_8.s390x.rpm java-1.6.0-ibm-jdbc-1.6.0.12.0-1jpp.1.el5_8.s390.rpm java-1.6.0-ibm-jdbc-1.6.0.12.0-1jpp.1.el5_8.s390x.rpm java-1.6.0-ibm-src-1.6.0.12.0-1jpp.1.el5_8.s390.rpm java-1.6.0-ibm-src-1.6.0.12.0-1jpp.1.el5_8.s390x.rpm x86_64: java-1.6.0-ibm-1.6.0.12.0-1jpp.1.el5_8.i386.rpm java-1.6.0-ibm-1.6.0.12.0-1jpp.1.el5_8.x86_64.rpm java-1.6.0-ibm-accessibility-1.6.0.12.0-1jpp.1.el5_8.x86_64.rpm java-1.6.0-ibm-demo-1.6.0.12.0-1jpp.1.el5_8.i386.rpm java-1.6.0-ibm-demo-1.6.0.12.0-1jpp.1.el5_8.x86_64.rpm java-1.6.0-ibm-devel-1.6.0.12.0-1jpp.1.el5_8.i386.rpm java-1.6.0-ibm-devel-1.6.0.12.0-1jpp.1.el5_8.x86_64.rpm java-1.6.0-ibm-javacomm-1.6.0.12.0-1jpp.1.el5_8.i386.rpm java-1.6.0-ibm-javacomm-1.6.0.12.0-1jpp.1.el5_8.x86_64.rpm java-1.6.0-ibm-jdbc-1.6.0.12.0-1jpp.1.el5_8.i386.rpm java-1.6.0-ibm-jdbc-1.6.0.12.0-1jpp.1.el5_8.x86_64.rpm java-1.6.0-ibm-plugin-1.6.0.12.0-1jpp.1.el5_8.i386.rpm java-1.6.0-ibm-plugin-1.6.0.12.0-1jpp.1.el5_8.x86_64.rpm java-1.6.0-ibm-src-1.6.0.12.0-1jpp.1.el5_8.i386.rpm java-1.6.0-ibm-src-1.6.0.12.0-1jpp.1.el5_8.x86_64.rpm Red Hat Enterprise Linux Desktop Supplementary (v. 6): i386: java-1.6.0-ibm-1.6.0.12.0-1jpp.1.el6_3.i686.rpm java-1.6.0-ibm-demo-1.6.0.12.0-1jpp.1.el6_3.i686.rpm java-1.6.0-ibm-devel-1.6.0.12.0-1jpp.1.el6_3.i686.rpm java-1.6.0-ibm-javacomm-1.6.0.12.0-1jpp.1.el6_3.i686.rpm java-1.6.0-ibm-jdbc-1.6.0.12.0-1jpp.1.el6_3.i686.rpm java-1.6.0-ibm-plugin-1.6.0.12.0-1jpp.1.el6_3.i686.rpm java-1.6.0-ibm-src-1.6.0.12.0-1jpp.1.el6_3.i686.rpm x86_64: java-1.6.0-ibm-1.6.0.12.0-1jpp.1.el6_3.x86_64.rpm java-1.6.0-ibm-demo-1.6.0.12.0-1jpp.1.el6_3.x86_64.rpm java-1.6.0-ibm-devel-1.6.0.12.0-1jpp.1.el6_3.i686.rpm java-1.6.0-ibm-devel-1.6.0.12.0-1jpp.1.el6_3.x86_64.rpm java-1.6.0-ibm-javacomm-1.6.0.12.0-1jpp.1.el6_3.x86_64.rpm java-1.6.0-ibm-jdbc-1.6.0.12.0-1jpp.1.el6_3.x86_64.rpm java-1.6.0-ibm-plugin-1.6.0.12.0-1jpp.1.el6_3.x86_64.rpm java-1.6.0-ibm-src-1.6.0.12.0-1jpp.1.el6_3.x86_64.rpm Red Hat Enterprise Linux HPC Node Supplementary (v. 6): x86_64: java-1.6.0-ibm-1.6.0.12.0-1jpp.1.el6_3.x86_64.rpm java-1.6.0-ibm-demo-1.6.0.12.0-1jpp.1.el6_3.x86_64.rpm java-1.6.0-ibm-devel-1.6.0.12.0-1jpp.1.el6_3.i686.rpm java-1.6.0-ibm-devel-1.6.0.12.0-1jpp.1.el6_3.x86_64.rpm java-1.6.0-ibm-javacomm-1.6.0.12.0-1jpp.1.el6_3.x86_64.rpm java-1.6.0-ibm-src-1.6.0.12.0-1jpp.1.el6_3.x86_64.rpm Red Hat Enterprise Linux Server Supplementary (v.6): i386: java-1.6.0-ibm-1.6.0.12.0-1jpp.1.el6_3.i686.rpm java-1.6.0-ibm-demo-1.6.0.12.0-1jpp.1.el6_3.i686.rpm java-1.6.0-ibm-devel-1.6.0.12.0-1jpp.1.el6_3.i686.rpm java-1.6.0-ibm-javacomm-1.6.0.12.0-1jpp.1.el6_3.i686.rpm java-1.6.0-ibm-jdbc-1.6.0.12.0-1jpp.1.el6_3.i686.rpm java-1.6.0-ibm-plugin-1.6.0.12.0-1jpp.1.el6_3.i686.rpm java-1.6.0-ibm-src-1.6.0.12.0-1jpp.1.el6_3.i686.rpm ppc64: java-1.6.0-ibm-1.6.0.12.0-1jpp.1.el6_3.ppc64.rpm java-1.6.0-ibm-demo-1.6.0.12.0-1jpp.1.el6_3.ppc64.rpm java-1.6.0-ibm-devel-1.6.0.12.0-1jpp.1.el6_3.ppc.rpm java-1.6.0-ibm-devel-1.6.0.12.0-1jpp.1.el6_3.ppc64.rpm java-1.6.0-ibm-javacomm-1.6.0.12.0-1jpp.1.el6_3.ppc64.rpm java-1.6.0-ibm-jdbc-1.6.0.12.0-1jpp.1.el6_3.ppc64.rpm java-1.6.0-ibm-src-1.6.0.12.0-1jpp.1.el6_3.ppc64.rpm s390x: java-1.6.0-ibm-1.6.0.12.0-1jpp.1.el6_3.s390x.rpm java-1.6.0-ibm-demo-1.6.0.12.0-1jpp.1.el6_3.s390x.rpm java-1.6.0-ibm-devel-1.6.0.12.0-1jpp.1.el6_3.s390.rpm java-1.6.0-ibm-devel-1.6.0.12.0-1jpp.1.el6_3.s390x.rpm java-1.6.0-ibm-jdbc-1.6.0.12.0-1jpp.1.el6_3.s390x.rpm java-1.6.0-ibm-src-1.6.0.12.0-1jpp.1.el6_3.s390x.rpm x86_64: java-1.6.0-ibm-1.6.0.12.0-1jpp.1.el6_3.x86_64.rpm java-1.6.0-ibm-demo-1.6.0.12.0-1jpp.1.el6_3.x86_64.rpm java-1.6.0-ibm-devel-1.6.0.12.0-1jpp.1.el6_3.i686.rpm java-1.6.0-ibm-devel-1.6.0.12.0-1jpp.1.el6_3.x86_64.rpm java-1.6.0-ibm-javacomm-1.6.0.12.0-1jpp.1.el6_3.x86_64.rpm java-1.6.0-ibm-jdbc-1.6.0.12.0-1jpp.1.el6_3.x86_64.rpm java-1.6.0-ibm-plugin-1.6.0.12.0-1jpp.1.el6_3.x86_64.rpm java-1.6.0-ibm-src-1.6.0.12.0-1jpp.1.el6_3.x86_64.rpm Red Hat Enterprise Linux Workstation Supplementary (v.6): i386: java-1.6.0-ibm-1.6.0.12.0-1jpp.1.el6_3.i686.rpm java-1.6.0-ibm-demo-1.6.0.12.0-1jpp.1.el6_3.i686.rpm java-1.6.0-ibm-devel-1.6.0.12.0-1jpp.1.el6_3.i686.rpm java-1.6.0-ibm-javacomm-1.6.0.12.0-1jpp.1.el6_3.i686.rpm java-1.6.0-ibm-jdbc-1.6.0.12.0-1jpp.1.el6_3.i686.rpm java-1.6.0-ibm-plugin-1.6.0.12.0-1jpp.1.el6_3.i686.rpm java-1.6.0-ibm-src-1.6.0.12.0-1jpp.1.el6_3.i686.rpm x86_64: java-1.6.0-ibm-1.6.0.12.0-1jpp.1.el6_3.x86_64.rpm java-1.6.0-ibm-demo-1.6.0.12.0-1jpp.1.el6_3.x86_64.rpm java-1.6.0-ibm-devel-1.6.0.12.0-1jpp.1.el6_3.i686.rpm java-1.6.0-ibm-devel-1.6.0.12.0-1jpp.1.el6_3.x86_64.rpm java-1.6.0-ibm-javacomm-1.6.0.12.0-1jpp.1.el6_3.x86_64.rpm java-1.6.0-ibm-jdbc-1.6.0.12.0-1jpp.1.el6_3.x86_64.rpm java-1.6.0-ibm-plugin-1.6.0.12.0-1jpp.1.el6_3.x86_64.rpm java-1.6.0-ibm-src-1.6.0.12.0-1jpp.1.el6_3.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/#package 7.References: https://access.redhat.com/security/cve/CVE-2012-0547 https://access.redhat.com/security/cve/CVE-2012-1531 https://access.redhat.com/security/cve/CVE-2012-1532 https://access.redhat.com/security/cve/CVE-2012-1533 https://access.redhat.com/security/cve/CVE-2012-1682 https://access.redhat.com/security/cve/CVE-2012-3143 https://access.redhat.com/security/cve/CVE-2012-3159 https://access.redhat.com/security/cve/CVE-2012-3216 https://access.redhat.com/security/cve/CVE-2012-4820 https://access.redhat.com/security/cve/CVE-2012-4822 https://access.redhat.com/security/cve/CVE-2012-4823 https://access.redhat.com/security/cve/CVE-2012-5068 https://access.redhat.com/security/cve/CVE-2012-5069 https://access.redhat.com/security/cve/CVE-2012-5071 https://access.redhat.com/security/cve/CVE-2012-5072 https://access.redhat.com/security/cve/CVE-2012-5073 https://access.redhat.com/security/cve/CVE-2012-5075 https://access.redhat.com/security/cve/CVE-2012-5079 https://access.redhat.com/security/cve/CVE-2012-5081 https://access.redhat.com/security/cve/CVE-2012-5083 https://access.redhat.com/security/cve/CVE-2012-5084 https://access.redhat.com/security/cve/CVE-2012-5089 https://access.redhat.com/security/updates/classification/#critical 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2012 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFQpV4wXlSAg2UNWIIRAh3xAKCCtopCdB74QaM37wyC/DyniWhpLQCghJEj Rm+cXgBdDZVQhZ96Ylamhpk=d/D8 -----END PGP SIGNATURE----- -- Enterprise-watch-list mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. . Vital Oracle security patch for python-3.8.0 resolves numerous vulnerabilities with comprehensive solutions.. Red Hat Security, Java Update, IBM Security, Linux Patches. . Severity: Critical. LinuxSecurity.com Team

Nov 15, 2012 •Critical Red Hat

security advisorysecurity patchcritical severity

Red Hat: RHSA-2012-1391-01 Critical: Java Security Issue

Updated java-1.7.0-oracle packages that fix several security issues are now available for Red Hat Enterprise Linux 6 Supplementary. The Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scoring System (CVSS) base scores,. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ==================================================================== Red Hat Security Advisory Synopsis: Critical: java-1.7.0-oracle security update Advisory ID: RHSA-2012:1391-01 Product: Red Hat Enterprise Linux Extras Advisory URL: https://access.redhat.com/errata/RHSA-2012:1391.html Issue date: 2012-10-18 CVE Names: CVE-2012-1531 CVE-2012-1532 CVE-2012-1533 CVE-2012-3143 CVE-2012-3159 CVE-2012-3216 CVE-2012-4416 CVE-2012-5067 CVE-2012-5068 CVE-2012-5069 CVE-2012-5070 CVE-2012-5071 CVE-2012-5072 CVE-2012-5073 CVE-2012-5074 CVE-2012-5075 CVE-2012-5076 CVE-2012-5077 CVE-2012-5079 CVE-2012-5081 CVE-2012-5083 CVE-2012-5084 CVE-2012-5085 CVE-2012-5086 CVE-2012-5087 CVE-2012-5088 CVE-2012-5089 ==================================================================== 1. Summary: Updated java-1.7.0-oracle packages that fix several security issues are now available for Red Hat Enterprise Linux 6 Supplementary. The Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Desktop Supplementary (v. 6) - i386, x86_64 Red Hat Enterprise Linux HPC Node Supplementary (v. 6) - x86_64 Red Hat Enterprise Linux Server Supplementary (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation Supplementary (v. 6) - i386,x86_64 3. Description: Oracle Java SE version 7 includes the Oracle Java Runtime Environment and the Oracle Java Software Development Kit. This update fixes several vulnerabilities in the Oracle Java Runtime Environment and the Oracle Java Software Development Kit. Further information about these flaws can be found on the Oracle Java SE Critical Patch Update Advisory page, listed in the References section. (CVE-2012-1531, CVE-2012-1532, CVE-2012-1533, CVE-2012-3143, CVE-2012-3159, CVE-2012-3216, CVE-2012-4416, CVE-2012-5067, CVE-2012-5068, CVE-2012-5069, CVE-2012-5070, CVE-2012-5071, CVE-2012-5072, CVE-2012-5073, CVE-2012-5074, CVE-2012-5075, CVE-2012-5076, CVE-2012-5077, CVE-2012-5079, CVE-2012-5081, CVE-2012-5083, CVE-2012-5084, CVE-2012-5085, CVE-2012-5086, CVE-2012-5087, CVE-2012-5088, CVE-2012-5089) All users of java-1.7.0-oracle are advised to upgrade to these updated packages, which provide Oracle Java 7 Update 9. All running instances of Oracle Java must be restarted for the update to take effect. 4. Solution: Before applying this update, make sure all previously-released errata relevant to your system have been applied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/knowledge/articles/11258 5. Bugs fixed (http://bugzilla.redhat.com/): 856124 - CVE-2012-4416 OpenJDK: uninitialized Array JVM memory disclosure (Hotspot, 7198606) 865346 - CVE-2012-3216 OpenJDK: java.io.FilePermission information leak (Libraries, 6631398) 865348 - CVE-2012-5068 OpenJDK: RhinoScriptEngine security bypass (Scripting, 7143535) 865350 - CVE-2012-5070 OpenJDK: EnvHelp information disclosure (JMX, 7158796) 865352 - CVE-2012-5076 OpenJDK: com.sun.org.glassfish.* not restricted packages (JAX-WS, 7163198) 865354 - CVE-2012-5077 OpenJDK: SecureRandom mulitple seeders information disclosure (Security, 7167656) 865357 - CVE-2012-5073 OpenJDK: LogManager security bypass (Libraries, 7169884) 865359 - CVE-2012-5074 OpenJDK:com.sun.org.glassfish.* not restricted packages (JAX-WS, 7169887) 865363 - CVE-2012-5075 OpenJDK: RMIConnectionImpl information disclosure (JMX, 7169888) 865365 - CVE-2012-5072 OpenJDK: AccessController.doPrivilegedWithCombiner() information disclosure (Security, 7172522) 865370 - CVE-2012-5081 OpenJDK: JSSE denial of service (JSSE, 7186286) 865428 - CVE-2012-5086 OpenJDK: XMLDecoder sandbox restriction bypass (Beans, 7195917) 865434 - CVE-2012-5087 OpenJDK: PropertyElementHandler insufficient access checks (Beans, 7195549) 865471 - CVE-2012-5088 OpenJDK: MethodHandle insufficient access control checks (Libraries, 7196190) 865511 - CVE-2012-5084 OpenJDK: DefaultFormatter insufficient data validation (Swing, 7195194) 865514 - CVE-2012-5089 OpenJDK: RMIConnectionImpl insufficient access control checks (JMX, 7198296) 865519 - CVE-2012-5071 OpenJDK: DescriptorSupport insufficient package access checks (JMX, 7192975) 865531 - CVE-2012-5069 OpenJDK: Executors state handling issues (Concurrency, 7189103) 865541 - CVE-2012-5085 OpenJDK: disable Gopher support by default (Gopher, 7189567) 865568 - CVE-2012-5079 OpenJDK: ServiceLoader reject not subtype classes without instantiating (Libraries, 7195919) 867185 - CVE-2012-1531 Oracle JDK: unspecified vulnerability (2D) 867186 - CVE-2012-1532 Oracle JDK: unspecified vulnerability (Deployment) 867187 - CVE-2012-1533 Oracle JDK: unspecified vulnerability (Deployment) 867189 - CVE-2012-3143 Oracle JDK: unspecified vulnerability (JMX) 867190 - CVE-2012-3159 Oracle JDK: unspecified vulnerability (Deployment) 867192 - CVE-2012-5067 Oracle JDK: unspecified vulnerability (Deployment) 867193 - CVE-2012-5083 Oracle JDK: unspecified vulnerability (2D) 6. Package List: Red Hat Enterprise Linux Desktop Supplementary (v.6): i386: java-1.7.0-oracle-1.7.0.9-1jpp.3.el6_3.i686.rpm java-1.7.0-oracle-devel-1.7.0.9-1jpp.3.el6_3.i686.rpm java-1.7.0-oracle-javafx-1.7.0.9-1jpp.3.el6_3.i686.rpm java-1.7.0-oracle-jdbc-1.7.0.9-1jpp.3.el6_3.i686.rpm java-1.7.0-oracle-plugin-1.7.0.9-1jpp.3.el6_3.i686.rpm java-1.7.0-oracle-src-1.7.0.9-1jpp.3.el6_3.i686.rpm x86_64: java-1.7.0-oracle-1.7.0.9-1jpp.3.el6_3.x86_64.rpm java-1.7.0-oracle-devel-1.7.0.9-1jpp.3.el6_3.x86_64.rpm java-1.7.0-oracle-javafx-1.7.0.9-1jpp.3.el6_3.x86_64.rpm java-1.7.0-oracle-jdbc-1.7.0.9-1jpp.3.el6_3.x86_64.rpm java-1.7.0-oracle-plugin-1.7.0.9-1jpp.3.el6_3.x86_64.rpm java-1.7.0-oracle-src-1.7.0.9-1jpp.3.el6_3.x86_64.rpm Red Hat Enterprise Linux HPC Node Supplementary (v. 6): x86_64: java-1.7.0-oracle-1.7.0.9-1jpp.3.el6_3.x86_64.rpm java-1.7.0-oracle-devel-1.7.0.9-1jpp.3.el6_3.x86_64.rpm java-1.7.0-oracle-javafx-1.7.0.9-1jpp.3.el6_3.x86_64.rpm java-1.7.0-oracle-src-1.7.0.9-1jpp.3.el6_3.x86_64.rpm Red Hat Enterprise Linux Server Supplementary (v. 6): i386: java-1.7.0-oracle-1.7.0.9-1jpp.3.el6_3.i686.rpm java-1.7.0-oracle-devel-1.7.0.9-1jpp.3.el6_3.i686.rpm java-1.7.0-oracle-javafx-1.7.0.9-1jpp.3.el6_3.i686.rpm java-1.7.0-oracle-jdbc-1.7.0.9-1jpp.3.el6_3.i686.rpm java-1.7.0-oracle-plugin-1.7.0.9-1jpp.3.el6_3.i686.rpm java-1.7.0-oracle-src-1.7.0.9-1jpp.3.el6_3.i686.rpm x86_64: java-1.7.0-oracle-1.7.0.9-1jpp.3.el6_3.x86_64.rpm java-1.7.0-oracle-devel-1.7.0.9-1jpp.3.el6_3.x86_64.rpm java-1.7.0-oracle-javafx-1.7.0.9-1jpp.3.el6_3.x86_64.rpm java-1.7.0-oracle-jdbc-1.7.0.9-1jpp.3.el6_3.x86_64.rpm java-1.7.0-oracle-plugin-1.7.0.9-1jpp.3.el6_3.x86_64.rpm java-1.7.0-oracle-src-1.7.0.9-1jpp.3.el6_3.x86_64.rpm Red Hat Enterprise Linux Workstation Supplementary (v.6): i386: java-1.7.0-oracle-1.7.0.9-1jpp.3.el6_3.i686.rpm java-1.7.0-oracle-devel-1.7.0.9-1jpp.3.el6_3.i686.rpm java-1.7.0-oracle-javafx-1.7.0.9-1jpp.3.el6_3.i686.rpm java-1.7.0-oracle-jdbc-1.7.0.9-1jpp.3.el6_3.i686.rpm java-1.7.0-oracle-plugin-1.7.0.9-1jpp.3.el6_3.i686.rpm java-1.7.0-oracle-src-1.7.0.9-1jpp.3.el6_3.i686.rpm x86_64: java-1.7.0-oracle-1.7.0.9-1jpp.3.el6_3.x86_64.rpm java-1.7.0-oracle-devel-1.7.0.9-1jpp.3.el6_3.x86_64.rpm java-1.7.0-oracle-javafx-1.7.0.9-1jpp.3.el6_3.x86_64.rpm java-1.7.0-oracle-jdbc-1.7.0.9-1jpp.3.el6_3.x86_64.rpm java-1.7.0-oracle-plugin-1.7.0.9-1jpp.3.el6_3.x86_64.rpm java-1.7.0-oracle-src-1.7.0.9-1jpp.3.el6_3.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/#package 7.References: https://access.redhat.com/security/cve/CVE-2012-1531 https://access.redhat.com/security/cve/CVE-2012-1532 https://access.redhat.com/security/cve/CVE-2012-1533 https://access.redhat.com/security/cve/CVE-2012-3143 https://access.redhat.com/security/cve/CVE-2012-3159 https://access.redhat.com/security/cve/CVE-2012-3216 https://access.redhat.com/security/cve/CVE-2012-4416 https://access.redhat.com/security/cve/CVE-2012-5067 https://access.redhat.com/security/cve/CVE-2012-5068 https://access.redhat.com/security/cve/CVE-2012-5069 https://access.redhat.com/security/cve/CVE-2012-5070 https://access.redhat.com/security/cve/CVE-2012-5071 https://access.redhat.com/security/cve/CVE-2012-5072 https://access.redhat.com/security/cve/CVE-2012-5073 https://access.redhat.com/security/cve/CVE-2012-5074 https://access.redhat.com/security/cve/CVE-2012-5075 https://access.redhat.com/security/cve/CVE-2012-5076 https://access.redhat.com/security/cve/CVE-2012-5077 https://access.redhat.com/security/cve/CVE-2012-5079 https://access.redhat.com/security/cve/CVE-2012-5081 https://access.redhat.com/security/cve/CVE-2012-5083 https://access.redhat.com/security/cve/CVE-2012-5084 https://access.redhat.com/security/cve/CVE-2012-5085 https://access.redhat.com/security/cve/CVE-2012-5086 https://access.redhat.com/security/cve/CVE-2012-5087 https://access.redhat.com/security/cve/CVE-2012-5088 https://access.redhat.com/security/cve/CVE-2012-5089 https://access.redhat.com/security/updates/classification/#critical https://www.oracle.com/security-alerts/javacpuoct2012.html 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2012 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFQgDVsXlSAg2UNWIIRAqj5AKCA5Zr5QZ5yQMZDzKvsEKIByp5lowCfbyrO qyBnUuauQSs26TM3pJC47M4=NckS -----END PGP SIGNATURE----- -- Enterprise-watch-list mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. . Important patch released for java-1.7.0-oraclecorrecting major vulnerabilities in Red Hat Enterprise Linux.. Java Security Update, Red Hat Advisory, Security Patch, Java Runtime Update. . Severity: Critical. LinuxSecurity.com Team

Oct 18, 2012 •Critical Red Hat

security advisorycritical issuered hat enterprise linux

Red Hat 6 RHSA-2012:0135-01 Critical: OpenJDK Java Security Issue

Updated java-1.6.0-openjdk packages that fix several security issues are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having critical [More...]. ==================================================================== Red Hat Security Advisory Synopsis: Critical: java-1.6.0-openjdk security update Advisory ID: RHSA-2012:0135-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2012:0135.html Issue date: 2012-02-14 CVE Names: CVE-2011-3563 CVE-2011-3571 CVE-2011-5035 CVE-2012-0497 CVE-2012-0501 CVE-2012-0502 CVE-2012-0503 CVE-2012-0505 CVE-2012-0506 ==================================================================== 1. Summary: Updated java-1.6.0-openjdk packages that fix several security issues are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Desktop (v. 6) - i386, x86_64 Red Hat Enterprise Linux Desktop Optional (v. 6) - i386, x86_64 Red Hat Enterprise Linux HPC Node (v. 6) - x86_64 Red Hat Enterprise Linux HPC Node Optional (v. 6) - x86_64 Red Hat Enterprise Linux Server (v. 6) - i386, x86_64 Red Hat Enterprise Linux Server Optional (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation Optional (v. 6) - i386, x86_64 3. Description: These packages provide the OpenJDK 6 Java Runtime Environment and the OpenJDK 6 Software Development Kit. It was discovered that Java2D did not properly check graphics rendering objects before passing them to the native renderer. Malicious input, or an untrusted Java application or appletcould use this flaw to crash the Java Virtual Machine (JVM), or bypass Java sandbox restrictions. (CVE-2012-0497) It was discovered that the exception thrown on deserialization failure did not always contain a proper identification of the cause of the failure. An untrusted Java application or applet could use this flaw to bypass Java sandbox restrictions. (CVE-2012-0505) The AtomicReferenceArray class implementation did not properly check if the array was of the expected Object[] type. A malicious Java application or applet could use this flaw to bypass Java sandbox restrictions. (CVE-2011-3571) It was discovered that the use of TimeZone.setDefault() was not restricted by the SecurityManager, allowing an untrusted Java application or applet to set a new default time zone, and hence bypass Java sandbox restrictions. (CVE-2012-0503) The HttpServer class did not limit the number of headers read from HTTP requests. A remote attacker could use this flaw to make an application using HttpServer use an excessive amount of CPU time via a specially-crafted request. This update introduces a header count limit controlled using the sun.net.httpserver.maxReqHeaders property. The default value is 200. (CVE-2011-5035) The Java Sound component did not properly check buffer boundaries. Malicious input, or an untrusted Java application or applet could use this flaw to cause the Java Virtual Machine (JVM) to crash or disclose a portion of its memory. (CVE-2011-3563) A flaw was found in the AWT KeyboardFocusManager that could allow an untrusted Java application or applet to acquire keyboard focus and possibly steal sensitive information. (CVE-2012-0502) It was discovered that the CORBA (Common Object Request Broker Architecture) implementation in Java did not properly protect repository identifiers on certain CORBA objects. This could have been used to modify immutable object data. (CVE-2012-0506) An off-by-one flaw, causing a stack overflow, was found in the unpacker for ZIP files. A specially-crafted ZIP archive couldcause the Java Virtual Machine (JVM) to crash when opened. (CVE-2012-0501) Note: If the web browser plug-in provided by the icedtea-web package was installed, the issues exposed via Java applets could have been exploited without user interaction if a user visited a malicious website. This erratum also upgrades the OpenJDK package to IcedTea6 1.10.6. Refer to the NEWS file, linked to in the References, for further information. All users of java-1.6.0-openjdk are advised to upgrade to these updated packages, which resolve these issues. All running instances of OpenJDK Java must be restarted for the update to take effect. 4. Solution: Before applying this update, make sure all previously-released errata relevant to your system have been applied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/kb/docs/DOC-11259 5. Bugs fixed (http://bugzilla.redhat.com/): 788606 - CVE-2011-5035 OpenJDK: HttpServer no header count limit (Lightweight HTTP Server, 7126960) 788624 - CVE-2012-0501 OpenJDK: off-by-one bug in ZIP reading code (JRE, 7118283) 788976 - CVE-2012-0503 OpenJDK: unrestricted use of TimeZone.setDefault() (i18n, 7110687) 788994 - CVE-2011-3571 OpenJDK: AtomicReferenceArray insufficient array type check (Concurrency, 7082299) 789295 - CVE-2011-3563 OpenJDK: JavaSound incorrect bounds check (Sound, 7088367) 789297 - CVE-2012-0502 OpenJDK: KeyboardFocusManager focus stealing (AWT, 7110683) 789299 - CVE-2012-0505 OpenJDK: incomplete info in the deserialization exception (Serialization, 7110700) 789300 - CVE-2012-0506 OpenJDK: mutable repository identifiers (CORBA, 7110704) 789301 - CVE-2012-0497 OpenJDK: insufficient checking of the graphics rendering object (2D, 7112642) 6. Package List: Red Hat Enterprise Linux Desktop (v.6): Source: i386: java-1.6.0-openjdk-1.6.0.0-1.43.1.10.6.el6_2.i686.rpm java-1.6.0-openjdk-debuginfo-1.6.0.0-1.43.1.10.6.el6_2.i686.rpm x86_64: java-1.6.0-openjdk-1.6.0.0-1.43.1.10.6.el6_2.x86_64.rpm java-1.6.0-openjdk-debuginfo-1.6.0.0-1.43.1.10.6.el6_2.x86_64.rpm Red Hat Enterprise Linux Desktop Optional (v. 6): Source: i386: java-1.6.0-openjdk-debuginfo-1.6.0.0-1.43.1.10.6.el6_2.i686.rpm java-1.6.0-openjdk-demo-1.6.0.0-1.43.1.10.6.el6_2.i686.rpm java-1.6.0-openjdk-devel-1.6.0.0-1.43.1.10.6.el6_2.i686.rpm java-1.6.0-openjdk-javadoc-1.6.0.0-1.43.1.10.6.el6_2.i686.rpm java-1.6.0-openjdk-src-1.6.0.0-1.43.1.10.6.el6_2.i686.rpm x86_64: java-1.6.0-openjdk-debuginfo-1.6.0.0-1.43.1.10.6.el6_2.x86_64.rpm java-1.6.0-openjdk-demo-1.6.0.0-1.43.1.10.6.el6_2.x86_64.rpm java-1.6.0-openjdk-devel-1.6.0.0-1.43.1.10.6.el6_2.x86_64.rpm java-1.6.0-openjdk-javadoc-1.6.0.0-1.43.1.10.6.el6_2.x86_64.rpm java-1.6.0-openjdk-src-1.6.0.0-1.43.1.10.6.el6_2.x86_64.rpm Red Hat Enterprise Linux HPC Node (v. 6): Source: x86_64: java-1.6.0-openjdk-1.6.0.0-1.43.1.10.6.el6_2.x86_64.rpm java-1.6.0-openjdk-debuginfo-1.6.0.0-1.43.1.10.6.el6_2.x86_64.rpm Red Hat Enterprise Linux HPC Node Optional (v. 6): Source: x86_64: java-1.6.0-openjdk-debuginfo-1.6.0.0-1.43.1.10.6.el6_2.x86_64.rpm java-1.6.0-openjdk-demo-1.6.0.0-1.43.1.10.6.el6_2.x86_64.rpm java-1.6.0-openjdk-devel-1.6.0.0-1.43.1.10.6.el6_2.x86_64.rpm java-1.6.0-openjdk-javadoc-1.6.0.0-1.43.1.10.6.el6_2.x86_64.rpm java-1.6.0-openjdk-src-1.6.0.0-1.43.1.10.6.el6_2.x86_64.rpm Red Hat Enterprise Linux Server (v.6): Source: i386: java-1.6.0-openjdk-1.6.0.0-1.43.1.10.6.el6_2.i686.rpm java-1.6.0-openjdk-debuginfo-1.6.0.0-1.43.1.10.6.el6_2.i686.rpm java-1.6.0-openjdk-devel-1.6.0.0-1.43.1.10.6.el6_2.i686.rpm java-1.6.0-openjdk-javadoc-1.6.0.0-1.43.1.10.6.el6_2.i686.rpm x86_64: java-1.6.0-openjdk-1.6.0.0-1.43.1.10.6.el6_2.x86_64.rpm java-1.6.0-openjdk-debuginfo-1.6.0.0-1.43.1.10.6.el6_2.x86_64.rpm java-1.6.0-openjdk-devel-1.6.0.0-1.43.1.10.6.el6_2.x86_64.rpm java-1.6.0-openjdk-javadoc-1.6.0.0-1.43.1.10.6.el6_2.x86_64.rpm Red Hat Enterprise Linux Server Optional (v. 6): Source: i386: java-1.6.0-openjdk-debuginfo-1.6.0.0-1.43.1.10.6.el6_2.i686.rpm java-1.6.0-openjdk-demo-1.6.0.0-1.43.1.10.6.el6_2.i686.rpm java-1.6.0-openjdk-src-1.6.0.0-1.43.1.10.6.el6_2.i686.rpm x86_64: java-1.6.0-openjdk-debuginfo-1.6.0.0-1.43.1.10.6.el6_2.x86_64.rpm java-1.6.0-openjdk-demo-1.6.0.0-1.43.1.10.6.el6_2.x86_64.rpm java-1.6.0-openjdk-src-1.6.0.0-1.43.1.10.6.el6_2.x86_64.rpm Red Hat Enterprise Linux Workstation (v. 6): Source: i386: java-1.6.0-openjdk-1.6.0.0-1.43.1.10.6.el6_2.i686.rpm java-1.6.0-openjdk-debuginfo-1.6.0.0-1.43.1.10.6.el6_2.i686.rpm java-1.6.0-openjdk-devel-1.6.0.0-1.43.1.10.6.el6_2.i686.rpm java-1.6.0-openjdk-javadoc-1.6.0.0-1.43.1.10.6.el6_2.i686.rpm x86_64: java-1.6.0-openjdk-1.6.0.0-1.43.1.10.6.el6_2.x86_64.rpm java-1.6.0-openjdk-debuginfo-1.6.0.0-1.43.1.10.6.el6_2.x86_64.rpm java-1.6.0-openjdk-devel-1.6.0.0-1.43.1.10.6.el6_2.x86_64.rpm java-1.6.0-openjdk-javadoc-1.6.0.0-1.43.1.10.6.el6_2.x86_64.rpm Red Hat Enterprise Linux Workstation Optional (v. 6): Source: i386: java-1.6.0-openjdk-debuginfo-1.6.0.0-1.43.1.10.6.el6_2.i686.rpm java-1.6.0-openjdk-demo-1.6.0.0-1.43.1.10.6.el6_2.i686.rpm java-1.6.0-openjdk-src-1.6.0.0-1.43.1.10.6.el6_2.i686.rpm x86_64: java-1.6.0-openjdk-debuginfo-1.6.0.0-1.43.1.10.6.el6_2.x86_64.rpm java-1.6.0-openjdk-demo-1.6.0.0-1.43.1.10.6.el6_2.x86_64.rpm java-1.6.0-openjdk-src-1.6.0.0-1.43.1.10.6.el6_2.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details onhow to verify the signature are available from https://access.redhat.com/security/team/key#package 7. References: https://access.redhat.com/security/cve/CVE-2011-3563 https://access.redhat.com/security/cve/CVE-2011-3571 https://access.redhat.com/security/cve/CVE-2011-5035 https://access.redhat.com/security/cve/CVE-2012-0497 https://access.redhat.com/security/cve/CVE-2012-0501 https://access.redhat.com/security/cve/CVE-2012-0502 https://access.redhat.com/security/cve/CVE-2012-0503 https://access.redhat.com/security/cve/CVE-2012-0505 https://access.redhat.com/security/cve/CVE-2012-0506 https://access.redhat.com/security/updates/classification#critical https://www.oracle.com/security-alerts/javacpufeb2012.html 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact Copyright 2012 Red Hat, Inc. . New java-1.6.0-openjdk updates issued for Red Hat Enterprise Linux 6 resolving major security vulnerabilities.. Java Update, Red Hat Security, OpenJDK Update, Critical Security Fix. . Severity: Critical. LinuxSecurity.com Team

Feb 14, 2012 •Critical Red Hat

Community Poll

More Polls

Stay Secure with the Latest Linux Advisories

Debian Dovecot High Severity Service Disruption Info Leak Flaw DLA-4617-1

Debian 11 gsasl Critical DoS Threat Advisory DLA-4618-1 CVE-2026-48829

SUSE MozillaThunderbird Important Memory Safety Fix Advisory 2026-2271-1

SUSE Linux Micro 6.0 Ignition Key HTTP Transport Loop Patch 2026-21987-1

SUSE Linux Micro 6.0 Important Libzypp Libsolv Security Update 2026-21988-1

SUSE Google-Guest-Agent Important Security Update 2026-21989-1

SUSE Linux Micro Important Salt Multi-Linux Manager Vuln 2026-21990-1

SUSE Linux Micro Critical Ignition Patch CVE-2026-33814

SUSE Linux Micro 6.1 Security Update for libzypp libsolv Key 2026-21992-1

Refine advisories

Get the latest News and Insights

Community Poll

What got you started with Linux?

Trending News

Ubuntu 25.10 kmod Critical Algif_aead Privilege Escalation USN-8226-1

Ubuntu 26.04 LTS nginx Critical Denial of Service 2026-42945

Ubuntu 26.04 Docker Critical Security Threats USN-8230-1 CVE-2026-33747

Debian OpenSSH Critical DSA-6204-1 CVE-2026-3497 Remote DoS Execution

Explore Latest Linux Security advisories

openSUSE 15.3 & 15.4: Security Update for OpenJDK Java 1.8 Important Patch

Red Hat Enterprise Linux 7 RHSA-2021-2784-01 Critical Java Security

RedHat Enterprise Linux 7: RHSA-2020-1512:01 Important: OpenJDK TLS Issue

RedHat: RHSA-2020-0123-01 Critical: OpenJDK 8 Vulnerability Fix

Red Hat Enterprise Linux 6 Critical: RHSA-2016-2659-01 Java Security Update

Red Hat: RHSA-2012:1466-01 Critical: IBM Java Update Security Issue

Red Hat: RHSA-2012-1391-01 Critical: Java Security Issue

Red Hat 6 RHSA-2012:0135-01 Critical: OpenJDK Java Security Issue

Get the latest News and Insights

Community Poll

What got you started with Linux?

Trending News

Ubuntu 25.10 kmod Critical Algif_aead Privilege Escalation USN-8226-1

Ubuntu 26.04 LTS nginx Critical Denial of Service 2026-42945

Ubuntu 26.04 Docker Critical Security Threats USN-8230-1 CVE-2026-33747

Debian OpenSSH Critical DSA-6204-1 CVE-2026-3497 Remote DoS Execution

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

Stay Secure with the Latest Linux Advisories

Debian Dovecot High Severity Service Disruption Info Leak Flaw DLA-4617-1

Debian 11 gsasl Critical DoS Threat Advisory DLA-4618-1 CVE-2026-48829

SUSE MozillaThunderbird Important Memory Safety Fix Advisory 2026-2271-1

SUSE Linux Micro 6.0 Ignition Key HTTP Transport Loop Patch 2026-21987-1

SUSE Linux Micro 6.0 Important Libzypp Libsolv Security Update 2026-21988-1

SUSE Google-Guest-Agent Important Security Update 2026-21989-1

SUSE Linux Micro Important Salt Multi-Linux Manager Vuln 2026-21990-1

SUSE Linux Micro Critical Ignition Patch CVE-2026-33814

SUSE Linux Micro 6.1 Security Update for libzypp libsolv Key 2026-21992-1

Refine advisories

severity

Topics

Distro

Published Date

Get the latest News and Insights

Community Poll

What got you started with Linux?

Trending News

Explore Latest Linux Security advisories

Get the latest News and Insights

Community Poll

What got you started with Linux?

Trending News

Search Topics

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!