Alerts This Week
Warning Icon 1 566
Alerts This Week
Warning Icon 1 566

Stay Secure with the Latest Linux Advisories

Fedora Large Esm H800
Fedora

Fedora 44 Transmission 4.1.2 Important Clickjacking Fix CVE-2026-38978

Calendar White Jun 05, 2026
Important
Fedora Large Esm H900
Fedora

Fedora 44 libre 4.8.1 Critical Update Details for Real-Time Communication

Calendar White Jun 05, 2026
Important
Fedora Large Esm H900
Fedora

Fedora 44 NextCloud Update Denial of Service JSON Tampering 2026-30881a5be7

Calendar White Jun 05, 2026
Important
Fedora Large Esm H800
Fedora

Fedora 44 python-starlette Security Fix for CVE-2026-48710

Calendar White Jun 05, 2026
Critical
Fedora Large Esm H900
Fedora

Fedora 44 perl-Cpanel-JSON-XS Moderate Denial of Service CVE-2026-9516

Calendar White Jun 05, 2026
Important
Fedora Large Esm H900
Fedora

Fedora 44 rubygem-yard High Path Traversal Fix Vuln 2026-acefc1fe48

Calendar White Jun 05, 2026
high
Fedora Large Esm H800
Fedora

Fedora 44 Rust Sequoia Sop Low-Severity Fix Advisory 2026-5c5f4f40a4

Calendar White Jun 05, 2026
Low
Fedora Large Esm H900
Fedora

Fedora 44 rust-sequoia-sq Low Threat Security Advisory 2026-5c5f4f40a4

Calendar White Jun 05, 2026
Low
Fedora Large Esm H900
Fedora

Fedora 44 rust-sequoia-wot Low Severity Security Fix 2026-5c5f4f40a4

Calendar White Jun 05, 2026
Low
Filter Icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":545,"type":"x","order":1,"pct":78.42,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.32,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.89,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.37,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found -6 articles for you...
98
Ls Advisories Redhat Esm H240
Price Tag 1security advisorysecurity issuered hat

Red Hat: RHSA-2021-2845 Important: Java Update Addresses Multiple Issues

An update for java-1.8.0-openjdk is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ==================================================================== Red Hat Security Advisory Synopsis: Important: java-1.8.0-openjdk security and bug fix update Advisory ID: RHSA-2021:2845-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2021:2845 Issue date: 2021-07-21 CVE Names: CVE-2021-2341 CVE-2021-2369 CVE-2021-2388 ==================================================================== 1. Summary: An update for java-1.8.0-openjdk is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Client (v. 7) - x86_64 Red Hat Enterprise Linux Client Optional (v. 7) - noarch, x86_64 Red Hat Enterprise Linux ComputeNode (v. 7) - x86_64 Red Hat Enterprise Linux ComputeNode Optional (v. 7) - noarch, x86_64 Red Hat Enterprise Linux Server (v. 7) - ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Server Optional (v. 7) - noarch, ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Workstation (v. 7) - x86_64 Red Hat Enterprise Linux Workstation Optional (v. 7) - noarch, x86_64 3. Description: The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Security Fix(es): * OpenJDK: Incorrect comparison during range check elimination (Hotspot, 8264066) (CVE-2021-2388) * OpenJDK: FTP PASV command response can cause FtpClient to connect to arbitraryhost (Networking, 8258432) (CVE-2021-2341) * OpenJDK: Incorrect verification of JAR files with multiple MANIFEST.MF files (Library, 8260967) (CVE-2021-2369) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Bug Fix(es): * JDK-8266279: 8u292 NoSuchAlgorithmException unrecognized algorithm name: PBEWithSHA1AndDESede (BZ#1960024) 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 All running instances of OpenJDK Java must be restarted for this update to take effect. 5. Bugs fixed (https://bugzilla.redhat.com/): 1960024 - JDK-8266279: 8u292 NoSuchAlgorithmException unrecognized algorithm name: PBEWithSHA1AndDESede 1967809 - Prepare for the next quarterly OpenJDK upstream release (2021-07, 8u302) [rhel-7] 1982874 - CVE-2021-2341 OpenJDK: FTP PASV command response can cause FtpClient to connect to arbitrary host (Networking, 8258432) 1982879 - CVE-2021-2369 OpenJDK: Incorrect verification of JAR files with multiple MANIFEST.MF files (Library, 8260967) 1983075 - CVE-2021-2388 OpenJDK: Incorrect comparison during range check elimination (Hotspot, 8264066) 6. Package List: Red Hat Enterprise Linux Client (v. 7): Source: java-1.8.0-openjdk-1.8.0.302.b08-0.el7_9.src.rpm x86_64: java-1.8.0-openjdk-1.8.0.302.b08-0.el7_9.i686.rpm java-1.8.0-openjdk-1.8.0.302.b08-0.el7_9.x86_64.rpm java-1.8.0-openjdk-debuginfo-1.8.0.302.b08-0.el7_9.i686.rpm java-1.8.0-openjdk-debuginfo-1.8.0.302.b08-0.el7_9.x86_64.rpm java-1.8.0-openjdk-headless-1.8.0.302.b08-0.el7_9.i686.rpm java-1.8.0-openjdk-headless-1.8.0.302.b08-0.el7_9.x86_64.rpm Red Hat Enterprise Linux Client Optional (v.7): noarch: java-1.8.0-openjdk-javadoc-1.8.0.302.b08-0.el7_9.noarch.rpm java-1.8.0-openjdk-javadoc-zip-1.8.0.302.b08-0.el7_9.noarch.rpm x86_64: java-1.8.0-openjdk-accessibility-1.8.0.302.b08-0.el7_9.i686.rpm java-1.8.0-openjdk-accessibility-1.8.0.302.b08-0.el7_9.x86_64.rpm java-1.8.0-openjdk-debuginfo-1.8.0.302.b08-0.el7_9.i686.rpm java-1.8.0-openjdk-debuginfo-1.8.0.302.b08-0.el7_9.x86_64.rpm java-1.8.0-openjdk-demo-1.8.0.302.b08-0.el7_9.i686.rpm java-1.8.0-openjdk-demo-1.8.0.302.b08-0.el7_9.x86_64.rpm java-1.8.0-openjdk-devel-1.8.0.302.b08-0.el7_9.i686.rpm java-1.8.0-openjdk-devel-1.8.0.302.b08-0.el7_9.x86_64.rpm java-1.8.0-openjdk-src-1.8.0.302.b08-0.el7_9.i686.rpm java-1.8.0-openjdk-src-1.8.0.302.b08-0.el7_9.x86_64.rpm Red Hat Enterprise Linux ComputeNode (v. 7): Source: java-1.8.0-openjdk-1.8.0.302.b08-0.el7_9.src.rpm x86_64: java-1.8.0-openjdk-1.8.0.302.b08-0.el7_9.i686.rpm java-1.8.0-openjdk-1.8.0.302.b08-0.el7_9.x86_64.rpm java-1.8.0-openjdk-debuginfo-1.8.0.302.b08-0.el7_9.i686.rpm java-1.8.0-openjdk-debuginfo-1.8.0.302.b08-0.el7_9.x86_64.rpm java-1.8.0-openjdk-headless-1.8.0.302.b08-0.el7_9.i686.rpm java-1.8.0-openjdk-headless-1.8.0.302.b08-0.el7_9.x86_64.rpm Red Hat Enterprise Linux ComputeNode Optional (v. 7): noarch: java-1.8.0-openjdk-javadoc-1.8.0.302.b08-0.el7_9.noarch.rpm java-1.8.0-openjdk-javadoc-zip-1.8.0.302.b08-0.el7_9.noarch.rpm x86_64: java-1.8.0-openjdk-accessibility-1.8.0.302.b08-0.el7_9.i686.rpm java-1.8.0-openjdk-accessibility-1.8.0.302.b08-0.el7_9.x86_64.rpm java-1.8.0-openjdk-debuginfo-1.8.0.302.b08-0.el7_9.i686.rpm java-1.8.0-openjdk-debuginfo-1.8.0.302.b08-0.el7_9.x86_64.rpm java-1.8.0-openjdk-demo-1.8.0.302.b08-0.el7_9.i686.rpm java-1.8.0-openjdk-demo-1.8.0.302.b08-0.el7_9.x86_64.rpm java-1.8.0-openjdk-devel-1.8.0.302.b08-0.el7_9.i686.rpm java-1.8.0-openjdk-devel-1.8.0.302.b08-0.el7_9.x86_64.rpm java-1.8.0-openjdk-src-1.8.0.302.b08-0.el7_9.i686.rpm java-1.8.0-openjdk-src-1.8.0.302.b08-0.el7_9.x86_64.rpm Red Hat Enterprise Linux Server (v.7): Source: java-1.8.0-openjdk-1.8.0.302.b08-0.el7_9.src.rpm ppc64: java-1.8.0-openjdk-1.8.0.302.b08-0.el7_9.ppc64.rpm java-1.8.0-openjdk-debuginfo-1.8.0.302.b08-0.el7_9.ppc64.rpm java-1.8.0-openjdk-devel-1.8.0.302.b08-0.el7_9.ppc64.rpm java-1.8.0-openjdk-headless-1.8.0.302.b08-0.el7_9.ppc64.rpm ppc64le: java-1.8.0-openjdk-1.8.0.302.b08-0.el7_9.ppc64le.rpm java-1.8.0-openjdk-debuginfo-1.8.0.302.b08-0.el7_9.ppc64le.rpm java-1.8.0-openjdk-devel-1.8.0.302.b08-0.el7_9.ppc64le.rpm java-1.8.0-openjdk-headless-1.8.0.302.b08-0.el7_9.ppc64le.rpm s390x: java-1.8.0-openjdk-1.8.0.302.b08-0.el7_9.s390x.rpm java-1.8.0-openjdk-debuginfo-1.8.0.302.b08-0.el7_9.s390x.rpm java-1.8.0-openjdk-devel-1.8.0.302.b08-0.el7_9.s390x.rpm java-1.8.0-openjdk-headless-1.8.0.302.b08-0.el7_9.s390x.rpm x86_64: java-1.8.0-openjdk-1.8.0.302.b08-0.el7_9.i686.rpm java-1.8.0-openjdk-1.8.0.302.b08-0.el7_9.x86_64.rpm java-1.8.0-openjdk-debuginfo-1.8.0.302.b08-0.el7_9.i686.rpm java-1.8.0-openjdk-debuginfo-1.8.0.302.b08-0.el7_9.x86_64.rpm java-1.8.0-openjdk-devel-1.8.0.302.b08-0.el7_9.i686.rpm java-1.8.0-openjdk-devel-1.8.0.302.b08-0.el7_9.x86_64.rpm java-1.8.0-openjdk-headless-1.8.0.302.b08-0.el7_9.i686.rpm java-1.8.0-openjdk-headless-1.8.0.302.b08-0.el7_9.x86_64.rpm Red Hat Enterprise Linux Server Optional (v.7): noarch: java-1.8.0-openjdk-javadoc-1.8.0.302.b08-0.el7_9.noarch.rpm java-1.8.0-openjdk-javadoc-zip-1.8.0.302.b08-0.el7_9.noarch.rpm ppc64: java-1.8.0-openjdk-accessibility-1.8.0.302.b08-0.el7_9.ppc64.rpm java-1.8.0-openjdk-debuginfo-1.8.0.302.b08-0.el7_9.ppc64.rpm java-1.8.0-openjdk-demo-1.8.0.302.b08-0.el7_9.ppc64.rpm java-1.8.0-openjdk-src-1.8.0.302.b08-0.el7_9.ppc64.rpm ppc64le: java-1.8.0-openjdk-accessibility-1.8.0.302.b08-0.el7_9.ppc64le.rpm java-1.8.0-openjdk-debuginfo-1.8.0.302.b08-0.el7_9.ppc64le.rpm java-1.8.0-openjdk-demo-1.8.0.302.b08-0.el7_9.ppc64le.rpm java-1.8.0-openjdk-src-1.8.0.302.b08-0.el7_9.ppc64le.rpm s390x: java-1.8.0-openjdk-accessibility-1.8.0.302.b08-0.el7_9.s390x.rpm java-1.8.0-openjdk-debuginfo-1.8.0.302.b08-0.el7_9.s390x.rpm java-1.8.0-openjdk-demo-1.8.0.302.b08-0.el7_9.s390x.rpm java-1.8.0-openjdk-src-1.8.0.302.b08-0.el7_9.s390x.rpm x86_64: java-1.8.0-openjdk-accessibility-1.8.0.302.b08-0.el7_9.i686.rpm java-1.8.0-openjdk-accessibility-1.8.0.302.b08-0.el7_9.x86_64.rpm java-1.8.0-openjdk-debuginfo-1.8.0.302.b08-0.el7_9.i686.rpm java-1.8.0-openjdk-debuginfo-1.8.0.302.b08-0.el7_9.x86_64.rpm java-1.8.0-openjdk-demo-1.8.0.302.b08-0.el7_9.i686.rpm java-1.8.0-openjdk-demo-1.8.0.302.b08-0.el7_9.x86_64.rpm java-1.8.0-openjdk-src-1.8.0.302.b08-0.el7_9.i686.rpm java-1.8.0-openjdk-src-1.8.0.302.b08-0.el7_9.x86_64.rpm Red Hat Enterprise Linux Workstation (v. 7): Source: java-1.8.0-openjdk-1.8.0.302.b08-0.el7_9.src.rpm x86_64: java-1.8.0-openjdk-1.8.0.302.b08-0.el7_9.i686.rpm java-1.8.0-openjdk-1.8.0.302.b08-0.el7_9.x86_64.rpm java-1.8.0-openjdk-debuginfo-1.8.0.302.b08-0.el7_9.i686.rpm java-1.8.0-openjdk-debuginfo-1.8.0.302.b08-0.el7_9.x86_64.rpm java-1.8.0-openjdk-devel-1.8.0.302.b08-0.el7_9.i686.rpm java-1.8.0-openjdk-devel-1.8.0.302.b08-0.el7_9.x86_64.rpm java-1.8.0-openjdk-headless-1.8.0.302.b08-0.el7_9.i686.rpm java-1.8.0-openjdk-headless-1.8.0.302.b08-0.el7_9.x86_64.rpm Red Hat Enterprise Linux Workstation Optional (v.7): noarch: java-1.8.0-openjdk-javadoc-1.8.0.302.b08-0.el7_9.noarch.rpm java-1.8.0-openjdk-javadoc-zip-1.8.0.302.b08-0.el7_9.noarch.rpm x86_64: java-1.8.0-openjdk-accessibility-1.8.0.302.b08-0.el7_9.i686.rpm java-1.8.0-openjdk-accessibility-1.8.0.302.b08-0.el7_9.x86_64.rpm java-1.8.0-openjdk-debuginfo-1.8.0.302.b08-0.el7_9.i686.rpm java-1.8.0-openjdk-debuginfo-1.8.0.302.b08-0.el7_9.x86_64.rpm java-1.8.0-openjdk-demo-1.8.0.302.b08-0.el7_9.i686.rpm java-1.8.0-openjdk-demo-1.8.0.302.b08-0.el7_9.x86_64.rpm java-1.8.0-openjdk-src-1.8.0.302.b08-0.el7_9.i686.rpm java-1.8.0-openjdk-src-1.8.0.302.b08-0.el7_9.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key 7. References: https://access.redhat.com/security/cve/CVE-2021-2341 https://access.redhat.com/security/cve/CVE-2021-2369 https://access.redhat.com/security/cve/CVE-2021-2388 https://access.redhat.com/security/updates/classification#important 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact Copyright 2021 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIVAwUBYPgYN9zjgjWX9erEAQhZixAAm4aIwkauLPfR1KYok9A6Lgb5eAGyBjXE g8/H42TUhEw99okpGCCAnp+p2VDSLlldJBmhKHKyXCxYnE/1pMs/ggxYWVXVLJ83 P5hSzPTASxLbgrEIxJiAvwl7Bd5P28KinAWFY8rR8vVweL0dRiHMN4qZ3BQ9bR22 Xm7jQQjFamm0+fOAwAMvrWTqH8iB9Bf4JigfkgaJox16oHDP8mBzvFfV9cBWvSnq ZWp2slyZMYfcSvF+EiOHoLr/Z5insb5bsiD7imhH60etXvleY5qPthKV6EuM3X+b ghGphTnLGSq9CI6jeTkMWztR131QEb0+b+dTKk7MmK7xs9eKFQMHL1FScupPwRkY hbjnuum5MYkNBop+WgopMFhQ/m0ovRzKY1SAzjPO+qFmY3doZ5xbR8Zd6+MRyWwL yMC3eHEOwr1jvuLQZO7lfDdnV2dDBL4mDwYB+OMcAy2p2B1OdTIW/M6S0wfh34j9 JUd4uLk7GAPbkzuwGUaRCiyzjtG7PnbUV31Q+nSsbqxi/pT1o8dI96YkxXnRlETA leDZ9h7Gz8Fo/0aVYeANPCkC7j+2DrHG2y8D7SgWfcweuzmhnJGh6hp0735JiDJE tuSk8aykxH27ZdWjMgqoD8XZ5yQI9zKeU1/2eXCtPb/xJL3I6LKWfEWILBlUs0uP mSfM57mwADg=l7r3 -----END PGP SIGNATURE----- -- RHSA-announce mailinglist This email address is being protected from spambots. You need JavaScript enabled to view it. . Oracle issues a crucial security and bug resolution update for java-1.8.0-oracle, tackling numerous vulnerabilities.. Java Update, Red Hat Security, OpenJDK Bug Fix, Enterprise Linux Advisory. . Severity: Important. LinuxSecurity.com Team

Calendar 2 Jul 21, 2021 Important Red Hat
98
Ls Advisories Redhat Esm H240
Price Tag 1security advisorysecurity issuecritical

RHEL 6: RHSA-2013:0957-01 Critical: Java-1.7.0-OpenJDK Security Update

Updated java-1.7.0-openjdk packages that fix various security issues are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having critical [More...]. ==================================================================== Red Hat Security Advisory Synopsis: Critical: java-1.7.0-openjdk security update Advisory ID: RHSA-2013:0957-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2013:0957.html Issue date: 2013-06-19 CVE Names: CVE-2013-1500 CVE-2013-1571 CVE-2013-2407 CVE-2013-2412 CVE-2013-2443 CVE-2013-2444 CVE-2013-2445 CVE-2013-2446 CVE-2013-2447 CVE-2013-2448 CVE-2013-2449 CVE-2013-2450 CVE-2013-2452 CVE-2013-2453 CVE-2013-2454 CVE-2013-2455 CVE-2013-2456 CVE-2013-2457 CVE-2013-2458 CVE-2013-2459 CVE-2013-2460 CVE-2013-2461 CVE-2013-2463 CVE-2013-2465 CVE-2013-2469 CVE-2013-2470 CVE-2013-2471 CVE-2013-2472 CVE-2013-2473 ==================================================================== 1. Summary: Updated java-1.7.0-openjdk packages that fix various security issues are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Desktop (v. 6) - i386, x86_64 Red Hat Enterprise Linux Desktop Optional (v. 6) - i386, noarch, x86_64 Red Hat Enterprise Linux HPC Node (v. 6) - x86_64 Red Hat Enterprise Linux HPC Node Optional (v. 6) - noarch, x86_64 Red Hat Enterprise Linux Server (v. 6) - i386, x86_64 Red Hat Enterprise Linux Server Optional (v. 6) - i386, noarch,x86_64 Red Hat Enterprise Linux Workstation (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation Optional (v. 6) - i386, noarch, x86_64 3. Description: These packages provide the OpenJDK 7 Java Runtime Environment and the OpenJDK 7 Software Development Kit. Multiple flaws were discovered in the ImagingLib and the image attribute, channel, layout and raster processing in the 2D component. An untrusted Java application or applet could possibly use these flaws to trigger Java Virtual Machine memory corruption. (CVE-2013-2470, CVE-2013-2471, CVE-2013-2472, CVE-2013-2473, CVE-2013-2463, CVE-2013-2465, CVE-2013-2469) Integer overflow flaws were found in the way AWT processed certain input. An attacker could use these flaws to execute arbitrary code with the privileges of the user running an untrusted Java applet or application. (CVE-2013-2459) Multiple improper permission check issues were discovered in the Sound, JDBC, Libraries, JMX, and Serviceability components in OpenJDK. An untrusted Java application or applet could use these flaws to bypass Java sandbox restrictions. (CVE-2013-2448, CVE-2013-2454, CVE-2013-2458, CVE-2013-2457, CVE-2013-2453, CVE-2013-2460) Multiple flaws in the Serialization, Networking, Libraries and CORBA components can be exploited by an untrusted Java application or applet to gain access to potentially sensitive information. (CVE-2013-2456, CVE-2013-2447, CVE-2013-2455, CVE-2013-2452, CVE-2013-2443, CVE-2013-2446) It was discovered that the Hotspot component did not properly handle out-of-memory errors. An untrusted Java application or applet could possibly use these flaws to terminate the Java Virtual Machine. (CVE-2013-2445) It was discovered that the AWT component did not properly manage certain resources and that the ObjectStreamClass of the Serialization component did not properly handle circular references. An untrusted Java application or applet could possibly use these flaws to cause a denial of service. (CVE-2013-2444, CVE-2013-2450) It was discovered that theLibraries component contained certain errorsrelated to XML security and the class loader. A remote attacker could possibly exploit these flaws to bypass intended security mechanisms or disclose potentially sensitive information and cause a denial of service. (CVE-2013-2407, CVE-2013-2461) It was discovered that JConsole did not properly inform the user when establishing an SSL connection failed. An attacker could exploit this flaw to gain access to potentially sensitive information. (CVE-2013-2412) It was discovered that GnomeFileTypeDetector did not check for read permissions when accessing files. An untrusted Java application or applet could possibly use this flaw to disclose potentially sensitive information. (CVE-2013-2449) It was found that documentation generated by Javadoc was vulnerable to a frame injection attack. If such documentation was accessible over a network, and a remote attacker could trick a user into visiting a specially-crafted URL, it would lead to arbitrary web content being displayed next to the documentation. This could be used to perform a phishing attack by providing frame content that spoofed a login form on the site hosting the vulnerable documentation. (CVE-2013-1571) It was discovered that the 2D component created shared memory segments with insecure permissions. A local attacker could use this flaw to read or write to the shared memory segment. (CVE-2013-1500) Red Hat would like to thank Tim Brown for reporting CVE-2013-1500, and US-CERT for reporting CVE-2013-1571. US-CERT acknowledges Oracle as the original reporter of CVE-2013-1571. Note: If the web browser plug-in provided by the icedtea-web package was installed, the issues exposed via Java applets could have been exploited without user interaction if a user visited a malicious website. After installing this update, users of icedtea-web must install RHBA-2013:0959 for icedtea-web to continue functioning. This erratum also upgrades the OpenJDK package to IcedTea7 2.3.10. Refer to the NEWS file, linked to in theReferences, for further information. 4. Solution: All users of java-1.7.0-openjdk are advised to upgrade to these updated packages, which resolve these issues. All running instances of OpenJDK Java must be restarted for the update to take effect. Before applying this update, make sure all previously-released errata relevant to your system have been applied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/articles/11258 5. Bugs fixed (http://bugzilla.redhat.com/): 973474 - CVE-2013-1571 OpenJDK: Frame injection in generated HTML (Javadoc, 8012375) 975099 - CVE-2013-2470 OpenJDK: ImagingLib byte lookup processing (2D, 8011243) 975102 - CVE-2013-2471 OpenJDK: Incorrect IntegerComponentRaster size checks (2D, 8011248) 975107 - CVE-2013-2472 OpenJDK: Incorrect ShortBandedRaster size checks (2D, 8011253) 975110 - CVE-2013-2473 OpenJDK: Incorrect ByteBandedRaster size checks (2D, 8011257) 975115 - CVE-2013-2463 OpenJDK: Incorrect image attribute verification (2D, 8012438) 975118 - CVE-2013-2465 OpenJDK: Incorrect image channel verification (2D, 8012597) 975120 - CVE-2013-2469 OpenJDK: Incorrect image layout verification (2D, 8012601) 975121 - CVE-2013-2459 OpenJDK: Various AWT integer overflow checks (AWT, 8009071) 975122 - CVE-2013-2460 OpenJDK: tracing insufficient access checks (Serviceability, 8010209) 975124 - CVE-2013-2445 OpenJDK: Better handling of memory allocation errors (Hotspot, 7158805) 975125 - CVE-2013-2448 OpenJDK: Better access restrictions (Sound, 8006328) 975126 - CVE-2013-2461 OpenJDK: Missing check for valid DOMCanonicalizationMethod canonicalization algorithm (Libraries, 8014281) 975127 - CVE-2013-2407 OpenJDK: Integrate Apache Santuario, rework class loader (Libraries, 6741606, 8008744) 975129 - CVE-2013-2454 OpenJDK: SerialJavaObject package restriction (JDBC, 8009554) 975130 - CVE-2013-2458 OpenJDK: Method handles (Libraries, 8009424) 975131 - CVE-2013-2444 OpenJDK: Resource denialof service (AWT, 8001038) 975132 - CVE-2013-2446 OpenJDK: output stream access restrictions (CORBA, 8000642) 975133 - CVE-2013-2457 OpenJDK: Proper class checking (JMX, 8008120) 975134 - CVE-2013-2453 OpenJDK: MBeanServer Introspector package access (JMX, 8008124) 975137 - CVE-2013-2443 OpenJDK: AccessControlContext check order issue (Libraries, 8001330) 975138 - CVE-2013-2452 OpenJDK: Unique VMIDs(Libraries, 8001033) 975139 - CVE-2013-2455 OpenJDK: getEnclosing* checks (Libraries, 8007812) 975140 - CVE-2013-2447 OpenJDK: Prevent revealing the local address (Networking, 8001318) 975141 - CVE-2013-2450 OpenJDK: ObjectStreamClass circular reference denial of service (Serialization, 8000638) 975142 - CVE-2013-2456 OpenJDK: ObjectOutputStream access checks (Serialization, 8008132) 975144 - CVE-2013-2412 OpenJDK: JConsole SSL support (Serviceability, 8003703) 975145 - CVE-2013-2449 OpenJDK: GnomeFileTypeDetector path access check(Libraries, 8004288) 975148 - CVE-2013-1500 OpenJDK: Insecure shared memory permissions (2D, 8001034) 6. Package List: Red Hat Enterprise Linux Desktop (v. 6): Source: i386: java-1.7.0-openjdk-1.7.0.25-2.3.10.3.el6_4.i686.rpm java-1.7.0-openjdk-debuginfo-1.7.0.25-2.3.10.3.el6_4.i686.rpm x86_64: java-1.7.0-openjdk-1.7.0.25-2.3.10.3.el6_4.x86_64.rpm java-1.7.0-openjdk-debuginfo-1.7.0.25-2.3.10.3.el6_4.x86_64.rpm Red Hat Enterprise Linux Desktop Optional (v. 6): Source: i386: java-1.7.0-openjdk-debuginfo-1.7.0.25-2.3.10.3.el6_4.i686.rpm java-1.7.0-openjdk-demo-1.7.0.25-2.3.10.3.el6_4.i686.rpm java-1.7.0-openjdk-devel-1.7.0.25-2.3.10.3.el6_4.i686.rpm java-1.7.0-openjdk-src-1.7.0.25-2.3.10.3.el6_4.i686.rpm noarch: java-1.7.0-openjdk-javadoc-1.7.0.25-2.3.10.3.el6_4.noarch.rpm x86_64: java-1.7.0-openjdk-debuginfo-1.7.0.25-2.3.10.3.el6_4.x86_64.rpm java-1.7.0-openjdk-demo-1.7.0.25-2.3.10.3.el6_4.x86_64.rpm java-1.7.0-openjdk-devel-1.7.0.25-2.3.10.3.el6_4.x86_64.rpm java-1.7.0-openjdk-src-1.7.0.25-2.3.10.3.el6_4.x86_64.rpm Red Hat Enterprise Linux HPC Node (v.6): Source: x86_64: java-1.7.0-openjdk-1.7.0.25-2.3.10.3.el6_4.x86_64.rpm java-1.7.0-openjdk-debuginfo-1.7.0.25-2.3.10.3.el6_4.x86_64.rpm Red Hat Enterprise Linux HPC Node Optional (v. 6): Source: noarch: java-1.7.0-openjdk-javadoc-1.7.0.25-2.3.10.3.el6_4.noarch.rpm x86_64: java-1.7.0-openjdk-debuginfo-1.7.0.25-2.3.10.3.el6_4.x86_64.rpm java-1.7.0-openjdk-demo-1.7.0.25-2.3.10.3.el6_4.x86_64.rpm java-1.7.0-openjdk-devel-1.7.0.25-2.3.10.3.el6_4.x86_64.rpm java-1.7.0-openjdk-src-1.7.0.25-2.3.10.3.el6_4.x86_64.rpm Red Hat Enterprise Linux Server (v. 6): Source: i386: java-1.7.0-openjdk-1.7.0.25-2.3.10.3.el6_4.i686.rpm java-1.7.0-openjdk-debuginfo-1.7.0.25-2.3.10.3.el6_4.i686.rpm java-1.7.0-openjdk-devel-1.7.0.25-2.3.10.3.el6_4.i686.rpm x86_64: java-1.7.0-openjdk-1.7.0.25-2.3.10.3.el6_4.x86_64.rpm java-1.7.0-openjdk-debuginfo-1.7.0.25-2.3.10.3.el6_4.x86_64.rpm java-1.7.0-openjdk-devel-1.7.0.25-2.3.10.3.el6_4.x86_64.rpm Red Hat Enterprise Linux Server Optional (v. 6): Source: i386: java-1.7.0-openjdk-debuginfo-1.7.0.25-2.3.10.3.el6_4.i686.rpm java-1.7.0-openjdk-demo-1.7.0.25-2.3.10.3.el6_4.i686.rpm java-1.7.0-openjdk-src-1.7.0.25-2.3.10.3.el6_4.i686.rpm noarch: java-1.7.0-openjdk-javadoc-1.7.0.25-2.3.10.3.el6_4.noarch.rpm x86_64: java-1.7.0-openjdk-debuginfo-1.7.0.25-2.3.10.3.el6_4.x86_64.rpm java-1.7.0-openjdk-demo-1.7.0.25-2.3.10.3.el6_4.x86_64.rpm java-1.7.0-openjdk-src-1.7.0.25-2.3.10.3.el6_4.x86_64.rpm Red Hat Enterprise Linux Workstation (v. 6): Source: i386: java-1.7.0-openjdk-1.7.0.25-2.3.10.3.el6_4.i686.rpm java-1.7.0-openjdk-debuginfo-1.7.0.25-2.3.10.3.el6_4.i686.rpm java-1.7.0-openjdk-devel-1.7.0.25-2.3.10.3.el6_4.i686.rpm x86_64: java-1.7.0-openjdk-1.7.0.25-2.3.10.3.el6_4.x86_64.rpm java-1.7.0-openjdk-debuginfo-1.7.0.25-2.3.10.3.el6_4.x86_64.rpm java-1.7.0-openjdk-devel-1.7.0.25-2.3.10.3.el6_4.x86_64.rpm Red Hat Enterprise Linux Workstation Optional (v.6): Source: i386: java-1.7.0-openjdk-debuginfo-1.7.0.25-2.3.10.3.el6_4.i686.rpm java-1.7.0-openjdk-demo-1.7.0.25-2.3.10.3.el6_4.i686.rpm java-1.7.0-openjdk-src-1.7.0.25-2.3.10.3.el6_4.i686.rpm noarch: java-1.7.0-openjdk-javadoc-1.7.0.25-2.3.10.3.el6_4.noarch.rpm x86_64: java-1.7.0-openjdk-debuginfo-1.7.0.25-2.3.10.3.el6_4.x86_64.rpm java-1.7.0-openjdk-demo-1.7.0.25-2.3.10.3.el6_4.x86_64.rpm java-1.7.0-openjdk-src-1.7.0.25-2.3.10.3.el6_4.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key#package 7.References: https://access.redhat.com/security/cve/CVE-2013-1500 https://access.redhat.com/security/cve/CVE-2013-1571 https://access.redhat.com/security/cve/CVE-2013-2407 https://access.redhat.com/security/cve/CVE-2013-2412 https://access.redhat.com/security/cve/CVE-2013-2443 https://access.redhat.com/security/cve/CVE-2013-2444 https://access.redhat.com/security/cve/CVE-2013-2445 https://access.redhat.com/security/cve/CVE-2013-2446 https://access.redhat.com/security/cve/CVE-2013-2447 https://access.redhat.com/security/cve/CVE-2013-2448 https://access.redhat.com/security/cve/CVE-2013-2449 https://access.redhat.com/security/cve/CVE-2013-2450 https://access.redhat.com/security/cve/CVE-2013-2452 https://access.redhat.com/security/cve/CVE-2013-2453 https://access.redhat.com/security/cve/CVE-2013-2454 https://access.redhat.com/security/cve/CVE-2013-2455 https://access.redhat.com/security/cve/CVE-2013-2456 https://access.redhat.com/security/cve/CVE-2013-2457 https://access.redhat.com/security/cve/CVE-2013-2458 https://access.redhat.com/security/cve/CVE-2013-2459 https://access.redhat.com/security/cve/CVE-2013-2460 https://access.redhat.com/security/cve/CVE-2013-2461 https://access.redhat.com/security/cve/CVE-2013-2463 https://access.redhat.com/security/cve/CVE-2013-2465 https://access.redhat.com/security/cve/CVE-2013-2469 https://access.redhat.com/security/cve/CVE-2013-2470 https://access.redhat.com/security/cve/CVE-2013-2471 https://access.redhat.com/security/cve/CVE-2013-2472 https://access.redhat.com/security/cve/CVE-2013-2473 https://access.redhat.com/security/updates/classification#critical https://access.redhat.com/errata/RHBA-2013:0959.html 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact Copyright 2013 Red Hat, Inc. . Essential enhancement for java-1.7.0-openjdk packages to rectify various security vulnerabilities in RHEL 6 settings.. Red Hat Enterprise Linux, java security patch, java update, openjdk fixes. . Severity: Critical.LinuxSecurity.com Team

Calendar 2 Jun 19, 2013 Critical Red Hat
Banner 1 1028x280 1708121660 1771599717
98
Ls Advisories Redhat Esm H240
Price Tag 1security advisoryred hat enterpriseimportant fix

Red Hat 5: RHSA-2009:1201-01 Important: OpenJDK Security Fixes

Updated java-1.6.0-openjdk packages that fix several security issues and a bug are now available for Red Hat Enterprise Linux 5. This update has been rated as having important security impact by the Red Hat Security Response Team.. ==================================================================== Red Hat Security Advisory Synopsis: Important: java-1.6.0-openjdk security and bug fix update Advisory ID: RHSA-2009:1201-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2009:1201.html Issue date: 2009-08-06 CVE Names: CVE-2009-0217 CVE-2009-2475 CVE-2009-2476 CVE-2009-2625 CVE-2009-2670 CVE-2009-2671 CVE-2009-2672 CVE-2009-2673 CVE-2009-2674 CVE-2009-2675 CVE-2009-2689 CVE-2009-2690 ==================================================================== 1. Summary: Updated java-1.6.0-openjdk packages that fix several security issues and a bug are now available for Red Hat Enterprise Linux 5. This update has been rated as having important security impact by the Red Hat Security Response Team. 2. Relevant releases/architectures: Red Hat Enterprise Linux Desktop (v. 5 client) - i386, x86_64 Red Hat Enterprise Linux (v. 5 server) - i386, x86_64 3. Description: These packages provide the OpenJDK 6 Java Runtime Environment and the OpenJDK 6 Software Development Kit. The Java Runtime Environment (JRE) contains the software and tools that users need to run applications written using the Java programming language. A flaw was found in the way the XML Digital Signature implementation in the JRE handled HMAC-based XML signatures. An attacker could use this flaw to create a crafted signature that could allow them to bypass authentication, or trick a user, applet, or application into accepting untrusted content. (CVE-2009-0217) Several potential information leaks were found in various mutable static variables. These could be exploited in application scenariosthat execute untrusted scripting code. (CVE-2009-2475) It was discovered that OpenType checks can be bypassed. This could allow a rogue application to bypass access restrictions by acquiring references to privileged objects through finalizer resurrection. (CVE-2009-2476) A denial of service flaw was found in the way the JRE processes XML. A remote attacker could use this flaw to supply crafted XML that would lead to a denial of service. (CVE-2009-2625) A flaw was found in the JRE audio system. An untrusted applet or application could use this flaw to gain read access to restricted System properties. (CVE-2009-2670) Two flaws were found in the JRE proxy implementation. An untrusted applet or application could use these flaws to discover the usernames of usersrunning applets and applications, or obtain web browser cookies and use them for session hijacking attacks. (CVE-2009-2671, CVE-2009-2672) An additional flaw was found in the proxy mechanism implementation. This flaw allowed an untrusted applet or application to bypass access restrictions and communicate using non-authorized socket or URL connections to hosts other than the origin host. (CVE-2009-2673) An integer overflow flaw was found in the way the JRE processes JPEG images. An untrusted application could use this flaw to extend its privileges, allowing it to read and write local files, as well as to execute local applications with the privileges of the user running the application. (CVE-2009-2674) An integer overflow flaw was found in the JRE unpack200 functionality. An untrusted applet or application could extend its privileges, allowing it to read and write local files, as well as to execute local applications with the privileges of the user running the applet or application. (CVE-2009-2675) It was discovered that JDK13Services grants unnecessary privileges to certain object types. This could be misused by an untrusted applet or application to use otherwise restricted functionality. (CVE-2009-2689) An information disclosure flaw was found inthe way private Java variables were handled. An untrusted applet or application could use this flaw to obtain information from variables that would otherwise be private. (CVE-2009-2690) Note: The flaws concerning applets in this advisory, CVE-2009-2475, CVE-2009-2670, CVE-2009-2671, CVE-2009-2672, CVE-2009-2673, CVE-2009-2675, CVE-2009-2689, and CVE-2009-2690, can only be triggered in java-1.6.0-openjdk by calling the "appletviewer" application. This update also fixes the following bug: * the EVR in the java-1.6.0-openjdk package as shipped with Red Hat Enterprise Linux allowed the java-1.6.0-openjdk package from the EPEL repository to take precedence (appear newer). Users using java-1.6.0-openjdk from EPEL would not have received security updates since October 2008. This update prevents the packages from EPEL from taking precedence. (BZ#499079) All users of java-1.6.0-openjdk are advised to upgrade to these updated packages, which resolve these issues. All running instances of OpenJDK Java must be restarted for the update to take effect. 4. Solution: Before applying this update, make sure that all previously-released errata relevant to your system have been applied. This update is available via Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at 5. Bugs fixed (http://bugzilla.redhat.com/): 499079 - Bad EVR 511915 - CVE-2009-0217 xmlsec1, mono, xml-security-c, xml-security-1.3.0-1jpp.ep1.*: XMLDsig HMAC-based signatures spoofing and authentication bypass 512896 - CVE-2009-2670 OpenJDK Untrusted applet System properties access (6738524) 512907 - CVE-2009-2671 CVE-2009-2672 OpenJDK Proxy mechanism information leaks (6801071) 512914 - CVE-2009-2673 OpenJDK proxy mechanism allows non-authorized socket connections (6801497) 512915 - CVE-2009-2674 Java Web Start Buffer JPEG processing integer overflow (6823373) 512920 - CVE-2009-2675 Java Web Start Buffer unpack200 processing integer overflow (6830335) 512921 - CVE-2009-2625 OpenJDK XML parsing Denial-Of-Service(6845701) 513215 - CVE-2009-2475 OpenJDK information leaks in mutable variables (6588003,6656586,6656610,6656625,6657133,6657619,6657625,6657695,6660049,6660539,6813167) 513220 - CVE-2009-2476 OpenJDK OpenType checks can be bypassed (6736293) 513222 - CVE-2009-2689 OpenJDK JDK13Services grants unnecessary privileges (6777448) 513223 - CVE-2009-2690 OpenJDK private variable information disclosure (6777487) 6. Package List: Red Hat Enterprise Linux Desktop (v. 5 client): Source: i386: java-1.6.0-openjdk-1.6.0.0-1.2.b09.el5.i386.rpm java-1.6.0-openjdk-debuginfo-1.6.0.0-1.2.b09.el5.i386.rpm java-1.6.0-openjdk-demo-1.6.0.0-1.2.b09.el5.i386.rpm java-1.6.0-openjdk-devel-1.6.0.0-1.2.b09.el5.i386.rpm java-1.6.0-openjdk-javadoc-1.6.0.0-1.2.b09.el5.i386.rpm java-1.6.0-openjdk-src-1.6.0.0-1.2.b09.el5.i386.rpm x86_64: java-1.6.0-openjdk-1.6.0.0-1.2.b09.el5.x86_64.rpm java-1.6.0-openjdk-debuginfo-1.6.0.0-1.2.b09.el5.x86_64.rpm java-1.6.0-openjdk-demo-1.6.0.0-1.2.b09.el5.x86_64.rpm java-1.6.0-openjdk-devel-1.6.0.0-1.2.b09.el5.x86_64.rpm java-1.6.0-openjdk-javadoc-1.6.0.0-1.2.b09.el5.x86_64.rpm java-1.6.0-openjdk-src-1.6.0.0-1.2.b09.el5.x86_64.rpm Red Hat Enterprise Linux (v. 5 server): Source: i386: java-1.6.0-openjdk-1.6.0.0-1.2.b09.el5.i386.rpm java-1.6.0-openjdk-debuginfo-1.6.0.0-1.2.b09.el5.i386.rpm java-1.6.0-openjdk-demo-1.6.0.0-1.2.b09.el5.i386.rpm java-1.6.0-openjdk-devel-1.6.0.0-1.2.b09.el5.i386.rpm java-1.6.0-openjdk-javadoc-1.6.0.0-1.2.b09.el5.i386.rpm java-1.6.0-openjdk-src-1.6.0.0-1.2.b09.el5.i386.rpm x86_64: java-1.6.0-openjdk-1.6.0.0-1.2.b09.el5.x86_64.rpm java-1.6.0-openjdk-debuginfo-1.6.0.0-1.2.b09.el5.x86_64.rpm java-1.6.0-openjdk-demo-1.6.0.0-1.2.b09.el5.x86_64.rpm java-1.6.0-openjdk-devel-1.6.0.0-1.2.b09.el5.x86_64.rpm java-1.6.0-openjdk-javadoc-1.6.0.0-1.2.b09.el5.x86_64.rpm java-1.6.0-openjdk-src-1.6.0.0-1.2.b09.el5.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are availablefrom https://access.redhat.com/security/team/key#package 7. References: https://www.cve.org/CVERecord?id=CVE-2009-0217 https://www.cve.org/CVERecord?id=CVE-2009-2475 https://www.cve.org/CVERecord?id=CVE-2009-2476 https://www.cve.org/CVERecord?id=CVE-2009-2625 https://www.cve.org/CVERecord?id=CVE-2009-2670 https://www.cve.org/CVERecord?id=CVE-2009-2671 https://www.cve.org/CVERecord?id=CVE-2009-2672 https://www.cve.org/CVERecord?id=CVE-2009-2673 https://www.cve.org/CVERecord?id=CVE-2009-2674 https://www.cve.org/CVERecord?id=CVE-2009-2675 https://www.cve.org/CVERecord?id=CVE-2009-2689 https://www.cve.org/CVERecord?id=CVE-2009-2690 https://access.redhat.com/security/updates/classification#important https://blogs.oracle.com/failaction/404.html 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact Copyright 2009 Red Hat, Inc. . Red Hat has released critical security advisories for java-1.6.0-openjdk, urging system admins to apply updates to mitigate risks and secure systems. Java Security Updates, OpenJDK Fixes, Red Hat Enterprise Security. . Severity: Important. LinuxSecurity.com Team

Calendar 2 Aug 06, 2009 Important Red Hat
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":545,"type":"x","order":1,"pct":78.42,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.32,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.89,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.37,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200

Search Topics

Your message here