ELSA-2011-0857

Описание

[1:1.6.0.0-1.22.1.9.8.0.1.el5_6]

• Add oracle-enterprise.patch

[1:1.6.0.0-1.22.1.9.8]

• Resolves: rhbz#668488
• Bumped to IcedTea6 1.9.8
• RH706250, S6213702, CVE-2011-0872: (so) non-blocking sockets with TCP urgent disabled get still selected for read ops (win)
• RH706106, S6618658, CVE-2011-0865: Vulnerability in deserialization
• RH706111, S7012520, CVE-2011-0815: Heap overflow vulnerability in FileDialog.show()
• RH706139, S7013519, CVE-2011-0822, CVE-2011-0862: Integer overflows in 2D code
• RH706153, S7013969, CVE-2011-0867: NetworkInterface.toString can reveal bindings
• RH706234, S7013971, CVE-2011-0869: Vulnerability in SAAJ
• RH706239, S7016340, CVE-2011-0870: Vulnerability in SAAJ
• RH706241, S7016495, CVE-2011-0868: Crash in Java 2D transforming an image with scale close to zero
• RH706248, S7020198, CVE-2011-0871: ImageIcon creates Component with null acc
• RH706245, S7020373, CVE-2011-0864: JSR rewriting can overflow memory address size variables

[1:1.6.0.0-1.22.1.9.7]

• Resolves bz690289
• Import from RHEL-5_6-Z
• Updated to IcedTea6 1.9.7
• Removed all plugin/webstart related commented lines
• Modified bz entry format in previous logs to get around cvs ack checking bug