Описание
ELSA-2012-0135: java-1.6.0-openjdk security update (CRITICAL)
[1:1.6.0.0-1.43.1.10.6]
- Updated to IcedTea6 1.10.6
- Resolves: rhbz#787144
- Security fixes
- S7082299: Fix in AtomicReferenceArray
- S7088367: Fix issues in java sound
- S7110683: Issues with some KeyboardFocusManager method
- S7110687: Issues with TimeZone class
- S7110700: Enhance exception throwing mechanism in ObjectStreamClass
- S7110704: Issues with some method in corba
- S7112642: Incorrect checking for graphics rendering object
- S7118283: Better input parameter checking in zip file processing
- S7126960: Add property to limit number of request headers to the HTTP Server
- Bug fixes
- RH580478: Desktop files should not use hardcoded path
- Removed upstreamed patch7 - java-1.6.0-openjdk-6_2-Z-rmi-fix.patch
Обновленные пакеты
Oracle Linux 6
Oracle Linux x86_64
java-1.6.0-openjdk
1.6.0.0-1.43.1.10.6.el6_2
java-1.6.0-openjdk-demo
1.6.0.0-1.43.1.10.6.el6_2
java-1.6.0-openjdk-devel
1.6.0.0-1.43.1.10.6.el6_2
java-1.6.0-openjdk-javadoc
1.6.0.0-1.43.1.10.6.el6_2
java-1.6.0-openjdk-src
1.6.0.0-1.43.1.10.6.el6_2
Oracle Linux i686
java-1.6.0-openjdk
1.6.0.0-1.43.1.10.6.el6_2
java-1.6.0-openjdk-demo
1.6.0.0-1.43.1.10.6.el6_2
java-1.6.0-openjdk-devel
1.6.0.0-1.43.1.10.6.el6_2
java-1.6.0-openjdk-javadoc
1.6.0.0-1.43.1.10.6.el6_2
java-1.6.0-openjdk-src
1.6.0.0-1.43.1.10.6.el6_2
Ссылки на источники
Связанные уязвимости
ELSA-2012-0322: java-1.6.0-openjdk security update (IMPORTANT)
Oracle Glassfish 2.1.1, 3.0.1, and 3.1.1, as used in Communications Server 2.0, Sun Java System Application Server 8.1 and 8.2, and possibly other products, computes hash values for form parameters without restricting the ability to trigger hash collisions predictably, which allows remote attackers to cause a denial of service (CPU consumption) by sending many crafted parameters, aka Oracle security ticket S0104869.
Oracle Glassfish 2.1.1, 3.0.1, and 3.1.1, as used in Communications Server 2.0, Sun Java System Application Server 8.1 and 8.2, and possibly other products, computes hash values for form parameters without restricting the ability to trigger hash collisions predictably, which allows remote attackers to cause a denial of service (CPU consumption) by sending many crafted parameters, aka Oracle security ticket S0104869.
Oracle Glassfish 2.1.1, 3.0.1, and 3.1.1, as used in Communications Server 2.0, Sun Java System Application Server 8.1 and 8.2, and possibly other products, computes hash values for form parameters without restricting the ability to trigger hash collisions predictably, which allows remote attackers to cause a denial of service (CPU consumption) by sending many crafted parameters, aka Oracle security ticket S0104869.
Oracle Glassfish 2.1.1, 3.0.1, and 3.1.1, as used in Communications Se ...