Описание
ELSA-2013-0770: java-1.6.0-openjdk security update (IMPORTANT)
[1:1.6.0.0-1.61.1.11.11]
- added and applied (temporally) patch10 fixToFontSecurityFix.patch.
- fixing regression in fonts introduced by one security patch.
- Resolves: rhbz#950386
[1:1.6.0.0-1.60.1.11.11]
- added and applied (temporally) one more patch to xalan/xerces privileges
- patch9 jaxp-backport-factoryfinder.patch
- will be upstreamed
- Resolves: rhbz#950386
[1:1.6.0.0-1.59.1.11.11]
- Updated to icedtea6 1.11.11 - fixed xalan/xerxes privledges
- removed patch 8 - removingOfAarch64.patch.patch - fixed upstream
- Resolves: rhbz#950386
[1:1.6.0.0-1.58.1.11.10]
- Updated to icedtea6 1.11.10
- rewritten java-1.6.0-openjdk-java-access-bridge-security.patch
- excluded aarch64.patch
- by patch 8 - removingOfAarch64.patch.patch
- Resolves: rhbz#950386
Обновленные пакеты
Oracle Linux 5
Oracle Linux x86_64
java-1.6.0-openjdk
1.6.0.0-1.40.1.11.11.0.1.el5_9
java-1.6.0-openjdk-demo
1.6.0.0-1.40.1.11.11.0.1.el5_9
java-1.6.0-openjdk-devel
1.6.0.0-1.40.1.11.11.0.1.el5_9
java-1.6.0-openjdk-javadoc
1.6.0.0-1.40.1.11.11.0.1.el5_9
java-1.6.0-openjdk-src
1.6.0.0-1.40.1.11.11.0.1.el5_9
Oracle Linux i386
java-1.6.0-openjdk
1.6.0.0-1.40.1.11.11.0.1.el5_9
java-1.6.0-openjdk-demo
1.6.0.0-1.40.1.11.11.0.1.el5_9
java-1.6.0-openjdk-devel
1.6.0.0-1.40.1.11.11.0.1.el5_9
java-1.6.0-openjdk-javadoc
1.6.0.0-1.40.1.11.11.0.1.el5_9
java-1.6.0-openjdk-src
1.6.0.0-1.40.1.11.11.0.1.el5_9
Oracle Linux 6
Oracle Linux x86_64
java-1.6.0-openjdk
1.6.0.0-1.61.1.11.11.el6_4
java-1.6.0-openjdk-demo
1.6.0.0-1.61.1.11.11.el6_4
java-1.6.0-openjdk-devel
1.6.0.0-1.61.1.11.11.el6_4
java-1.6.0-openjdk-javadoc
1.6.0.0-1.61.1.11.11.el6_4
java-1.6.0-openjdk-src
1.6.0.0-1.61.1.11.11.el6_4
Oracle Linux i686
java-1.6.0-openjdk
1.6.0.0-1.61.1.11.11.el6_4
java-1.6.0-openjdk-demo
1.6.0.0-1.61.1.11.11.el6_4
java-1.6.0-openjdk-devel
1.6.0.0-1.61.1.11.11.el6_4
java-1.6.0-openjdk-javadoc
1.6.0.0-1.61.1.11.11.el6_4
java-1.6.0-openjdk-src
1.6.0.0-1.61.1.11.11.el6_4
Ссылки на источники
Связанные уязвимости
ELSA-2013-0752: java-1.7.0-openjdk security update (IMPORTANT)
ELSA-2013-0751: java-1.7.0-openjdk security update (CRITICAL)
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, and 5.0 Update 41 and earlier; and OpenJDK 6 and 7; allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D. NOTE: the previous information is from the April 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to insufficient "validation of images" in share/native/sun/awt/image/awt_ImageRep.c, possibly involving offsets.
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, and 5.0 Update 41 and earlier; and OpenJDK 6 and 7; allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D. NOTE: the previous information is from the April 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to insufficient "validation of images" in share/native/sun/awt/image/awt_ImageRep.c, possibly involving offsets.
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, and 5.0 Update 41 and earlier; and OpenJDK 6 and 7; allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D. NOTE: the previous information is from the April 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to insufficient "validation of images" in share/native/sun/awt/image/awt_ImageRep.c, possibly involving offsets.