--------------------------------------------------------------------------------Fedora Update Notification
FEDORA-2009-1373
2009-02-05 01:18:26
--------------------------------------------------------------------------------Name        : java-1.6.0-openjdk
Product     : Fedora 10
Version     : 1.6.0.0
Release     : 9.b14.fc10
URL         : https://icedtea.classpath.org/
Summary     : OpenJDK Runtime Environment
Description :
The OpenJDK runtime environment.

--------------------------------------------------------------------------------Update Information:

This fixes a default security policy, that allowed unsigned applets to access
the gnome-java-bridge, allowing a privilege escalation (#474431).    There are
also several bug fixes included in this update.
--------------------------------------------------------------------------------ChangeLog:

* Mon Jan 26 2009 Lillian Angel  - 1:1.6.0-10.b14
- Updated sources.
* Fri Jan 23 2009 Lillian Angel  - 1:1.6.0-10.b14
- Added accessibility patch.
* Thu Jan 22 2009 Lillian Angel  - 1:1.6.0-10.b14
- Updated to icedtea-1.4 snapshot.
- Updated release.
- Removed netbeans and visualvm.
- Added hotspot source.
- Added --with-hotspot-src-zip build option.
- Set runtests to 1.
- Updated jtreg log.
- Updated openjdkver.
- Updated openjdkdate.
- Added new patch to add GNOME to java.security.
- Resolves: rhbz#472953
- Resolves: rhbz#475081
- Resolves: rhbz#452573
- Resolves: rhbz#474431
- Resolves: rhbz#474503
- Resolves: rhbz#472862
- Resolves: rhbz#477351
- Resolves: rhbz#475109
- Resolves: rhbz#476462
* Sun Jan 11 2009 Lillian Angel  - 1:1.6.0-8.b12
- Removed README.plugin, updated source list.
- Updated release.
--------------------------------------------------------------------------------References:

  [ 1 ] Bug #476462 - IcedTea Web Browser Plugin applet issue when loading in SSL
        https://bugzilla.redhat.com/show_bug.cgi?id=476462
  [ 2 ] Bug #452573 - Bad window size calculation after using pack()
        https://bugzilla.redhat.com/show_bug.cgi?id=452573
  [ 3 ] Bug #475109 - NullPointerException when launching JNLP file
        https://bugzilla.redhat.com/show_bug.cgi?id=475109
  [ 4 ] Bug #472953 - Java plugin fails when visiting an https site whose certificate is not in the trust path
        https://bugzilla.redhat.com/show_bug.cgi?id=472953
  [ 5 ] Bug #475081 - Komercni banka's online banking does not work
        https://bugzilla.redhat.com/show_bug.cgi?id=475081
  [ 6 ] Bug #474431 - Untrusted applets can access the gnome-java-bridge
        https://bugzilla.redhat.com/show_bug.cgi?id=474431
  [ 7 ] Bug #474503 - RFE: Update HotSpot
        https://bugzilla.redhat.com/show_bug.cgi?id=474503
  [ 8 ] Bug #472862 - Run tests and include jtreg-check summary
        https://bugzilla.redhat.com/show_bug.cgi?id=472862
--------------------------------------------------------------------------------This update can be installed with the "yum" update program.  Use 
su -c 'yum update java-1.6.0-openjdk' at the command line.
For more information, refer to "Managing Software with yum",
available at .

All packages are signed with the Fedora Project GPG key.  More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/security/
--------------------------------------------------------------------------------_______________________________________________
Fedora-package-announce mailing list
Fedora-package-announce@redhat.com
http://www.redhat.com/mailman/listinfo/fedora-package-announce

Fedora 10 Update: java-1.6.0-openjdk-1.6.0.0-9.b14.fc10

February 4, 2009
This fixes a default security policy, that allowed unsigned applets to access the gnome-java-bridge, allowing a privilege escalation (#474431)

Summary

The OpenJDK runtime environment.

This fixes a default security policy, that allowed unsigned applets to access

the gnome-java-bridge, allowing a privilege escalation (#474431). There are

also several bug fixes included in this update.

* Mon Jan 26 2009 Lillian Angel - 1:1.6.0-10.b14

- Updated sources.

* Fri Jan 23 2009 Lillian Angel - 1:1.6.0-10.b14

- Added accessibility patch.

* Thu Jan 22 2009 Lillian Angel - 1:1.6.0-10.b14

- Updated to icedtea-1.4 snapshot.

- Updated release.

- Removed netbeans and visualvm.

- Added hotspot source.

- Added --with-hotspot-src-zip build option.

- Set runtests to 1.

- Updated jtreg log.

- Updated openjdkver.

- Updated openjdkdate.

- Added new patch to add GNOME to java.security.

- Resolves: rhbz#472953

- Resolves: rhbz#475081

- Resolves: rhbz#452573

- Resolves: rhbz#474431

- Resolves: rhbz#474503

- Resolves: rhbz#472862

- Resolves: rhbz#477351

- Resolves: rhbz#475109

- Resolves: rhbz#476462

* Sun Jan 11 2009 Lillian Angel - 1:1.6.0-8.b12

- Removed README.plugin, updated source list.

- Updated release.

[ 1 ] Bug #476462 - IcedTea Web Browser Plugin applet issue when loading in SSL

https://bugzilla.redhat.com/show_bug.cgi?id=476462

[ 2 ] Bug #452573 - Bad window size calculation after using pack()

https://bugzilla.redhat.com/show_bug.cgi?id=452573

[ 3 ] Bug #475109 - NullPointerException when launching JNLP file

https://bugzilla.redhat.com/show_bug.cgi?id=475109

[ 4 ] Bug #472953 - Java plugin fails when visiting an https site whose certificate is not in the trust path

https://bugzilla.redhat.com/show_bug.cgi?id=472953

[ 5 ] Bug #475081 - Komercni banka's online banking does not work

https://bugzilla.redhat.com/show_bug.cgi?id=475081

[ 6 ] Bug #474431 - Untrusted applets can access the gnome-java-bridge

https://bugzilla.redhat.com/show_bug.cgi?id=474431

[ 7 ] Bug #474503 - RFE: Update HotSpot

https://bugzilla.redhat.com/show_bug.cgi?id=474503

[ 8 ] Bug #472862 - Run tests and include jtreg-check summary

https://bugzilla.redhat.com/show_bug.cgi?id=472862

su -c 'yum update java-1.6.0-openjdk' at the command line.

For more information, refer to "Managing Software with yum",

available at .

All packages are signed with the Fedora Project GPG key. More details on the

GPG keys used by the Fedora Project can be found at

https://fedoraproject.org/security/

Fedora-package-announce mailing list

Fedora-package-announce@redhat.com

http://www.redhat.com/mailman/listinfo/fedora-package-announce

FEDORA-2009-1373 2009-02-05 01:18:26 Product : Fedora 10 Version : 1.6.0.0 Release : 9.b14.fc10 URL : https://icedtea.classpath.org/ Summary : OpenJDK Runtime Environment Description : The OpenJDK runtime environment. This fixes a default security policy, that allowed unsigned applets to access the gnome-java-bridge, allowing a privilege escalation (#474431). There are also several bug fixes included in this update. * Mon Jan 26 2009 Lillian Angel - 1:1.6.0-10.b14 - Updated sources. * Fri Jan 23 2009 Lillian Angel - 1:1.6.0-10.b14 - Added accessibility patch. * Thu Jan 22 2009 Lillian Angel - 1:1.6.0-10.b14 - Updated to icedtea-1.4 snapshot. - Updated release. - Removed netbeans and visualvm. - Added hotspot source. - Added --with-hotspot-src-zip build option. - Set runtests to 1. - Updated jtreg log. - Updated openjdkver. - Updated openjdkdate. - Added new patch to add GNOME to java.security. - Resolves: rhbz#472953 - Resolves: rhbz#475081 - Resolves: rhbz#452573 - Resolves: rhbz#474431 - Resolves: rhbz#474503 - Resolves: rhbz#472862 - Resolves: rhbz#477351 - Resolves: rhbz#475109 - Resolves: rhbz#476462 * Sun Jan 11 2009 Lillian Angel - 1:1.6.0-8.b12 - Removed README.plugin, updated source list. - Updated release. [ 1 ] Bug #476462 - IcedTea Web Browser Plugin applet issue when loading in SSL https://bugzilla.redhat.com/show_bug.cgi?id=476462 [ 2 ] Bug #452573 - Bad window size calculation after using pack() https://bugzilla.redhat.com/show_bug.cgi?id=452573 [ 3 ] Bug #475109 - NullPointerException when launching JNLP file https://bugzilla.redhat.com/show_bug.cgi?id=475109 [ 4 ] Bug #472953 - Java plugin fails when visiting an https site whose certificate is not in the trust path https://bugzilla.redhat.com/show_bug.cgi?id=472953 [ 5 ] Bug #475081 - Komercni banka's online banking does not work https://bugzilla.redhat.com/show_bug.cgi?id=475081 [ 6 ] Bug #474431 - Untrusted applets can access the gnome-java-bridge https://bugzilla.redhat.com/show_bug.cgi?id=474431 [ 7 ] Bug #474503 - RFE: Update HotSpot https://bugzilla.redhat.com/show_bug.cgi?id=474503 [ 8 ] Bug #472862 - Run tests and include jtreg-check summary https://bugzilla.redhat.com/show_bug.cgi?id=472862 su -c 'yum update java-1.6.0-openjdk' at the command line. For more information, refer to "Managing Software with yum", available at . All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ Fedora-package-announce mailing list Fedora-package-announce@redhat.com http://www.redhat.com/mailman/listinfo/fedora-package-announce

Change Log

References

Update Instructions

Severity
Product : Fedora 10
Version : 1.6.0.0
Release : 9.b14.fc10
URL : https://icedtea.classpath.org/
Summary : OpenJDK Runtime Environment

Related News

24.Key Code Esm H320
2 - 3 min read
The Akira ransomware group has extorted approximately $42 million from over 250 victims since January 1, 2024. The group initially focused on
5.ShakingHands Esm H320
2 - 3 min read
At The Linux Foundation's Open Source Summit North America , Linus Torvalds, the creator of Linux, discussed various topics related to Linux
30.Lock Globe Motherboard Esm H320
1 - 2 min read
The SPDX 3.0 release marks a significant milestone in software management, particularly for Linux admins, infosec professionals, internet security
11.Locks IsometricPattern Esm H320
2 - 3 min read
Open Source maintainers and developers have been warned about the continued wave of attacks aimed at project maintainers similar to those recently
28.Lock Globe Esm H320
1 - 2 min read
A resurgence of cyberattacks targeting Linux systems in Asian campaigns through the utilization of the Pupy Remote Access Trojan (RAT) has been
27.Tablet Connections Blocks Lock Esm H320
2 - 4 min read
Canonical has recently announced the Beta release of Ubuntu Linux 24.04 LTS , codenamed "Noble Numbat." This release aims to continue Ubuntu's
21.Globe RadiatingCode Esm H320
2 - 3 min read
The open-source movement has come a long way, from its origins in the 1960s and 1970s to becoming an integral part of organizations worldwide.
13.Lock StylizedMotherboard Esm H320
2 - 3 min read
The Rust-based Edera project demonstrates a unique approach to container security that addresses cloud-native computing challenges. Let's examine
Sign Up

Get the Latest News & Insights

Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.

© 2024 Guardian Digital, Inc All Rights Reserved