LinuxSecurity.com
Share your story
The central voice for Linux and Open Source security news
Home News Topics Advisories HOWTOs Features Newsletters About Register

Welcome!
Sign up!
EnGarde Community
Login
Polls
What is the most important Linux security technology?
 
Advisories
Community
Linux Events
Linux User Groups
Link to Us
Security Center
Book Reviews
Security Dictionary
Security Tips
SELinux
White Papers
Featured Blogs
All About Linux
DanWalsh LiveJournal
Securitydistro
Latest Newsletters
Linux Advisory Watch: November 21st, 2014
Linux Security Week: November 17th, 2014
Subscribe
LinuxSecurity Newsletters
E-mail:
Choose Lists:
About our Newsletters
RSS Feeds
Get the LinuxSecurity news you want faster with RSS
Powered By

  
Mandriva: 2012:095: java-1.6.0-openjdk Print E-mail
User Rating:      How can I rate this item?
Posted by Benjamin D. Thomas   
Mandrake Multiple security issues were identified and fixed in OpenJDK (icedtea6): * S7079902, CVE-2012-1711: Refine CORBA data models * S7143617, CVE-2012-1713: Improve fontmanager layout lookup operations [More...]
 _______________________________________________________________________

 Mandriva Linux Security Advisory                         MDVSA-2012:095
 http://www.mandriva.com/security/
 _______________________________________________________________________

 Package : java-1.6.0-openjdk
 Date    : June 18, 2012
 Affected: 2010.1, 2011., Enterprise Server 5.0
 _______________________________________________________________________

 Problem Description:

 Multiple security issues were identified and fixed in OpenJDK
 (icedtea6):
 
 * S7079902, CVE-2012-1711: Refine CORBA data models
 * S7143617, CVE-2012-1713: Improve fontmanager layout lookup operations
 * S7143614, CVE-2012-1716: SynthLookAndFeel stability improvement
 * S7143606, CVE-2012-1717: File.createTempFile should be improved
 for temporary files created by the platform.
 * S7143872, CVE-2012-1718: Improve certificate extension processing
 * S7143851, CVE-2012-1719: Improve IIOP stub and tie generation in RMIC
 * S7152811, CVE-2012-1723: Issues in client compiler
 * S7157609, CVE-2012-1724: Issues with loop
 * S7160757, CVE-2012-1725: Problem with hotspot/runtime_classfile
 * S7110720: Issue with vm config file loadingIssue with vm config
 file loading
 * S7145239: Finetune package definition restriction
 * S7160677: missing else in fix for 7152811
 
 The updated packages provides icedtea6-1.11.3 which is not vulnerable
 to these issues.
 _______________________________________________________________________

 References:

 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1711
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1713
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1716
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1717
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1718
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1719
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1723
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1724
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1725
 http://www.oracle.com/technetwork/topics/security/javacpujun2012-1515912.html
 http://mail.openjdk.java.net/pipermail/distro-pkg-dev/2012-June/019076.html
 _______________________________________________________________________

 Updated Packages:

 Mandriva Linux 2010.1:
 02c1a7a3563478acb220758d7cc4b59a  2010.1/i586/java-1.6.0-openjdk-1.6.0.0-26.b24.1mdv2010.2.i586.rpm
 d726d77a80cbcbb2950877c5042bda69  2010.1/i586/java-1.6.0-openjdk-demo-1.6.0.0-26.b24.1mdv2010.2.i586.rpm
 fe64aa7633dcfa4eb0fe67dfc390c435  2010.1/i586/java-1.6.0-openjdk-devel-1.6.0.0-26.b24.1mdv2010.2.i586.rpm
 043ace12873a531986f1ae954cc3d8cd  2010.1/i586/java-1.6.0-openjdk-javadoc-1.6.0.0-26.b24.1mdv2010.2.i586.rpm
 b4d810861dc6a7b909ec48737920f5fc  2010.1/i586/java-1.6.0-openjdk-src-1.6.0.0-26.b24.1mdv2010.2.i586.rpm 
 a6a38f5bb7754d779871b2104aec6fc8  2010.1/SRPMS/java-1.6.0-openjdk-1.6.0.0-26.b24.1mdv2010.2.src.rpm

 Mandriva Linux 2010.1/X86_64:
 594bfca5dc2fba096ffaa21698e2c7a3  2010.1/x86_64/java-1.6.0-openjdk-1.6.0.0-26.b24.1mdv2010.2.x86_64.rpm
 fb01e3019f1f5e823287a39c68f1170c  2010.1/x86_64/java-1.6.0-openjdk-demo-1.6.0.0-26.b24.1mdv2010.2.x86_64.rpm
 f6363ce6f9f23a5dbacc33c8c39ebdc9  2010.1/x86_64/java-1.6.0-openjdk-devel-1.6.0.0-26.b24.1mdv2010.2.x86_64.rpm
 b32e4edd1959e9974ee8c7dcaf4058d3  2010.1/x86_64/java-1.6.0-openjdk-javadoc-1.6.0.0-26.b24.1mdv2010.2.x86_64.rpm
 1348417b4ea0072122f6b730d6d6dc63  2010.1/x86_64/java-1.6.0-openjdk-src-1.6.0.0-26.b24.1mdv2010.2.x86_64.rpm 
 a6a38f5bb7754d779871b2104aec6fc8  2010.1/SRPMS/java-1.6.0-openjdk-1.6.0.0-26.b24.1mdv2010.2.src.rpm

 Mandriva Linux 2011:
 674379bdf52c4a41d3305936c7eff1aa  2011/i586/java-1.6.0-openjdk-1.6.0.0-26.b24.1-mdv2011.0.i586.rpm
 63d8a5d6bf4785a0421385fa98529430  2011/i586/java-1.6.0-openjdk-demo-1.6.0.0-26.b24.1-mdv2011.0.i586.rpm
 13935b834116870ca15a16a49c979a9b  2011/i586/java-1.6.0-openjdk-devel-1.6.0.0-26.b24.1-mdv2011.0.i586.rpm
 43256750b71f5d1fb83a101557d8f4f8  2011/i586/java-1.6.0-openjdk-javadoc-1.6.0.0-26.b24.1-mdv2011.0.i586.rpm
 bda2c5ac1774f53e1af11b63a7f4e8e1  2011/i586/java-1.6.0-openjdk-src-1.6.0.0-26.b24.1-mdv2011.0.i586.rpm 
 277b3fbf68229aa5249e0999db11bc3b  2011/SRPMS/java-1.6.0-openjdk-1.6.0.0-26.b24.1.src.rpm

 Mandriva Linux 2011/X86_64:
 3606504a3516077390012c0e64278bce  2011/x86_64/java-1.6.0-openjdk-1.6.0.0-26.b24.1-mdv2011.0.x86_64.rpm
 bd19f0742c1eada1d422d2a8975e0acb  2011/x86_64/java-1.6.0-openjdk-demo-1.6.0.0-26.b24.1-mdv2011.0.x86_64.rpm
 2ec9e7b37105839c19ea7b934b22cd41  2011/x86_64/java-1.6.0-openjdk-devel-1.6.0.0-26.b24.1-mdv2011.0.x86_64.rpm
 41896f4d4504752dbe13ab2867848170  2011/x86_64/java-1.6.0-openjdk-javadoc-1.6.0.0-26.b24.1-mdv2011.0.x86_64.rpm
 757e1cf60cadbaf7b43ae5fe20528adf  2011/x86_64/java-1.6.0-openjdk-src-1.6.0.0-26.b24.1-mdv2011.0.x86_64.rpm 
 277b3fbf68229aa5249e0999db11bc3b  2011/SRPMS/java-1.6.0-openjdk-1.6.0.0-26.b24.1.src.rpm

 Mandriva Enterprise Server 5:
 9c6e06dd8ed1f926081a57ee24b64b5e  mes5/i586/java-1.6.0-openjdk-1.6.0.0-26.b24.1mdvmes5.2.i586.rpm
 689ce76c039dfbf9d31748598521b017  mes5/i586/java-1.6.0-openjdk-demo-1.6.0.0-26.b24.1mdvmes5.2.i586.rpm
 a83f0b6fdaa03bcfdd65ea23dffb5cc4  mes5/i586/java-1.6.0-openjdk-devel-1.6.0.0-26.b24.1mdvmes5.2.i586.rpm
 47aee7abb00eb28444dce0e325202334  mes5/i586/java-1.6.0-openjdk-javadoc-1.6.0.0-26.b24.1mdvmes5.2.i586.rpm
 bd254da4559a4e483d8fdc7e6bbe4c6e  mes5/i586/java-1.6.0-openjdk-src-1.6.0.0-26.b24.1mdvmes5.2.i586.rpm 
 97288c2f2e19934685153c58d3381cde  mes5/SRPMS/java-1.6.0-openjdk-1.6.0.0-26.b24.1mdvmes5.2.src.rpm

 Mandriva Enterprise Server 5/X86_64:
 56fb8ac45e0f0e6dc06abf6171251ba1  mes5/x86_64/java-1.6.0-openjdk-1.6.0.0-26.b24.1mdvmes5.2.x86_64.rpm
 15617fcd73aa5b2f704327c3ee0f3db7  mes5/x86_64/java-1.6.0-openjdk-demo-1.6.0.0-26.b24.1mdvmes5.2.x86_64.rpm
 244d6a8e07afcd5817447694860880c1  mes5/x86_64/java-1.6.0-openjdk-devel-1.6.0.0-26.b24.1mdvmes5.2.x86_64.rpm
 7da7f73665cc6661a0216bd010e7afe2  mes5/x86_64/java-1.6.0-openjdk-javadoc-1.6.0.0-26.b24.1mdvmes5.2.x86_64.rpm
 4159505d3b9ae04c0a24ed7ff5d0d6ea  mes5/x86_64/java-1.6.0-openjdk-src-1.6.0.0-26.b24.1mdvmes5.2.x86_64.rpm 
 97288c2f2e19934685153c58d3381cde  mes5/SRPMS/java-1.6.0-openjdk-1.6.0.0-26.b24.1mdvmes5.2.src.rpm
 _______________________________________________________________________

 To upgrade automatically use MandrivaUpdate or urpmi.  The verification
 of md5 checksums and GPG signatures is performed automatically for you.

 All packages are signed by Mandriva for security.  You can obtain the
 GPG public key of the Mandriva Security Team by executing:

  gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

 You can view other update advisories for Mandriva Linux at:

  http://www.mandriva.com/security/advisories

 If you want to report vulnerabilities, please contact

  security_(at)_mandriva.com
 _______________________________________________________________________
 
< Prev   Next >
    
Partner

 

Latest Features
Peter Smith Releases Linux Network Security Online
Securing a Linux Web Server
Password guessing with Medusa 2.0
Password guessing as an attack vector
Squid and Digest Authentication
Squid and Basic Authentication
Demystifying the Chinese Hacking Industry: Earning 6 Million a Night
Free Online security course (LearnSIA) - A Call for Help
What You Need to Know About Linux Rootkits
Review: A Practical Guide to Fedora and Red Hat Enterprise Linux - Fifth Edition
Yesterday's Edition
Google Releases Open Source Tool for Testing Web App Security Scanners
Most Targeted Attacks Exploit Privileged Accounts
NotCompable sets new standards for mobile botnet sophistication
Hands on with Caine Linux: Pentesting and UEFI compatible
Partner Sponsor

Community | HOWTOs | Blogs | Features | Book Reviews | Networking
 Security Projects |  Latest News |  Newsletters |  SELinux |  Privacy |  Home
 Hardening |   About Us |   Advertise |   Legal Notice |   RSS |   Guardian Digital
(c)Copyright 2014 Guardian Digital, Inc. All rights reserved.