| |||||||||||||||||||
Mageia alert MGASA-2012-0260 (java-1.7.0-openjdk)
MGASA-2012-0260 Date: September 8th, 2012 Affected releases: 2 Description: Updated java-1.7.0-openjdk packages fix security vulnerability: A flaw in the Java security manager, which is used for sandboxing Java applets and enforcing other security restrictions, allows for arbitrary code execution (CVE-2012-4681). This updates IcedTea to version 2.3.2 which fixes this issue, an XMLDecoder security issue via ClassFinder (CVE-2012-1682) and an issue with AWT internals references (CVE-2012-0547), as well as several other bugs. Updated Packages: java-1.7.0-openjdk-1.7.0.6-2.3.2.1.1.mga2 java-1.7.0-openjdk-devel-1.7.0.6-2.3.2.1.1.mga2 java-1.7.0-openjdk-demo-1.7.0.6-2.3.2.1.1.mga2 java-1.7.0-openjdk-src-1.7.0.6-2.3.2.1.1.mga2 java-1.7.0-openjdk-javadoc-1.7.0.6-2.3.2.1.1.mga2 References: http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=2012-0547 http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=2012-1682 http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=2012-4681 http://blog.fuseyism.com/index.php/2012/08/30/security-ic... http://blog.fuseyism.com/index.php/2012/08/31/security-ic... https://bugs.mageia.org/show_bug.cgi?id=7278 https://wiki.mageia.org/en/Support/Advisories/MGASA-2012-... (Log in to post comments)
|
|||||||||||||||||||