| |||||||||||||||||||
Mageia alert MGASA-2013-0038 (java-1.6.0-openjdk)
MGASA-2013-0038 Date: February 6th, 2013 Affected releases: 2 Media: Core Description: Updated java-1.6.0-openjdk packages fix security vulnerabilities: RMI data sanitization (CVE-2013-0424). Add logging context (CVE-2013-0425). Find log level matching its name or value given at construction time (CVE-2013-0426). Improve thread pool shutdown (CVE-2013-0427). Improving CORBA internals (CVE-2013-0429). Improve clipboard access (CVE-2013-0432). Better validation of client keys (CVE-2013-0443). Better Checking of order of TLS Messages (CVE-2013-0440). Issue in toolkit thread (CVE-2013-0442). (proxy) Reflect about creating reflective proxies (CVE-2013-0428). Change modifiers on unused fields (CVE-2013-0441). Better handling of UI elements (CVE-2013-0435). InetSocketAddress serialization issue (CVE-2013-0433). Contextualize RequiredModelMBean class (CVE-2013-0450). Improve IIOP type reuse management (CVE-2013-1475). Restrict access to class constructor (CVE-2013-1476). Improve JAXP HTTP handling (CVE-2013-0434). Improve image processing (CVE-2013-1478). Improve management of images (CVE-2013-1480). This updates IcedTea6 to version 1.11.6, which fixes these issues, as well as several others. Updated Packages: i586: java-1.6.0-openjdk-1.6.0.0-36.b24.1.mga2.i586.rpm java-1.6.0-openjdk-demo-1.6.0.0-36.b24.1.mga2.i586.rpm java-1.6.0-openjdk-devel-1.6.0.0-36.b24.1.mga2.i586.rpm java-1.6.0-openjdk-javadoc-1.6.0.0-36.b24.1.mga2.noarch.rpm java-1.6.0-openjdk-src-1.6.0.0-36.b24.1.mga2.noarch.rpm java-1.6.0-openjdk-debug-1.6.0.0-36.b24.1.mga2.i586.rpm x86_64: java-1.6.0-openjdk-1.6.0.0-36.b24.1.mga2.x86_64.rpm java-1.6.0-openjdk-demo-1.6.0.0-36.b24.1.mga2.x86_64.rpm java-1.6.0-openjdk-devel-1.6.0.0-36.b24.1.mga2.x86_64.rpm java-1.6.0-openjdk-javadoc-1.6.0.0-36.b24.1.mga2.noarch.rpm java-1.6.0-openjdk-src-1.6.0.0-36.b24.1.mga2.noarch.rpm java-1.6.0-openjdk-debug-1.6.0.0-36.b24.1.mga2.x86_64.rpm SRPMS: java-1.6.0-openjdk-1.6.0.0-36.b24.1.mga2.src.rpm References: http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=2013-0424 http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=2013-0425 http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=2013-0426 http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=2013-0427 http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=2013-0428 http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=2013-0429 http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=2013-0432 http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=2013-0433 http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=2013-0434 http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=2013-0435 http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=2013-0440 http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=2013-0441 http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=2013-0442 http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=2013-0450 http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=2013-1475 http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=2013-1476 http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=2013-1478 http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=2013-1480 http://blog.fuseyism.com/index.php/2013/02/03/security-ic... http://www.oracle.com/technetwork/topics/security/javacpu... https://bugs.mageia.org/show_bug.cgi?id=8976 https://wiki.mageia.org/en/Support/Advisories/MGASA-2013-... (Log in to post comments)
|
|||||||||||||||||||