-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 _______________________________________________________________________ Mandriva Linux Security Advisory MDVSA-2009:162 http://www.mandriva.com/security/ _______________________________________________________________________ Package : java-1.6.0-openjdk Date : July 28, 2009 Affected: Enterprise Server 5.0 _______________________________________________________________________ Problem Description: Multiple security vulnerabilities has been identified and fixed in Little cms library embedded in OpenJDK: A memory leak flaw allows remote attackers to cause a denial of service (memory consumption and application crash) via a crafted image file (CVE-2009-0581). Multiple integer overflows allow remote attackers to execute arbitrary code via a crafted image file that triggers a heap-based buffer overflow (CVE-2009-0723). Multiple stack-based buffer overflows allow remote attackers to execute arbitrary code via a crafted image file associated with a large integer value for the (1) input or (2) output channel (CVE-2009-0733). A flaw in the transformations of monochrome profiles allows remote attackers to cause denial of service triggered by a NULL pointer dereference via a crafted image file (CVE-2009-0793). Further security fixes in the JRE and in the Java API of OpenJDK: A flaw in handling temporary font files by the Java Virtual Machine (JVM) allows remote attackers to cause denial of service (CVE-2006-2426). An integer overflow flaw was found in Pulse-Java when handling Pulse audio source data lines. An attacker could use this flaw to cause an applet to crash, leading to a denial of service (CVE-2009-0794). A flaw in Java Runtime Environment initialized LDAP connections allows authenticated remote users to cause denial of service on the LDAP service (CVE-2009-1093). A flaw in the Java Runtime Environment LDAP client in handling server LDAP responses allows remote attackers to execute arbitrary code on the client side via malicious server response (CVE-2009-1094). Buffer overflows in the the Java Runtime Environment unpack200 utility allow remote attackers to execute arbitrary code via an crafted applet (CVE-2009-1095, CVE-2009-1096). A buffer overflow in the splash screen processing allows a attackers to execute arbitrary code (CVE-2009-1097). A buffer overflow in GIF images handling allows remote attackers to execute arbitrary code via an crafted GIF image (CVE-2009-1098). A flaw in the Java API for XML Web Services (JAX-WS) service endpoint handling allows remote attackers to cause a denial of service on the service endpoint's server side (CVE-2009-1101). A flaw in the Java Runtime Environment Virtual Machine code generation allows remote attackers to execute arbitrary code via a crafted applet (CVE-2009-1102). This update provides fixes for these issues. _______________________________________________________________________ References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0581 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0723 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0733 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0793 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2426 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0794 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1093 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1094 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1096 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1097 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1098 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1101 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1102 _______________________________________________________________________ Updated Packages: Mandriva Enterprise Server 5: f6368a18b2b8db81a7469b5135b7ee06 mes5/i586/java-1.6.0-openjdk-1.6.0.0-0.20.b16.0.3mdvmes5.i586.rpm f2be106ac66e9a50f4ba74cbefda770c mes5/i586/java-1.6.0-openjdk-demo-1.6.0.0-0.20.b16.0.3mdvmes5.i586.rpm 31a5ec29a095406a456704102f0fcfed mes5/i586/java-1.6.0-openjdk-devel-1.6.0.0-0.20.b16.0.3mdvmes5.i586.rpm 1f1344246611ade062f5cff22248a85c mes5/i586/java-1.6.0-openjdk-javadoc-1.6.0.0-0.20.b16.0.3mdvmes5.i586.rpm df7a7fe90e1574841ef4e9c54dbc1b03 mes5/i586/java-1.6.0-openjdk-plugin-1.6.0.0-0.20.b16.0.3mdvmes5.i586.rpm 4f58dd3aede5767fe67b3615b005dae4 mes5/i586/java-1.6.0-openjdk-src-1.6.0.0-0.20.b16.0.3mdvmes5.i586.rpm 238d40b950f5c91ece2011cd11493d7b mes5/i586/rhino-1.7-0.0.2.2mdvmes5.noarch.rpm 2628511efa4e84a9990d251b640d26fd mes5/i586/rhino-demo-1.7-0.0.2.2mdvmes5.noarch.rpm 223618bbd67a5b5ce0cbba2ee4d1fb35 mes5/i586/rhino-javadoc-1.7-0.0.2.2mdvmes5.noarch.rpm 938b06b42a87c8c4b7db51f8af099c28 mes5/i586/rhino-manual-1.7-0.0.2.2mdvmes5.noarch.rpm 4011be2c0535783dfea04a5adfce1793 mes5/SRPMS/java-1.6.0-openjdk-1.6.0.0-0.20.b16.0.3mdvmes5.src.rpm 0445ae120c5dbe9957abe9fdffc1d1dd mes5/SRPMS/rhino-1.7-0.0.2.2mdvmes5.src.rpm Mandriva Enterprise Server 5/X86_64: 554fa4e2c062e43110dd91613f08469a mes5/x86_64/java-1.6.0-openjdk-1.6.0.0-0.20.b16.0.3mdvmes5.x86_64.rpm 731b4477a5869c4f2bdf3f420c3fd20b mes5/x86_64/java-1.6.0-openjdk-demo-1.6.0.0-0.20.b16.0.3mdvmes5.x86_64.rpm 822b29df6b3a147eadc76d2bb3f40048 mes5/x86_64/java-1.6.0-openjdk-devel-1.6.0.0-0.20.b16.0.3mdvmes5.x86_64.rpm dac9bcbc35102d93478a161b29c37ecd mes5/x86_64/java-1.6.0-openjdk-javadoc-1.6.0.0-0.20.b16.0.3mdvmes5.x86_64.rpm 39f26bcda91670cbf8acd7594cb0f805 mes5/x86_64/java-1.6.0-openjdk-plugin-1.6.0.0-0.20.b16.0.3mdvmes5.x86_64.rpm c075fd8bb1e7dcb55aacaa1a2ba509f2 mes5/x86_64/java-1.6.0-openjdk-src-1.6.0.0-0.20.b16.0.3mdvmes5.x86_64.rpm 7ca12525266382ff80ff8779214d91bd mes5/x86_64/rhino-1.7-0.0.2.2mdvmes5.noarch.rpm 2f96a78708288e93baa3c117e74a5b20 mes5/x86_64/rhino-demo-1.7-0.0.2.2mdvmes5.noarch.rpm 7d149643cd8be8af15bbfc538c7a2c42 mes5/x86_64/rhino-javadoc-1.7-0.0.2.2mdvmes5.noarch.rpm 66102c3e6e500fad7e4180b429245428 mes5/x86_64/rhino-manual-1.7-0.0.2.2mdvmes5.noarch.rpm 4011be2c0535783dfea04a5adfce1793 mes5/SRPMS/java-1.6.0-openjdk-1.6.0.0-0.20.b16.0.3mdvmes5.src.rpm 0445ae120c5dbe9957abe9fdffc1d1dd mes5/SRPMS/rhino-1.7-0.0.2.2mdvmes5.src.rpm _______________________________________________________________________ To upgrade automatically use MandrivaUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. All packages are signed by Mandriva for security. You can obtain the GPG public key of the Mandriva Security Team by executing: gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98 You can view other update advisories for Mandriva Linux at: http://www.mandriva.com/security/advisories If you want to report vulnerabilities, please contact security_(at)_mandriva.com _______________________________________________________________________ Type Bits/KeyID Date User ID pub 1024D/22458A98 2000-07-10 Mandriva Security Team -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) iD8DBQFKbxzBmqjQ0CJFipgRAuJGAJoDwP0fk1wKDTkiNEBb0s6Hp7QnewCeJvVG dy2Zp6FCw6+KkkiKfoJnkm4= =TYCT -----END PGP SIGNATURE----- _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/