exploit the possibilities

Mandriva Linux Security Advisory 2012-095

Mandriva Linux Security Advisory 2012-095
Posted Jun 19, 2012
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2012-095 - Multiple security issues were identified and fixed in OpenJDK (icedtea6). The updated packages provides icedtea6-1.11.3 which is not vulnerable to these issues.

tags | advisory
systems | linux, mandriva
advisories | CVE-2012-1711, CVE-2012-1713, CVE-2012-1716, CVE-2012-1717, CVE-2012-1718, CVE-2012-1719, CVE-2012-1723, CVE-2012-1724, CVE-2012-1725
MD5 | 99322633142888858abe6c9e1da9f506

Mandriva Linux Security Advisory 2012-095

Change Mirror Download
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

_______________________________________________________________________

Mandriva Linux Security Advisory MDVSA-2012:095
http://www.mandriva.com/security/
_______________________________________________________________________

Package : java-1.6.0-openjdk
Date : June 18, 2012
Affected: 2010.1, 2011., Enterprise Server 5.0
_______________________________________________________________________

Problem Description:

Multiple security issues were identified and fixed in OpenJDK
(icedtea6):

* S7079902, CVE-2012-1711: Refine CORBA data models
* S7143617, CVE-2012-1713: Improve fontmanager layout lookup operations
* S7143614, CVE-2012-1716: SynthLookAndFeel stability improvement
* S7143606, CVE-2012-1717: File.createTempFile should be improved
for temporary files created by the platform.
* S7143872, CVE-2012-1718: Improve certificate extension processing
* S7143851, CVE-2012-1719: Improve IIOP stub and tie generation in RMIC
* S7152811, CVE-2012-1723: Issues in client compiler
* S7157609, CVE-2012-1724: Issues with loop
* S7160757, CVE-2012-1725: Problem with hotspot/runtime_classfile
* S7110720: Issue with vm config file loadingIssue with vm config
file loading
* S7145239: Finetune package definition restriction
* S7160677: missing else in fix for 7152811

The updated packages provides icedtea6-1.11.3 which is not vulnerable
to these issues.
_______________________________________________________________________

References:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1711
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1713
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1716
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1717
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1718
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1719
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1723
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1724
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1725
http://www.oracle.com/technetwork/topics/security/javacpujun2012-1515912.html
http://mail.openjdk.java.net/pipermail/distro-pkg-dev/2012-June/019076.html
_______________________________________________________________________

Updated Packages:

Mandriva Linux 2010.1:
02c1a7a3563478acb220758d7cc4b59a 2010.1/i586/java-1.6.0-openjdk-1.6.0.0-26.b24.1mdv2010.2.i586.rpm
d726d77a80cbcbb2950877c5042bda69 2010.1/i586/java-1.6.0-openjdk-demo-1.6.0.0-26.b24.1mdv2010.2.i586.rpm
fe64aa7633dcfa4eb0fe67dfc390c435 2010.1/i586/java-1.6.0-openjdk-devel-1.6.0.0-26.b24.1mdv2010.2.i586.rpm
043ace12873a531986f1ae954cc3d8cd 2010.1/i586/java-1.6.0-openjdk-javadoc-1.6.0.0-26.b24.1mdv2010.2.i586.rpm
b4d810861dc6a7b909ec48737920f5fc 2010.1/i586/java-1.6.0-openjdk-src-1.6.0.0-26.b24.1mdv2010.2.i586.rpm
a6a38f5bb7754d779871b2104aec6fc8 2010.1/SRPMS/java-1.6.0-openjdk-1.6.0.0-26.b24.1mdv2010.2.src.rpm

Mandriva Linux 2010.1/X86_64:
594bfca5dc2fba096ffaa21698e2c7a3 2010.1/x86_64/java-1.6.0-openjdk-1.6.0.0-26.b24.1mdv2010.2.x86_64.rpm
fb01e3019f1f5e823287a39c68f1170c 2010.1/x86_64/java-1.6.0-openjdk-demo-1.6.0.0-26.b24.1mdv2010.2.x86_64.rpm
f6363ce6f9f23a5dbacc33c8c39ebdc9 2010.1/x86_64/java-1.6.0-openjdk-devel-1.6.0.0-26.b24.1mdv2010.2.x86_64.rpm
b32e4edd1959e9974ee8c7dcaf4058d3 2010.1/x86_64/java-1.6.0-openjdk-javadoc-1.6.0.0-26.b24.1mdv2010.2.x86_64.rpm
1348417b4ea0072122f6b730d6d6dc63 2010.1/x86_64/java-1.6.0-openjdk-src-1.6.0.0-26.b24.1mdv2010.2.x86_64.rpm
a6a38f5bb7754d779871b2104aec6fc8 2010.1/SRPMS/java-1.6.0-openjdk-1.6.0.0-26.b24.1mdv2010.2.src.rpm

Mandriva Linux 2011:
674379bdf52c4a41d3305936c7eff1aa 2011/i586/java-1.6.0-openjdk-1.6.0.0-26.b24.1-mdv2011.0.i586.rpm
63d8a5d6bf4785a0421385fa98529430 2011/i586/java-1.6.0-openjdk-demo-1.6.0.0-26.b24.1-mdv2011.0.i586.rpm
13935b834116870ca15a16a49c979a9b 2011/i586/java-1.6.0-openjdk-devel-1.6.0.0-26.b24.1-mdv2011.0.i586.rpm
43256750b71f5d1fb83a101557d8f4f8 2011/i586/java-1.6.0-openjdk-javadoc-1.6.0.0-26.b24.1-mdv2011.0.i586.rpm
bda2c5ac1774f53e1af11b63a7f4e8e1 2011/i586/java-1.6.0-openjdk-src-1.6.0.0-26.b24.1-mdv2011.0.i586.rpm
277b3fbf68229aa5249e0999db11bc3b 2011/SRPMS/java-1.6.0-openjdk-1.6.0.0-26.b24.1.src.rpm

Mandriva Linux 2011/X86_64:
3606504a3516077390012c0e64278bce 2011/x86_64/java-1.6.0-openjdk-1.6.0.0-26.b24.1-mdv2011.0.x86_64.rpm
bd19f0742c1eada1d422d2a8975e0acb 2011/x86_64/java-1.6.0-openjdk-demo-1.6.0.0-26.b24.1-mdv2011.0.x86_64.rpm
2ec9e7b37105839c19ea7b934b22cd41 2011/x86_64/java-1.6.0-openjdk-devel-1.6.0.0-26.b24.1-mdv2011.0.x86_64.rpm
41896f4d4504752dbe13ab2867848170 2011/x86_64/java-1.6.0-openjdk-javadoc-1.6.0.0-26.b24.1-mdv2011.0.x86_64.rpm
757e1cf60cadbaf7b43ae5fe20528adf 2011/x86_64/java-1.6.0-openjdk-src-1.6.0.0-26.b24.1-mdv2011.0.x86_64.rpm
277b3fbf68229aa5249e0999db11bc3b 2011/SRPMS/java-1.6.0-openjdk-1.6.0.0-26.b24.1.src.rpm

Mandriva Enterprise Server 5:
9c6e06dd8ed1f926081a57ee24b64b5e mes5/i586/java-1.6.0-openjdk-1.6.0.0-26.b24.1mdvmes5.2.i586.rpm
689ce76c039dfbf9d31748598521b017 mes5/i586/java-1.6.0-openjdk-demo-1.6.0.0-26.b24.1mdvmes5.2.i586.rpm
a83f0b6fdaa03bcfdd65ea23dffb5cc4 mes5/i586/java-1.6.0-openjdk-devel-1.6.0.0-26.b24.1mdvmes5.2.i586.rpm
47aee7abb00eb28444dce0e325202334 mes5/i586/java-1.6.0-openjdk-javadoc-1.6.0.0-26.b24.1mdvmes5.2.i586.rpm
bd254da4559a4e483d8fdc7e6bbe4c6e mes5/i586/java-1.6.0-openjdk-src-1.6.0.0-26.b24.1mdvmes5.2.i586.rpm
97288c2f2e19934685153c58d3381cde mes5/SRPMS/java-1.6.0-openjdk-1.6.0.0-26.b24.1mdvmes5.2.src.rpm

Mandriva Enterprise Server 5/X86_64:
56fb8ac45e0f0e6dc06abf6171251ba1 mes5/x86_64/java-1.6.0-openjdk-1.6.0.0-26.b24.1mdvmes5.2.x86_64.rpm
15617fcd73aa5b2f704327c3ee0f3db7 mes5/x86_64/java-1.6.0-openjdk-demo-1.6.0.0-26.b24.1mdvmes5.2.x86_64.rpm
244d6a8e07afcd5817447694860880c1 mes5/x86_64/java-1.6.0-openjdk-devel-1.6.0.0-26.b24.1mdvmes5.2.x86_64.rpm
7da7f73665cc6661a0216bd010e7afe2 mes5/x86_64/java-1.6.0-openjdk-javadoc-1.6.0.0-26.b24.1mdvmes5.2.x86_64.rpm
4159505d3b9ae04c0a24ed7ff5d0d6ea mes5/x86_64/java-1.6.0-openjdk-src-1.6.0.0-26.b24.1mdvmes5.2.x86_64.rpm
97288c2f2e19934685153c58d3381cde mes5/SRPMS/java-1.6.0-openjdk-1.6.0.0-26.b24.1mdvmes5.2.src.rpm
_______________________________________________________________________

To upgrade automatically use MandrivaUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.

All packages are signed by Mandriva for security. You can obtain the
GPG public key of the Mandriva Security Team by executing:

gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

You can view other update advisories for Mandriva Linux at:

http://www.mandriva.com/security/advisories

If you want to report vulnerabilities, please contact

security_(at)_mandriva.com
_______________________________________________________________________

Type Bits/KeyID Date User ID
pub 1024D/22458A98 2000-07-10 Mandriva Security Team
<security*mandriva.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)

iD8DBQFP3v0dmqjQ0CJFipgRApUEAKDuHyqURe7mAlzYzLRgK4SCCjmaxACgqxmR
y5zs168WwioVV48Wj1lIeDQ=
=9Eet
-----END PGP SIGNATURE-----
Login or Register to add favorites

File Archive:

August 2020

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Aug 1st
    3 Files
  • 2
    Aug 2nd
    2 Files
  • 3
    Aug 3rd
    32 Files
  • 4
    Aug 4th
    22 Files
  • 5
    Aug 5th
    15 Files
  • 6
    Aug 6th
    19 Files
  • 7
    Aug 7th
    6 Files
  • 8
    Aug 8th
    0 Files
  • 9
    Aug 9th
    0 Files
  • 10
    Aug 10th
    0 Files
  • 11
    Aug 11th
    0 Files
  • 12
    Aug 12th
    0 Files
  • 13
    Aug 13th
    0 Files
  • 14
    Aug 14th
    0 Files
  • 15
    Aug 15th
    0 Files
  • 16
    Aug 16th
    0 Files
  • 17
    Aug 17th
    0 Files
  • 18
    Aug 18th
    0 Files
  • 19
    Aug 19th
    0 Files
  • 20
    Aug 20th
    0 Files
  • 21
    Aug 21st
    0 Files
  • 22
    Aug 22nd
    0 Files
  • 23
    Aug 23rd
    0 Files
  • 24
    Aug 24th
    0 Files
  • 25
    Aug 25th
    0 Files
  • 26
    Aug 26th
    0 Files
  • 27
    Aug 27th
    0 Files
  • 28
    Aug 28th
    0 Files
  • 29
    Aug 29th
    0 Files
  • 30
    Aug 30th
    0 Files
  • 31
    Aug 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close