what you don't know can hurt you

Mandriva Linux Security Advisory 2012-169

Mandriva Linux Security Advisory 2012-169
Posted Nov 2, 2012
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2012-169 - Multiple security issues were identified and fixed in OpenJDK (icedtea6). The fixes include, but are not limited to the TLS implementation changed to better adhere to the RFC, ScriptEngine permissions corrected, a conditional usage check being fixed, and many other fixes. The updated packages provide icedtea6-1.11.5 which is not vulnerable to these issues.

tags | advisory
systems | linux, mandriva
advisories | CVE-2012-3216, CVE-2012-5068, CVE-2012-5077, CVE-2012-5073, CVE-2012-5075, CVE-2012-5072, CVE-2012-5081, CVE-2012-5069, CVE-2012-5085, CVE-2012-5071, CVE-2012-5084, CVE-2012-5086, CVE-2012-5979, CVE-2012-5089, CVE-2012-4416
MD5 | 78973eaf0c387b4899b4b0838e319a89

Mandriva Linux Security Advisory 2012-169

Change Mirror Download
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

_______________________________________________________________________

Mandriva Linux Security Advisory MDVSA-2012:169
http://www.mandriva.com/security/
_______________________________________________________________________

Package : java-1.6.0-openjdk
Date : November 1, 2012
Affected: 2011., Enterprise Server 5.0
_______________________________________________________________________

Problem Description:

Multiple security issues were identified and fixed in OpenJDK
(icedtea6):

* S6631398, CVE-2012-3216: FilePermission improved path checking
* S7093490: adjust package access in rmiregistry
* S7143535, CVE-2012-5068: ScriptEngine corrected permissions
* S7167656, CVE-2012-5077: Multiple Seeders are being created
* S7169884, CVE-2012-5073: LogManager checks do not work correctly
for sub-types
* S7169888, CVE-2012-5075: Narrowing resource definitions in JMX
RMI connector
* S7172522, CVE-2012-5072: Improve DomainCombiner checking
* S7186286, CVE-2012-5081: TLS implementation to better adhere to RFC
* S7189103, CVE-2012-5069: Executors needs to maintain state
* S7189490: More improvements to DomainCombiner checking
* S7189567, CVE-2012-5085: java net obselete protocol
* S7192975, CVE-2012-5071: Conditional usage check is wrong
* S7195194, CVE-2012-5084: Better data validation for Swing
* S7195917, CVE-2012-5086: XMLDecoder parsing at close-time should
be improved
* S7195919, CVE-2012-5979: (sl) ServiceLoader can throw CCE without
needing to create instance
* S7198296, CVE-2012-5089: Refactor classloader usage
* S7158800: Improve storage of symbol tables
* S7158801: Improve VM CompileOnly option
* S7158804: Improve config file parsing
* S7176337: Additional changes needed for 7158801 fix
* S7198606, CVE-2012-4416: Improve VM optimization

The updated packages provides icedtea6-1.11.5 which is not vulnerable
to these issues.
_______________________________________________________________________

References:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3216
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5068
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5077
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5073
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5075
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5072
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5081
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5069
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5085
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5071
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5084
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5086
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5979
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5089
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4416
http://www.oracle.com/technetwork/topics/security/javacpuoct2012-1515924.html
http://mail.openjdk.java.net/pipermail/distro-pkg-dev/2012-October/020556.html
_______________________________________________________________________

Updated Packages:

Mandriva Linux 2011:
b0b8d9c220ca7c5fd6679d6848de69eb 2011/i586/java-1.6.0-openjdk-1.6.0.0-35.b24.1-mdv2011.0.i586.rpm
45ea196c75b18bef9ecb5bc97615c1f3 2011/i586/java-1.6.0-openjdk-demo-1.6.0.0-35.b24.1-mdv2011.0.i586.rpm
f33ac952a55cdb585a59e6021367482f 2011/i586/java-1.6.0-openjdk-devel-1.6.0.0-35.b24.1-mdv2011.0.i586.rpm
6ad5fcabc72830cd332cd9e5243be609 2011/i586/java-1.6.0-openjdk-javadoc-1.6.0.0-35.b24.1-mdv2011.0.i586.rpm
49008a850c545e90a0ebb002902528eb 2011/i586/java-1.6.0-openjdk-src-1.6.0.0-35.b24.1-mdv2011.0.i586.rpm
06e7da198f48cd281fe905deed67fd5c 2011/SRPMS/java-1.6.0-openjdk-1.6.0.0-35.b24.1.src.rpm

Mandriva Linux 2011/X86_64:
debfb115214191ac94d4282463962909 2011/x86_64/java-1.6.0-openjdk-1.6.0.0-35.b24.1-mdv2011.0.x86_64.rpm
09e81180ede0595f8068ef9baeb2da22 2011/x86_64/java-1.6.0-openjdk-demo-1.6.0.0-35.b24.1-mdv2011.0.x86_64.rpm
d93f958ff56643adf973770ace599211 2011/x86_64/java-1.6.0-openjdk-devel-1.6.0.0-35.b24.1-mdv2011.0.x86_64.rpm
3a65468343ff92731e0a408f85d7e304 2011/x86_64/java-1.6.0-openjdk-javadoc-1.6.0.0-35.b24.1-mdv2011.0.x86_64.rpm
ee4cf446eac536bf729eabf15a88867d 2011/x86_64/java-1.6.0-openjdk-src-1.6.0.0-35.b24.1-mdv2011.0.x86_64.rpm
06e7da198f48cd281fe905deed67fd5c 2011/SRPMS/java-1.6.0-openjdk-1.6.0.0-35.b24.1.src.rpm

Mandriva Enterprise Server 5:
bcf38e820f1aa357fa0d64c50d323599 mes5/i586/java-1.6.0-openjdk-1.6.0.0-35.b24.1mdvmes5.2.i586.rpm
7b79269ef163cab203f9b815f5216926 mes5/i586/java-1.6.0-openjdk-demo-1.6.0.0-35.b24.1mdvmes5.2.i586.rpm
24068e420773723a130cff03ae1ef47b mes5/i586/java-1.6.0-openjdk-devel-1.6.0.0-35.b24.1mdvmes5.2.i586.rpm
5e3611c799dcfdf1471a327ec5955ac7 mes5/i586/java-1.6.0-openjdk-javadoc-1.6.0.0-35.b24.1mdvmes5.2.i586.rpm
d7ecadb7be4bfed8502367a5fc4ace40 mes5/i586/java-1.6.0-openjdk-src-1.6.0.0-35.b24.1mdvmes5.2.i586.rpm
62663a8650988b3fdfb56b67c17e0970 mes5/SRPMS/java-1.6.0-openjdk-1.6.0.0-35.b24.1mdvmes5.2.src.rpm

Mandriva Enterprise Server 5/X86_64:
d4fcb3225426ce983273bf6d6730d5bb mes5/x86_64/java-1.6.0-openjdk-1.6.0.0-35.b24.1mdvmes5.2.x86_64.rpm
237544fc49a02cba3438506d52e0392d mes5/x86_64/java-1.6.0-openjdk-demo-1.6.0.0-35.b24.1mdvmes5.2.x86_64.rpm
32b6e494b5f8f26d0be80ce8114d7738 mes5/x86_64/java-1.6.0-openjdk-devel-1.6.0.0-35.b24.1mdvmes5.2.x86_64.rpm
fc520c63a052179c93611e4686fa0127 mes5/x86_64/java-1.6.0-openjdk-javadoc-1.6.0.0-35.b24.1mdvmes5.2.x86_64.rpm
abc7f180d25764804f217a7b7ef2f0c4 mes5/x86_64/java-1.6.0-openjdk-src-1.6.0.0-35.b24.1mdvmes5.2.x86_64.rpm
62663a8650988b3fdfb56b67c17e0970 mes5/SRPMS/java-1.6.0-openjdk-1.6.0.0-35.b24.1mdvmes5.2.src.rpm
_______________________________________________________________________

To upgrade automatically use MandrivaUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.

All packages are signed by Mandriva for security. You can obtain the
GPG public key of the Mandriva Security Team by executing:

gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

You can view other update advisories for Mandriva Linux at:

http://www.mandriva.com/security/advisories

If you want to report vulnerabilities, please contact

security_(at)_mandriva.com
_______________________________________________________________________

Type Bits/KeyID Date User ID
pub 1024D/22458A98 2000-07-10 Mandriva Security Team
<security*mandriva.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)

iD8DBQFQklqImqjQ0CJFipgRAiNOAJ4qA9L2NTdql1htD7pQDNJrDlPnUgCguupW
xu3AOptE+B1OsUdPAeTUH5o=
=2CFK
-----END PGP SIGNATURE-----

Comments

RSS Feed Subscribe to this comment feed

No comments yet, be the first!

Login or Register to post a comment

File Archive:

July 2019

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jul 1st
    34 Files
  • 2
    Jul 2nd
    15 Files
  • 3
    Jul 3rd
    9 Files
  • 4
    Jul 4th
    8 Files
  • 5
    Jul 5th
    2 Files
  • 6
    Jul 6th
    3 Files
  • 7
    Jul 7th
    1 Files
  • 8
    Jul 8th
    15 Files
  • 9
    Jul 9th
    15 Files
  • 10
    Jul 10th
    20 Files
  • 11
    Jul 11th
    17 Files
  • 12
    Jul 12th
    16 Files
  • 13
    Jul 13th
    2 Files
  • 14
    Jul 14th
    1 Files
  • 15
    Jul 15th
    20 Files
  • 16
    Jul 16th
    27 Files
  • 17
    Jul 17th
    7 Files
  • 18
    Jul 18th
    5 Files
  • 19
    Jul 19th
    12 Files
  • 20
    Jul 20th
    0 Files
  • 21
    Jul 21st
    0 Files
  • 22
    Jul 22nd
    0 Files
  • 23
    Jul 23rd
    0 Files
  • 24
    Jul 24th
    0 Files
  • 25
    Jul 25th
    0 Files
  • 26
    Jul 26th
    0 Files
  • 27
    Jul 27th
    0 Files
  • 28
    Jul 28th
    0 Files
  • 29
    Jul 29th
    0 Files
  • 30
    Jul 30th
    0 Files
  • 31
    Jul 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2019 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close