Skip to navigation

Security Advisory Critical: java-1.6.0-openjdk security update

Advisory: RHSA-2011:0856-1
Type: Security Advisory
Severity: Critical
Issued on: 2011-06-08
Last updated on: 2011-06-08
Affected Products: Red Hat Enterprise Linux Desktop (v. 6)
Red Hat Enterprise Linux HPC Node (v. 6)
Red Hat Enterprise Linux Server (v. 6)
Red Hat Enterprise Linux Server EUS (v. 6.1.z)
Red Hat Enterprise Linux Workstation (v. 6)
CVEs (cve.mitre.org): CVE-2011-0862
CVE-2011-0864
CVE-2011-0865
CVE-2011-0867
CVE-2011-0868
CVE-2011-0869
CVE-2011-0871

Details

Updated java-1.6.0-openjdk packages that fix several security issues are
now available for Red Hat Enterprise Linux 6.

The Red Hat Security Response Team has rated this update as having critical
security impact. Common Vulnerability Scoring System (CVSS) base scores,
which give detailed severity ratings, are available for each vulnerability
from the CVE links in the References section.

These packages provide the OpenJDK 6 Java Runtime Environment and the
OpenJDK 6 Software Development Kit.

Integer overflow flaws were found in the way Java2D parsed JPEG images and
user-supplied fonts. An attacker could use these flaws to execute arbitrary
code with the privileges of the user running an untrusted applet or
application. (CVE-2011-0862)

It was found that the MediaTracker implementation created Component
instances with unnecessary access privileges. A remote attacker could use
this flaw to elevate their privileges by utilizing an untrusted applet or
application that uses Swing. (CVE-2011-0871)

A flaw was found in the HotSpot component in OpenJDK. Certain bytecode
instructions confused the memory management within the Java Virtual Machine
(JVM), resulting in an applet or application crashing. (CVE-2011-0864)

An information leak flaw was found in the NetworkInterface class. An
untrusted applet or application could use this flaw to access information
about available network interfaces that should only be available to
privileged code. (CVE-2011-0867)

An incorrect float-to-long conversion, leading to an overflow, was found
in the way certain objects (such as images and text) were transformed in
Java2D. A remote attacker could use this flaw to crash an untrusted applet
or application that uses Java2D. (CVE-2011-0868)

It was found that untrusted applets and applications could misuse a SOAP
connection to incorrectly set global HTTP proxy settings instead of
setting them in a local scope. This flaw could be used to intercept HTTP
requests. (CVE-2011-0869)

A flaw was found in the way signed objects were deserialized. If trusted
and untrusted code were running in the same Java Virtual Machine (JVM), and
both were deserializing the same signed object, the untrusted code could
modify said object by using this flaw to bypass the validation checks on
signed objects. (CVE-2011-0865)

All users of java-1.6.0-openjdk are advised to upgrade to these updated
packages, which resolve these issues. All running instances of OpenJDK Java
must be restarted for the update to take effect.


Solution

Before applying this update, make sure all previously-released errata
relevant to your system have been applied.

This update is available via the Red Hat Network. Details on how to
use the Red Hat Network to apply this update are available at
https://access.redhat.com/kb/docs/DOC-11259

Updated packages

Red Hat Enterprise Linux Desktop (v. 6)
SRPMS:
java-1.6.0-openjdk-1.6.0.0-1.39.1.9.8.el6_1.src.rpm
File outdated by:  RHSA-2013:0770		     MD5: 6fd34190519f3ddb1f2972f7f3cdb1c0
SHA-256: c179433ff5d47b3009a480cfc2c0b7c3867dc20fe2ce1f60a4073d5576bb319c
 
IA-32:
java-1.6.0-openjdk-1.6.0.0-1.39.1.9.8.el6_1.i686.rpm
File outdated by:  RHSA-2013:0770		     MD5: c0eb7b7388a21a0efbdc44c5e17fb22f
SHA-256: c898442bdacef7e99f68534f2d0aa79bafcc2b9dffacb415a82af27a35daaaf4
java-1.6.0-openjdk-debuginfo-1.6.0.0-1.39.1.9.8.el6_1.i686.rpm
File outdated by:  RHSA-2013:0770		     MD5: 1d8b1b43524086f3999764e37294cc57
SHA-256: 48caf45edd702e39ecb791d60f8cf9688400458a1e5f61355be4a1bb3848f995
java-1.6.0-openjdk-demo-1.6.0.0-1.39.1.9.8.el6_1.i686.rpm
File outdated by:  RHSA-2013:0770		     MD5: c4a0218b86a7a8a8b07f19b736f17fa8
SHA-256: 581ffa68904a2b464d78ec0e9832b21089cfe9d0d5cda6c902d9e5effaa76486
java-1.6.0-openjdk-devel-1.6.0.0-1.39.1.9.8.el6_1.i686.rpm
File outdated by:  RHSA-2013:0770		     MD5: 72248051f2cf6ee70d38325109a2e2df
SHA-256: 7965c6eb7e1a3d510b799ef3855445faf95cce290e853cb92bd3557d60e29b79
java-1.6.0-openjdk-javadoc-1.6.0.0-1.39.1.9.8.el6_1.i686.rpm
File outdated by:  RHSA-2013:0770		     MD5: e48a201b74d19bc58febd13052314872
SHA-256: cf2191c75644ddec816a2e595b3b8863b6e22fdc7e57d47a71fae3b3e1e7a60d
java-1.6.0-openjdk-src-1.6.0.0-1.39.1.9.8.el6_1.i686.rpm
File outdated by:  RHSA-2013:0770		     MD5: 9d084ab02ffdee8f6dae18cdc19f71d0
SHA-256: 38a55906572dbfd8cf9425b5a3c13e27939530ef41bbe54da8d04f26cafdf0c0
 
x86_64:
java-1.6.0-openjdk-1.6.0.0-1.39.1.9.8.el6_1.x86_64.rpm
File outdated by:  RHSA-2013:0770		     MD5: ad2fc0d6437ef4e528cff6ee697817b5
SHA-256: b75c29ed0aedaba0224c2283f6d4f94dd62d5dc456e82082108d8e0c756f8da4
java-1.6.0-openjdk-debuginfo-1.6.0.0-1.39.1.9.8.el6_1.x86_64.rpm
File outdated by:  RHSA-2013:0770		     MD5: 5b472c3183ccc383d26feaba374bb13e
SHA-256: 434ba5923b4df5fa9124b1e84c0475da31e311a38427fb826df1ccb39bb2eb43
java-1.6.0-openjdk-demo-1.6.0.0-1.39.1.9.8.el6_1.x86_64.rpm
File outdated by:  RHSA-2013:0770		     MD5: 06216ac5e2c961451f5caa6c06493760
SHA-256: e9717a3275ca98f121f8274dce16e3dad955835a97c1e0d6bdfa8a3b17bdd70f
java-1.6.0-openjdk-devel-1.6.0.0-1.39.1.9.8.el6_1.x86_64.rpm
File outdated by:  RHSA-2013:0770		     MD5: b804e2be3a6304d22b3b66e9f10e2db5
SHA-256: 8256f5eeedfabd6467c8169633088845c554cee805f429fd169bf87a3892f92d
java-1.6.0-openjdk-javadoc-1.6.0.0-1.39.1.9.8.el6_1.x86_64.rpm
File outdated by:  RHSA-2013:0770		     MD5: 9c3007d1d2ecc9918f8367fbf29a6ffa
SHA-256: 7db9a3736b53951bc03a3fa1b466d3415c68c3be17af33e6753f32ff177830c5
java-1.6.0-openjdk-src-1.6.0.0-1.39.1.9.8.el6_1.x86_64.rpm
File outdated by:  RHSA-2013:0770		     MD5: 8e0d9c697c2de0286db99b6f27e71840
SHA-256: 1deed590c6a2f22d33691fcfe7b1c04bb29d543a46d37a8995c9b5fa6ee5228b
 
Red Hat Enterprise Linux HPC Node (v. 6)
SRPMS:
java-1.6.0-openjdk-1.6.0.0-1.39.1.9.8.el6_1.src.rpm
File outdated by:  RHSA-2013:0770		     MD5: 6fd34190519f3ddb1f2972f7f3cdb1c0
SHA-256: c179433ff5d47b3009a480cfc2c0b7c3867dc20fe2ce1f60a4073d5576bb319c
 
x86_64:
java-1.6.0-openjdk-1.6.0.0-1.39.1.9.8.el6_1.x86_64.rpm
File outdated by:  RHSA-2013:0770		     MD5: ad2fc0d6437ef4e528cff6ee697817b5
SHA-256: b75c29ed0aedaba0224c2283f6d4f94dd62d5dc456e82082108d8e0c756f8da4
java-1.6.0-openjdk-debuginfo-1.6.0.0-1.39.1.9.8.el6_1.x86_64.rpm
File outdated by:  RHSA-2013:0770		     MD5: 5b472c3183ccc383d26feaba374bb13e
SHA-256: 434ba5923b4df5fa9124b1e84c0475da31e311a38427fb826df1ccb39bb2eb43
java-1.6.0-openjdk-demo-1.6.0.0-1.39.1.9.8.el6_1.x86_64.rpm
File outdated by:  RHSA-2013:0770		     MD5: 06216ac5e2c961451f5caa6c06493760
SHA-256: e9717a3275ca98f121f8274dce16e3dad955835a97c1e0d6bdfa8a3b17bdd70f
java-1.6.0-openjdk-devel-1.6.0.0-1.39.1.9.8.el6_1.x86_64.rpm
File outdated by:  RHSA-2013:0770		     MD5: b804e2be3a6304d22b3b66e9f10e2db5
SHA-256: 8256f5eeedfabd6467c8169633088845c554cee805f429fd169bf87a3892f92d
java-1.6.0-openjdk-javadoc-1.6.0.0-1.39.1.9.8.el6_1.x86_64.rpm
File outdated by:  RHSA-2013:0770		     MD5: 9c3007d1d2ecc9918f8367fbf29a6ffa
SHA-256: 7db9a3736b53951bc03a3fa1b466d3415c68c3be17af33e6753f32ff177830c5
java-1.6.0-openjdk-src-1.6.0.0-1.39.1.9.8.el6_1.x86_64.rpm
File outdated by:  RHSA-2013:0770		     MD5: 8e0d9c697c2de0286db99b6f27e71840
SHA-256: 1deed590c6a2f22d33691fcfe7b1c04bb29d543a46d37a8995c9b5fa6ee5228b
 
Red Hat Enterprise Linux Server (v. 6)
SRPMS:
java-1.6.0-openjdk-1.6.0.0-1.39.1.9.8.el6_1.src.rpm
File outdated by:  RHSA-2013:0770		     MD5: 6fd34190519f3ddb1f2972f7f3cdb1c0
SHA-256: c179433ff5d47b3009a480cfc2c0b7c3867dc20fe2ce1f60a4073d5576bb319c
 
IA-32:
java-1.6.0-openjdk-1.6.0.0-1.39.1.9.8.el6_1.i686.rpm
File outdated by:  RHSA-2013:0770		     MD5: c0eb7b7388a21a0efbdc44c5e17fb22f
SHA-256: c898442bdacef7e99f68534f2d0aa79bafcc2b9dffacb415a82af27a35daaaf4
java-1.6.0-openjdk-debuginfo-1.6.0.0-1.39.1.9.8.el6_1.i686.rpm
File outdated by:  RHSA-2013:0770		     MD5: 1d8b1b43524086f3999764e37294cc57
SHA-256: 48caf45edd702e39ecb791d60f8cf9688400458a1e5f61355be4a1bb3848f995
java-1.6.0-openjdk-demo-1.6.0.0-1.39.1.9.8.el6_1.i686.rpm
File outdated by:  RHSA-2013:0770		     MD5: c4a0218b86a7a8a8b07f19b736f17fa8
SHA-256: 581ffa68904a2b464d78ec0e9832b21089cfe9d0d5cda6c902d9e5effaa76486
java-1.6.0-openjdk-devel-1.6.0.0-1.39.1.9.8.el6_1.i686.rpm
File outdated by:  RHSA-2013:0770		     MD5: 72248051f2cf6ee70d38325109a2e2df
SHA-256: 7965c6eb7e1a3d510b799ef3855445faf95cce290e853cb92bd3557d60e29b79
java-1.6.0-openjdk-javadoc-1.6.0.0-1.39.1.9.8.el6_1.i686.rpm
File outdated by:  RHSA-2013:0770		     MD5: e48a201b74d19bc58febd13052314872
SHA-256: cf2191c75644ddec816a2e595b3b8863b6e22fdc7e57d47a71fae3b3e1e7a60d
java-1.6.0-openjdk-src-1.6.0.0-1.39.1.9.8.el6_1.i686.rpm
File outdated by:  RHSA-2013:0770		     MD5: 9d084ab02ffdee8f6dae18cdc19f71d0
SHA-256: 38a55906572dbfd8cf9425b5a3c13e27939530ef41bbe54da8d04f26cafdf0c0
 
x86_64:
java-1.6.0-openjdk-1.6.0.0-1.39.1.9.8.el6_1.x86_64.rpm
File outdated by:  RHSA-2013:0770		     MD5: ad2fc0d6437ef4e528cff6ee697817b5
SHA-256: b75c29ed0aedaba0224c2283f6d4f94dd62d5dc456e82082108d8e0c756f8da4
java-1.6.0-openjdk-debuginfo-1.6.0.0-1.39.1.9.8.el6_1.x86_64.rpm
File outdated by:  RHSA-2013:0770		     MD5: 5b472c3183ccc383d26feaba374bb13e
SHA-256: 434ba5923b4df5fa9124b1e84c0475da31e311a38427fb826df1ccb39bb2eb43
java-1.6.0-openjdk-demo-1.6.0.0-1.39.1.9.8.el6_1.x86_64.rpm
File outdated by:  RHSA-2013:0770		     MD5: 06216ac5e2c961451f5caa6c06493760
SHA-256: e9717a3275ca98f121f8274dce16e3dad955835a97c1e0d6bdfa8a3b17bdd70f
java-1.6.0-openjdk-devel-1.6.0.0-1.39.1.9.8.el6_1.x86_64.rpm
File outdated by:  RHSA-2013:0770		     MD5: b804e2be3a6304d22b3b66e9f10e2db5
SHA-256: 8256f5eeedfabd6467c8169633088845c554cee805f429fd169bf87a3892f92d
java-1.6.0-openjdk-javadoc-1.6.0.0-1.39.1.9.8.el6_1.x86_64.rpm
File outdated by:  RHSA-2013:0770		     MD5: 9c3007d1d2ecc9918f8367fbf29a6ffa
SHA-256: 7db9a3736b53951bc03a3fa1b466d3415c68c3be17af33e6753f32ff177830c5
java-1.6.0-openjdk-src-1.6.0.0-1.39.1.9.8.el6_1.x86_64.rpm
File outdated by:  RHSA-2013:0770		     MD5: 8e0d9c697c2de0286db99b6f27e71840
SHA-256: 1deed590c6a2f22d33691fcfe7b1c04bb29d543a46d37a8995c9b5fa6ee5228b
 
Red Hat Enterprise Linux Server EUS (v. 6.1.z)
SRPMS:
java-1.6.0-openjdk-1.6.0.0-1.39.1.9.8.el6_1.src.rpm
File outdated by:  RHSA-2013:0770		     MD5: 6fd34190519f3ddb1f2972f7f3cdb1c0
SHA-256: c179433ff5d47b3009a480cfc2c0b7c3867dc20fe2ce1f60a4073d5576bb319c
 
IA-32:
java-1.6.0-openjdk-1.6.0.0-1.39.1.9.8.el6_1.i686.rpm
File outdated by:  RHSA-2011:1380		     MD5: c0eb7b7388a21a0efbdc44c5e17fb22f
SHA-256: c898442bdacef7e99f68534f2d0aa79bafcc2b9dffacb415a82af27a35daaaf4
java-1.6.0-openjdk-debuginfo-1.6.0.0-1.39.1.9.8.el6_1.i686.rpm
File outdated by:  RHSA-2011:1380		     MD5: 1d8b1b43524086f3999764e37294cc57
SHA-256: 48caf45edd702e39ecb791d60f8cf9688400458a1e5f61355be4a1bb3848f995
java-1.6.0-openjdk-demo-1.6.0.0-1.39.1.9.8.el6_1.i686.rpm
File outdated by:  RHSA-2011:1380		     MD5: c4a0218b86a7a8a8b07f19b736f17fa8
SHA-256: 581ffa68904a2b464d78ec0e9832b21089cfe9d0d5cda6c902d9e5effaa76486
java-1.6.0-openjdk-devel-1.6.0.0-1.39.1.9.8.el6_1.i686.rpm
File outdated by:  RHSA-2011:1380		     MD5: 72248051f2cf6ee70d38325109a2e2df
SHA-256: 7965c6eb7e1a3d510b799ef3855445faf95cce290e853cb92bd3557d60e29b79
java-1.6.0-openjdk-javadoc-1.6.0.0-1.39.1.9.8.el6_1.i686.rpm
File outdated by:  RHSA-2011:1380		     MD5: e48a201b74d19bc58febd13052314872
SHA-256: cf2191c75644ddec816a2e595b3b8863b6e22fdc7e57d47a71fae3b3e1e7a60d
java-1.6.0-openjdk-src-1.6.0.0-1.39.1.9.8.el6_1.i686.rpm
File outdated by:  RHSA-2011:1380		     MD5: 9d084ab02ffdee8f6dae18cdc19f71d0
SHA-256: 38a55906572dbfd8cf9425b5a3c13e27939530ef41bbe54da8d04f26cafdf0c0
 
x86_64:
java-1.6.0-openjdk-1.6.0.0-1.39.1.9.8.el6_1.x86_64.rpm
File outdated by:  RHSA-2011:1380		     MD5: ad2fc0d6437ef4e528cff6ee697817b5
SHA-256: b75c29ed0aedaba0224c2283f6d4f94dd62d5dc456e82082108d8e0c756f8da4
java-1.6.0-openjdk-debuginfo-1.6.0.0-1.39.1.9.8.el6_1.x86_64.rpm
File outdated by:  RHSA-2011:1380		     MD5: 5b472c3183ccc383d26feaba374bb13e
SHA-256: 434ba5923b4df5fa9124b1e84c0475da31e311a38427fb826df1ccb39bb2eb43
java-1.6.0-openjdk-demo-1.6.0.0-1.39.1.9.8.el6_1.x86_64.rpm
File outdated by:  RHSA-2011:1380		     MD5: 06216ac5e2c961451f5caa6c06493760
SHA-256: e9717a3275ca98f121f8274dce16e3dad955835a97c1e0d6bdfa8a3b17bdd70f
java-1.6.0-openjdk-devel-1.6.0.0-1.39.1.9.8.el6_1.x86_64.rpm
File outdated by:  RHSA-2011:1380		     MD5: b804e2be3a6304d22b3b66e9f10e2db5
SHA-256: 8256f5eeedfabd6467c8169633088845c554cee805f429fd169bf87a3892f92d
java-1.6.0-openjdk-javadoc-1.6.0.0-1.39.1.9.8.el6_1.x86_64.rpm
File outdated by:  RHSA-2011:1380		     MD5: 9c3007d1d2ecc9918f8367fbf29a6ffa
SHA-256: 7db9a3736b53951bc03a3fa1b466d3415c68c3be17af33e6753f32ff177830c5
java-1.6.0-openjdk-src-1.6.0.0-1.39.1.9.8.el6_1.x86_64.rpm
File outdated by:  RHSA-2011:1380		     MD5: 8e0d9c697c2de0286db99b6f27e71840
SHA-256: 1deed590c6a2f22d33691fcfe7b1c04bb29d543a46d37a8995c9b5fa6ee5228b
 
Red Hat Enterprise Linux Workstation (v. 6)
SRPMS:
java-1.6.0-openjdk-1.6.0.0-1.39.1.9.8.el6_1.src.rpm
File outdated by:  RHSA-2013:0770		     MD5: 6fd34190519f3ddb1f2972f7f3cdb1c0
SHA-256: c179433ff5d47b3009a480cfc2c0b7c3867dc20fe2ce1f60a4073d5576bb319c
 
IA-32:
java-1.6.0-openjdk-1.6.0.0-1.39.1.9.8.el6_1.i686.rpm
File outdated by:  RHSA-2013:0770		     MD5: c0eb7b7388a21a0efbdc44c5e17fb22f
SHA-256: c898442bdacef7e99f68534f2d0aa79bafcc2b9dffacb415a82af27a35daaaf4
java-1.6.0-openjdk-debuginfo-1.6.0.0-1.39.1.9.8.el6_1.i686.rpm
File outdated by:  RHSA-2013:0770		     MD5: 1d8b1b43524086f3999764e37294cc57
SHA-256: 48caf45edd702e39ecb791d60f8cf9688400458a1e5f61355be4a1bb3848f995
java-1.6.0-openjdk-demo-1.6.0.0-1.39.1.9.8.el6_1.i686.rpm
File outdated by:  RHSA-2013:0770		     MD5: c4a0218b86a7a8a8b07f19b736f17fa8
SHA-256: 581ffa68904a2b464d78ec0e9832b21089cfe9d0d5cda6c902d9e5effaa76486
java-1.6.0-openjdk-devel-1.6.0.0-1.39.1.9.8.el6_1.i686.rpm
File outdated by:  RHSA-2013:0770		     MD5: 72248051f2cf6ee70d38325109a2e2df
SHA-256: 7965c6eb7e1a3d510b799ef3855445faf95cce290e853cb92bd3557d60e29b79
java-1.6.0-openjdk-javadoc-1.6.0.0-1.39.1.9.8.el6_1.i686.rpm
File outdated by:  RHSA-2013:0770		     MD5: e48a201b74d19bc58febd13052314872
SHA-256: cf2191c75644ddec816a2e595b3b8863b6e22fdc7e57d47a71fae3b3e1e7a60d
java-1.6.0-openjdk-src-1.6.0.0-1.39.1.9.8.el6_1.i686.rpm
File outdated by:  RHSA-2013:0770		     MD5: 9d084ab02ffdee8f6dae18cdc19f71d0
SHA-256: 38a55906572dbfd8cf9425b5a3c13e27939530ef41bbe54da8d04f26cafdf0c0
 
x86_64:
java-1.6.0-openjdk-1.6.0.0-1.39.1.9.8.el6_1.x86_64.rpm
File outdated by:  RHSA-2013:0770		     MD5: ad2fc0d6437ef4e528cff6ee697817b5
SHA-256: b75c29ed0aedaba0224c2283f6d4f94dd62d5dc456e82082108d8e0c756f8da4
java-1.6.0-openjdk-debuginfo-1.6.0.0-1.39.1.9.8.el6_1.x86_64.rpm
File outdated by:  RHSA-2013:0770		     MD5: 5b472c3183ccc383d26feaba374bb13e
SHA-256: 434ba5923b4df5fa9124b1e84c0475da31e311a38427fb826df1ccb39bb2eb43
java-1.6.0-openjdk-demo-1.6.0.0-1.39.1.9.8.el6_1.x86_64.rpm
File outdated by:  RHSA-2013:0770		     MD5: 06216ac5e2c961451f5caa6c06493760
SHA-256: e9717a3275ca98f121f8274dce16e3dad955835a97c1e0d6bdfa8a3b17bdd70f
java-1.6.0-openjdk-devel-1.6.0.0-1.39.1.9.8.el6_1.x86_64.rpm
File outdated by:  RHSA-2013:0770		     MD5: b804e2be3a6304d22b3b66e9f10e2db5
SHA-256: 8256f5eeedfabd6467c8169633088845c554cee805f429fd169bf87a3892f92d
java-1.6.0-openjdk-javadoc-1.6.0.0-1.39.1.9.8.el6_1.x86_64.rpm
File outdated by:  RHSA-2013:0770		     MD5: 9c3007d1d2ecc9918f8367fbf29a6ffa
SHA-256: 7db9a3736b53951bc03a3fa1b466d3415c68c3be17af33e6753f32ff177830c5
java-1.6.0-openjdk-src-1.6.0.0-1.39.1.9.8.el6_1.x86_64.rpm
File outdated by:  RHSA-2013:0770		     MD5: 8e0d9c697c2de0286db99b6f27e71840
SHA-256: 1deed590c6a2f22d33691fcfe7b1c04bb29d543a46d37a8995c9b5fa6ee5228b
 
(The unlinked packages above are only available from the Red Hat Network)

Bugs fixed (see bugzilla for more information)

706106 - CVE-2011-0865 OpenJDK: Deserialization allows creation of mutable SignedObject (Deserialization, 6618658)
706139 - CVE-2011-0862 OpenJDK: integer overflows in JPEGImageReader and font SunLayoutEngine (2D, 7013519)
706153 - CVE-2011-0867 OpenJDK: NetworkInterface information leak (Networking, 7013969)
706234 - CVE-2011-0869 OpenJDK: unprivileged proxy settings change via SOAPConnection (SAAJ, 7013971)
706241 - CVE-2011-0868 OpenJDK: incorrect numeric type conversion in TransformHelper (2D, 7016495)
706245 - CVE-2011-0864 OpenJDK: JVM memory corruption via certain bytecode (HotSpot, 7020373)
706248 - CVE-2011-0871 OpenJDK: MediaTracker created Component instances with unnecessary privileges (Swing, 7020198)


References

https://www.redhat.com/security/data/cve/CVE-2011-0862.html
https://www.redhat.com/security/data/cve/CVE-2011-0864.html
https://www.redhat.com/security/data/cve/CVE-2011-0865.html
https://www.redhat.com/security/data/cve/CVE-2011-0867.html
https://www.redhat.com/security/data/cve/CVE-2011-0868.html
https://www.redhat.com/security/data/cve/CVE-2011-0869.html
https://www.redhat.com/security/data/cve/CVE-2011-0871.html
https://access.redhat.com/security/updates/classification/#critical
http://www.oracle.com/technetwork/topics/security/javacpujune2011-313339.html

These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from:
https://www.redhat.com/security/team/key/#package

The Red Hat security contact is secalert@redhat.com. More contact details at http://www.redhat.com/security/team/contact/