Skip to navigation

Security Advisory Critical: java-1.6.0-openjdk security update

Advisory: RHSA-2011:1380-1
Type: Security Advisory
Severity: Critical
Issued on: 2011-10-18
Last updated on: 2011-10-18
Affected Products: Red Hat Enterprise Linux (v. 5 server)
Red Hat Enterprise Linux Desktop (v. 5 client)
Red Hat Enterprise Linux Desktop (v. 6)
Red Hat Enterprise Linux HPC Node (v. 6)
Red Hat Enterprise Linux Server (v. 6)
Red Hat Enterprise Linux Server EUS (v. 6.1.z)
Red Hat Enterprise Linux Workstation (v. 6)
CVEs (cve.mitre.org): CVE-2011-3389
CVE-2011-3521
CVE-2011-3544
CVE-2011-3547
CVE-2011-3548
CVE-2011-3551
CVE-2011-3552
CVE-2011-3553
CVE-2011-3554
CVE-2011-3556
CVE-2011-3557
CVE-2011-3558
CVE-2011-3560

Details

Updated java-1.6.0-openjdk packages that fix several security issues are
now available for Red Hat Enterprise Linux 5 and 6.

The Red Hat Security Response Team has rated this update as having critical
security impact. Common Vulnerability Scoring System (CVSS) base scores,
which give detailed severity ratings, are available for each vulnerability
from the CVE links in the References section.

These packages provide the OpenJDK 6 Java Runtime Environment and the
OpenJDK 6 Software Development Kit.

A flaw was found in the Java RMI (Remote Method Invocation) registry
implementation. A remote RMI client could use this flaw to execute
arbitrary code on the RMI server running the registry. (CVE-2011-3556)

A flaw was found in the Java RMI registry implementation. A remote RMI
client could use this flaw to execute code on the RMI server with
unrestricted privileges. (CVE-2011-3557)

A flaw was found in the IIOP (Internet Inter-Orb Protocol) deserialization
code. An untrusted Java application or applet running in a sandbox could
use this flaw to bypass sandbox restrictions by deserializing
specially-crafted input. (CVE-2011-3521)

It was found that the Java ScriptingEngine did not properly restrict the
privileges of sandboxed applications. An untrusted Java application or
applet running in a sandbox could use this flaw to bypass sandbox
restrictions. (CVE-2011-3544)

A flaw was found in the AWTKeyStroke implementation. An untrusted Java
application or applet running in a sandbox could use this flaw to bypass
sandbox restrictions. (CVE-2011-3548)

An integer overflow flaw, leading to a heap-based buffer overflow, was
found in the Java2D code used to perform transformations of graphic shapes
and images. An untrusted Java application or applet running in a sandbox
could use this flaw to bypass sandbox restrictions. (CVE-2011-3551)

An insufficient error checking flaw was found in the unpacker for JAR files
in pack200 format. A specially-crafted JAR file could use this flaw to
crash the Java Virtual Machine (JVM) or, possibly, execute arbitrary code
with JVM privileges. (CVE-2011-3554)

It was found that HttpsURLConnection did not perform SecurityManager checks
in the setSSLSocketFactory method. An untrusted Java application or applet
running in a sandbox could use this flaw to bypass connection restrictions
defined in the policy. (CVE-2011-3560)

A flaw was found in the way the SSL 3 and TLS 1.0 protocols used block
ciphers in cipher-block chaining (CBC) mode. An attacker able to perform a
chosen plain text attack against a connection mixing trusted and untrusted
data could use this flaw to recover portions of the trusted data sent over
the connection. (CVE-2011-3389)

Note: This update mitigates the CVE-2011-3389 issue by splitting the first
application data record byte to a separate SSL/TLS protocol record. This
mitigation may cause compatibility issues with some SSL/TLS implementations
and can be disabled using the jsse.enableCBCProtection boolean property.
This can be done on the command line by appending the flag
"-Djsse.enableCBCProtection=false" to the java command.

An information leak flaw was found in the InputStream.skip implementation.
An untrusted Java application or applet could possibly use this flaw to
obtain bytes skipped by other threads. (CVE-2011-3547)

A flaw was found in the Java HotSpot virtual machine. An untrusted Java
application or applet could use this flaw to disclose portions of the VM
memory, or cause it to crash. (CVE-2011-3558)

The Java API for XML Web Services (JAX-WS) implementation in OpenJDK was
configured to include the stack trace in error messages sent to clients. A
remote client could possibly use this flaw to obtain sensitive information.
(CVE-2011-3553)

It was found that Java applications running with SecurityManager
restrictions were allowed to use too many UDP sockets by default. If
multiple instances of a malicious application were started at the same
time, they could exhaust all available UDP sockets on the system.
(CVE-2011-3552)

This erratum also upgrades the OpenJDK package to IcedTea6 1.9.10. Refer to
the NEWS file, linked to in the References, for further information.

All users of java-1.6.0-openjdk are advised to upgrade to these updated
packages, which resolve these issues. All running instances of OpenJDK Java
must be restarted for the update to take effect.


Solution

Before applying this update, make sure all previously-released errata
relevant to your system have been applied.

This update is available via the Red Hat Network. Details on how to
use the Red Hat Network to apply this update are available at
https://access.redhat.com/kb/docs/DOC-11259

Updated packages

Red Hat Enterprise Linux (v. 5 server)
SRPMS:
java-1.6.0-openjdk-1.6.0.0-1.23.1.9.10.el5_7.src.rpm
File outdated by:  RHSA-2013:0770		     MD5: 625307c851e45b10ae9ff1c3dcf23769
SHA-256: 619f2b422cc99a5550d9769b3fb238ce29fd67123e276c8fa2e01eedd3c20ff1
 
IA-32:
java-1.6.0-openjdk-1.6.0.0-1.23.1.9.10.el5_7.i386.rpm
File outdated by:  RHSA-2013:0770		     MD5: 6f9ae3309e3648d1afaceb456501c0eb
SHA-256: 07b5157bae9d7e6a78ccf51e3e6ca069e60f75ef963e59bf80b496154e76ef29
java-1.6.0-openjdk-demo-1.6.0.0-1.23.1.9.10.el5_7.i386.rpm
File outdated by:  RHSA-2013:0770		     MD5: 84a4538d02401a14017cd08dc7f8a184
SHA-256: e011a1db7500e2b6c2fc5ad7d0cc6ffd6e5a491bbdbb255658de431d92979505
java-1.6.0-openjdk-devel-1.6.0.0-1.23.1.9.10.el5_7.i386.rpm
File outdated by:  RHSA-2013:0770		     MD5: fe96fd771164b465fc54a63b516d7616
SHA-256: 2b87a33769c7878c3da0ccdd9f390a099f5c981e2be2679739fe632c78afa9a7
java-1.6.0-openjdk-javadoc-1.6.0.0-1.23.1.9.10.el5_7.i386.rpm
File outdated by:  RHSA-2013:0770		     MD5: 016500e21f34cc21a72dc5c3cef7de66
SHA-256: bd027aed4382af5650656afb1b7879ed48b4a9cb535445b3f10251bf3743ca5d
java-1.6.0-openjdk-src-1.6.0.0-1.23.1.9.10.el5_7.i386.rpm
File outdated by:  RHSA-2013:0770		     MD5: ad04c9116ce8c460fb8f7c3041001454
SHA-256: e3880167e05259256a912c300101047c75c5776079d26d4937efd1f7e6c5f29b
 
x86_64:
java-1.6.0-openjdk-1.6.0.0-1.23.1.9.10.el5_7.x86_64.rpm
File outdated by:  RHSA-2013:0770		     MD5: 94967909ea38ce31db0d4c907c314f7a
SHA-256: 364762deb121ebd8bfdfaf68155a547a5d380f23a88e41a79d0d3a68d3136006
java-1.6.0-openjdk-demo-1.6.0.0-1.23.1.9.10.el5_7.x86_64.rpm
File outdated by:  RHSA-2013:0770		     MD5: 3f04aee9742048cc8dec5db07ea1525a
SHA-256: 5606e36ccbfbe507b129cc19e78e82c220a2cc911b015de375f573982a0777d8
java-1.6.0-openjdk-devel-1.6.0.0-1.23.1.9.10.el5_7.x86_64.rpm
File outdated by:  RHSA-2013:0770		     MD5: fd0e8fc3a211d570aa474b9eb07585d0
SHA-256: 6499d09fe984a78027c0d99c5400a2fc60084cf1f627a9d60697bc639f4cf51f
java-1.6.0-openjdk-javadoc-1.6.0.0-1.23.1.9.10.el5_7.x86_64.rpm
File outdated by:  RHSA-2013:0770		     MD5: db66bf6e2a88d338365b6ea31332cd6e
SHA-256: e953b4b1bb5bb91177a5c649354e9254df3897f91684c9b3ac1fbd666e42fa72
java-1.6.0-openjdk-src-1.6.0.0-1.23.1.9.10.el5_7.x86_64.rpm
File outdated by:  RHSA-2013:0770		     MD5: 148dd415760cd2b3af72806e2171b744
SHA-256: 05535ec8a932289073c1310a267989009226edfd03f998a54e3421e4aa4e5c90
 
Red Hat Enterprise Linux Desktop (v. 5 client)
SRPMS:
java-1.6.0-openjdk-1.6.0.0-1.23.1.9.10.el5_7.src.rpm
File outdated by:  RHSA-2013:0770		     MD5: 625307c851e45b10ae9ff1c3dcf23769
SHA-256: 619f2b422cc99a5550d9769b3fb238ce29fd67123e276c8fa2e01eedd3c20ff1
 
IA-32:
java-1.6.0-openjdk-1.6.0.0-1.23.1.9.10.el5_7.i386.rpm
File outdated by:  RHSA-2013:0770		     MD5: 6f9ae3309e3648d1afaceb456501c0eb
SHA-256: 07b5157bae9d7e6a78ccf51e3e6ca069e60f75ef963e59bf80b496154e76ef29
java-1.6.0-openjdk-demo-1.6.0.0-1.23.1.9.10.el5_7.i386.rpm
File outdated by:  RHSA-2013:0770		     MD5: 84a4538d02401a14017cd08dc7f8a184
SHA-256: e011a1db7500e2b6c2fc5ad7d0cc6ffd6e5a491bbdbb255658de431d92979505
java-1.6.0-openjdk-devel-1.6.0.0-1.23.1.9.10.el5_7.i386.rpm
File outdated by:  RHSA-2013:0770		     MD5: fe96fd771164b465fc54a63b516d7616
SHA-256: 2b87a33769c7878c3da0ccdd9f390a099f5c981e2be2679739fe632c78afa9a7
java-1.6.0-openjdk-javadoc-1.6.0.0-1.23.1.9.10.el5_7.i386.rpm
File outdated by:  RHSA-2013:0770		     MD5: 016500e21f34cc21a72dc5c3cef7de66
SHA-256: bd027aed4382af5650656afb1b7879ed48b4a9cb535445b3f10251bf3743ca5d
java-1.6.0-openjdk-src-1.6.0.0-1.23.1.9.10.el5_7.i386.rpm
File outdated by:  RHSA-2013:0770		     MD5: ad04c9116ce8c460fb8f7c3041001454
SHA-256: e3880167e05259256a912c300101047c75c5776079d26d4937efd1f7e6c5f29b
 
x86_64:
java-1.6.0-openjdk-1.6.0.0-1.23.1.9.10.el5_7.x86_64.rpm
File outdated by:  RHSA-2013:0770		     MD5: 94967909ea38ce31db0d4c907c314f7a
SHA-256: 364762deb121ebd8bfdfaf68155a547a5d380f23a88e41a79d0d3a68d3136006
java-1.6.0-openjdk-demo-1.6.0.0-1.23.1.9.10.el5_7.x86_64.rpm
File outdated by:  RHSA-2013:0770		     MD5: 3f04aee9742048cc8dec5db07ea1525a
SHA-256: 5606e36ccbfbe507b129cc19e78e82c220a2cc911b015de375f573982a0777d8
java-1.6.0-openjdk-devel-1.6.0.0-1.23.1.9.10.el5_7.x86_64.rpm
File outdated by:  RHSA-2013:0770		     MD5: fd0e8fc3a211d570aa474b9eb07585d0
SHA-256: 6499d09fe984a78027c0d99c5400a2fc60084cf1f627a9d60697bc639f4cf51f
java-1.6.0-openjdk-javadoc-1.6.0.0-1.23.1.9.10.el5_7.x86_64.rpm
File outdated by:  RHSA-2013:0770		     MD5: db66bf6e2a88d338365b6ea31332cd6e
SHA-256: e953b4b1bb5bb91177a5c649354e9254df3897f91684c9b3ac1fbd666e42fa72
java-1.6.0-openjdk-src-1.6.0.0-1.23.1.9.10.el5_7.x86_64.rpm
File outdated by:  RHSA-2013:0770		     MD5: 148dd415760cd2b3af72806e2171b744
SHA-256: 05535ec8a932289073c1310a267989009226edfd03f998a54e3421e4aa4e5c90
 
Red Hat Enterprise Linux Desktop (v. 6)
SRPMS:
java-1.6.0-openjdk-1.6.0.0-1.40.1.9.10.el6_1.src.rpm
File outdated by:  RHSA-2013:0770		     MD5: a55cd73717773fdd6165ec763ea3e15c
SHA-256: eb9d084b196636ae3ccf7db0a8bd558d4a8c1241e5b27e67679e9c9316ae2645
 
IA-32:
java-1.6.0-openjdk-1.6.0.0-1.40.1.9.10.el6_1.i686.rpm
File outdated by:  RHSA-2013:0770		     MD5: ed47dc9c9c29b1311166cc5393736ba2
SHA-256: 91e3946bf404a4c256bd5cb7fa887e4621a321fbb29ddfb8c4ede1ed95710b72
java-1.6.0-openjdk-debuginfo-1.6.0.0-1.40.1.9.10.el6_1.i686.rpm
File outdated by:  RHSA-2013:0770		     MD5: 13b47ec0b975564b9f3e254c86e137da
SHA-256: 2b3bffe8661c3be984935ff1757c58e32902540cc16797a621a7ceffbf8a8751
java-1.6.0-openjdk-demo-1.6.0.0-1.40.1.9.10.el6_1.i686.rpm
File outdated by:  RHSA-2013:0770		     MD5: dfd4da7f9cdafad7c36e2f31aa3c5083
SHA-256: 03ac6efa95b4a2de1903a365b68e0a1e1080b3c6eaf33b4c057af9d4f98fb846
java-1.6.0-openjdk-devel-1.6.0.0-1.40.1.9.10.el6_1.i686.rpm
File outdated by:  RHSA-2013:0770		     MD5: e3971abe37aa453c0d2a42314c631430
SHA-256: 9a52834b410c6e008ab3d23b474b614275b8cc6866b76587bea1624f0bdc7b8a
java-1.6.0-openjdk-javadoc-1.6.0.0-1.40.1.9.10.el6_1.i686.rpm
File outdated by:  RHSA-2013:0770		     MD5: a92fb9d3c6198ef310ef31bc4e063f4f
SHA-256: eafbd870fd553ae663209419aec424850dcf28728360201ef7c709f0424dfebc
java-1.6.0-openjdk-src-1.6.0.0-1.40.1.9.10.el6_1.i686.rpm
File outdated by:  RHSA-2013:0770		     MD5: 9e41ae69750e7b87a4d165ee89d45c3f
SHA-256: 3fdc8934f407205905de5fc5f31f85427871e52ce5b2aa9355a0715cd55ac2e9
 
x86_64:
java-1.6.0-openjdk-1.6.0.0-1.40.1.9.10.el6_1.x86_64.rpm
File outdated by:  RHSA-2013:0770		     MD5: 2686bf2a1df0e321287a0d8dbec3be5b
SHA-256: 9d7b85b9e88557bd39c2208ffe569d7888ee7d08ff12d26f8f487b31a610edff
java-1.6.0-openjdk-debuginfo-1.6.0.0-1.40.1.9.10.el6_1.x86_64.rpm
File outdated by:  RHSA-2013:0770		     MD5: 19d7d2a6f9b679ef45b018ea1a886dd8
SHA-256: afc381f847965bb8b98e757f398a020ed707756c4d2b6ac5fa1759134d9f53fe
java-1.6.0-openjdk-demo-1.6.0.0-1.40.1.9.10.el6_1.x86_64.rpm
File outdated by:  RHSA-2013:0770		     MD5: e6ab9b21b18a044827dd73ee2196add9
SHA-256: 3c644c5ddc687728254210d875533cd799233046881485a6f995716579dd2d66
java-1.6.0-openjdk-devel-1.6.0.0-1.40.1.9.10.el6_1.x86_64.rpm
File outdated by:  RHSA-2013:0770		     MD5: 9611d039a78d43410e98b9fd14e56fd6
SHA-256: 7ee9cd396044713b58a9b1a24fd4caeab86b908a66da4853d9e5c8c20cac270f
java-1.6.0-openjdk-javadoc-1.6.0.0-1.40.1.9.10.el6_1.x86_64.rpm
File outdated by:  RHSA-2013:0770		     MD5: 5c5d58dbdd4362cf11e12cd70c4183b4
SHA-256: 18a0d291f0cfaa331120d03e5b87946fb825110444440a86dc1d5b1bf2cbd9df
java-1.6.0-openjdk-src-1.6.0.0-1.40.1.9.10.el6_1.x86_64.rpm
File outdated by:  RHSA-2013:0770		     MD5: c8dcbd05ab5dcc42cf4b778ab90e93f7
SHA-256: 1ba9dfcbd9bf39e782b369476f1c9f588841caa0e75259969985a86f0268dacc
 
Red Hat Enterprise Linux HPC Node (v. 6)
SRPMS:
java-1.6.0-openjdk-1.6.0.0-1.40.1.9.10.el6_1.src.rpm
File outdated by:  RHSA-2013:0770		     MD5: a55cd73717773fdd6165ec763ea3e15c
SHA-256: eb9d084b196636ae3ccf7db0a8bd558d4a8c1241e5b27e67679e9c9316ae2645
 
x86_64:
java-1.6.0-openjdk-1.6.0.0-1.40.1.9.10.el6_1.x86_64.rpm
File outdated by:  RHSA-2013:0770		     MD5: 2686bf2a1df0e321287a0d8dbec3be5b
SHA-256: 9d7b85b9e88557bd39c2208ffe569d7888ee7d08ff12d26f8f487b31a610edff
java-1.6.0-openjdk-debuginfo-1.6.0.0-1.40.1.9.10.el6_1.x86_64.rpm
File outdated by:  RHSA-2013:0770		     MD5: 19d7d2a6f9b679ef45b018ea1a886dd8
SHA-256: afc381f847965bb8b98e757f398a020ed707756c4d2b6ac5fa1759134d9f53fe
java-1.6.0-openjdk-demo-1.6.0.0-1.40.1.9.10.el6_1.x86_64.rpm
File outdated by:  RHSA-2013:0770		     MD5: e6ab9b21b18a044827dd73ee2196add9
SHA-256: 3c644c5ddc687728254210d875533cd799233046881485a6f995716579dd2d66
java-1.6.0-openjdk-devel-1.6.0.0-1.40.1.9.10.el6_1.x86_64.rpm
File outdated by:  RHSA-2013:0770		     MD5: 9611d039a78d43410e98b9fd14e56fd6
SHA-256: 7ee9cd396044713b58a9b1a24fd4caeab86b908a66da4853d9e5c8c20cac270f
java-1.6.0-openjdk-javadoc-1.6.0.0-1.40.1.9.10.el6_1.x86_64.rpm
File outdated by:  RHSA-2013:0770		     MD5: 5c5d58dbdd4362cf11e12cd70c4183b4
SHA-256: 18a0d291f0cfaa331120d03e5b87946fb825110444440a86dc1d5b1bf2cbd9df
java-1.6.0-openjdk-src-1.6.0.0-1.40.1.9.10.el6_1.x86_64.rpm
File outdated by:  RHSA-2013:0770		     MD5: c8dcbd05ab5dcc42cf4b778ab90e93f7
SHA-256: 1ba9dfcbd9bf39e782b369476f1c9f588841caa0e75259969985a86f0268dacc
 
Red Hat Enterprise Linux Server (v. 6)
SRPMS:
java-1.6.0-openjdk-1.6.0.0-1.40.1.9.10.el6_1.src.rpm
File outdated by:  RHSA-2013:0770		     MD5: a55cd73717773fdd6165ec763ea3e15c
SHA-256: eb9d084b196636ae3ccf7db0a8bd558d4a8c1241e5b27e67679e9c9316ae2645
 
IA-32:
java-1.6.0-openjdk-1.6.0.0-1.40.1.9.10.el6_1.i686.rpm
File outdated by:  RHSA-2013:0770		     MD5: ed47dc9c9c29b1311166cc5393736ba2
SHA-256: 91e3946bf404a4c256bd5cb7fa887e4621a321fbb29ddfb8c4ede1ed95710b72
java-1.6.0-openjdk-debuginfo-1.6.0.0-1.40.1.9.10.el6_1.i686.rpm
File outdated by:  RHSA-2013:0770		     MD5: 13b47ec0b975564b9f3e254c86e137da
SHA-256: 2b3bffe8661c3be984935ff1757c58e32902540cc16797a621a7ceffbf8a8751
java-1.6.0-openjdk-demo-1.6.0.0-1.40.1.9.10.el6_1.i686.rpm
File outdated by:  RHSA-2013:0770		     MD5: dfd4da7f9cdafad7c36e2f31aa3c5083
SHA-256: 03ac6efa95b4a2de1903a365b68e0a1e1080b3c6eaf33b4c057af9d4f98fb846
java-1.6.0-openjdk-devel-1.6.0.0-1.40.1.9.10.el6_1.i686.rpm
File outdated by:  RHSA-2013:0770		     MD5: e3971abe37aa453c0d2a42314c631430
SHA-256: 9a52834b410c6e008ab3d23b474b614275b8cc6866b76587bea1624f0bdc7b8a
java-1.6.0-openjdk-javadoc-1.6.0.0-1.40.1.9.10.el6_1.i686.rpm
File outdated by:  RHSA-2013:0770		     MD5: a92fb9d3c6198ef310ef31bc4e063f4f
SHA-256: eafbd870fd553ae663209419aec424850dcf28728360201ef7c709f0424dfebc
java-1.6.0-openjdk-src-1.6.0.0-1.40.1.9.10.el6_1.i686.rpm
File outdated by:  RHSA-2013:0770		     MD5: 9e41ae69750e7b87a4d165ee89d45c3f
SHA-256: 3fdc8934f407205905de5fc5f31f85427871e52ce5b2aa9355a0715cd55ac2e9
 
x86_64:
java-1.6.0-openjdk-1.6.0.0-1.40.1.9.10.el6_1.x86_64.rpm
File outdated by:  RHSA-2013:0770		     MD5: 2686bf2a1df0e321287a0d8dbec3be5b
SHA-256: 9d7b85b9e88557bd39c2208ffe569d7888ee7d08ff12d26f8f487b31a610edff
java-1.6.0-openjdk-debuginfo-1.6.0.0-1.40.1.9.10.el6_1.x86_64.rpm
File outdated by:  RHSA-2013:0770		     MD5: 19d7d2a6f9b679ef45b018ea1a886dd8
SHA-256: afc381f847965bb8b98e757f398a020ed707756c4d2b6ac5fa1759134d9f53fe
java-1.6.0-openjdk-demo-1.6.0.0-1.40.1.9.10.el6_1.x86_64.rpm
File outdated by:  RHSA-2013:0770		     MD5: e6ab9b21b18a044827dd73ee2196add9
SHA-256: 3c644c5ddc687728254210d875533cd799233046881485a6f995716579dd2d66
java-1.6.0-openjdk-devel-1.6.0.0-1.40.1.9.10.el6_1.x86_64.rpm
File outdated by:  RHSA-2013:0770		     MD5: 9611d039a78d43410e98b9fd14e56fd6
SHA-256: 7ee9cd396044713b58a9b1a24fd4caeab86b908a66da4853d9e5c8c20cac270f
java-1.6.0-openjdk-javadoc-1.6.0.0-1.40.1.9.10.el6_1.x86_64.rpm
File outdated by:  RHSA-2013:0770		     MD5: 5c5d58dbdd4362cf11e12cd70c4183b4
SHA-256: 18a0d291f0cfaa331120d03e5b87946fb825110444440a86dc1d5b1bf2cbd9df
java-1.6.0-openjdk-src-1.6.0.0-1.40.1.9.10.el6_1.x86_64.rpm
File outdated by:  RHSA-2013:0770		     MD5: c8dcbd05ab5dcc42cf4b778ab90e93f7
SHA-256: 1ba9dfcbd9bf39e782b369476f1c9f588841caa0e75259969985a86f0268dacc
 
Red Hat Enterprise Linux Server EUS (v. 6.1.z)
SRPMS:
java-1.6.0-openjdk-1.6.0.0-1.40.1.9.10.el6_1.src.rpm
File outdated by:  RHSA-2013:0770		     MD5: a55cd73717773fdd6165ec763ea3e15c
SHA-256: eb9d084b196636ae3ccf7db0a8bd558d4a8c1241e5b27e67679e9c9316ae2645
 
IA-32:
java-1.6.0-openjdk-1.6.0.0-1.40.1.9.10.el6_1.i686.rpm     MD5: ed47dc9c9c29b1311166cc5393736ba2
SHA-256: 91e3946bf404a4c256bd5cb7fa887e4621a321fbb29ddfb8c4ede1ed95710b72
java-1.6.0-openjdk-debuginfo-1.6.0.0-1.40.1.9.10.el6_1.i686.rpm     MD5: 13b47ec0b975564b9f3e254c86e137da
SHA-256: 2b3bffe8661c3be984935ff1757c58e32902540cc16797a621a7ceffbf8a8751
java-1.6.0-openjdk-demo-1.6.0.0-1.40.1.9.10.el6_1.i686.rpm     MD5: dfd4da7f9cdafad7c36e2f31aa3c5083
SHA-256: 03ac6efa95b4a2de1903a365b68e0a1e1080b3c6eaf33b4c057af9d4f98fb846
java-1.6.0-openjdk-devel-1.6.0.0-1.40.1.9.10.el6_1.i686.rpm     MD5: e3971abe37aa453c0d2a42314c631430
SHA-256: 9a52834b410c6e008ab3d23b474b614275b8cc6866b76587bea1624f0bdc7b8a
java-1.6.0-openjdk-javadoc-1.6.0.0-1.40.1.9.10.el6_1.i686.rpm     MD5: a92fb9d3c6198ef310ef31bc4e063f4f
SHA-256: eafbd870fd553ae663209419aec424850dcf28728360201ef7c709f0424dfebc
java-1.6.0-openjdk-src-1.6.0.0-1.40.1.9.10.el6_1.i686.rpm     MD5: 9e41ae69750e7b87a4d165ee89d45c3f
SHA-256: 3fdc8934f407205905de5fc5f31f85427871e52ce5b2aa9355a0715cd55ac2e9
 
x86_64:
java-1.6.0-openjdk-1.6.0.0-1.40.1.9.10.el6_1.x86_64.rpm     MD5: 2686bf2a1df0e321287a0d8dbec3be5b
SHA-256: 9d7b85b9e88557bd39c2208ffe569d7888ee7d08ff12d26f8f487b31a610edff
java-1.6.0-openjdk-debuginfo-1.6.0.0-1.40.1.9.10.el6_1.x86_64.rpm     MD5: 19d7d2a6f9b679ef45b018ea1a886dd8
SHA-256: afc381f847965bb8b98e757f398a020ed707756c4d2b6ac5fa1759134d9f53fe
java-1.6.0-openjdk-demo-1.6.0.0-1.40.1.9.10.el6_1.x86_64.rpm     MD5: e6ab9b21b18a044827dd73ee2196add9
SHA-256: 3c644c5ddc687728254210d875533cd799233046881485a6f995716579dd2d66
java-1.6.0-openjdk-devel-1.6.0.0-1.40.1.9.10.el6_1.x86_64.rpm     MD5: 9611d039a78d43410e98b9fd14e56fd6
SHA-256: 7ee9cd396044713b58a9b1a24fd4caeab86b908a66da4853d9e5c8c20cac270f
java-1.6.0-openjdk-javadoc-1.6.0.0-1.40.1.9.10.el6_1.x86_64.rpm     MD5: 5c5d58dbdd4362cf11e12cd70c4183b4
SHA-256: 18a0d291f0cfaa331120d03e5b87946fb825110444440a86dc1d5b1bf2cbd9df
java-1.6.0-openjdk-src-1.6.0.0-1.40.1.9.10.el6_1.x86_64.rpm     MD5: c8dcbd05ab5dcc42cf4b778ab90e93f7
SHA-256: 1ba9dfcbd9bf39e782b369476f1c9f588841caa0e75259969985a86f0268dacc
 
Red Hat Enterprise Linux Workstation (v. 6)
SRPMS:
java-1.6.0-openjdk-1.6.0.0-1.40.1.9.10.el6_1.src.rpm
File outdated by:  RHSA-2013:0770		     MD5: a55cd73717773fdd6165ec763ea3e15c
SHA-256: eb9d084b196636ae3ccf7db0a8bd558d4a8c1241e5b27e67679e9c9316ae2645
 
IA-32:
java-1.6.0-openjdk-1.6.0.0-1.40.1.9.10.el6_1.i686.rpm
File outdated by:  RHSA-2013:0770		     MD5: ed47dc9c9c29b1311166cc5393736ba2
SHA-256: 91e3946bf404a4c256bd5cb7fa887e4621a321fbb29ddfb8c4ede1ed95710b72
java-1.6.0-openjdk-debuginfo-1.6.0.0-1.40.1.9.10.el6_1.i686.rpm
File outdated by:  RHSA-2013:0770		     MD5: 13b47ec0b975564b9f3e254c86e137da
SHA-256: 2b3bffe8661c3be984935ff1757c58e32902540cc16797a621a7ceffbf8a8751
java-1.6.0-openjdk-demo-1.6.0.0-1.40.1.9.10.el6_1.i686.rpm
File outdated by:  RHSA-2013:0770		     MD5: dfd4da7f9cdafad7c36e2f31aa3c5083
SHA-256: 03ac6efa95b4a2de1903a365b68e0a1e1080b3c6eaf33b4c057af9d4f98fb846
java-1.6.0-openjdk-devel-1.6.0.0-1.40.1.9.10.el6_1.i686.rpm
File outdated by:  RHSA-2013:0770		     MD5: e3971abe37aa453c0d2a42314c631430
SHA-256: 9a52834b410c6e008ab3d23b474b614275b8cc6866b76587bea1624f0bdc7b8a
java-1.6.0-openjdk-javadoc-1.6.0.0-1.40.1.9.10.el6_1.i686.rpm
File outdated by:  RHSA-2013:0770		     MD5: a92fb9d3c6198ef310ef31bc4e063f4f
SHA-256: eafbd870fd553ae663209419aec424850dcf28728360201ef7c709f0424dfebc
java-1.6.0-openjdk-src-1.6.0.0-1.40.1.9.10.el6_1.i686.rpm
File outdated by:  RHSA-2013:0770		     MD5: 9e41ae69750e7b87a4d165ee89d45c3f
SHA-256: 3fdc8934f407205905de5fc5f31f85427871e52ce5b2aa9355a0715cd55ac2e9
 
x86_64:
java-1.6.0-openjdk-1.6.0.0-1.40.1.9.10.el6_1.x86_64.rpm
File outdated by:  RHSA-2013:0770		     MD5: 2686bf2a1df0e321287a0d8dbec3be5b
SHA-256: 9d7b85b9e88557bd39c2208ffe569d7888ee7d08ff12d26f8f487b31a610edff
java-1.6.0-openjdk-debuginfo-1.6.0.0-1.40.1.9.10.el6_1.x86_64.rpm
File outdated by:  RHSA-2013:0770		     MD5: 19d7d2a6f9b679ef45b018ea1a886dd8
SHA-256: afc381f847965bb8b98e757f398a020ed707756c4d2b6ac5fa1759134d9f53fe
java-1.6.0-openjdk-demo-1.6.0.0-1.40.1.9.10.el6_1.x86_64.rpm
File outdated by:  RHSA-2013:0770		     MD5: e6ab9b21b18a044827dd73ee2196add9
SHA-256: 3c644c5ddc687728254210d875533cd799233046881485a6f995716579dd2d66
java-1.6.0-openjdk-devel-1.6.0.0-1.40.1.9.10.el6_1.x86_64.rpm
File outdated by:  RHSA-2013:0770		     MD5: 9611d039a78d43410e98b9fd14e56fd6
SHA-256: 7ee9cd396044713b58a9b1a24fd4caeab86b908a66da4853d9e5c8c20cac270f
java-1.6.0-openjdk-javadoc-1.6.0.0-1.40.1.9.10.el6_1.x86_64.rpm
File outdated by:  RHSA-2013:0770		     MD5: 5c5d58dbdd4362cf11e12cd70c4183b4
SHA-256: 18a0d291f0cfaa331120d03e5b87946fb825110444440a86dc1d5b1bf2cbd9df
java-1.6.0-openjdk-src-1.6.0.0-1.40.1.9.10.el6_1.x86_64.rpm
File outdated by:  RHSA-2013:0770		     MD5: c8dcbd05ab5dcc42cf4b778ab90e93f7
SHA-256: 1ba9dfcbd9bf39e782b369476f1c9f588841caa0e75259969985a86f0268dacc
 
(The unlinked packages above are only available from the Red Hat Network)

Bugs fixed (see bugzilla for more information)

737506 - CVE-2011-3389 HTTPS: block-wise chosen-plaintext attack against SSL/TLS (BEAST)
745379 - CVE-2011-3560 OpenJDK: missing checkSetFactory calls in HttpsURLConnection (JSSE, 7096936)
745387 - CVE-2011-3547 OpenJDK: InputStream skip() information leak (Networking/IO, 7000600)
745391 - CVE-2011-3551 OpenJDK: Java2D TransformHelper integer overflow (2D, 7023640)
745397 - CVE-2011-3552 OpenJDK: excessive default UDP socket limit under SecurityManager (Networking, 7032417)
745399 - CVE-2011-3544 OpenJDK: missing SecurityManager checks in scripting engine (Scripting, 7046823)
745442 - CVE-2011-3521 OpenJDK: IIOP deserialization code execution (Deserialization, 7055902)
745447 - CVE-2011-3554 OpenJDK: insufficient pack200 JAR files uncompress error checks (Runtime, 7057857)
745459 - CVE-2011-3556 OpenJDK: RMI DGC server remote code execution (RMI, 7077466)
745464 - CVE-2011-3557 OpenJDK: RMI registry privileged code execution (RMI, 7083012)
745473 - CVE-2011-3548 OpenJDK: mutable static AWTKeyStroke.ctor (AWT, 7019773)
745476 - CVE-2011-3553 OpenJDK: JAX-WS stack-traces information leak (JAX-WS, 7046794)
745492 - CVE-2011-3558 OpenJDK: Hotspot unspecified issue (Hotspot, 7070134)


References

https://www.redhat.com/security/data/cve/CVE-2011-3389.html
https://www.redhat.com/security/data/cve/CVE-2011-3521.html
https://www.redhat.com/security/data/cve/CVE-2011-3544.html
https://www.redhat.com/security/data/cve/CVE-2011-3547.html
https://www.redhat.com/security/data/cve/CVE-2011-3548.html
https://www.redhat.com/security/data/cve/CVE-2011-3551.html
https://www.redhat.com/security/data/cve/CVE-2011-3552.html
https://www.redhat.com/security/data/cve/CVE-2011-3553.html
https://www.redhat.com/security/data/cve/CVE-2011-3554.html
https://www.redhat.com/security/data/cve/CVE-2011-3556.html
https://www.redhat.com/security/data/cve/CVE-2011-3557.html
https://www.redhat.com/security/data/cve/CVE-2011-3558.html
https://www.redhat.com/security/data/cve/CVE-2011-3560.html
https://access.redhat.com/security/updates/classification/#critical
http://www.oracle.com/technetwork/topics/security/javacpuoct2011-443431.html
http://icedtea.classpath.org/hg/release/icedtea6-1.9/file/328afd896e3e/NEWS

These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from:
https://www.redhat.com/security/team/key/#package

The Red Hat security contact is secalert@redhat.com. More contact details at http://www.redhat.com/security/team/contact/