Critical: java-1.6.0-openjdk security update
| Advisory: | RHSA-2013:0273-1 |
|---|---|
| Type: | Security Advisory |
| Severity: | Critical |
| Issued on: | 2013-02-20 |
| Last updated on: | 2013-02-20 |
| Affected Products: | Red Hat Enterprise Linux Desktop (v. 6) Red Hat Enterprise Linux HPC Node (v. 6) Red Hat Enterprise Linux Server (v. 6) Red Hat Enterprise Linux Server EUS (v. 6.3.z) Red Hat Enterprise Linux Workstation (v. 6) |
| CVEs (cve.mitre.org): |
CVE-2013-0169 CVE-2013-1486 |
Details
Updated java-1.6.0-openjdk packages that fix two security issues are now
available for Red Hat Enterprise Linux 6.
The Red Hat Security Response Team has rated this update as having critical
security impact. Common Vulnerability Scoring System (CVSS) base scores,
which give detailed severity ratings, are available for each vulnerability
from the CVE links in the References section.
These packages provide the OpenJDK 6 Java Runtime Environment and the
OpenJDK 6 Software Development Kit.
An improper permission check issue was discovered in the JMX component in
OpenJDK. An untrusted Java application or applet could use this flaw to
bypass Java sandbox restrictions. (CVE-2013-1486)
It was discovered that OpenJDK leaked timing information when decrypting
TLS/SSL protocol encrypted records when CBC-mode cipher suites were used.
A remote attacker could possibly use this flaw to retrieve plain text from
the encrypted packets by using a TLS/SSL server as a padding oracle.
(CVE-2013-0169)
Note: If the web browser plug-in provided by the icedtea-web package was
installed, CVE-2013-1486 could have been exploited without user interaction
if a user visited a malicious website.
This erratum also upgrades the OpenJDK package to IcedTea6 1.11.8. Refer to
the NEWS file, linked to in the References, for further information.
All users of java-1.6.0-openjdk are advised to upgrade to these updated
packages, which resolve these issues. All running instances of OpenJDK Java
must be restarted for the update to take effect.
Solution
Before applying this update, make sure all previously-released errata
relevant to your system have been applied.
This update is available via the Red Hat Network. Details on how to
use the Red Hat Network to apply this update are available at
https://access.redhat.com/knowledge/articles/11258
relevant to your system have been applied.
This update is available via the Red Hat Network. Details on how to
use the Red Hat Network to apply this update are available at
https://access.redhat.com/knowledge/articles/11258
Updated packages
| Red Hat Enterprise Linux Desktop (v. 6) | |
| SRPMS: | |
| java-1.6.0-openjdk-1.6.0.0-1.56.1.11.8.el6_3.src.rpm File outdated by: RHSA-2013:0770 |
MD5: 84100d6c489824c7c5da8587c4833132 SHA-256: bf3ef38754fcc1136d2b66a7a5a714c228e37551504d39f290208eee7517b3aa |
| IA-32: | |
| java-1.6.0-openjdk-1.6.0.0-1.56.1.11.8.el6_3.i686.rpm File outdated by: RHSA-2013:0770 |
MD5: d6aaf1d8f57258f475e1b6ebb0edaba2 SHA-256: c86996b974463cadc80bbdc92c46c8bd5410bb27cd80f841aa347db67aad3a2f |
| java-1.6.0-openjdk-debuginfo-1.6.0.0-1.56.1.11.8.el6_3.i686.rpm File outdated by: RHSA-2013:0770 |
MD5: 8cd02e107c12468d6504eb7640430445 SHA-256: 763fe8bd6f3bca69ef320871b01f3b829a20af81d78d7908bd4d4db9bfb5e245 |
| java-1.6.0-openjdk-demo-1.6.0.0-1.56.1.11.8.el6_3.i686.rpm File outdated by: RHSA-2013:0770 |
MD5: e61777ad5b9314a501d23a27bde0da0e SHA-256: cc07c9a50df39d4795fdf4e30a9902c485cd04d7c19e5ccb6f99e576cca17f5a |
| java-1.6.0-openjdk-devel-1.6.0.0-1.56.1.11.8.el6_3.i686.rpm File outdated by: RHSA-2013:0770 |
MD5: ec4a996d3537ea6a2b6c4adf2ae82abd SHA-256: 99fd046ec582315dac12d88beee820f618282de50c6e9230a4b9b7e0d6a75245 |
| java-1.6.0-openjdk-javadoc-1.6.0.0-1.56.1.11.8.el6_3.i686.rpm File outdated by: RHSA-2013:0770 |
MD5: f4c5f71fe13399a50bef464eb26868a1 SHA-256: 73454d80acd16786ac9a07696ac04f7fb3c750eb65d4281b7672c6fbcaa6eca6 |
| java-1.6.0-openjdk-src-1.6.0.0-1.56.1.11.8.el6_3.i686.rpm File outdated by: RHSA-2013:0770 |
MD5: 83319825f3baff0e6358db109222f5e9 SHA-256: c5d2c35c3dea7f78fbb563c53d121fb219f08fbc95543ba1d5c7dc42fe7bf36b |
| x86_64: | |
| java-1.6.0-openjdk-1.6.0.0-1.56.1.11.8.el6_3.x86_64.rpm File outdated by: RHSA-2013:0770 |
MD5: 5ece750c8d7eaa25886a48ea14c16ca7 SHA-256: 7811210c13c0505604d540413825500bdf378a600d3b5f774675444c5fa7ee4d |
| java-1.6.0-openjdk-debuginfo-1.6.0.0-1.56.1.11.8.el6_3.x86_64.rpm File outdated by: RHSA-2013:0770 |
MD5: a54d2ed4e57f3f33ee5ac8249a587ce3 SHA-256: 905bfc05e795b8cfe9620d4c5a2b293a28e9a200c6756aa52fc3998d70193ade |
| java-1.6.0-openjdk-demo-1.6.0.0-1.56.1.11.8.el6_3.x86_64.rpm File outdated by: RHSA-2013:0770 |
MD5: 36a2a515d059d5fa16d7cc6605a262ca SHA-256: da32c71012c7a7e03eb6ba036a553c248c082ff1f0d3a52080233d20e7a6fc81 |
| java-1.6.0-openjdk-devel-1.6.0.0-1.56.1.11.8.el6_3.x86_64.rpm File outdated by: RHSA-2013:0770 |
MD5: e16b6137be8adf109111072d41de29cd SHA-256: ad34d2f8fc5e934a02a66ad716b739f6802da232906e3700358445d1edf78ec5 |
| java-1.6.0-openjdk-javadoc-1.6.0.0-1.56.1.11.8.el6_3.x86_64.rpm File outdated by: RHSA-2013:0770 |
MD5: 473075afc44b0c3174872fa3c75b611d SHA-256: b85b9eb3f347c79aecfc625737618777ba485a4862a47256d8abd2064dd662dd |
| java-1.6.0-openjdk-src-1.6.0.0-1.56.1.11.8.el6_3.x86_64.rpm File outdated by: RHSA-2013:0770 |
MD5: ecf6be2cc39d8f976bf2f55d801d4da9 SHA-256: f59402c52d11d19f5b8e791b820e961de038f7a1bd3cd915be37fcc3d47f5d04 |
| Red Hat Enterprise Linux HPC Node (v. 6) | |
| SRPMS: | |
| java-1.6.0-openjdk-1.6.0.0-1.56.1.11.8.el6_3.src.rpm File outdated by: RHSA-2013:0770 |
MD5: 84100d6c489824c7c5da8587c4833132 SHA-256: bf3ef38754fcc1136d2b66a7a5a714c228e37551504d39f290208eee7517b3aa |
| x86_64: | |
| java-1.6.0-openjdk-1.6.0.0-1.56.1.11.8.el6_3.x86_64.rpm File outdated by: RHSA-2013:0770 |
MD5: 5ece750c8d7eaa25886a48ea14c16ca7 SHA-256: 7811210c13c0505604d540413825500bdf378a600d3b5f774675444c5fa7ee4d |
| java-1.6.0-openjdk-debuginfo-1.6.0.0-1.56.1.11.8.el6_3.x86_64.rpm File outdated by: RHSA-2013:0770 |
MD5: a54d2ed4e57f3f33ee5ac8249a587ce3 SHA-256: 905bfc05e795b8cfe9620d4c5a2b293a28e9a200c6756aa52fc3998d70193ade |
| java-1.6.0-openjdk-demo-1.6.0.0-1.56.1.11.8.el6_3.x86_64.rpm File outdated by: RHSA-2013:0770 |
MD5: 36a2a515d059d5fa16d7cc6605a262ca SHA-256: da32c71012c7a7e03eb6ba036a553c248c082ff1f0d3a52080233d20e7a6fc81 |
| java-1.6.0-openjdk-devel-1.6.0.0-1.56.1.11.8.el6_3.x86_64.rpm File outdated by: RHSA-2013:0770 |
MD5: e16b6137be8adf109111072d41de29cd SHA-256: ad34d2f8fc5e934a02a66ad716b739f6802da232906e3700358445d1edf78ec5 |
| java-1.6.0-openjdk-javadoc-1.6.0.0-1.56.1.11.8.el6_3.x86_64.rpm File outdated by: RHSA-2013:0770 |
MD5: 473075afc44b0c3174872fa3c75b611d SHA-256: b85b9eb3f347c79aecfc625737618777ba485a4862a47256d8abd2064dd662dd |
| java-1.6.0-openjdk-src-1.6.0.0-1.56.1.11.8.el6_3.x86_64.rpm File outdated by: RHSA-2013:0770 |
MD5: ecf6be2cc39d8f976bf2f55d801d4da9 SHA-256: f59402c52d11d19f5b8e791b820e961de038f7a1bd3cd915be37fcc3d47f5d04 |
| Red Hat Enterprise Linux Server (v. 6) | |
| SRPMS: | |
| java-1.6.0-openjdk-1.6.0.0-1.56.1.11.8.el6_3.src.rpm File outdated by: RHSA-2013:0770 |
MD5: 84100d6c489824c7c5da8587c4833132 SHA-256: bf3ef38754fcc1136d2b66a7a5a714c228e37551504d39f290208eee7517b3aa |
| IA-32: | |
| java-1.6.0-openjdk-1.6.0.0-1.56.1.11.8.el6_3.i686.rpm File outdated by: RHSA-2013:0770 |
MD5: d6aaf1d8f57258f475e1b6ebb0edaba2 SHA-256: c86996b974463cadc80bbdc92c46c8bd5410bb27cd80f841aa347db67aad3a2f |
| java-1.6.0-openjdk-debuginfo-1.6.0.0-1.56.1.11.8.el6_3.i686.rpm File outdated by: RHSA-2013:0770 |
MD5: 8cd02e107c12468d6504eb7640430445 SHA-256: 763fe8bd6f3bca69ef320871b01f3b829a20af81d78d7908bd4d4db9bfb5e245 |
| java-1.6.0-openjdk-demo-1.6.0.0-1.56.1.11.8.el6_3.i686.rpm File outdated by: RHSA-2013:0770 |
MD5: e61777ad5b9314a501d23a27bde0da0e SHA-256: cc07c9a50df39d4795fdf4e30a9902c485cd04d7c19e5ccb6f99e576cca17f5a |
| java-1.6.0-openjdk-devel-1.6.0.0-1.56.1.11.8.el6_3.i686.rpm File outdated by: RHSA-2013:0770 |
MD5: ec4a996d3537ea6a2b6c4adf2ae82abd SHA-256: 99fd046ec582315dac12d88beee820f618282de50c6e9230a4b9b7e0d6a75245 |
| java-1.6.0-openjdk-javadoc-1.6.0.0-1.56.1.11.8.el6_3.i686.rpm File outdated by: RHSA-2013:0770 |
MD5: f4c5f71fe13399a50bef464eb26868a1 SHA-256: 73454d80acd16786ac9a07696ac04f7fb3c750eb65d4281b7672c6fbcaa6eca6 |
| java-1.6.0-openjdk-src-1.6.0.0-1.56.1.11.8.el6_3.i686.rpm File outdated by: RHSA-2013:0770 |
MD5: 83319825f3baff0e6358db109222f5e9 SHA-256: c5d2c35c3dea7f78fbb563c53d121fb219f08fbc95543ba1d5c7dc42fe7bf36b |
| x86_64: | |
| java-1.6.0-openjdk-1.6.0.0-1.56.1.11.8.el6_3.x86_64.rpm File outdated by: RHSA-2013:0770 |
MD5: 5ece750c8d7eaa25886a48ea14c16ca7 SHA-256: 7811210c13c0505604d540413825500bdf378a600d3b5f774675444c5fa7ee4d |
| java-1.6.0-openjdk-debuginfo-1.6.0.0-1.56.1.11.8.el6_3.x86_64.rpm File outdated by: RHSA-2013:0770 |
MD5: a54d2ed4e57f3f33ee5ac8249a587ce3 SHA-256: 905bfc05e795b8cfe9620d4c5a2b293a28e9a200c6756aa52fc3998d70193ade |
| java-1.6.0-openjdk-demo-1.6.0.0-1.56.1.11.8.el6_3.x86_64.rpm File outdated by: RHSA-2013:0770 |
MD5: 36a2a515d059d5fa16d7cc6605a262ca SHA-256: da32c71012c7a7e03eb6ba036a553c248c082ff1f0d3a52080233d20e7a6fc81 |
| java-1.6.0-openjdk-devel-1.6.0.0-1.56.1.11.8.el6_3.x86_64.rpm File outdated by: RHSA-2013:0770 |
MD5: e16b6137be8adf109111072d41de29cd SHA-256: ad34d2f8fc5e934a02a66ad716b739f6802da232906e3700358445d1edf78ec5 |
| java-1.6.0-openjdk-javadoc-1.6.0.0-1.56.1.11.8.el6_3.x86_64.rpm File outdated by: RHSA-2013:0770 |
MD5: 473075afc44b0c3174872fa3c75b611d SHA-256: b85b9eb3f347c79aecfc625737618777ba485a4862a47256d8abd2064dd662dd |
| java-1.6.0-openjdk-src-1.6.0.0-1.56.1.11.8.el6_3.x86_64.rpm File outdated by: RHSA-2013:0770 |
MD5: ecf6be2cc39d8f976bf2f55d801d4da9 SHA-256: f59402c52d11d19f5b8e791b820e961de038f7a1bd3cd915be37fcc3d47f5d04 |
| Red Hat Enterprise Linux Server EUS (v. 6.3.z) | |
| SRPMS: | |
| java-1.6.0-openjdk-1.6.0.0-1.56.1.11.8.el6_3.src.rpm File outdated by: RHSA-2013:0770 |
MD5: 84100d6c489824c7c5da8587c4833132 SHA-256: bf3ef38754fcc1136d2b66a7a5a714c228e37551504d39f290208eee7517b3aa |
| IA-32: | |
| java-1.6.0-openjdk-1.6.0.0-1.56.1.11.8.el6_3.i686.rpm | MD5: d6aaf1d8f57258f475e1b6ebb0edaba2 SHA-256: c86996b974463cadc80bbdc92c46c8bd5410bb27cd80f841aa347db67aad3a2f |
| java-1.6.0-openjdk-debuginfo-1.6.0.0-1.56.1.11.8.el6_3.i686.rpm | MD5: 8cd02e107c12468d6504eb7640430445 SHA-256: 763fe8bd6f3bca69ef320871b01f3b829a20af81d78d7908bd4d4db9bfb5e245 |
| java-1.6.0-openjdk-demo-1.6.0.0-1.56.1.11.8.el6_3.i686.rpm | MD5: e61777ad5b9314a501d23a27bde0da0e SHA-256: cc07c9a50df39d4795fdf4e30a9902c485cd04d7c19e5ccb6f99e576cca17f5a |
| java-1.6.0-openjdk-devel-1.6.0.0-1.56.1.11.8.el6_3.i686.rpm | MD5: ec4a996d3537ea6a2b6c4adf2ae82abd SHA-256: 99fd046ec582315dac12d88beee820f618282de50c6e9230a4b9b7e0d6a75245 |
| java-1.6.0-openjdk-javadoc-1.6.0.0-1.56.1.11.8.el6_3.i686.rpm | MD5: f4c5f71fe13399a50bef464eb26868a1 SHA-256: 73454d80acd16786ac9a07696ac04f7fb3c750eb65d4281b7672c6fbcaa6eca6 |
| java-1.6.0-openjdk-src-1.6.0.0-1.56.1.11.8.el6_3.i686.rpm | MD5: 83319825f3baff0e6358db109222f5e9 SHA-256: c5d2c35c3dea7f78fbb563c53d121fb219f08fbc95543ba1d5c7dc42fe7bf36b |
| x86_64: | |
| java-1.6.0-openjdk-1.6.0.0-1.56.1.11.8.el6_3.x86_64.rpm | MD5: 5ece750c8d7eaa25886a48ea14c16ca7 SHA-256: 7811210c13c0505604d540413825500bdf378a600d3b5f774675444c5fa7ee4d |
| java-1.6.0-openjdk-debuginfo-1.6.0.0-1.56.1.11.8.el6_3.x86_64.rpm | MD5: a54d2ed4e57f3f33ee5ac8249a587ce3 SHA-256: 905bfc05e795b8cfe9620d4c5a2b293a28e9a200c6756aa52fc3998d70193ade |
| java-1.6.0-openjdk-demo-1.6.0.0-1.56.1.11.8.el6_3.x86_64.rpm | MD5: 36a2a515d059d5fa16d7cc6605a262ca SHA-256: da32c71012c7a7e03eb6ba036a553c248c082ff1f0d3a52080233d20e7a6fc81 |
| java-1.6.0-openjdk-devel-1.6.0.0-1.56.1.11.8.el6_3.x86_64.rpm | MD5: e16b6137be8adf109111072d41de29cd SHA-256: ad34d2f8fc5e934a02a66ad716b739f6802da232906e3700358445d1edf78ec5 |
| java-1.6.0-openjdk-javadoc-1.6.0.0-1.56.1.11.8.el6_3.x86_64.rpm | MD5: 473075afc44b0c3174872fa3c75b611d SHA-256: b85b9eb3f347c79aecfc625737618777ba485a4862a47256d8abd2064dd662dd |
| java-1.6.0-openjdk-src-1.6.0.0-1.56.1.11.8.el6_3.x86_64.rpm | MD5: ecf6be2cc39d8f976bf2f55d801d4da9 SHA-256: f59402c52d11d19f5b8e791b820e961de038f7a1bd3cd915be37fcc3d47f5d04 |
| Red Hat Enterprise Linux Workstation (v. 6) | |
| SRPMS: | |
| java-1.6.0-openjdk-1.6.0.0-1.56.1.11.8.el6_3.src.rpm File outdated by: RHSA-2013:0770 |
MD5: 84100d6c489824c7c5da8587c4833132 SHA-256: bf3ef38754fcc1136d2b66a7a5a714c228e37551504d39f290208eee7517b3aa |
| IA-32: | |
| java-1.6.0-openjdk-1.6.0.0-1.56.1.11.8.el6_3.i686.rpm File outdated by: RHSA-2013:0770 |
MD5: d6aaf1d8f57258f475e1b6ebb0edaba2 SHA-256: c86996b974463cadc80bbdc92c46c8bd5410bb27cd80f841aa347db67aad3a2f |
| java-1.6.0-openjdk-debuginfo-1.6.0.0-1.56.1.11.8.el6_3.i686.rpm File outdated by: RHSA-2013:0770 |
MD5: 8cd02e107c12468d6504eb7640430445 SHA-256: 763fe8bd6f3bca69ef320871b01f3b829a20af81d78d7908bd4d4db9bfb5e245 |
| java-1.6.0-openjdk-demo-1.6.0.0-1.56.1.11.8.el6_3.i686.rpm File outdated by: RHSA-2013:0770 |
MD5: e61777ad5b9314a501d23a27bde0da0e SHA-256: cc07c9a50df39d4795fdf4e30a9902c485cd04d7c19e5ccb6f99e576cca17f5a |
| java-1.6.0-openjdk-devel-1.6.0.0-1.56.1.11.8.el6_3.i686.rpm File outdated by: RHSA-2013:0770 |
MD5: ec4a996d3537ea6a2b6c4adf2ae82abd SHA-256: 99fd046ec582315dac12d88beee820f618282de50c6e9230a4b9b7e0d6a75245 |
| java-1.6.0-openjdk-javadoc-1.6.0.0-1.56.1.11.8.el6_3.i686.rpm File outdated by: RHSA-2013:0770 |
MD5: f4c5f71fe13399a50bef464eb26868a1 SHA-256: 73454d80acd16786ac9a07696ac04f7fb3c750eb65d4281b7672c6fbcaa6eca6 |
| java-1.6.0-openjdk-src-1.6.0.0-1.56.1.11.8.el6_3.i686.rpm File outdated by: RHSA-2013:0770 |
MD5: 83319825f3baff0e6358db109222f5e9 SHA-256: c5d2c35c3dea7f78fbb563c53d121fb219f08fbc95543ba1d5c7dc42fe7bf36b |
| x86_64: | |
| java-1.6.0-openjdk-1.6.0.0-1.56.1.11.8.el6_3.x86_64.rpm File outdated by: RHSA-2013:0770 |
MD5: 5ece750c8d7eaa25886a48ea14c16ca7 SHA-256: 7811210c13c0505604d540413825500bdf378a600d3b5f774675444c5fa7ee4d |
| java-1.6.0-openjdk-debuginfo-1.6.0.0-1.56.1.11.8.el6_3.x86_64.rpm File outdated by: RHSA-2013:0770 |
MD5: a54d2ed4e57f3f33ee5ac8249a587ce3 SHA-256: 905bfc05e795b8cfe9620d4c5a2b293a28e9a200c6756aa52fc3998d70193ade |
| java-1.6.0-openjdk-demo-1.6.0.0-1.56.1.11.8.el6_3.x86_64.rpm File outdated by: RHSA-2013:0770 |
MD5: 36a2a515d059d5fa16d7cc6605a262ca SHA-256: da32c71012c7a7e03eb6ba036a553c248c082ff1f0d3a52080233d20e7a6fc81 |
| java-1.6.0-openjdk-devel-1.6.0.0-1.56.1.11.8.el6_3.x86_64.rpm File outdated by: RHSA-2013:0770 |
MD5: e16b6137be8adf109111072d41de29cd SHA-256: ad34d2f8fc5e934a02a66ad716b739f6802da232906e3700358445d1edf78ec5 |
| java-1.6.0-openjdk-javadoc-1.6.0.0-1.56.1.11.8.el6_3.x86_64.rpm File outdated by: RHSA-2013:0770 |
MD5: 473075afc44b0c3174872fa3c75b611d SHA-256: b85b9eb3f347c79aecfc625737618777ba485a4862a47256d8abd2064dd662dd |
| java-1.6.0-openjdk-src-1.6.0.0-1.56.1.11.8.el6_3.x86_64.rpm File outdated by: RHSA-2013:0770 |
MD5: ecf6be2cc39d8f976bf2f55d801d4da9 SHA-256: f59402c52d11d19f5b8e791b820e961de038f7a1bd3cd915be37fcc3d47f5d04 |
| (The unlinked packages above are only available from the Red Hat Network) | |
Bugs fixed (see bugzilla for more information)
907589 - CVE-2013-0169 SSL/TLS: CBC padding timing attack (lucky-13)
913014 - CVE-2013-1486 OpenJDK: MBeanServer insufficient privilege restrictions (JMX, 8006446)
References
https://www.redhat.com/security/data/cve/CVE-2013-0169.html
https://www.redhat.com/security/data/cve/CVE-2013-1486.html
https://access.redhat.com/security/updates/classification/#critical
http://icedtea.classpath.org/hg/release/icedtea6-1.11/file/icedtea6-1.11.8/NEWS
https://www.redhat.com/security/data/cve/CVE-2013-1486.html
https://access.redhat.com/security/updates/classification/#critical
http://icedtea.classpath.org/hg/release/icedtea6-1.11/file/icedtea6-1.11.8/NEWS
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from:
https://www.redhat.com/security/team/key/#package
The Red Hat security contact is secalert@redhat.com. More contact details at http://www.redhat.com/security/team/contact/
