Skip to navigation

Security Advisory Critical: java-1.7.0-openjdk security update

Advisory: RHSA-2013:0602-1
Type: Security Advisory
Severity: Critical
Issued on: 2013-03-06
Last updated on: 2013-03-06
Affected Products: Red Hat Enterprise Linux Desktop (v. 6)
Red Hat Enterprise Linux HPC Node (v. 6)
Red Hat Enterprise Linux Server (v. 6)
Red Hat Enterprise Linux Server AUS (v. 6.4)
Red Hat Enterprise Linux Server EUS (v. 6.4.z)
Red Hat Enterprise Linux Workstation (v. 6)
CVEs (cve.mitre.org): CVE-2013-0809
CVE-2013-1493

Details

Updated java-1.7.0-openjdk packages that fix two security issues are now
available for Red Hat Enterprise Linux 6.

The Red Hat Security Response Team has rated this update as having critical
security impact. Common Vulnerability Scoring System (CVSS) base scores,
which give detailed severity ratings, are available for each vulnerability
from the CVE links in the References section.

These packages provide the OpenJDK 7 Java Runtime Environment and the
OpenJDK 7 Software Development Kit.

An integer overflow flaw was found in the way the 2D component handled
certain sample model instances. A specially-crafted sample model instance
could cause Java Virtual Machine memory corruption and, possibly, lead to
arbitrary code execution with virtual machine privileges. (CVE-2013-0809)

It was discovered that the 2D component did not properly reject certain
malformed images. Specially-crafted raster parameters could cause Java
Virtual Machine memory corruption and, possibly, lead to arbitrary code
execution with virtual machine privileges. (CVE-2013-1493)

Note: If the web browser plug-in provided by the icedtea-web package was
installed, the issues exposed via Java applets could have been exploited
without user interaction if a user visited a malicious website.

This erratum also upgrades the OpenJDK package to IcedTea7 2.3.8. Refer to
the NEWS file, linked to in the References, for further information.

All users of java-1.7.0-openjdk are advised to upgrade to these updated
packages, which resolve these issues. All running instances of OpenJDK Java
must be restarted for the update to take effect.


Solution

Before applying this update, make sure all previously-released errata
relevant to your system have been applied.

This update is available via the Red Hat Network. Details on how to
use the Red Hat Network to apply this update are available at
https://access.redhat.com/knowledge/articles/11258

Updated packages

Red Hat Enterprise Linux Desktop (v. 6)

SRPMS:
java-1.7.0-openjdk-1.7.0.9-2.3.8.0.el6_4.src.rpm
File outdated by:  RHSA-2014:0406
    MD5: 0994714bbacf92b9a4e3b2fe5fc28263
SHA-256: 47cd30823775473fcbbda95b444977808699d78472aca7286b4d9c8ed8308086
 
IA-32:
java-1.7.0-openjdk-1.7.0.9-2.3.8.0.el6_4.i686.rpm
File outdated by:  RHSA-2014:0406
    MD5: debe0409ed43c4d231e2e57d9c13aea8
SHA-256: f95d297ee63627bb0ba5fad800dbef03f68fdbb696acdf37fa1249e1e944d382
java-1.7.0-openjdk-debuginfo-1.7.0.9-2.3.8.0.el6_4.i686.rpm
File outdated by:  RHSA-2014:0406
    MD5: 8a61db89bd2b83463520e56f77ebc779
SHA-256: 552f106697db263372a1dfffcdf29bc137079bc940149279cf393b4ee995f061
java-1.7.0-openjdk-demo-1.7.0.9-2.3.8.0.el6_4.i686.rpm
File outdated by:  RHSA-2014:0406
    MD5: 93f10c31eacf429393aa7b52dbb7d3d3
SHA-256: 36345b6bcb7abba01cb02cf4f7e6285fe44f0509001fc08e05d8df1f23d28f8a
java-1.7.0-openjdk-devel-1.7.0.9-2.3.8.0.el6_4.i686.rpm
File outdated by:  RHSA-2014:0406
    MD5: bdf948ee6ed14cf7570f7e240cc3e5cb
SHA-256: 76e16caa9bf7d1fcef7b28711c7547cce9eaa8dcaaa440fc669b8fba3f323c05
java-1.7.0-openjdk-javadoc-1.7.0.9-2.3.8.0.el6_4.noarch.rpm
File outdated by:  RHSA-2014:0406
    MD5: da00573a88ce07d3662dab44eaff8cea
SHA-256: fa4fa2768993dfb386b269a950d3997e9f7b840d2d37381981088594cc8e64ac
java-1.7.0-openjdk-src-1.7.0.9-2.3.8.0.el6_4.i686.rpm
File outdated by:  RHSA-2014:0406
    MD5: e7c9eeba1f830e5eb72fb7b13e450ec8
SHA-256: 0484cbc498899f43887cddaa536a6a03612ef9e957ab5e9bd398fc43f09d4914
 
x86_64:
java-1.7.0-openjdk-1.7.0.9-2.3.8.0.el6_4.x86_64.rpm
File outdated by:  RHSA-2014:0406
    MD5: ba6b46fe1f3960e252c676f6c2c3a9a7
SHA-256: 34b3b35a77e52bd2e72f19fd2d6eed5ea54e027e9efa801842c1a3d6ed786bfe
java-1.7.0-openjdk-debuginfo-1.7.0.9-2.3.8.0.el6_4.x86_64.rpm
File outdated by:  RHSA-2014:0406
    MD5: 671675d1bc5fb2f7c025f926bf98cb5a
SHA-256: 2727a68a6683df2634cfb2318e69c7dcbfb93659ecfb4b04645e459bd630587a
java-1.7.0-openjdk-demo-1.7.0.9-2.3.8.0.el6_4.x86_64.rpm
File outdated by:  RHSA-2014:0406
    MD5: c6640c5c001ae312c630c49fcaba3358
SHA-256: ce2683ab291513c47d7914510be7acc3fb23ffe217cc9f6380c8010ca43e21b2
java-1.7.0-openjdk-devel-1.7.0.9-2.3.8.0.el6_4.x86_64.rpm
File outdated by:  RHSA-2014:0406
    MD5: f1bba90605720b9bd2175f4739e85e8f
SHA-256: a8e0013ab26219c2e13f00601f9c20e0b3b2835b35b23f53f0a854e6b1283152
java-1.7.0-openjdk-javadoc-1.7.0.9-2.3.8.0.el6_4.noarch.rpm
File outdated by:  RHSA-2014:0406
    MD5: da00573a88ce07d3662dab44eaff8cea
SHA-256: fa4fa2768993dfb386b269a950d3997e9f7b840d2d37381981088594cc8e64ac
java-1.7.0-openjdk-src-1.7.0.9-2.3.8.0.el6_4.x86_64.rpm
File outdated by:  RHSA-2014:0406
    MD5: 544e07b6d6341a4a7172927e19ae7372
SHA-256: 1da48818debcb5abd0e3b7ea7f2475ea544c48d4f3775df565b9cac99bb889bf
 
Red Hat Enterprise Linux HPC Node (v. 6)

SRPMS:
java-1.7.0-openjdk-1.7.0.9-2.3.8.0.el6_4.src.rpm
File outdated by:  RHSA-2014:0406
    MD5: 0994714bbacf92b9a4e3b2fe5fc28263
SHA-256: 47cd30823775473fcbbda95b444977808699d78472aca7286b4d9c8ed8308086
 
x86_64:
java-1.7.0-openjdk-1.7.0.9-2.3.8.0.el6_4.x86_64.rpm
File outdated by:  RHSA-2014:0406
    MD5: ba6b46fe1f3960e252c676f6c2c3a9a7
SHA-256: 34b3b35a77e52bd2e72f19fd2d6eed5ea54e027e9efa801842c1a3d6ed786bfe
java-1.7.0-openjdk-debuginfo-1.7.0.9-2.3.8.0.el6_4.x86_64.rpm
File outdated by:  RHSA-2014:0406
    MD5: 671675d1bc5fb2f7c025f926bf98cb5a
SHA-256: 2727a68a6683df2634cfb2318e69c7dcbfb93659ecfb4b04645e459bd630587a
java-1.7.0-openjdk-demo-1.7.0.9-2.3.8.0.el6_4.x86_64.rpm
File outdated by:  RHSA-2014:0406
    MD5: c6640c5c001ae312c630c49fcaba3358
SHA-256: ce2683ab291513c47d7914510be7acc3fb23ffe217cc9f6380c8010ca43e21b2
java-1.7.0-openjdk-devel-1.7.0.9-2.3.8.0.el6_4.x86_64.rpm
File outdated by:  RHSA-2014:0406
    MD5: f1bba90605720b9bd2175f4739e85e8f
SHA-256: a8e0013ab26219c2e13f00601f9c20e0b3b2835b35b23f53f0a854e6b1283152
java-1.7.0-openjdk-javadoc-1.7.0.9-2.3.8.0.el6_4.noarch.rpm
File outdated by:  RHSA-2014:0406
    MD5: da00573a88ce07d3662dab44eaff8cea
SHA-256: fa4fa2768993dfb386b269a950d3997e9f7b840d2d37381981088594cc8e64ac
java-1.7.0-openjdk-src-1.7.0.9-2.3.8.0.el6_4.x86_64.rpm
File outdated by:  RHSA-2014:0406
    MD5: 544e07b6d6341a4a7172927e19ae7372
SHA-256: 1da48818debcb5abd0e3b7ea7f2475ea544c48d4f3775df565b9cac99bb889bf
 
Red Hat Enterprise Linux Server (v. 6)

SRPMS:
java-1.7.0-openjdk-1.7.0.9-2.3.8.0.el6_4.src.rpm
File outdated by:  RHSA-2014:0406
    MD5: 0994714bbacf92b9a4e3b2fe5fc28263
SHA-256: 47cd30823775473fcbbda95b444977808699d78472aca7286b4d9c8ed8308086
 
IA-32:
java-1.7.0-openjdk-1.7.0.9-2.3.8.0.el6_4.i686.rpm
File outdated by:  RHSA-2014:0406
    MD5: debe0409ed43c4d231e2e57d9c13aea8
SHA-256: f95d297ee63627bb0ba5fad800dbef03f68fdbb696acdf37fa1249e1e944d382
java-1.7.0-openjdk-debuginfo-1.7.0.9-2.3.8.0.el6_4.i686.rpm
File outdated by:  RHSA-2014:0406
    MD5: 8a61db89bd2b83463520e56f77ebc779
SHA-256: 552f106697db263372a1dfffcdf29bc137079bc940149279cf393b4ee995f061
java-1.7.0-openjdk-demo-1.7.0.9-2.3.8.0.el6_4.i686.rpm
File outdated by:  RHSA-2014:0406
    MD5: 93f10c31eacf429393aa7b52dbb7d3d3
SHA-256: 36345b6bcb7abba01cb02cf4f7e6285fe44f0509001fc08e05d8df1f23d28f8a
java-1.7.0-openjdk-devel-1.7.0.9-2.3.8.0.el6_4.i686.rpm
File outdated by:  RHSA-2014:0406
    MD5: bdf948ee6ed14cf7570f7e240cc3e5cb
SHA-256: 76e16caa9bf7d1fcef7b28711c7547cce9eaa8dcaaa440fc669b8fba3f323c05
java-1.7.0-openjdk-javadoc-1.7.0.9-2.3.8.0.el6_4.noarch.rpm
File outdated by:  RHSA-2013:1451
    MD5: da00573a88ce07d3662dab44eaff8cea
SHA-256: fa4fa2768993dfb386b269a950d3997e9f7b840d2d37381981088594cc8e64ac
java-1.7.0-openjdk-src-1.7.0.9-2.3.8.0.el6_4.i686.rpm
File outdated by:  RHSA-2014:0406
    MD5: e7c9eeba1f830e5eb72fb7b13e450ec8
SHA-256: 0484cbc498899f43887cddaa536a6a03612ef9e957ab5e9bd398fc43f09d4914
 
x86_64:
java-1.7.0-openjdk-1.7.0.9-2.3.8.0.el6_4.x86_64.rpm
File outdated by:  RHSA-2014:0406
    MD5: ba6b46fe1f3960e252c676f6c2c3a9a7
SHA-256: 34b3b35a77e52bd2e72f19fd2d6eed5ea54e027e9efa801842c1a3d6ed786bfe
java-1.7.0-openjdk-debuginfo-1.7.0.9-2.3.8.0.el6_4.x86_64.rpm
File outdated by:  RHSA-2014:0406
    MD5: 671675d1bc5fb2f7c025f926bf98cb5a
SHA-256: 2727a68a6683df2634cfb2318e69c7dcbfb93659ecfb4b04645e459bd630587a
java-1.7.0-openjdk-demo-1.7.0.9-2.3.8.0.el6_4.x86_64.rpm
File outdated by:  RHSA-2014:0406
    MD5: c6640c5c001ae312c630c49fcaba3358
SHA-256: ce2683ab291513c47d7914510be7acc3fb23ffe217cc9f6380c8010ca43e21b2
java-1.7.0-openjdk-devel-1.7.0.9-2.3.8.0.el6_4.x86_64.rpm
File outdated by:  RHSA-2014:0406
    MD5: f1bba90605720b9bd2175f4739e85e8f
SHA-256: a8e0013ab26219c2e13f00601f9c20e0b3b2835b35b23f53f0a854e6b1283152
java-1.7.0-openjdk-javadoc-1.7.0.9-2.3.8.0.el6_4.noarch.rpm
File outdated by:  RHSA-2013:1451
    MD5: da00573a88ce07d3662dab44eaff8cea
SHA-256: fa4fa2768993dfb386b269a950d3997e9f7b840d2d37381981088594cc8e64ac
java-1.7.0-openjdk-src-1.7.0.9-2.3.8.0.el6_4.x86_64.rpm
File outdated by:  RHSA-2014:0406
    MD5: 544e07b6d6341a4a7172927e19ae7372
SHA-256: 1da48818debcb5abd0e3b7ea7f2475ea544c48d4f3775df565b9cac99bb889bf
 
Red Hat Enterprise Linux Server AUS (v. 6.4)

SRPMS:
java-1.7.0-openjdk-1.7.0.9-2.3.8.0.el6_4.src.rpm
File outdated by:  RHSA-2014:0406
    MD5: 0994714bbacf92b9a4e3b2fe5fc28263
SHA-256: 47cd30823775473fcbbda95b444977808699d78472aca7286b4d9c8ed8308086
 
x86_64:
java-1.7.0-openjdk-1.7.0.9-2.3.8.0.el6_4.x86_64.rpm
File outdated by:  RHSA-2013:1451
    MD5: ba6b46fe1f3960e252c676f6c2c3a9a7
SHA-256: 34b3b35a77e52bd2e72f19fd2d6eed5ea54e027e9efa801842c1a3d6ed786bfe
java-1.7.0-openjdk-debuginfo-1.7.0.9-2.3.8.0.el6_4.x86_64.rpm
File outdated by:  RHSA-2013:1451
    MD5: 671675d1bc5fb2f7c025f926bf98cb5a
SHA-256: 2727a68a6683df2634cfb2318e69c7dcbfb93659ecfb4b04645e459bd630587a
java-1.7.0-openjdk-demo-1.7.0.9-2.3.8.0.el6_4.x86_64.rpm
File outdated by:  RHSA-2013:1451
    MD5: c6640c5c001ae312c630c49fcaba3358
SHA-256: ce2683ab291513c47d7914510be7acc3fb23ffe217cc9f6380c8010ca43e21b2
java-1.7.0-openjdk-devel-1.7.0.9-2.3.8.0.el6_4.x86_64.rpm
File outdated by:  RHSA-2013:1451
    MD5: f1bba90605720b9bd2175f4739e85e8f
SHA-256: a8e0013ab26219c2e13f00601f9c20e0b3b2835b35b23f53f0a854e6b1283152
java-1.7.0-openjdk-javadoc-1.7.0.9-2.3.8.0.el6_4.noarch.rpm
File outdated by:  RHSA-2013:1451
    MD5: da00573a88ce07d3662dab44eaff8cea
SHA-256: fa4fa2768993dfb386b269a950d3997e9f7b840d2d37381981088594cc8e64ac
java-1.7.0-openjdk-src-1.7.0.9-2.3.8.0.el6_4.x86_64.rpm
File outdated by:  RHSA-2013:1451
    MD5: 544e07b6d6341a4a7172927e19ae7372
SHA-256: 1da48818debcb5abd0e3b7ea7f2475ea544c48d4f3775df565b9cac99bb889bf
 
Red Hat Enterprise Linux Server EUS (v. 6.4.z)

SRPMS:
java-1.7.0-openjdk-1.7.0.9-2.3.8.0.el6_4.src.rpm
File outdated by:  RHSA-2014:0406
    MD5: 0994714bbacf92b9a4e3b2fe5fc28263
SHA-256: 47cd30823775473fcbbda95b444977808699d78472aca7286b4d9c8ed8308086
 
IA-32:
java-1.7.0-openjdk-1.7.0.9-2.3.8.0.el6_4.i686.rpm
File outdated by:  RHSA-2013:1451
    MD5: debe0409ed43c4d231e2e57d9c13aea8
SHA-256: f95d297ee63627bb0ba5fad800dbef03f68fdbb696acdf37fa1249e1e944d382
java-1.7.0-openjdk-debuginfo-1.7.0.9-2.3.8.0.el6_4.i686.rpm
File outdated by:  RHSA-2013:1451
    MD5: 8a61db89bd2b83463520e56f77ebc779
SHA-256: 552f106697db263372a1dfffcdf29bc137079bc940149279cf393b4ee995f061
java-1.7.0-openjdk-demo-1.7.0.9-2.3.8.0.el6_4.i686.rpm
File outdated by:  RHSA-2013:1451
    MD5: 93f10c31eacf429393aa7b52dbb7d3d3
SHA-256: 36345b6bcb7abba01cb02cf4f7e6285fe44f0509001fc08e05d8df1f23d28f8a
java-1.7.0-openjdk-devel-1.7.0.9-2.3.8.0.el6_4.i686.rpm
File outdated by:  RHSA-2013:1451
    MD5: bdf948ee6ed14cf7570f7e240cc3e5cb
SHA-256: 76e16caa9bf7d1fcef7b28711c7547cce9eaa8dcaaa440fc669b8fba3f323c05
java-1.7.0-openjdk-javadoc-1.7.0.9-2.3.8.0.el6_4.noarch.rpm
File outdated by:  RHSA-2013:1451
    MD5: da00573a88ce07d3662dab44eaff8cea
SHA-256: fa4fa2768993dfb386b269a950d3997e9f7b840d2d37381981088594cc8e64ac
java-1.7.0-openjdk-src-1.7.0.9-2.3.8.0.el6_4.i686.rpm
File outdated by:  RHSA-2013:1451
    MD5: e7c9eeba1f830e5eb72fb7b13e450ec8
SHA-256: 0484cbc498899f43887cddaa536a6a03612ef9e957ab5e9bd398fc43f09d4914
 
x86_64:
java-1.7.0-openjdk-1.7.0.9-2.3.8.0.el6_4.x86_64.rpm
File outdated by:  RHSA-2013:1451
    MD5: ba6b46fe1f3960e252c676f6c2c3a9a7
SHA-256: 34b3b35a77e52bd2e72f19fd2d6eed5ea54e027e9efa801842c1a3d6ed786bfe
java-1.7.0-openjdk-debuginfo-1.7.0.9-2.3.8.0.el6_4.x86_64.rpm
File outdated by:  RHSA-2013:1451
    MD5: 671675d1bc5fb2f7c025f926bf98cb5a
SHA-256: 2727a68a6683df2634cfb2318e69c7dcbfb93659ecfb4b04645e459bd630587a
java-1.7.0-openjdk-demo-1.7.0.9-2.3.8.0.el6_4.x86_64.rpm
File outdated by:  RHSA-2013:1451
    MD5: c6640c5c001ae312c630c49fcaba3358
SHA-256: ce2683ab291513c47d7914510be7acc3fb23ffe217cc9f6380c8010ca43e21b2
java-1.7.0-openjdk-devel-1.7.0.9-2.3.8.0.el6_4.x86_64.rpm
File outdated by:  RHSA-2013:1451
    MD5: f1bba90605720b9bd2175f4739e85e8f
SHA-256: a8e0013ab26219c2e13f00601f9c20e0b3b2835b35b23f53f0a854e6b1283152
java-1.7.0-openjdk-javadoc-1.7.0.9-2.3.8.0.el6_4.noarch.rpm
File outdated by:  RHSA-2013:1451
    MD5: da00573a88ce07d3662dab44eaff8cea
SHA-256: fa4fa2768993dfb386b269a950d3997e9f7b840d2d37381981088594cc8e64ac
java-1.7.0-openjdk-src-1.7.0.9-2.3.8.0.el6_4.x86_64.rpm
File outdated by:  RHSA-2013:1451
    MD5: 544e07b6d6341a4a7172927e19ae7372
SHA-256: 1da48818debcb5abd0e3b7ea7f2475ea544c48d4f3775df565b9cac99bb889bf
 
Red Hat Enterprise Linux Workstation (v. 6)

SRPMS:
java-1.7.0-openjdk-1.7.0.9-2.3.8.0.el6_4.src.rpm
File outdated by:  RHSA-2014:0406
    MD5: 0994714bbacf92b9a4e3b2fe5fc28263
SHA-256: 47cd30823775473fcbbda95b444977808699d78472aca7286b4d9c8ed8308086
 
IA-32:
java-1.7.0-openjdk-1.7.0.9-2.3.8.0.el6_4.i686.rpm
File outdated by:  RHSA-2014:0406
    MD5: debe0409ed43c4d231e2e57d9c13aea8
SHA-256: f95d297ee63627bb0ba5fad800dbef03f68fdbb696acdf37fa1249e1e944d382
java-1.7.0-openjdk-debuginfo-1.7.0.9-2.3.8.0.el6_4.i686.rpm
File outdated by:  RHSA-2014:0406
    MD5: 8a61db89bd2b83463520e56f77ebc779
SHA-256: 552f106697db263372a1dfffcdf29bc137079bc940149279cf393b4ee995f061
java-1.7.0-openjdk-demo-1.7.0.9-2.3.8.0.el6_4.i686.rpm
File outdated by:  RHSA-2014:0406
    MD5: 93f10c31eacf429393aa7b52dbb7d3d3
SHA-256: 36345b6bcb7abba01cb02cf4f7e6285fe44f0509001fc08e05d8df1f23d28f8a
java-1.7.0-openjdk-devel-1.7.0.9-2.3.8.0.el6_4.i686.rpm
File outdated by:  RHSA-2014:0406
    MD5: bdf948ee6ed14cf7570f7e240cc3e5cb
SHA-256: 76e16caa9bf7d1fcef7b28711c7547cce9eaa8dcaaa440fc669b8fba3f323c05
java-1.7.0-openjdk-javadoc-1.7.0.9-2.3.8.0.el6_4.noarch.rpm
File outdated by:  RHSA-2013:1451
    MD5: da00573a88ce07d3662dab44eaff8cea
SHA-256: fa4fa2768993dfb386b269a950d3997e9f7b840d2d37381981088594cc8e64ac
java-1.7.0-openjdk-src-1.7.0.9-2.3.8.0.el6_4.i686.rpm
File outdated by:  RHSA-2014:0406
    MD5: e7c9eeba1f830e5eb72fb7b13e450ec8
SHA-256: 0484cbc498899f43887cddaa536a6a03612ef9e957ab5e9bd398fc43f09d4914
 
x86_64:
java-1.7.0-openjdk-1.7.0.9-2.3.8.0.el6_4.x86_64.rpm
File outdated by:  RHSA-2014:0406
    MD5: ba6b46fe1f3960e252c676f6c2c3a9a7
SHA-256: 34b3b35a77e52bd2e72f19fd2d6eed5ea54e027e9efa801842c1a3d6ed786bfe
java-1.7.0-openjdk-debuginfo-1.7.0.9-2.3.8.0.el6_4.x86_64.rpm
File outdated by:  RHSA-2014:0406
    MD5: 671675d1bc5fb2f7c025f926bf98cb5a
SHA-256: 2727a68a6683df2634cfb2318e69c7dcbfb93659ecfb4b04645e459bd630587a
java-1.7.0-openjdk-demo-1.7.0.9-2.3.8.0.el6_4.x86_64.rpm
File outdated by:  RHSA-2014:0406
    MD5: c6640c5c001ae312c630c49fcaba3358
SHA-256: ce2683ab291513c47d7914510be7acc3fb23ffe217cc9f6380c8010ca43e21b2
java-1.7.0-openjdk-devel-1.7.0.9-2.3.8.0.el6_4.x86_64.rpm
File outdated by:  RHSA-2014:0406
    MD5: f1bba90605720b9bd2175f4739e85e8f
SHA-256: a8e0013ab26219c2e13f00601f9c20e0b3b2835b35b23f53f0a854e6b1283152
java-1.7.0-openjdk-javadoc-1.7.0.9-2.3.8.0.el6_4.noarch.rpm
File outdated by:  RHSA-2013:1451
    MD5: da00573a88ce07d3662dab44eaff8cea
SHA-256: fa4fa2768993dfb386b269a950d3997e9f7b840d2d37381981088594cc8e64ac
java-1.7.0-openjdk-src-1.7.0.9-2.3.8.0.el6_4.x86_64.rpm
File outdated by:  RHSA-2014:0406
    MD5: 544e07b6d6341a4a7172927e19ae7372
SHA-256: 1da48818debcb5abd0e3b7ea7f2475ea544c48d4f3775df565b9cac99bb889bf
 
(The unlinked packages above are only available from the Red Hat Network)

Bugs fixed (see bugzilla for more information)

917550 - CVE-2013-0809 OpenJDK: Specially crafted sample model integer overflow (2D, 8007014)
917553 - CVE-2013-1493 OpenJDK: CMM malformed raster memory corruption (2D, 8007675)


References



These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from:
https://www.redhat.com/security/team/key/#package

The Red Hat security contact is secalert@redhat.com. More contact details at http://www.redhat.com/security/team/contact/