Skip to navigation

Security Advisory Critical: java-1.7.0-oracle security update

Advisory: RHSA-2013:0757-3
Type: Security Advisory
Severity: Critical
Issued on: 2013-04-18
Last updated on: 2013-04-18
Affected Products: RHEL Supplementary EUS (v. 5.9.z server)
RHEL Supplementary Long Life (v. 5.9 server)
Red Hat Enterprise Linux Desktop Supplementary (v. 6)
Red Hat Enterprise Linux HPC Node Supplementary (v. 6)
Red Hat Enterprise Linux Server Supplementary (v. 6)
Red Hat Enterprise Linux Server Supplementary AUS (v. 6.4)
Red Hat Enterprise Linux Server Supplementary EUS (v. 6.4.z)
Red Hat Enterprise Linux Workstation Supplementary (v. 6)
CVEs (cve.mitre.org): CVE-2013-0401
CVE-2013-0402
CVE-2013-1488
CVE-2013-1491
CVE-2013-1518
CVE-2013-1537
CVE-2013-1540
CVE-2013-1557
CVE-2013-1558
CVE-2013-1561
CVE-2013-1563
CVE-2013-1564
CVE-2013-1569
CVE-2013-2383
CVE-2013-2384
CVE-2013-2394
CVE-2013-2414
CVE-2013-2415
CVE-2013-2416
CVE-2013-2417
CVE-2013-2418
CVE-2013-2419
CVE-2013-2420
CVE-2013-2421
CVE-2013-2422
CVE-2013-2423
CVE-2013-2424
CVE-2013-2425
CVE-2013-2426
CVE-2013-2427
CVE-2013-2428
CVE-2013-2429
CVE-2013-2430
CVE-2013-2431
CVE-2013-2432
CVE-2013-2433
CVE-2013-2434
CVE-2013-2435
CVE-2013-2436
CVE-2013-2438
CVE-2013-2439
CVE-2013-2440

Details

Updated java-1.7.0-oracle packages that fix several security issues are now
available for Red Hat Enterprise Linux 5 and 6 Supplementary.

The Red Hat Security Response Team has rated this update as having critical
security impact. Common Vulnerability Scoring System (CVSS) base scores,
which give detailed severity ratings, are available for each vulnerability
from the CVE links in the References section.

Oracle Java SE version 7 includes the Oracle Java Runtime Environment and
the Oracle Java Software Development Kit.

This update fixes several vulnerabilities in the Oracle Java Runtime
Environment and the Oracle Java Software Development Kit. Further
information about these flaws can be found on the Oracle Java SE Critical
Patch Update Advisory page, listed in the References section.
(CVE-2013-0401, CVE-2013-0402, CVE-2013-1488, CVE-2013-1491, CVE-2013-1518,
CVE-2013-1537, CVE-2013-1540, CVE-2013-1557, CVE-2013-1558, CVE-2013-1561,
CVE-2013-1563, CVE-2013-1564, CVE-2013-1569, CVE-2013-2383, CVE-2013-2384,
CVE-2013-2394, CVE-2013-2414, CVE-2013-2415, CVE-2013-2416, CVE-2013-2417,
CVE-2013-2418, CVE-2013-2419, CVE-2013-2420, CVE-2013-2421, CVE-2013-2422,
CVE-2013-2423, CVE-2013-2424, CVE-2013-2425, CVE-2013-2426, CVE-2013-2427,
CVE-2013-2428, CVE-2013-2429, CVE-2013-2430, CVE-2013-2431, CVE-2013-2432,
CVE-2013-2433, CVE-2013-2434, CVE-2013-2435, CVE-2013-2436, CVE-2013-2438,
CVE-2013-2439, CVE-2013-2440)

All users of java-1.7.0-oracle are advised to upgrade to these updated
packages, which provide Oracle Java 7 Update 21 and resolve these issues.
All running instances of Oracle Java must be restarted for the update to
take effect.


Solution

Before applying this update, make sure all previously-released errata
relevant to your system have been applied.

This update is available via the Red Hat Network. Details on how to
use the Red Hat Network to apply this update are available at
https://access.redhat.com/knowledge/articles/11258

Updated packages

RHEL Supplementary EUS (v. 5.9.z server)

IA-32:
java-1.7.0-oracle-1.7.0.21-1jpp.1.el5.i386.rpm
File outdated by:  RHSA-2013:0963
    MD5: 3f337a13118acaf0abf3e59799250d25
SHA-256: 997225220a1f0bd49c496f27a212322d0d80a6ee94f3b377493a54887ce82e49
java-1.7.0-oracle-devel-1.7.0.21-1jpp.1.el5.i386.rpm
File outdated by:  RHSA-2013:0963
    MD5: 83acac3b1f3a44dc5d0ead40a1873777
SHA-256: 3336c02476c092de606f4ccf8d6e4e8cdc5a863c489526e2a602cdc5df5141c4
java-1.7.0-oracle-javafx-1.7.0.21-1jpp.1.el5.i386.rpm
File outdated by:  RHSA-2013:0963
    MD5: 36f161e86f65ee406eec0dacd2519cd9
SHA-256: a9675fdc504c5d1f5cd28f3602c376638a7585a2770d91828b6f052411332c09
java-1.7.0-oracle-jdbc-1.7.0.21-1jpp.1.el5.i386.rpm
File outdated by:  RHSA-2013:0963
    MD5: c38b101d1eccdc82c0911070fc8fe913
SHA-256: de8347a32cebe572ffa7cb5da2786fe1959f61ae42face59a5ca0ce9a7e08fb2
java-1.7.0-oracle-plugin-1.7.0.21-1jpp.1.el5.i386.rpm
File outdated by:  RHSA-2013:0963
    MD5: cd6b1aed2390a7926a6b8d0643a0bad2
SHA-256: 755a70ac2ec79cd37413b4e136a8270c385d2fc54eea245b685ce703fa4a69fd
java-1.7.0-oracle-src-1.7.0.21-1jpp.1.el5.i386.rpm
File outdated by:  RHSA-2013:0963
    MD5: a5438e497fb032f1d6a88164d2492d3a
SHA-256: bca1136df7a159f65ae28b9cb72a185aedb4be52d420133944f3cab90df368f7
 
x86_64:
java-1.7.0-oracle-1.7.0.21-1jpp.1.el5.x86_64.rpm
File outdated by:  RHSA-2013:0963
    MD5: 86ae290352af56cd4937709c839ce036
SHA-256: 65b125686d5d4e522d16c47e3a27d8e37bbe86eb7d4b60ef76e19b4e5d01efba
java-1.7.0-oracle-devel-1.7.0.21-1jpp.1.el5.x86_64.rpm
File outdated by:  RHSA-2013:0963
    MD5: 4ce3d25c67a54fe45f20e25d7fbcc25e
SHA-256: 472b39e3ca6d4ec8b12c037e9a04fea10949fb104f663ef76559dc0f86a61a6d
java-1.7.0-oracle-javafx-1.7.0.21-1jpp.1.el5.x86_64.rpm
File outdated by:  RHSA-2013:0963
    MD5: 5155d0f11a57cb7113473ec5bec7024b
SHA-256: 93de206f69aaaf63e26128a45581dda85d5f62022fd0f6e726781bf9b12c4c2a
java-1.7.0-oracle-jdbc-1.7.0.21-1jpp.1.el5.x86_64.rpm
File outdated by:  RHSA-2013:0963
    MD5: 9d7f052d1731a235bcc3e8aa4d384f0e
SHA-256: d6e4789572507f7db531e5d56c1161ceb0487595673f0ee77dfb3893764823f4
java-1.7.0-oracle-plugin-1.7.0.21-1jpp.1.el5.x86_64.rpm
File outdated by:  RHSA-2013:0963
    MD5: acd46b762389de61497a4cac8f5b9969
SHA-256: 2917d6786f9e431c0d8078b81fb48781ed9fefb9f07a31708ecc214a95f248cb
java-1.7.0-oracle-src-1.7.0.21-1jpp.1.el5.x86_64.rpm
File outdated by:  RHSA-2013:0963
    MD5: 253e90f52c677108e7dbe8b18c1fa0eb
SHA-256: a24d5bff545e168f5e154e40a29a7f0b1c8e6f053c17f60dfed27a30dad5ca8d
 
RHEL Supplementary Long Life (v. 5.9 server)

IA-32:
java-1.7.0-oracle-1.7.0.21-1jpp.1.el5.i386.rpm
File outdated by:  RHSA-2013:0963
    MD5: 3f337a13118acaf0abf3e59799250d25
SHA-256: 997225220a1f0bd49c496f27a212322d0d80a6ee94f3b377493a54887ce82e49
java-1.7.0-oracle-devel-1.7.0.21-1jpp.1.el5.i386.rpm
File outdated by:  RHSA-2013:0963
    MD5: 83acac3b1f3a44dc5d0ead40a1873777
SHA-256: 3336c02476c092de606f4ccf8d6e4e8cdc5a863c489526e2a602cdc5df5141c4
java-1.7.0-oracle-javafx-1.7.0.21-1jpp.1.el5.i386.rpm
File outdated by:  RHSA-2013:0963
    MD5: 36f161e86f65ee406eec0dacd2519cd9
SHA-256: a9675fdc504c5d1f5cd28f3602c376638a7585a2770d91828b6f052411332c09
java-1.7.0-oracle-jdbc-1.7.0.21-1jpp.1.el5.i386.rpm
File outdated by:  RHSA-2013:0963
    MD5: c38b101d1eccdc82c0911070fc8fe913
SHA-256: de8347a32cebe572ffa7cb5da2786fe1959f61ae42face59a5ca0ce9a7e08fb2
java-1.7.0-oracle-plugin-1.7.0.21-1jpp.1.el5.i386.rpm
File outdated by:  RHSA-2013:0963
    MD5: cd6b1aed2390a7926a6b8d0643a0bad2
SHA-256: 755a70ac2ec79cd37413b4e136a8270c385d2fc54eea245b685ce703fa4a69fd
java-1.7.0-oracle-src-1.7.0.21-1jpp.1.el5.i386.rpm
File outdated by:  RHSA-2013:0963
    MD5: a5438e497fb032f1d6a88164d2492d3a
SHA-256: bca1136df7a159f65ae28b9cb72a185aedb4be52d420133944f3cab90df368f7
 
x86_64:
java-1.7.0-oracle-1.7.0.21-1jpp.1.el5.x86_64.rpm
File outdated by:  RHSA-2013:0963
    MD5: 86ae290352af56cd4937709c839ce036
SHA-256: 65b125686d5d4e522d16c47e3a27d8e37bbe86eb7d4b60ef76e19b4e5d01efba
java-1.7.0-oracle-devel-1.7.0.21-1jpp.1.el5.x86_64.rpm
File outdated by:  RHSA-2013:0963
    MD5: 4ce3d25c67a54fe45f20e25d7fbcc25e
SHA-256: 472b39e3ca6d4ec8b12c037e9a04fea10949fb104f663ef76559dc0f86a61a6d
java-1.7.0-oracle-javafx-1.7.0.21-1jpp.1.el5.x86_64.rpm
File outdated by:  RHSA-2013:0963
    MD5: 5155d0f11a57cb7113473ec5bec7024b
SHA-256: 93de206f69aaaf63e26128a45581dda85d5f62022fd0f6e726781bf9b12c4c2a
java-1.7.0-oracle-jdbc-1.7.0.21-1jpp.1.el5.x86_64.rpm
File outdated by:  RHSA-2013:0963
    MD5: 9d7f052d1731a235bcc3e8aa4d384f0e
SHA-256: d6e4789572507f7db531e5d56c1161ceb0487595673f0ee77dfb3893764823f4
java-1.7.0-oracle-plugin-1.7.0.21-1jpp.1.el5.x86_64.rpm
File outdated by:  RHSA-2013:0963
    MD5: acd46b762389de61497a4cac8f5b9969
SHA-256: 2917d6786f9e431c0d8078b81fb48781ed9fefb9f07a31708ecc214a95f248cb
java-1.7.0-oracle-src-1.7.0.21-1jpp.1.el5.x86_64.rpm
File outdated by:  RHSA-2013:0963
    MD5: 253e90f52c677108e7dbe8b18c1fa0eb
SHA-256: a24d5bff545e168f5e154e40a29a7f0b1c8e6f053c17f60dfed27a30dad5ca8d
 
Red Hat Enterprise Linux Desktop Supplementary (v. 6)

IA-32:
java-1.7.0-oracle-1.7.0.21-1jpp.1.el6.i686.rpm
File outdated by:  RHSA-2014:0412
    MD5: d6145bcdc41d18666ea6d622be9953d4
SHA-256: 65b6b9a610021aece2aadb9e36f034ba3cbef0db2aa60305a279b9b1f7668cf3
java-1.7.0-oracle-devel-1.7.0.21-1jpp.1.el6.i686.rpm
File outdated by:  RHSA-2014:0412
    MD5: e0ec774dea2cf2f6d28dd4ed0e4fcd4f
SHA-256: 312d2e074d3c7c395030ebda361b937417d54b889ffea69eda39a1608ab41f6f
java-1.7.0-oracle-javafx-1.7.0.21-1jpp.1.el6.i686.rpm
File outdated by:  RHSA-2014:0412
    MD5: 6ffb41e910e3edef14515e574e0897a2
SHA-256: 847f29a810caaa8b964da22bd50dd172529b23b5af4bb91b9aa1ca693ad05160
java-1.7.0-oracle-jdbc-1.7.0.21-1jpp.1.el6.i686.rpm
File outdated by:  RHSA-2014:0412
    MD5: de68b7eb2da627f1c4237b6d10099d50
SHA-256: f7a8586515412e91cbffe0d983a98ccbe80e16075aa82716728513e015f88d4e
java-1.7.0-oracle-plugin-1.7.0.21-1jpp.1.el6.i686.rpm
File outdated by:  RHSA-2014:0412
    MD5: 6c48cc0ee4629abc035496bbf774698c
SHA-256: 201159f13f9b3d3271003cf313c98e9834702a82c2cc90bae57aed3a3aaacdc0
java-1.7.0-oracle-src-1.7.0.21-1jpp.1.el6.i686.rpm
File outdated by:  RHSA-2014:0412
    MD5: 91e7368fafbf437ec991369c8dc2c889
SHA-256: a998048c33cdfbd69f55862bc562e71904dc6ad501dca312a4752f9c00dd5748
 
x86_64:
java-1.7.0-oracle-1.7.0.21-1jpp.1.el6.x86_64.rpm
File outdated by:  RHSA-2014:0412
    MD5: bc5d2c4d85c9602ecdae0a97d67c05e9
SHA-256: fd5eed507739edc1463510ffd169a1ce57fbf911a4b59c872418f0c2909dd054
java-1.7.0-oracle-devel-1.7.0.21-1jpp.1.el6.x86_64.rpm
File outdated by:  RHSA-2014:0412
    MD5: e2171830051c299f00a982518ea5a3f2
SHA-256: 59c35d4003ec562d63de0bef2be6a89a82f67aa1aad3c76417922ed1606ef4b4
java-1.7.0-oracle-javafx-1.7.0.21-1jpp.1.el6.x86_64.rpm
File outdated by:  RHSA-2014:0412
    MD5: ada2b33d75320b813e6a66a2af6c103d
SHA-256: ac231c8a666f74eafdd933d0b5958481317c5f20832f15e1b9ffc33e41461704
java-1.7.0-oracle-jdbc-1.7.0.21-1jpp.1.el6.x86_64.rpm
File outdated by:  RHSA-2014:0412
    MD5: 85c5eb096fd6df1812c44af8c47c5d17
SHA-256: 87f3f5b59f40e0fcb15e045cc5fe2ee9b4b6f77a29712ae26d2c454a8d8c8699
java-1.7.0-oracle-plugin-1.7.0.21-1jpp.1.el6.x86_64.rpm
File outdated by:  RHSA-2014:0412
    MD5: 645f1213fc9cfe366382d9164c74cc93
SHA-256: 5de1e13677486e2c432d79cc0aa0e6297788996c9304f5797743b93f3363d56c
java-1.7.0-oracle-src-1.7.0.21-1jpp.1.el6.x86_64.rpm
File outdated by:  RHSA-2014:0412
    MD5: 07ad71d3bcbcd8a0a2bb33d5a3fa29cf
SHA-256: 2d389ad1656aac771a70d794f5affadf271d904c22f245782a53d62e1daa490c
 
Red Hat Enterprise Linux HPC Node Supplementary (v. 6)

x86_64:
java-1.7.0-oracle-1.7.0.21-1jpp.1.el6.x86_64.rpm
File outdated by:  RHSA-2014:0412
    MD5: bc5d2c4d85c9602ecdae0a97d67c05e9
SHA-256: fd5eed507739edc1463510ffd169a1ce57fbf911a4b59c872418f0c2909dd054
java-1.7.0-oracle-devel-1.7.0.21-1jpp.1.el6.x86_64.rpm
File outdated by:  RHSA-2014:0412
    MD5: e2171830051c299f00a982518ea5a3f2
SHA-256: 59c35d4003ec562d63de0bef2be6a89a82f67aa1aad3c76417922ed1606ef4b4
java-1.7.0-oracle-javafx-1.7.0.21-1jpp.1.el6.x86_64.rpm
File outdated by:  RHSA-2014:0412
    MD5: ada2b33d75320b813e6a66a2af6c103d
SHA-256: ac231c8a666f74eafdd933d0b5958481317c5f20832f15e1b9ffc33e41461704
java-1.7.0-oracle-src-1.7.0.21-1jpp.1.el6.x86_64.rpm
File outdated by:  RHSA-2014:0412
    MD5: 07ad71d3bcbcd8a0a2bb33d5a3fa29cf
SHA-256: 2d389ad1656aac771a70d794f5affadf271d904c22f245782a53d62e1daa490c
 
Red Hat Enterprise Linux Server Supplementary (v. 6)

IA-32:
java-1.7.0-oracle-1.7.0.21-1jpp.1.el6.i686.rpm
File outdated by:  RHSA-2014:0412
    MD5: d6145bcdc41d18666ea6d622be9953d4
SHA-256: 65b6b9a610021aece2aadb9e36f034ba3cbef0db2aa60305a279b9b1f7668cf3
java-1.7.0-oracle-devel-1.7.0.21-1jpp.1.el6.i686.rpm
File outdated by:  RHSA-2014:0412
    MD5: e0ec774dea2cf2f6d28dd4ed0e4fcd4f
SHA-256: 312d2e074d3c7c395030ebda361b937417d54b889ffea69eda39a1608ab41f6f
java-1.7.0-oracle-javafx-1.7.0.21-1jpp.1.el6.i686.rpm
File outdated by:  RHSA-2014:0412
    MD5: 6ffb41e910e3edef14515e574e0897a2
SHA-256: 847f29a810caaa8b964da22bd50dd172529b23b5af4bb91b9aa1ca693ad05160
java-1.7.0-oracle-jdbc-1.7.0.21-1jpp.1.el6.i686.rpm
File outdated by:  RHSA-2014:0412
    MD5: de68b7eb2da627f1c4237b6d10099d50
SHA-256: f7a8586515412e91cbffe0d983a98ccbe80e16075aa82716728513e015f88d4e
java-1.7.0-oracle-plugin-1.7.0.21-1jpp.1.el6.i686.rpm
File outdated by:  RHSA-2014:0412
    MD5: 6c48cc0ee4629abc035496bbf774698c
SHA-256: 201159f13f9b3d3271003cf313c98e9834702a82c2cc90bae57aed3a3aaacdc0
java-1.7.0-oracle-src-1.7.0.21-1jpp.1.el6.i686.rpm
File outdated by:  RHSA-2014:0412
    MD5: 91e7368fafbf437ec991369c8dc2c889
SHA-256: a998048c33cdfbd69f55862bc562e71904dc6ad501dca312a4752f9c00dd5748
 
x86_64:
java-1.7.0-oracle-1.7.0.21-1jpp.1.el6.x86_64.rpm
File outdated by:  RHSA-2014:0412
    MD5: bc5d2c4d85c9602ecdae0a97d67c05e9
SHA-256: fd5eed507739edc1463510ffd169a1ce57fbf911a4b59c872418f0c2909dd054
java-1.7.0-oracle-devel-1.7.0.21-1jpp.1.el6.x86_64.rpm
File outdated by:  RHSA-2014:0412
    MD5: e2171830051c299f00a982518ea5a3f2
SHA-256: 59c35d4003ec562d63de0bef2be6a89a82f67aa1aad3c76417922ed1606ef4b4
java-1.7.0-oracle-javafx-1.7.0.21-1jpp.1.el6.x86_64.rpm
File outdated by:  RHSA-2014:0412
    MD5: ada2b33d75320b813e6a66a2af6c103d
SHA-256: ac231c8a666f74eafdd933d0b5958481317c5f20832f15e1b9ffc33e41461704
java-1.7.0-oracle-jdbc-1.7.0.21-1jpp.1.el6.x86_64.rpm
File outdated by:  RHSA-2014:0412
    MD5: 85c5eb096fd6df1812c44af8c47c5d17
SHA-256: 87f3f5b59f40e0fcb15e045cc5fe2ee9b4b6f77a29712ae26d2c454a8d8c8699
java-1.7.0-oracle-plugin-1.7.0.21-1jpp.1.el6.x86_64.rpm
File outdated by:  RHSA-2014:0412
    MD5: 645f1213fc9cfe366382d9164c74cc93
SHA-256: 5de1e13677486e2c432d79cc0aa0e6297788996c9304f5797743b93f3363d56c
java-1.7.0-oracle-src-1.7.0.21-1jpp.1.el6.x86_64.rpm
File outdated by:  RHSA-2014:0412
    MD5: 07ad71d3bcbcd8a0a2bb33d5a3fa29cf
SHA-256: 2d389ad1656aac771a70d794f5affadf271d904c22f245782a53d62e1daa490c
 
Red Hat Enterprise Linux Server Supplementary AUS (v. 6.4)

x86_64:
java-1.7.0-oracle-1.7.0.21-1jpp.1.el6.x86_64.rpm
File outdated by:  RHSA-2013:1440
    MD5: bc5d2c4d85c9602ecdae0a97d67c05e9
SHA-256: fd5eed507739edc1463510ffd169a1ce57fbf911a4b59c872418f0c2909dd054
java-1.7.0-oracle-devel-1.7.0.21-1jpp.1.el6.x86_64.rpm
File outdated by:  RHSA-2013:1440
    MD5: e2171830051c299f00a982518ea5a3f2
SHA-256: 59c35d4003ec562d63de0bef2be6a89a82f67aa1aad3c76417922ed1606ef4b4
java-1.7.0-oracle-javafx-1.7.0.21-1jpp.1.el6.x86_64.rpm
File outdated by:  RHSA-2013:1440
    MD5: ada2b33d75320b813e6a66a2af6c103d
SHA-256: ac231c8a666f74eafdd933d0b5958481317c5f20832f15e1b9ffc33e41461704
java-1.7.0-oracle-jdbc-1.7.0.21-1jpp.1.el6.x86_64.rpm
File outdated by:  RHSA-2013:1440
    MD5: 85c5eb096fd6df1812c44af8c47c5d17
SHA-256: 87f3f5b59f40e0fcb15e045cc5fe2ee9b4b6f77a29712ae26d2c454a8d8c8699
java-1.7.0-oracle-plugin-1.7.0.21-1jpp.1.el6.x86_64.rpm
File outdated by:  RHSA-2013:1440
    MD5: 645f1213fc9cfe366382d9164c74cc93
SHA-256: 5de1e13677486e2c432d79cc0aa0e6297788996c9304f5797743b93f3363d56c
java-1.7.0-oracle-src-1.7.0.21-1jpp.1.el6.x86_64.rpm
File outdated by:  RHSA-2013:1440
    MD5: 07ad71d3bcbcd8a0a2bb33d5a3fa29cf
SHA-256: 2d389ad1656aac771a70d794f5affadf271d904c22f245782a53d62e1daa490c
 
Red Hat Enterprise Linux Server Supplementary EUS (v. 6.4.z)

IA-32:
java-1.7.0-oracle-1.7.0.21-1jpp.1.el6.i686.rpm
File outdated by:  RHSA-2013:1440
    MD5: d6145bcdc41d18666ea6d622be9953d4
SHA-256: 65b6b9a610021aece2aadb9e36f034ba3cbef0db2aa60305a279b9b1f7668cf3
java-1.7.0-oracle-devel-1.7.0.21-1jpp.1.el6.i686.rpm
File outdated by:  RHSA-2013:1440
    MD5: e0ec774dea2cf2f6d28dd4ed0e4fcd4f
SHA-256: 312d2e074d3c7c395030ebda361b937417d54b889ffea69eda39a1608ab41f6f
java-1.7.0-oracle-javafx-1.7.0.21-1jpp.1.el6.i686.rpm
File outdated by:  RHSA-2013:1440
    MD5: 6ffb41e910e3edef14515e574e0897a2
SHA-256: 847f29a810caaa8b964da22bd50dd172529b23b5af4bb91b9aa1ca693ad05160
java-1.7.0-oracle-jdbc-1.7.0.21-1jpp.1.el6.i686.rpm
File outdated by:  RHSA-2013:1440
    MD5: de68b7eb2da627f1c4237b6d10099d50
SHA-256: f7a8586515412e91cbffe0d983a98ccbe80e16075aa82716728513e015f88d4e
java-1.7.0-oracle-plugin-1.7.0.21-1jpp.1.el6.i686.rpm
File outdated by:  RHSA-2013:1440
    MD5: 6c48cc0ee4629abc035496bbf774698c
SHA-256: 201159f13f9b3d3271003cf313c98e9834702a82c2cc90bae57aed3a3aaacdc0
java-1.7.0-oracle-src-1.7.0.21-1jpp.1.el6.i686.rpm
File outdated by:  RHSA-2013:1440
    MD5: 91e7368fafbf437ec991369c8dc2c889
SHA-256: a998048c33cdfbd69f55862bc562e71904dc6ad501dca312a4752f9c00dd5748
 
x86_64:
java-1.7.0-oracle-1.7.0.21-1jpp.1.el6.x86_64.rpm
File outdated by:  RHSA-2013:1440
    MD5: bc5d2c4d85c9602ecdae0a97d67c05e9
SHA-256: fd5eed507739edc1463510ffd169a1ce57fbf911a4b59c872418f0c2909dd054
java-1.7.0-oracle-devel-1.7.0.21-1jpp.1.el6.x86_64.rpm
File outdated by:  RHSA-2013:1440
    MD5: e2171830051c299f00a982518ea5a3f2
SHA-256: 59c35d4003ec562d63de0bef2be6a89a82f67aa1aad3c76417922ed1606ef4b4
java-1.7.0-oracle-javafx-1.7.0.21-1jpp.1.el6.x86_64.rpm
File outdated by:  RHSA-2013:1440
    MD5: ada2b33d75320b813e6a66a2af6c103d
SHA-256: ac231c8a666f74eafdd933d0b5958481317c5f20832f15e1b9ffc33e41461704
java-1.7.0-oracle-jdbc-1.7.0.21-1jpp.1.el6.x86_64.rpm
File outdated by:  RHSA-2013:1440
    MD5: 85c5eb096fd6df1812c44af8c47c5d17
SHA-256: 87f3f5b59f40e0fcb15e045cc5fe2ee9b4b6f77a29712ae26d2c454a8d8c8699
java-1.7.0-oracle-plugin-1.7.0.21-1jpp.1.el6.x86_64.rpm
File outdated by:  RHSA-2013:1440
    MD5: 645f1213fc9cfe366382d9164c74cc93
SHA-256: 5de1e13677486e2c432d79cc0aa0e6297788996c9304f5797743b93f3363d56c
java-1.7.0-oracle-src-1.7.0.21-1jpp.1.el6.x86_64.rpm
File outdated by:  RHSA-2013:1440
    MD5: 07ad71d3bcbcd8a0a2bb33d5a3fa29cf
SHA-256: 2d389ad1656aac771a70d794f5affadf271d904c22f245782a53d62e1daa490c
 
Red Hat Enterprise Linux Workstation Supplementary (v. 6)

IA-32:
java-1.7.0-oracle-1.7.0.21-1jpp.1.el6.i686.rpm
File outdated by:  RHSA-2014:0412
    MD5: d6145bcdc41d18666ea6d622be9953d4
SHA-256: 65b6b9a610021aece2aadb9e36f034ba3cbef0db2aa60305a279b9b1f7668cf3
java-1.7.0-oracle-devel-1.7.0.21-1jpp.1.el6.i686.rpm
File outdated by:  RHSA-2014:0412
    MD5: e0ec774dea2cf2f6d28dd4ed0e4fcd4f
SHA-256: 312d2e074d3c7c395030ebda361b937417d54b889ffea69eda39a1608ab41f6f
java-1.7.0-oracle-javafx-1.7.0.21-1jpp.1.el6.i686.rpm
File outdated by:  RHSA-2014:0412
    MD5: 6ffb41e910e3edef14515e574e0897a2
SHA-256: 847f29a810caaa8b964da22bd50dd172529b23b5af4bb91b9aa1ca693ad05160
java-1.7.0-oracle-jdbc-1.7.0.21-1jpp.1.el6.i686.rpm
File outdated by:  RHSA-2014:0412
    MD5: de68b7eb2da627f1c4237b6d10099d50
SHA-256: f7a8586515412e91cbffe0d983a98ccbe80e16075aa82716728513e015f88d4e
java-1.7.0-oracle-plugin-1.7.0.21-1jpp.1.el6.i686.rpm
File outdated by:  RHSA-2014:0412
    MD5: 6c48cc0ee4629abc035496bbf774698c
SHA-256: 201159f13f9b3d3271003cf313c98e9834702a82c2cc90bae57aed3a3aaacdc0
java-1.7.0-oracle-src-1.7.0.21-1jpp.1.el6.i686.rpm
File outdated by:  RHSA-2014:0412
    MD5: 91e7368fafbf437ec991369c8dc2c889
SHA-256: a998048c33cdfbd69f55862bc562e71904dc6ad501dca312a4752f9c00dd5748
 
x86_64:
java-1.7.0-oracle-1.7.0.21-1jpp.1.el6.x86_64.rpm
File outdated by:  RHSA-2014:0412
    MD5: bc5d2c4d85c9602ecdae0a97d67c05e9
SHA-256: fd5eed507739edc1463510ffd169a1ce57fbf911a4b59c872418f0c2909dd054
java-1.7.0-oracle-devel-1.7.0.21-1jpp.1.el6.x86_64.rpm
File outdated by:  RHSA-2014:0412
    MD5: e2171830051c299f00a982518ea5a3f2
SHA-256: 59c35d4003ec562d63de0bef2be6a89a82f67aa1aad3c76417922ed1606ef4b4
java-1.7.0-oracle-javafx-1.7.0.21-1jpp.1.el6.x86_64.rpm
File outdated by:  RHSA-2014:0412
    MD5: ada2b33d75320b813e6a66a2af6c103d
SHA-256: ac231c8a666f74eafdd933d0b5958481317c5f20832f15e1b9ffc33e41461704
java-1.7.0-oracle-jdbc-1.7.0.21-1jpp.1.el6.x86_64.rpm
File outdated by:  RHSA-2014:0412
    MD5: 85c5eb096fd6df1812c44af8c47c5d17
SHA-256: 87f3f5b59f40e0fcb15e045cc5fe2ee9b4b6f77a29712ae26d2c454a8d8c8699
java-1.7.0-oracle-plugin-1.7.0.21-1jpp.1.el6.x86_64.rpm
File outdated by:  RHSA-2014:0412
    MD5: 645f1213fc9cfe366382d9164c74cc93
SHA-256: 5de1e13677486e2c432d79cc0aa0e6297788996c9304f5797743b93f3363d56c
java-1.7.0-oracle-src-1.7.0.21-1jpp.1.el6.x86_64.rpm
File outdated by:  RHSA-2014:0412
    MD5: 07ad71d3bcbcd8a0a2bb33d5a3fa29cf
SHA-256: 2d389ad1656aac771a70d794f5affadf271d904c22f245782a53d62e1daa490c
 
(The unlinked packages above are only available from the Red Hat Network)

Bugs fixed (see bugzilla for more information)

920245 - CVE-2013-0401 OpenJDK: sun.awt.datatransfer.ClassLoaderObjectInputStream class may incorrectly invoke the system class loader (CanSecWest 2013, AWT, 8009305)
920246 - CVE-2013-0402 Oracle JDK: unspecified JavaFX buffer overflow leading to JVM compromise (CanSecWest 2013, JavaFX)
920247 - CVE-2013-1488 OpenJDK: JDBC driver manager improper toString calls (CanSecWest 2013, Libraries, 8009814)
920248 - CVE-2013-1491 Oracle JDK: unspecified sanbox bypass (CanSecWest 2013, 2D)
952387 - CVE-2013-1537 OpenJDK: remote code loading enabled by default (RMI, 8001040)
952389 - CVE-2013-2415 OpenJDK: temporary files created with insecure permissions (JAX-WS, 8003542)
952398 - CVE-2013-2423 OpenJDK: incorrect setter access checks in MethodHandles (Hostspot, 8009677)
952509 - CVE-2013-2424 OpenJDK: MBeanInstantiator insufficient class access checks (JMX, 8006435)
952521 - CVE-2013-2429 OpenJDK: JPEGImageWriter state corruption (ImageIO, 8007918)
952524 - CVE-2013-2430 OpenJDK: JPEGImageReader state corruption (ImageIO, 8007667)
952550 - CVE-2013-2436 OpenJDK: Wrapper.convert insufficient type checks (Libraries, 8009049)
952638 - CVE-2013-2420 OpenJDK: image processing vulnerability (2D, 8007617)
952640 - CVE-2013-1558 OpenJDK: java.beans.ThreadGroupContext missing restrictions (Beans, 7200507)
952642 - CVE-2013-2422 OpenJDK: MethodUtil trampoline class incorrect restrictions (Libraries, 8009857)
952645 - CVE-2013-2431 OpenJDK: Hotspot intrinsic frames vulnerability (Hotspot, 8004336)
952646 - CVE-2013-1518 OpenJDK: JAXP missing security restrictions (JAXP, 6657673)
952648 - CVE-2013-1557 OpenJDK: LogStream.setDefaultStream() missing security restrictions (RMI, 8001329)
952649 - CVE-2013-2421 OpenJDK: Hotspot MethodHandle lookup error (Hotspot, 8009699)
952653 - CVE-2013-2426 OpenJDK: ConcurrentHashMap incorrectly calls defaultReadObject() method (Libraries, 8009063)
952656 - CVE-2013-2419 ICU: Layout Engine font processing errors (JDK 2D, 8001031)
952657 - CVE-2013-2417 OpenJDK: Network InetAddress serialization information disclosure (Networking, 8000724)
952708 - CVE-2013-2383 ICU: Layout Engine font layout and glyph table errors (JDK 2D, 8004986)
952709 - CVE-2013-2384 ICU: Layout Engine font layout and glyph table errors (JDK 2D, 8004987)
952711 - CVE-2013-1569 ICU: Layout Engine font layout and glyph table errors (JDK 2D, 8004994)
953135 - Oracle JDK: multiple unspecified JavaFX vulnerabilities fixed in 7u21 (JavaFX)
953166 - CVE-2013-1540 Oracle JDK: unspecified vulnerability fixed in 7u21 and 6u45 (Deployment)
953172 - CVE-2013-1563 Oracle JDK: unspecified vulnerability fixed in 7u21 and 6u45 (Install)
953265 - CVE-2013-2394 Oracle JDK: unspecified vulnerability fixed in 7u21 and 6u45 (2D)
953266 - CVE-2013-2416 Oracle JDK: unspecified vulnerability fixed in 7u21 (Deployment)
953267 - CVE-2013-2418 Oracle JDK: unspecified vulnerability fixed in 7u21 and 6u45 (Deployment)
953268 - CVE-2013-2425 Oracle JDK: unspecified vulnerability fixed in 7u21 (Install)
953269 - CVE-2013-2432 Oracle JDK: unspecified vulnerability fixed in 7u21 and 6u45 (2D)
953270 - CVE-2013-2433 Oracle JDK: unspecified vulnerability fixed in 7u21 and 6u45 (Deployment)
953272 - CVE-2013-2434 Oracle JDK: unspecified vulnerability fixed in 7u21 (2D)
953273 - CVE-2013-2435 Oracle JDK: unspecified vulnerability fixed in 7u21 and 6u45 (Deployment)
953274 - CVE-2013-2439 Oracle JDK: unspecified vulnerability fixed in 7u21 and 6u45 (Install)
953275 - CVE-2013-2440 Oracle JDK: unspecified vulnerability fixed in 7u21 and 6u45 (Deployment)


References

https://www.redhat.com/security/data/cve/CVE-2013-0401.html
https://www.redhat.com/security/data/cve/CVE-2013-0402.html
https://www.redhat.com/security/data/cve/CVE-2013-1488.html
https://www.redhat.com/security/data/cve/CVE-2013-1491.html
https://www.redhat.com/security/data/cve/CVE-2013-1518.html
https://www.redhat.com/security/data/cve/CVE-2013-1537.html
https://www.redhat.com/security/data/cve/CVE-2013-1540.html
https://www.redhat.com/security/data/cve/CVE-2013-1557.html
https://www.redhat.com/security/data/cve/CVE-2013-1558.html
https://www.redhat.com/security/data/cve/CVE-2013-1561.html
https://www.redhat.com/security/data/cve/CVE-2013-1563.html
https://www.redhat.com/security/data/cve/CVE-2013-1564.html
https://www.redhat.com/security/data/cve/CVE-2013-1569.html
https://www.redhat.com/security/data/cve/CVE-2013-2383.html
https://www.redhat.com/security/data/cve/CVE-2013-2384.html
https://www.redhat.com/security/data/cve/CVE-2013-2394.html
https://www.redhat.com/security/data/cve/CVE-2013-2414.html
https://www.redhat.com/security/data/cve/CVE-2013-2415.html
https://www.redhat.com/security/data/cve/CVE-2013-2416.html
https://www.redhat.com/security/data/cve/CVE-2013-2417.html
https://www.redhat.com/security/data/cve/CVE-2013-2418.html
https://www.redhat.com/security/data/cve/CVE-2013-2419.html
https://www.redhat.com/security/data/cve/CVE-2013-2420.html
https://www.redhat.com/security/data/cve/CVE-2013-2421.html
https://www.redhat.com/security/data/cve/CVE-2013-2422.html
https://www.redhat.com/security/data/cve/CVE-2013-2423.html
https://www.redhat.com/security/data/cve/CVE-2013-2424.html
https://www.redhat.com/security/data/cve/CVE-2013-2425.html
https://www.redhat.com/security/data/cve/CVE-2013-2426.html
https://www.redhat.com/security/data/cve/CVE-2013-2427.html
https://www.redhat.com/security/data/cve/CVE-2013-2428.html
https://www.redhat.com/security/data/cve/CVE-2013-2429.html
https://www.redhat.com/security/data/cve/CVE-2013-2430.html
https://www.redhat.com/security/data/cve/CVE-2013-2431.html
https://www.redhat.com/security/data/cve/CVE-2013-2432.html
https://www.redhat.com/security/data/cve/CVE-2013-2433.html
https://www.redhat.com/security/data/cve/CVE-2013-2434.html
https://www.redhat.com/security/data/cve/CVE-2013-2435.html
https://www.redhat.com/security/data/cve/CVE-2013-2436.html
https://www.redhat.com/security/data/cve/CVE-2013-2438.html
https://www.redhat.com/security/data/cve/CVE-2013-2439.html
https://www.redhat.com/security/data/cve/CVE-2013-2440.html
https://access.redhat.com/security/updates/classification/#critical
http://www.oracle.com/technetwork/topics/security/javacpuapr2013-1928497.html


These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from:
https://www.redhat.com/security/team/key/#package

The Red Hat security contact is secalert@redhat.com. More contact details at http://www.redhat.com/security/team/contact/