Skip to navigation

Security Advisory Critical: java-1.7.0-oracle security update

Advisory: RHSA-2013:0963-2
Type: Security Advisory
Severity: Critical
Issued on: 2013-06-20
Last updated on: 2013-06-20
Affected Products: RHEL Supplementary EUS (v. 5.9.z server)
RHEL Supplementary Long Life (v. 5.9 server)
Red Hat Enterprise Linux Desktop Supplementary (v. 6)
Red Hat Enterprise Linux HPC Node Supplementary (v. 6)
Red Hat Enterprise Linux Server Supplementary (v. 6)
Red Hat Enterprise Linux Server Supplementary AUS (v. 6.4)
Red Hat Enterprise Linux Server Supplementary EUS (v. 6.4.z)
Red Hat Enterprise Linux Workstation Supplementary (v. 6)
CVEs (cve.mitre.org): CVE-2013-1500
CVE-2013-1571
CVE-2013-2400
CVE-2013-2407
CVE-2013-2412
CVE-2013-2437
CVE-2013-2442
CVE-2013-2443
CVE-2013-2444
CVE-2013-2445
CVE-2013-2446
CVE-2013-2447
CVE-2013-2448
CVE-2013-2449
CVE-2013-2450
CVE-2013-2451
CVE-2013-2452
CVE-2013-2453
CVE-2013-2454
CVE-2013-2455
CVE-2013-2456
CVE-2013-2457
CVE-2013-2458
CVE-2013-2459
CVE-2013-2460
CVE-2013-2461
CVE-2013-2462
CVE-2013-2463
CVE-2013-2464
CVE-2013-2465
CVE-2013-2466
CVE-2013-2468
CVE-2013-2469
CVE-2013-2470
CVE-2013-2471
CVE-2013-2472
CVE-2013-2473
CVE-2013-3744

Details

Updated java-1.7.0-oracle packages that fix several security issues are now
available for Red Hat Enterprise Linux 5 and 6 Supplementary.

The Red Hat Security Response Team has rated this update as having critical
security impact. Common Vulnerability Scoring System (CVSS) base scores,
which give detailed severity ratings, are available for each vulnerability
from the CVE links in the References section.

Oracle Java SE version 7 includes the Oracle Java Runtime Environment and
the Oracle Java Software Development Kit.

This update fixes several vulnerabilities in the Oracle Java Runtime
Environment and the Oracle Java Software Development Kit. Further
information about these flaws can be found on the Oracle Java SE Critical
Patch Update Advisory page, listed in the References section.
(CVE-2013-1500, CVE-2013-1571, CVE-2013-2400, CVE-2013-2407, CVE-2013-2412,
CVE-2013-2437, CVE-2013-2442, CVE-2013-2443, CVE-2013-2444, CVE-2013-2445,
CVE-2013-2446, CVE-2013-2447, CVE-2013-2448, CVE-2013-2449, CVE-2013-2450,
CVE-2013-2451, CVE-2013-2452, CVE-2013-2453, CVE-2013-2454, CVE-2013-2455,
CVE-2013-2456, CVE-2013-2457, CVE-2013-2458, CVE-2013-2459, CVE-2013-2460,
CVE-2013-2461, CVE-2013-2462, CVE-2013-2463, CVE-2013-2464, CVE-2013-2465,
CVE-2013-2466, CVE-2013-2468, CVE-2013-2469, CVE-2013-2470, CVE-2013-2471,
CVE-2013-2472, CVE-2013-2473, CVE-2013-3744)

Red Hat would like to thank Tim Brown for reporting CVE-2013-1500, and
US-CERT for reporting CVE-2013-1571. US-CERT acknowledges Oracle as the
original reporter of CVE-2013-1571.

All users of java-1.7.0-oracle are advised to upgrade to these updated
packages, which provide Oracle Java 7 Update 25 and resolve these issues.
All running instances of Oracle Java must be restarted for the update to
take effect.


Solution

Before applying this update, make sure all previously released errata
relevant to your system have been applied.

This update is available via the Red Hat Network. Details on how to
use the Red Hat Network to apply this update are available at
https://access.redhat.com/knowledge/articles/11258

Updated packages

RHEL Supplementary EUS (v. 5.9.z server)

IA-32:
java-1.7.0-oracle-1.7.0.25-1jpp.1.el5_9.i386.rpm     MD5: 4a95b6d1b506054491a00fe523442754
SHA-256: 7fa90c95d581127bcd67992914ac0eb666c0d4a29d843fffa65c54cb08118267
java-1.7.0-oracle-devel-1.7.0.25-1jpp.1.el5_9.i386.rpm     MD5: 042353858de556bb17181646be123a03
SHA-256: 4397eaf866519e80709f72809037cd6b09bac3990823cfdddf638ab87ef07b32
java-1.7.0-oracle-javafx-1.7.0.25-1jpp.1.el5_9.i386.rpm     MD5: 02f5bfe0fd80873859021b6f2b2c3d31
SHA-256: 90c8617c094e2bf791b0f56be7c2c0ce9749cd5e5cfe6e82ee51f08afb9a9410
java-1.7.0-oracle-jdbc-1.7.0.25-1jpp.1.el5_9.i386.rpm     MD5: c8cae9bdd8a1d6cdff6d4dc65a44a4a8
SHA-256: d129ff523fe3858a68dbb885cff75f9cfedf91c303df6e17b6e0af940f142dd8
java-1.7.0-oracle-plugin-1.7.0.25-1jpp.1.el5_9.i386.rpm     MD5: a4ca7db284c5b12f46ed7d501ca36084
SHA-256: f3cef025beb1042698a74383305eefd0c53a37f81c029fd1f8b2d7e7bf31f700
java-1.7.0-oracle-src-1.7.0.25-1jpp.1.el5_9.i386.rpm     MD5: e98b8f50e2470d5ac78df8e934bbbe4f
SHA-256: cd14dba3a7a348ef818fae62c66e1f50f6c109e4583356a7a8c465e2d25d9019
 
x86_64:
java-1.7.0-oracle-1.7.0.25-1jpp.1.el5_9.x86_64.rpm     MD5: 0b4b576385f3ad03f7961ee207e857f6
SHA-256: b1754048844f3d6ecf110420c7a72c7ba5e66e0a8c84c6995b3ef17440c1c724
java-1.7.0-oracle-devel-1.7.0.25-1jpp.1.el5_9.x86_64.rpm     MD5: c713556d376ca730d7435b4584c043bf
SHA-256: 4774911f5c9a445d8dc3ada4778e51135df38008769f15c598333ea70504986b
java-1.7.0-oracle-javafx-1.7.0.25-1jpp.1.el5_9.x86_64.rpm     MD5: 02e46e6ac85be5b4cf12b5e733c5ec72
SHA-256: bf736a721596017d867051e1c1c5dbbd1e772a12ec54c7bf8e7d2490db4f5083
java-1.7.0-oracle-jdbc-1.7.0.25-1jpp.1.el5_9.x86_64.rpm     MD5: e7513e9fc65069891ff2e9e59a12dbd1
SHA-256: 6b704a3266e143b597d4ca642a76dcb8f318a64e941d0c26313df85f4486822c
java-1.7.0-oracle-plugin-1.7.0.25-1jpp.1.el5_9.x86_64.rpm     MD5: c51c2ef1ef2859236dac7a561d26e00e
SHA-256: 76f0965ed0070f2718b793c0c8cb36ca7387d4511af9566d21abb2fe8f9bf9e1
java-1.7.0-oracle-src-1.7.0.25-1jpp.1.el5_9.x86_64.rpm     MD5: 905720bfe025e9dcce4c1edd978eaf4c
SHA-256: 45bcbffe2de139cd55e273141e588b9738810d70534f9681942b8547ad4fd573
 
RHEL Supplementary Long Life (v. 5.9 server)

IA-32:
java-1.7.0-oracle-1.7.0.25-1jpp.1.el5_9.i386.rpm     MD5: 4a95b6d1b506054491a00fe523442754
SHA-256: 7fa90c95d581127bcd67992914ac0eb666c0d4a29d843fffa65c54cb08118267
java-1.7.0-oracle-devel-1.7.0.25-1jpp.1.el5_9.i386.rpm     MD5: 042353858de556bb17181646be123a03
SHA-256: 4397eaf866519e80709f72809037cd6b09bac3990823cfdddf638ab87ef07b32
java-1.7.0-oracle-javafx-1.7.0.25-1jpp.1.el5_9.i386.rpm     MD5: 02f5bfe0fd80873859021b6f2b2c3d31
SHA-256: 90c8617c094e2bf791b0f56be7c2c0ce9749cd5e5cfe6e82ee51f08afb9a9410
java-1.7.0-oracle-jdbc-1.7.0.25-1jpp.1.el5_9.i386.rpm     MD5: c8cae9bdd8a1d6cdff6d4dc65a44a4a8
SHA-256: d129ff523fe3858a68dbb885cff75f9cfedf91c303df6e17b6e0af940f142dd8
java-1.7.0-oracle-plugin-1.7.0.25-1jpp.1.el5_9.i386.rpm     MD5: a4ca7db284c5b12f46ed7d501ca36084
SHA-256: f3cef025beb1042698a74383305eefd0c53a37f81c029fd1f8b2d7e7bf31f700
java-1.7.0-oracle-src-1.7.0.25-1jpp.1.el5_9.i386.rpm     MD5: e98b8f50e2470d5ac78df8e934bbbe4f
SHA-256: cd14dba3a7a348ef818fae62c66e1f50f6c109e4583356a7a8c465e2d25d9019
 
x86_64:
java-1.7.0-oracle-1.7.0.25-1jpp.1.el5_9.x86_64.rpm     MD5: 0b4b576385f3ad03f7961ee207e857f6
SHA-256: b1754048844f3d6ecf110420c7a72c7ba5e66e0a8c84c6995b3ef17440c1c724
java-1.7.0-oracle-devel-1.7.0.25-1jpp.1.el5_9.x86_64.rpm     MD5: c713556d376ca730d7435b4584c043bf
SHA-256: 4774911f5c9a445d8dc3ada4778e51135df38008769f15c598333ea70504986b
java-1.7.0-oracle-javafx-1.7.0.25-1jpp.1.el5_9.x86_64.rpm     MD5: 02e46e6ac85be5b4cf12b5e733c5ec72
SHA-256: bf736a721596017d867051e1c1c5dbbd1e772a12ec54c7bf8e7d2490db4f5083
java-1.7.0-oracle-jdbc-1.7.0.25-1jpp.1.el5_9.x86_64.rpm     MD5: e7513e9fc65069891ff2e9e59a12dbd1
SHA-256: 6b704a3266e143b597d4ca642a76dcb8f318a64e941d0c26313df85f4486822c
java-1.7.0-oracle-plugin-1.7.0.25-1jpp.1.el5_9.x86_64.rpm     MD5: c51c2ef1ef2859236dac7a561d26e00e
SHA-256: 76f0965ed0070f2718b793c0c8cb36ca7387d4511af9566d21abb2fe8f9bf9e1
java-1.7.0-oracle-src-1.7.0.25-1jpp.1.el5_9.x86_64.rpm     MD5: 905720bfe025e9dcce4c1edd978eaf4c
SHA-256: 45bcbffe2de139cd55e273141e588b9738810d70534f9681942b8547ad4fd573
 
Red Hat Enterprise Linux Desktop Supplementary (v. 6)

IA-32:
java-1.7.0-oracle-1.7.0.25-1jpp.1.el6_4.i686.rpm
File outdated by:  RHSA-2014:0412
    MD5: 6c43cbdffaeddc35198484d8ba60c686
SHA-256: dbcfdc71676d9f03d1104ac842894f9ddb1c622415c13b1198f9ad99a258b877
java-1.7.0-oracle-devel-1.7.0.25-1jpp.1.el6_4.i686.rpm
File outdated by:  RHSA-2014:0412
    MD5: e17509860f460e4d3c5fde2a94fcef85
SHA-256: 7cd07a56772476c6999c6ab91a88d4011fb4f45f523f1b9e61320a6aa841cf4a
java-1.7.0-oracle-javafx-1.7.0.25-1jpp.1.el6_4.i686.rpm
File outdated by:  RHSA-2014:0412
    MD5: b459a1df19dc82246c968f8c16daf803
SHA-256: f86391dfeeaa789e8d55b46a01fffff0f1cfc8089147306538c0dab7df5a78d4
java-1.7.0-oracle-jdbc-1.7.0.25-1jpp.1.el6_4.i686.rpm
File outdated by:  RHSA-2014:0412
    MD5: 2d5a66b433227b320ef8349602076f68
SHA-256: 068dd71eaf5e971c16e14bfb9c5b1bd971ced53e68fbc8187ecfacdb6a81354a
java-1.7.0-oracle-plugin-1.7.0.25-1jpp.1.el6_4.i686.rpm
File outdated by:  RHSA-2014:0412
    MD5: 072af5054a0615b7cefe74fa43a58d1f
SHA-256: 0d08ea57e757bf8c66d22deb2b242b4cac6d60246793cce4415747dd5572e7ef
java-1.7.0-oracle-src-1.7.0.25-1jpp.1.el6_4.i686.rpm
File outdated by:  RHSA-2014:0412
    MD5: 20616bcc2811dcf8ee262e9a648828d0
SHA-256: 202a657dba7d148c86c6d390efd3f361ca3fe71394d0917d77c4d8cdca5a0a6b
 
x86_64:
java-1.7.0-oracle-1.7.0.25-1jpp.1.el6_4.x86_64.rpm
File outdated by:  RHSA-2014:0412
    MD5: 65cb6e28e8b86b3e677bdf61da9dc8a2
SHA-256: 624420fa1691e5f531b5567985aaa99577f5885edb19e88485e3e8137abe8100
java-1.7.0-oracle-devel-1.7.0.25-1jpp.1.el6_4.x86_64.rpm
File outdated by:  RHSA-2014:0412
    MD5: 6a3132ace9a5822077ab4f593f1684f9
SHA-256: 0069034e80b190493ccc0a9285c42f3e9d871b9ed92f3c0e1aadca762af6d7c7
java-1.7.0-oracle-javafx-1.7.0.25-1jpp.1.el6_4.x86_64.rpm
File outdated by:  RHSA-2014:0412
    MD5: f94e8ec50006615bbcc237c26297aad6
SHA-256: 254fb2ffc31f720371184bda77b3ddb4a3feee6852cdfa1bdf95c77542cf63d0
java-1.7.0-oracle-jdbc-1.7.0.25-1jpp.1.el6_4.x86_64.rpm
File outdated by:  RHSA-2014:0412
    MD5: 1c1309cb714a054587f7b18b9b5a66d3
SHA-256: 2a463d53b9b48ad3cff800db24cfda67191d5a32c0c4b78d8b3b97ffd9ecc3e2
java-1.7.0-oracle-plugin-1.7.0.25-1jpp.1.el6_4.x86_64.rpm
File outdated by:  RHSA-2014:0412
    MD5: da50590a45cebff1b50fc5f9f6137ca7
SHA-256: f6c2b511d0fdca5583cfcadd0df77c45015384f8f0209f4c06bcf77bb57dfd64
java-1.7.0-oracle-src-1.7.0.25-1jpp.1.el6_4.x86_64.rpm
File outdated by:  RHSA-2014:0412
    MD5: 44b3f9e49f0b0dcbb8cf878227941743
SHA-256: b64ffa702a73e3b770d1ad13d13bb4cf8f1cc128892fad2f66e2c77b6900d9d7
 
Red Hat Enterprise Linux HPC Node Supplementary (v. 6)

x86_64:
java-1.7.0-oracle-1.7.0.25-1jpp.1.el6_4.x86_64.rpm
File outdated by:  RHSA-2014:0412
    MD5: 65cb6e28e8b86b3e677bdf61da9dc8a2
SHA-256: 624420fa1691e5f531b5567985aaa99577f5885edb19e88485e3e8137abe8100
java-1.7.0-oracle-devel-1.7.0.25-1jpp.1.el6_4.x86_64.rpm
File outdated by:  RHSA-2014:0412
    MD5: 6a3132ace9a5822077ab4f593f1684f9
SHA-256: 0069034e80b190493ccc0a9285c42f3e9d871b9ed92f3c0e1aadca762af6d7c7
java-1.7.0-oracle-javafx-1.7.0.25-1jpp.1.el6_4.x86_64.rpm
File outdated by:  RHSA-2014:0412
    MD5: f94e8ec50006615bbcc237c26297aad6
SHA-256: 254fb2ffc31f720371184bda77b3ddb4a3feee6852cdfa1bdf95c77542cf63d0
java-1.7.0-oracle-src-1.7.0.25-1jpp.1.el6_4.x86_64.rpm
File outdated by:  RHSA-2014:0412
    MD5: 44b3f9e49f0b0dcbb8cf878227941743
SHA-256: b64ffa702a73e3b770d1ad13d13bb4cf8f1cc128892fad2f66e2c77b6900d9d7
 
Red Hat Enterprise Linux Server Supplementary (v. 6)

IA-32:
java-1.7.0-oracle-1.7.0.25-1jpp.1.el6_4.i686.rpm
File outdated by:  RHSA-2014:0412
    MD5: 6c43cbdffaeddc35198484d8ba60c686
SHA-256: dbcfdc71676d9f03d1104ac842894f9ddb1c622415c13b1198f9ad99a258b877
java-1.7.0-oracle-devel-1.7.0.25-1jpp.1.el6_4.i686.rpm
File outdated by:  RHSA-2014:0412
    MD5: e17509860f460e4d3c5fde2a94fcef85
SHA-256: 7cd07a56772476c6999c6ab91a88d4011fb4f45f523f1b9e61320a6aa841cf4a
java-1.7.0-oracle-javafx-1.7.0.25-1jpp.1.el6_4.i686.rpm
File outdated by:  RHSA-2014:0412
    MD5: b459a1df19dc82246c968f8c16daf803
SHA-256: f86391dfeeaa789e8d55b46a01fffff0f1cfc8089147306538c0dab7df5a78d4
java-1.7.0-oracle-jdbc-1.7.0.25-1jpp.1.el6_4.i686.rpm
File outdated by:  RHSA-2014:0412
    MD5: 2d5a66b433227b320ef8349602076f68
SHA-256: 068dd71eaf5e971c16e14bfb9c5b1bd971ced53e68fbc8187ecfacdb6a81354a
java-1.7.0-oracle-plugin-1.7.0.25-1jpp.1.el6_4.i686.rpm
File outdated by:  RHSA-2014:0412
    MD5: 072af5054a0615b7cefe74fa43a58d1f
SHA-256: 0d08ea57e757bf8c66d22deb2b242b4cac6d60246793cce4415747dd5572e7ef
java-1.7.0-oracle-src-1.7.0.25-1jpp.1.el6_4.i686.rpm
File outdated by:  RHSA-2014:0412
    MD5: 20616bcc2811dcf8ee262e9a648828d0
SHA-256: 202a657dba7d148c86c6d390efd3f361ca3fe71394d0917d77c4d8cdca5a0a6b
 
x86_64:
java-1.7.0-oracle-1.7.0.25-1jpp.1.el6_4.x86_64.rpm
File outdated by:  RHSA-2014:0412
    MD5: 65cb6e28e8b86b3e677bdf61da9dc8a2
SHA-256: 624420fa1691e5f531b5567985aaa99577f5885edb19e88485e3e8137abe8100
java-1.7.0-oracle-devel-1.7.0.25-1jpp.1.el6_4.x86_64.rpm
File outdated by:  RHSA-2014:0412
    MD5: 6a3132ace9a5822077ab4f593f1684f9
SHA-256: 0069034e80b190493ccc0a9285c42f3e9d871b9ed92f3c0e1aadca762af6d7c7
java-1.7.0-oracle-javafx-1.7.0.25-1jpp.1.el6_4.x86_64.rpm
File outdated by:  RHSA-2014:0412
    MD5: f94e8ec50006615bbcc237c26297aad6
SHA-256: 254fb2ffc31f720371184bda77b3ddb4a3feee6852cdfa1bdf95c77542cf63d0
java-1.7.0-oracle-jdbc-1.7.0.25-1jpp.1.el6_4.x86_64.rpm
File outdated by:  RHSA-2014:0412
    MD5: 1c1309cb714a054587f7b18b9b5a66d3
SHA-256: 2a463d53b9b48ad3cff800db24cfda67191d5a32c0c4b78d8b3b97ffd9ecc3e2
java-1.7.0-oracle-plugin-1.7.0.25-1jpp.1.el6_4.x86_64.rpm
File outdated by:  RHSA-2014:0412
    MD5: da50590a45cebff1b50fc5f9f6137ca7
SHA-256: f6c2b511d0fdca5583cfcadd0df77c45015384f8f0209f4c06bcf77bb57dfd64
java-1.7.0-oracle-src-1.7.0.25-1jpp.1.el6_4.x86_64.rpm
File outdated by:  RHSA-2014:0412
    MD5: 44b3f9e49f0b0dcbb8cf878227941743
SHA-256: b64ffa702a73e3b770d1ad13d13bb4cf8f1cc128892fad2f66e2c77b6900d9d7
 
Red Hat Enterprise Linux Server Supplementary AUS (v. 6.4)

x86_64:
java-1.7.0-oracle-1.7.0.25-1jpp.1.el6_4.x86_64.rpm
File outdated by:  RHSA-2013:1440
    MD5: 65cb6e28e8b86b3e677bdf61da9dc8a2
SHA-256: 624420fa1691e5f531b5567985aaa99577f5885edb19e88485e3e8137abe8100
java-1.7.0-oracle-devel-1.7.0.25-1jpp.1.el6_4.x86_64.rpm
File outdated by:  RHSA-2013:1440
    MD5: 6a3132ace9a5822077ab4f593f1684f9
SHA-256: 0069034e80b190493ccc0a9285c42f3e9d871b9ed92f3c0e1aadca762af6d7c7
java-1.7.0-oracle-javafx-1.7.0.25-1jpp.1.el6_4.x86_64.rpm
File outdated by:  RHSA-2013:1440
    MD5: f94e8ec50006615bbcc237c26297aad6
SHA-256: 254fb2ffc31f720371184bda77b3ddb4a3feee6852cdfa1bdf95c77542cf63d0
java-1.7.0-oracle-jdbc-1.7.0.25-1jpp.1.el6_4.x86_64.rpm
File outdated by:  RHSA-2013:1440
    MD5: 1c1309cb714a054587f7b18b9b5a66d3
SHA-256: 2a463d53b9b48ad3cff800db24cfda67191d5a32c0c4b78d8b3b97ffd9ecc3e2
java-1.7.0-oracle-plugin-1.7.0.25-1jpp.1.el6_4.x86_64.rpm
File outdated by:  RHSA-2013:1440
    MD5: da50590a45cebff1b50fc5f9f6137ca7
SHA-256: f6c2b511d0fdca5583cfcadd0df77c45015384f8f0209f4c06bcf77bb57dfd64
java-1.7.0-oracle-src-1.7.0.25-1jpp.1.el6_4.x86_64.rpm
File outdated by:  RHSA-2013:1440
    MD5: 44b3f9e49f0b0dcbb8cf878227941743
SHA-256: b64ffa702a73e3b770d1ad13d13bb4cf8f1cc128892fad2f66e2c77b6900d9d7
 
Red Hat Enterprise Linux Server Supplementary EUS (v. 6.4.z)

IA-32:
java-1.7.0-oracle-1.7.0.25-1jpp.1.el6_4.i686.rpm
File outdated by:  RHSA-2013:1440
    MD5: 6c43cbdffaeddc35198484d8ba60c686
SHA-256: dbcfdc71676d9f03d1104ac842894f9ddb1c622415c13b1198f9ad99a258b877
java-1.7.0-oracle-devel-1.7.0.25-1jpp.1.el6_4.i686.rpm
File outdated by:  RHSA-2013:1440
    MD5: e17509860f460e4d3c5fde2a94fcef85
SHA-256: 7cd07a56772476c6999c6ab91a88d4011fb4f45f523f1b9e61320a6aa841cf4a
java-1.7.0-oracle-javafx-1.7.0.25-1jpp.1.el6_4.i686.rpm
File outdated by:  RHSA-2013:1440
    MD5: b459a1df19dc82246c968f8c16daf803
SHA-256: f86391dfeeaa789e8d55b46a01fffff0f1cfc8089147306538c0dab7df5a78d4
java-1.7.0-oracle-jdbc-1.7.0.25-1jpp.1.el6_4.i686.rpm
File outdated by:  RHSA-2013:1440
    MD5: 2d5a66b433227b320ef8349602076f68
SHA-256: 068dd71eaf5e971c16e14bfb9c5b1bd971ced53e68fbc8187ecfacdb6a81354a
java-1.7.0-oracle-plugin-1.7.0.25-1jpp.1.el6_4.i686.rpm
File outdated by:  RHSA-2013:1440
    MD5: 072af5054a0615b7cefe74fa43a58d1f
SHA-256: 0d08ea57e757bf8c66d22deb2b242b4cac6d60246793cce4415747dd5572e7ef
java-1.7.0-oracle-src-1.7.0.25-1jpp.1.el6_4.i686.rpm
File outdated by:  RHSA-2013:1440
    MD5: 20616bcc2811dcf8ee262e9a648828d0
SHA-256: 202a657dba7d148c86c6d390efd3f361ca3fe71394d0917d77c4d8cdca5a0a6b
 
x86_64:
java-1.7.0-oracle-1.7.0.25-1jpp.1.el6_4.x86_64.rpm
File outdated by:  RHSA-2013:1440
    MD5: 65cb6e28e8b86b3e677bdf61da9dc8a2
SHA-256: 624420fa1691e5f531b5567985aaa99577f5885edb19e88485e3e8137abe8100
java-1.7.0-oracle-devel-1.7.0.25-1jpp.1.el6_4.x86_64.rpm
File outdated by:  RHSA-2013:1440
    MD5: 6a3132ace9a5822077ab4f593f1684f9
SHA-256: 0069034e80b190493ccc0a9285c42f3e9d871b9ed92f3c0e1aadca762af6d7c7
java-1.7.0-oracle-javafx-1.7.0.25-1jpp.1.el6_4.x86_64.rpm
File outdated by:  RHSA-2013:1440
    MD5: f94e8ec50006615bbcc237c26297aad6
SHA-256: 254fb2ffc31f720371184bda77b3ddb4a3feee6852cdfa1bdf95c77542cf63d0
java-1.7.0-oracle-jdbc-1.7.0.25-1jpp.1.el6_4.x86_64.rpm
File outdated by:  RHSA-2013:1440
    MD5: 1c1309cb714a054587f7b18b9b5a66d3
SHA-256: 2a463d53b9b48ad3cff800db24cfda67191d5a32c0c4b78d8b3b97ffd9ecc3e2
java-1.7.0-oracle-plugin-1.7.0.25-1jpp.1.el6_4.x86_64.rpm
File outdated by:  RHSA-2013:1440
    MD5: da50590a45cebff1b50fc5f9f6137ca7
SHA-256: f6c2b511d0fdca5583cfcadd0df77c45015384f8f0209f4c06bcf77bb57dfd64
java-1.7.0-oracle-src-1.7.0.25-1jpp.1.el6_4.x86_64.rpm
File outdated by:  RHSA-2013:1440
    MD5: 44b3f9e49f0b0dcbb8cf878227941743
SHA-256: b64ffa702a73e3b770d1ad13d13bb4cf8f1cc128892fad2f66e2c77b6900d9d7
 
Red Hat Enterprise Linux Workstation Supplementary (v. 6)

IA-32:
java-1.7.0-oracle-1.7.0.25-1jpp.1.el6_4.i686.rpm
File outdated by:  RHSA-2014:0412
    MD5: 6c43cbdffaeddc35198484d8ba60c686
SHA-256: dbcfdc71676d9f03d1104ac842894f9ddb1c622415c13b1198f9ad99a258b877
java-1.7.0-oracle-devel-1.7.0.25-1jpp.1.el6_4.i686.rpm
File outdated by:  RHSA-2014:0412
    MD5: e17509860f460e4d3c5fde2a94fcef85
SHA-256: 7cd07a56772476c6999c6ab91a88d4011fb4f45f523f1b9e61320a6aa841cf4a
java-1.7.0-oracle-javafx-1.7.0.25-1jpp.1.el6_4.i686.rpm
File outdated by:  RHSA-2014:0412
    MD5: b459a1df19dc82246c968f8c16daf803
SHA-256: f86391dfeeaa789e8d55b46a01fffff0f1cfc8089147306538c0dab7df5a78d4
java-1.7.0-oracle-jdbc-1.7.0.25-1jpp.1.el6_4.i686.rpm
File outdated by:  RHSA-2014:0412
    MD5: 2d5a66b433227b320ef8349602076f68
SHA-256: 068dd71eaf5e971c16e14bfb9c5b1bd971ced53e68fbc8187ecfacdb6a81354a
java-1.7.0-oracle-plugin-1.7.0.25-1jpp.1.el6_4.i686.rpm
File outdated by:  RHSA-2014:0412
    MD5: 072af5054a0615b7cefe74fa43a58d1f
SHA-256: 0d08ea57e757bf8c66d22deb2b242b4cac6d60246793cce4415747dd5572e7ef
java-1.7.0-oracle-src-1.7.0.25-1jpp.1.el6_4.i686.rpm
File outdated by:  RHSA-2014:0412
    MD5: 20616bcc2811dcf8ee262e9a648828d0
SHA-256: 202a657dba7d148c86c6d390efd3f361ca3fe71394d0917d77c4d8cdca5a0a6b
 
x86_64:
java-1.7.0-oracle-1.7.0.25-1jpp.1.el6_4.x86_64.rpm
File outdated by:  RHSA-2014:0412
    MD5: 65cb6e28e8b86b3e677bdf61da9dc8a2
SHA-256: 624420fa1691e5f531b5567985aaa99577f5885edb19e88485e3e8137abe8100
java-1.7.0-oracle-devel-1.7.0.25-1jpp.1.el6_4.x86_64.rpm
File outdated by:  RHSA-2014:0412
    MD5: 6a3132ace9a5822077ab4f593f1684f9
SHA-256: 0069034e80b190493ccc0a9285c42f3e9d871b9ed92f3c0e1aadca762af6d7c7
java-1.7.0-oracle-javafx-1.7.0.25-1jpp.1.el6_4.x86_64.rpm
File outdated by:  RHSA-2014:0412
    MD5: f94e8ec50006615bbcc237c26297aad6
SHA-256: 254fb2ffc31f720371184bda77b3ddb4a3feee6852cdfa1bdf95c77542cf63d0
java-1.7.0-oracle-jdbc-1.7.0.25-1jpp.1.el6_4.x86_64.rpm
File outdated by:  RHSA-2014:0412
    MD5: 1c1309cb714a054587f7b18b9b5a66d3
SHA-256: 2a463d53b9b48ad3cff800db24cfda67191d5a32c0c4b78d8b3b97ffd9ecc3e2
java-1.7.0-oracle-plugin-1.7.0.25-1jpp.1.el6_4.x86_64.rpm
File outdated by:  RHSA-2014:0412
    MD5: da50590a45cebff1b50fc5f9f6137ca7
SHA-256: f6c2b511d0fdca5583cfcadd0df77c45015384f8f0209f4c06bcf77bb57dfd64
java-1.7.0-oracle-src-1.7.0.25-1jpp.1.el6_4.x86_64.rpm
File outdated by:  RHSA-2014:0412
    MD5: 44b3f9e49f0b0dcbb8cf878227941743
SHA-256: b64ffa702a73e3b770d1ad13d13bb4cf8f1cc128892fad2f66e2c77b6900d9d7
 
(The unlinked packages above are only available from the Red Hat Network)

Bugs fixed (see bugzilla for more information)

973474 - CVE-2013-1571 OpenJDK: Frame injection in generated HTML (Javadoc, 8012375)
975099 - CVE-2013-2470 OpenJDK: ImagingLib byte lookup processing (2D, 8011243)
975102 - CVE-2013-2471 OpenJDK: Incorrect IntegerComponentRaster size checks (2D, 8011248)
975107 - CVE-2013-2472 OpenJDK: Incorrect ShortBandedRaster size checks (2D, 8011253)
975110 - CVE-2013-2473 OpenJDK: Incorrect ByteBandedRaster size checks (2D, 8011257)
975115 - CVE-2013-2463 OpenJDK: Incorrect image attribute verification (2D, 8012438)
975118 - CVE-2013-2465 OpenJDK: Incorrect image channel verification (2D, 8012597)
975120 - CVE-2013-2469 OpenJDK: Incorrect image layout verification (2D, 8012601)
975121 - CVE-2013-2459 OpenJDK: Various AWT integer overflow checks (AWT, 8009071)
975122 - CVE-2013-2460 OpenJDK: tracing insufficient access checks (Serviceability, 8010209)
975124 - CVE-2013-2445 OpenJDK: Better handling of memory allocation errors (Hotspot, 7158805)
975125 - CVE-2013-2448 OpenJDK: Better access restrictions (Sound, 8006328)
975126 - CVE-2013-2461 OpenJDK: Missing check for valid DOMCanonicalizationMethod canonicalization algorithm (Libraries, 8014281)
975127 - CVE-2013-2407 OpenJDK: Integrate Apache Santuario, rework class loader (Libraries, 6741606, 8008744)
975129 - CVE-2013-2454 OpenJDK: SerialJavaObject package restriction (JDBC, 8009554)
975130 - CVE-2013-2458 OpenJDK: Method handles (Libraries, 8009424)
975131 - CVE-2013-2444 OpenJDK: Resource denial of service (AWT, 8001038)
975132 - CVE-2013-2446 OpenJDK: output stream access restrictions (CORBA, 8000642)
975133 - CVE-2013-2457 OpenJDK: Proper class checking (JMX, 8008120)
975134 - CVE-2013-2453 OpenJDK: MBeanServer Introspector package access (JMX, 8008124)
975137 - CVE-2013-2443 OpenJDK: AccessControlContext check order issue (Libraries, 8001330)
975138 - CVE-2013-2452 OpenJDK: Unique VMIDs (Libraries, 8001033)
975139 - CVE-2013-2455 OpenJDK: getEnclosing* checks (Libraries, 8007812)
975140 - CVE-2013-2447 OpenJDK: Prevent revealing the local address (Networking, 8001318)
975141 - CVE-2013-2450 OpenJDK: ObjectStreamClass circular reference denial of service (Serialization, 8000638)
975142 - CVE-2013-2456 OpenJDK: ObjectOutputStream access checks (Serialization, 8008132)
975144 - CVE-2013-2412 OpenJDK: JConsole SSL support (Serviceability, 8003703)
975145 - CVE-2013-2449 OpenJDK: GnomeFileTypeDetector path access check (Libraries, 8004288)
975146 - CVE-2013-2451 OpenJDK: exclusive port binding (Networking, 7170730)
975148 - CVE-2013-1500 OpenJDK: Insecure shared memory permissions (2D, 8001034)
975757 - CVE-2013-2464 Oracle JDK: unspecified vulnerability fixed in 7u25 (2D)
975761 - CVE-2013-2468 Oracle JDK: unspecified vulnerability fixed in 7u25 (Deployment)
975764 - CVE-2013-2466 Oracle JDK: unspecified vulnerability fixed in 7u25 (Deployment)
975769 - CVE-2013-2462 Oracle JDK: unspecified vulnerability fixed in 7u25 (Deployment)
975770 - CVE-2013-2442 Oracle JDK: unspecified vulnerability fixed in 7u25 (Deployment)
975773 - CVE-2013-2437 Oracle JDK: unspecified vulnerability fixed in 7u25 (Deployment)
975774 - CVE-2013-2400 Oracle JDK: unspecified vulnerability fixed in 7u25 (Deployment)
975775 - CVE-2013-3744 Oracle JDK: unspecified vulnerability fixed in 7u25 (Deployment)


References

https://www.redhat.com/security/data/cve/CVE-2013-1500.html
https://www.redhat.com/security/data/cve/CVE-2013-1571.html
https://www.redhat.com/security/data/cve/CVE-2013-2400.html
https://www.redhat.com/security/data/cve/CVE-2013-2407.html
https://www.redhat.com/security/data/cve/CVE-2013-2412.html
https://www.redhat.com/security/data/cve/CVE-2013-2437.html
https://www.redhat.com/security/data/cve/CVE-2013-2442.html
https://www.redhat.com/security/data/cve/CVE-2013-2443.html
https://www.redhat.com/security/data/cve/CVE-2013-2444.html
https://www.redhat.com/security/data/cve/CVE-2013-2445.html
https://www.redhat.com/security/data/cve/CVE-2013-2446.html
https://www.redhat.com/security/data/cve/CVE-2013-2447.html
https://www.redhat.com/security/data/cve/CVE-2013-2448.html
https://www.redhat.com/security/data/cve/CVE-2013-2449.html
https://www.redhat.com/security/data/cve/CVE-2013-2450.html
https://www.redhat.com/security/data/cve/CVE-2013-2451.html
https://www.redhat.com/security/data/cve/CVE-2013-2452.html
https://www.redhat.com/security/data/cve/CVE-2013-2453.html
https://www.redhat.com/security/data/cve/CVE-2013-2454.html
https://www.redhat.com/security/data/cve/CVE-2013-2455.html
https://www.redhat.com/security/data/cve/CVE-2013-2456.html
https://www.redhat.com/security/data/cve/CVE-2013-2457.html
https://www.redhat.com/security/data/cve/CVE-2013-2458.html
https://www.redhat.com/security/data/cve/CVE-2013-2459.html
https://www.redhat.com/security/data/cve/CVE-2013-2460.html
https://www.redhat.com/security/data/cve/CVE-2013-2461.html
https://www.redhat.com/security/data/cve/CVE-2013-2462.html
https://www.redhat.com/security/data/cve/CVE-2013-2463.html
https://www.redhat.com/security/data/cve/CVE-2013-2464.html
https://www.redhat.com/security/data/cve/CVE-2013-2465.html
https://www.redhat.com/security/data/cve/CVE-2013-2466.html
https://www.redhat.com/security/data/cve/CVE-2013-2468.html
https://www.redhat.com/security/data/cve/CVE-2013-2469.html
https://www.redhat.com/security/data/cve/CVE-2013-2470.html
https://www.redhat.com/security/data/cve/CVE-2013-2471.html
https://www.redhat.com/security/data/cve/CVE-2013-2472.html
https://www.redhat.com/security/data/cve/CVE-2013-2473.html
https://www.redhat.com/security/data/cve/CVE-2013-3744.html
https://access.redhat.com/security/updates/classification/#critical
http://www.oracle.com/technetwork/topics/security/javacpujun2013-1899847.html


These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from:
https://www.redhat.com/security/team/key/#package

The Red Hat security contact is secalert@redhat.com. More contact details at http://www.redhat.com/security/team/contact/