Red Hat Customer Portal

Skip to main content

Security Advisory Important: java-1.7.0-openjdk security update

Advisory: RHSA-2015:0068-1
Type: Security Advisory
Severity: Important
Issued on: 2015-01-20
Last updated on: 2015-01-20
Affected Products: Red Hat Enterprise Linux (v. 5 server)
Red Hat Enterprise Linux Desktop (v. 5 client)
CVEs (cve.mitre.org): CVE-2014-3566
CVE-2014-6585
CVE-2014-6587
CVE-2014-6591
CVE-2014-6593
CVE-2014-6601
CVE-2015-0383
CVE-2015-0395
CVE-2015-0407
CVE-2015-0408
CVE-2015-0410
CVE-2015-0412

Details

Updated java-1.7.0-openjdk packages that fix multiple security issues are
now available for Red Hat Enterprise Linux 5.

Red Hat Product Security has rated this update as having Important security
impact. Common Vulnerability Scoring System (CVSS) base scores, which give
detailed severity ratings, are available for each vulnerability from the
CVE links in the References section.

The java-1.7.0-openjdk packages provide the OpenJDK 7 Java Runtime
Environment and the OpenJDK 7 Java Software Development Kit.

A flaw was found in the way the Hotspot component in OpenJDK verified
bytecode from the class files. An untrusted Java application or applet
could possibly use this flaw to bypass Java sandbox restrictions.
(CVE-2014-6601)

Multiple improper permission check issues were discovered in the JAX-WS,
and RMI components in OpenJDK. An untrusted Java application or applet
could use these flaws to bypass Java sandbox restrictions. (CVE-2015-0412,
CVE-2015-0408)

A flaw was found in the way the Hotspot garbage collector handled phantom
references. An untrusted Java application or applet could use this flaw to
corrupt the Java Virtual Machine memory and, possibly, execute arbitrary
code, bypassing Java sandbox restrictions. (CVE-2015-0395)

A flaw was found in the way the DER (Distinguished Encoding Rules) decoder
in the Security component in OpenJDK handled negative length values. A
specially crafted, DER-encoded input could cause a Java application to
enter an infinite loop when decoded. (CVE-2015-0410)

A flaw was found in the way the SSL 3.0 protocol handled padding bytes when
decrypting messages that were encrypted using block ciphers in cipher block
chaining (CBC) mode. This flaw could possibly allow a man-in-the-middle
(MITM) attacker to decrypt portions of the cipher text using a padding
oracle attack. (CVE-2014-3566)

Note: This update disables SSL 3.0 by default to address this issue.
The jdk.tls.disabledAlgorithms security property can be used to re-enable
SSL 3.0 support if needed. For additional information, refer to the Red Hat
Bugzilla bug linked to in the References section.

It was discovered that the SSL/TLS implementation in the JSSE component in
OpenJDK failed to properly check whether the ChangeCipherSpec was received
during the SSL/TLS connection handshake. An MITM attacker could possibly
use this flaw to force a connection to be established without encryption
being enabled. (CVE-2014-6593)

An information leak flaw was found in the Swing component in OpenJDK. An
untrusted Java application or applet could use this flaw to bypass certain
Java sandbox restrictions. (CVE-2015-0407)

A NULL pointer dereference flaw was found in the MulticastSocket
implementation in the Libraries component of OpenJDK. An untrusted Java
application or applet could possibly use this flaw to bypass certain Java
sandbox restrictions. (CVE-2014-6587)

Multiple boundary check flaws were found in the font parsing code in the 2D
component in OpenJDK. A specially crafted font file could allow an
untrusted Java application or applet to disclose portions of the Java
Virtual Machine memory. (CVE-2014-6585, CVE-2014-6591)

Multiple insecure temporary file use issues were found in the way the
Hotspot component in OpenJDK created performance statistics and error log
files. A local attacker could possibly make a victim using OpenJDK
overwrite arbitrary files using a symlink attack. (CVE-2015-0383)

The CVE-2015-0383 issue was discovered by Red Hat.

All users of java-1.7.0-openjdk are advised to upgrade to these updated
packages, which resolve these issues. All running instances of OpenJDK Java
must be restarted for the update to take effect.


Solution

Before applying this update, make sure all previously released errata
relevant to your system have been applied.

This update is available via the Red Hat Network. Details on how to use the
Red Hat Network to apply this update are available at
https://access.redhat.com/articles/11258

Updated packages

Red Hat Enterprise Linux (v. 5 server)

SRPMS:
java-1.7.0-openjdk-1.7.0.75-2.5.4.0.el5_11.src.rpm
File outdated by:  RHSA-2016:2658
    MD5: 2db94908c389f8099044c6c44c378e7e
SHA-256: 764b2f9e57da0b4e5ce66a660effe597e09f58637a0a86903a066ca1e73ee57f
 
IA-32:
java-1.7.0-openjdk-1.7.0.75-2.5.4.0.el5_11.i386.rpm
File outdated by:  RHSA-2016:2658
    MD5: 26c937c03c166db17dc07efcf36c08f4
SHA-256: 53780301c3acdbe6413dc75e6671b35a23bc235047fc091493b3676b2c542620
java-1.7.0-openjdk-debuginfo-1.7.0.75-2.5.4.0.el5_11.i386.rpm
File outdated by:  RHSA-2016:2658
    MD5: 506bda5b9d53c6754a801e816dd2f610
SHA-256: 8faf10e635ada50c4b89ac4a2f151d382da6df15a55d8f6074e6e94e3fa04c10
java-1.7.0-openjdk-demo-1.7.0.75-2.5.4.0.el5_11.i386.rpm
File outdated by:  RHSA-2016:2658
    MD5: df1be79b373a3dbcf1c90414fb3104e2
SHA-256: 569fc9068f848d761c563445c501115b3586cee9215a0b9f929d0d40347c9588
java-1.7.0-openjdk-devel-1.7.0.75-2.5.4.0.el5_11.i386.rpm
File outdated by:  RHSA-2016:2658
    MD5: ffc319d24a7a85b935d51c59f28f1584
SHA-256: bc44f2e058a807f140f2b495276aa4466ace807caa2aa6d2bec981a77f5ff877
java-1.7.0-openjdk-javadoc-1.7.0.75-2.5.4.0.el5_11.i386.rpm
File outdated by:  RHSA-2016:2658
    MD5: 6bb07ebb583f28f517b33c5fe5889ee4
SHA-256: 9de8fbb57e84f12bf28e9fa7b5d34a2f4525195a4a4a95064b25923c263bc5f5
java-1.7.0-openjdk-src-1.7.0.75-2.5.4.0.el5_11.i386.rpm
File outdated by:  RHSA-2016:2658
    MD5: eee418a7d2186db8dca9b939e4eb30f2
SHA-256: 1076b8fcc1d73754034f2bee35f265fe343dce7488a31406e9caf401ab1f18b1
 
x86_64:
java-1.7.0-openjdk-1.7.0.75-2.5.4.0.el5_11.x86_64.rpm
File outdated by:  RHSA-2016:2658
    MD5: f37f7733da1f474c48e5bdcc26cc0546
SHA-256: 321cf097669456ee6efd181b8179915773cad4c926429379d3928e36e4808af9
java-1.7.0-openjdk-debuginfo-1.7.0.75-2.5.4.0.el5_11.x86_64.rpm
File outdated by:  RHSA-2016:2658
    MD5: 696b5b604b2b1aec3a3abeb98698a78f
SHA-256: 2f9159d2bed4cceb3dbec41d9139aae6fcd9e6da1e09094711b1421462445185
java-1.7.0-openjdk-demo-1.7.0.75-2.5.4.0.el5_11.x86_64.rpm
File outdated by:  RHSA-2016:2658
    MD5: 2e4e40e4e46b9c562163b962470a5cdf
SHA-256: 11bb7c107aad870007460273c0e36cc93d1504fe2bc3e15d197d1a1dddde8b8b
java-1.7.0-openjdk-devel-1.7.0.75-2.5.4.0.el5_11.x86_64.rpm
File outdated by:  RHSA-2016:2658
    MD5: d64f28de44a84c394133aff0c52a3405
SHA-256: 15e5ebcdc716f5276f6ff70fd57fbec4a6600a54cbe9da49056aa9d46bd33fd5
java-1.7.0-openjdk-javadoc-1.7.0.75-2.5.4.0.el5_11.x86_64.rpm
File outdated by:  RHSA-2016:2658
    MD5: 5d033d28c1aba221a050d8fa3733b14a
SHA-256: 406bd56bc0012f2902b20de4148bf3041a52df9bcd5f761ab30aed4ccd1f6607
java-1.7.0-openjdk-src-1.7.0.75-2.5.4.0.el5_11.x86_64.rpm
File outdated by:  RHSA-2016:2658
    MD5: 2b0f6dbe0dbeeff9b2f9bf06ecee9329
SHA-256: 4d24638a037082c9ad5b01d005b408dd4940f5141ff47067aa926233ba72b34c
 
Red Hat Enterprise Linux Desktop (v. 5 client)

SRPMS:
java-1.7.0-openjdk-1.7.0.75-2.5.4.0.el5_11.src.rpm
File outdated by:  RHSA-2016:2658
    MD5: 2db94908c389f8099044c6c44c378e7e
SHA-256: 764b2f9e57da0b4e5ce66a660effe597e09f58637a0a86903a066ca1e73ee57f
 
IA-32:
java-1.7.0-openjdk-1.7.0.75-2.5.4.0.el5_11.i386.rpm
File outdated by:  RHSA-2016:2658
    MD5: 26c937c03c166db17dc07efcf36c08f4
SHA-256: 53780301c3acdbe6413dc75e6671b35a23bc235047fc091493b3676b2c542620
java-1.7.0-openjdk-debuginfo-1.7.0.75-2.5.4.0.el5_11.i386.rpm
File outdated by:  RHSA-2016:2658
    MD5: 506bda5b9d53c6754a801e816dd2f610
SHA-256: 8faf10e635ada50c4b89ac4a2f151d382da6df15a55d8f6074e6e94e3fa04c10
java-1.7.0-openjdk-demo-1.7.0.75-2.5.4.0.el5_11.i386.rpm
File outdated by:  RHSA-2016:2658
    MD5: df1be79b373a3dbcf1c90414fb3104e2
SHA-256: 569fc9068f848d761c563445c501115b3586cee9215a0b9f929d0d40347c9588
java-1.7.0-openjdk-devel-1.7.0.75-2.5.4.0.el5_11.i386.rpm
File outdated by:  RHSA-2016:2658
    MD5: ffc319d24a7a85b935d51c59f28f1584
SHA-256: bc44f2e058a807f140f2b495276aa4466ace807caa2aa6d2bec981a77f5ff877
java-1.7.0-openjdk-javadoc-1.7.0.75-2.5.4.0.el5_11.i386.rpm
File outdated by:  RHSA-2016:2658
    MD5: 6bb07ebb583f28f517b33c5fe5889ee4
SHA-256: 9de8fbb57e84f12bf28e9fa7b5d34a2f4525195a4a4a95064b25923c263bc5f5
java-1.7.0-openjdk-src-1.7.0.75-2.5.4.0.el5_11.i386.rpm
File outdated by:  RHSA-2016:2658
    MD5: eee418a7d2186db8dca9b939e4eb30f2
SHA-256: 1076b8fcc1d73754034f2bee35f265fe343dce7488a31406e9caf401ab1f18b1
 
x86_64:
java-1.7.0-openjdk-1.7.0.75-2.5.4.0.el5_11.x86_64.rpm
File outdated by:  RHSA-2016:2658
    MD5: f37f7733da1f474c48e5bdcc26cc0546
SHA-256: 321cf097669456ee6efd181b8179915773cad4c926429379d3928e36e4808af9
java-1.7.0-openjdk-debuginfo-1.7.0.75-2.5.4.0.el5_11.x86_64.rpm
File outdated by:  RHSA-2016:2658
    MD5: 696b5b604b2b1aec3a3abeb98698a78f
SHA-256: 2f9159d2bed4cceb3dbec41d9139aae6fcd9e6da1e09094711b1421462445185
java-1.7.0-openjdk-demo-1.7.0.75-2.5.4.0.el5_11.x86_64.rpm
File outdated by:  RHSA-2016:2658
    MD5: 2e4e40e4e46b9c562163b962470a5cdf
SHA-256: 11bb7c107aad870007460273c0e36cc93d1504fe2bc3e15d197d1a1dddde8b8b
java-1.7.0-openjdk-devel-1.7.0.75-2.5.4.0.el5_11.x86_64.rpm
File outdated by:  RHSA-2016:2658
    MD5: d64f28de44a84c394133aff0c52a3405
SHA-256: 15e5ebcdc716f5276f6ff70fd57fbec4a6600a54cbe9da49056aa9d46bd33fd5
java-1.7.0-openjdk-javadoc-1.7.0.75-2.5.4.0.el5_11.x86_64.rpm
File outdated by:  RHSA-2016:2658
    MD5: 5d033d28c1aba221a050d8fa3733b14a
SHA-256: 406bd56bc0012f2902b20de4148bf3041a52df9bcd5f761ab30aed4ccd1f6607
java-1.7.0-openjdk-src-1.7.0.75-2.5.4.0.el5_11.x86_64.rpm
File outdated by:  RHSA-2016:2658
    MD5: 2b0f6dbe0dbeeff9b2f9bf06ecee9329
SHA-256: 4d24638a037082c9ad5b01d005b408dd4940f5141ff47067aa926233ba72b34c
 
(The unlinked packages above are only available from the Red Hat Network)

Bugs fixed (see bugzilla for more information)

1123870 - CVE-2015-0383 OpenJDK: insecure hsperfdata temporary file handling (Hotspot, 8050807)
1152789 - CVE-2014-3566 SSL/TLS: Padding Oracle On Downgraded Legacy Encryption attack
1183020 - CVE-2014-6601 OpenJDK: class verifier insufficient invokespecial calls verification (Hotspot, 8058982)
1183021 - CVE-2015-0412 OpenJDK: insufficient code privileges checks (JAX-WS, 8054367)
1183023 - CVE-2015-0408 OpenJDK: incorrect context class loader use in RMI transport (RMI, 8055309)
1183031 - CVE-2015-0395 OpenJDK: phantom references handling issue in garbage collector (Hotspot, 8047125)
1183043 - CVE-2015-0407 OpenJDK: directory information leak via file chooser (Swing, 8055304)
1183044 - CVE-2015-0410 OpenJDK: DER decoder infinite loop (Security, 8059485)
1183049 - CVE-2014-6593 OpenJDK: incorrect tracking of ChangeCipherSpec during SSL/TLS handshake (JSSE, 8057555)
1183645 - CVE-2014-6585 ICU: font parsing OOB read (OpenJDK 2D, 8055489)
1183646 - CVE-2014-6591 ICU: font parsing OOB read (OpenJDK 2D, 8056276)
1183715 - CVE-2014-6587 OpenJDK: MulticastSocket NULL pointer dereference (Libraries, 8056264)


References



These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from:
https://www.redhat.com/security/team/key/#package

The Red Hat security contact is secalert@redhat.com. More contact details at http://www.redhat.com/security/team/contact/