Skip to navigation

Security Advisory Important: java-1.6.0-openjdk security update

Advisory: RHSA-2011:0281-1
Type: Security Advisory
Severity: Important
Issued on: 2011-02-17
Last updated on: 2011-02-17
Affected Products: Red Hat Enterprise Linux (v. 5 server)
Red Hat Enterprise Linux Desktop (v. 5 client)
Red Hat Enterprise Linux Desktop (v. 6)
Red Hat Enterprise Linux EUS (v. 5.6.z server)
Red Hat Enterprise Linux HPC Node (v. 6)
Red Hat Enterprise Linux Long Life (v. 5.6 server)
Red Hat Enterprise Linux Server (v. 6)
Red Hat Enterprise Linux Server EUS (v. 6.0.z)
Red Hat Enterprise Linux Workstation (v. 6)
CVEs (cve.mitre.org): CVE-2010-4448
CVE-2010-4450
CVE-2010-4465
CVE-2010-4469
CVE-2010-4470
CVE-2010-4472

Details

Updated java-1.6.0-openjdk packages that fix several security issues are
now available for Red Hat Enterprise Linux 5 and 6.

The Red Hat Security Response Team has rated this update as having
important security impact. Common Vulnerability Scoring System (CVSS) base
scores, which give detailed severity ratings, are available for each
vulnerability from the CVE links in the References section.

These packages provide the OpenJDK 6 Java Runtime Environment and the
OpenJDK 6 Software Development Kit.

A flaw was found in the Swing library. Forged TimerEvents could be used to
bypass SecurityManager checks, allowing access to otherwise blocked files
and directories. (CVE-2010-4465)

A flaw was found in the HotSpot component in OpenJDK. Certain bytecode
instructions confused the memory management within the Java Virtual Machine
(JVM), which could lead to heap corruption. (CVE-2010-4469)

A flaw was found in the way JAXP (Java API for XML Processing) components
were handled, allowing them to be manipulated by untrusted applets. This
could be used to elevate privileges and bypass secure XML processing
restrictions. (CVE-2010-4470)

It was found that untrusted applets could create and place cache entries in
the name resolution cache. This could allow an attacker targeted
manipulation over name resolution until the OpenJDK VM is restarted.
(CVE-2010-4448)

It was found that the Java launcher provided by OpenJDK did not check the
LD_LIBRARY_PATH environment variable for insecure empty path elements. A
local attacker able to trick a user into running the Java launcher while
working from an attacker-writable directory could use this flaw to load an
untrusted library, subverting the Java security model. (CVE-2010-4450)

A flaw was found in the XML Digital Signature component in OpenJDK.
Untrusted code could use this flaw to replace the Java Runtime Environment
(JRE) XML Digital Signature Transform or C14N algorithm implementations to
intercept digital signature operations. (CVE-2010-4472)

Note: All of the above flaws can only be remotely triggered in OpenJDK by
calling the "appletviewer" application.

This update also provides one defense in depth patch. (BZ#676019)

All users of java-1.6.0-openjdk are advised to upgrade to these updated
packages, which resolve these issues. All running instances of OpenJDK Java
must be restarted for the update to take effect.


Solution

Before applying this update, make sure all previously-released errata
relevant to your system have been applied.

This update is available via the Red Hat Network. Details on how to
use the Red Hat Network to apply this update are available at
http://kbase.redhat.com/faq/docs/DOC-11259

Updated packages

Red Hat Enterprise Linux (v. 5 server)

SRPMS:
java-1.6.0-openjdk-1.6.0.0-1.20.b17.el5.src.rpm
File outdated by:  RHSA-2011:0857
    MD5: e2c2fbb4aca52ebe72c80e39d664a023
SHA-256: fd3da7b1fd18284127a8a191c548741381cf93f80bd751fd720f0914e8434251
 
IA-32:
java-1.6.0-openjdk-1.6.0.0-1.20.b17.el5.i386.rpm
File outdated by:  RHSA-2014:0408
    MD5: 07738de7bd57c668e5d1ad70413c4ff2
SHA-256: 68c367162983077bfbc3888636ac6bff0f8dd0edcfd42b5fc93737fc70e43b55
java-1.6.0-openjdk-demo-1.6.0.0-1.20.b17.el5.i386.rpm
File outdated by:  RHSA-2014:0408
    MD5: 3bad36477e91509e51539c2f110863b4
SHA-256: d2dbe8487fc61b2e4e506e1a2d3f41537be3e81e72c1a722ab5595f0effae270
java-1.6.0-openjdk-devel-1.6.0.0-1.20.b17.el5.i386.rpm
File outdated by:  RHSA-2014:0408
    MD5: 31bdba69c7b47c9d60ff86f8d49ba2f1
SHA-256: 1ed6b9cdd8d8d61f3f4d44fe401e3112935e082b85a7c5174496f6450403266a
java-1.6.0-openjdk-javadoc-1.6.0.0-1.20.b17.el5.i386.rpm
File outdated by:  RHSA-2014:0408
    MD5: c62fa82af152974843ac2561dc87512c
SHA-256: ee64086d198963f18ce12342309aabb339536c194ea7bc59025b6f1f1be0b8d8
java-1.6.0-openjdk-src-1.6.0.0-1.20.b17.el5.i386.rpm
File outdated by:  RHSA-2014:0408
    MD5: fdd791f494242011b91d8adf452cb063
SHA-256: 38aaddc5eb7d053adaeac4c758ecb458b4f3f9663ff0d444273f41ec94d15b1e
 
x86_64:
java-1.6.0-openjdk-1.6.0.0-1.20.b17.el5.x86_64.rpm
File outdated by:  RHSA-2014:0408
    MD5: 77fea983318c3d99b95953b74ffbaa2d
SHA-256: 36e6aba84329588b4766d8c606bcbecc7417572daefb46b77b659086201b4b3f
java-1.6.0-openjdk-demo-1.6.0.0-1.20.b17.el5.x86_64.rpm
File outdated by:  RHSA-2014:0408
    MD5: 8d55a86579a1b6a9c3caa00f02566b5d
SHA-256: 77dccf1a57320cad591c0e2f06173f84300e4a446a075e1201efc414d35792ac
java-1.6.0-openjdk-devel-1.6.0.0-1.20.b17.el5.x86_64.rpm
File outdated by:  RHSA-2014:0408
    MD5: dd6a1ab714295a5f142e8f3717fe3239
SHA-256: e08ec55f5706ce7c9136ad5ab34513cfcf5c89ad1e55b4356f8296a081801e2c
java-1.6.0-openjdk-javadoc-1.6.0.0-1.20.b17.el5.x86_64.rpm
File outdated by:  RHSA-2014:0408
    MD5: 2353920c9ef1c9c68ad9fcad690aaffb
SHA-256: 6231463213ceb0d56a6a05c8780043248f931064f6902365b55cab5fcd4a51d9
java-1.6.0-openjdk-src-1.6.0.0-1.20.b17.el5.x86_64.rpm
File outdated by:  RHSA-2014:0408
    MD5: 8c741872e06191a061eff4d50f7c2aa8
SHA-256: 09191f8f80a072b12a25b32693926e65885b145687032ec84c461bc9ea1443bd
 
Red Hat Enterprise Linux Desktop (v. 5 client)

SRPMS:
java-1.6.0-openjdk-1.6.0.0-1.20.b17.el5.src.rpm
File outdated by:  RHSA-2011:0857
    MD5: e2c2fbb4aca52ebe72c80e39d664a023
SHA-256: fd3da7b1fd18284127a8a191c548741381cf93f80bd751fd720f0914e8434251
 
IA-32:
java-1.6.0-openjdk-1.6.0.0-1.20.b17.el5.i386.rpm
File outdated by:  RHSA-2014:0408
    MD5: 07738de7bd57c668e5d1ad70413c4ff2
SHA-256: 68c367162983077bfbc3888636ac6bff0f8dd0edcfd42b5fc93737fc70e43b55
java-1.6.0-openjdk-demo-1.6.0.0-1.20.b17.el5.i386.rpm
File outdated by:  RHSA-2014:0408
    MD5: 3bad36477e91509e51539c2f110863b4
SHA-256: d2dbe8487fc61b2e4e506e1a2d3f41537be3e81e72c1a722ab5595f0effae270
java-1.6.0-openjdk-devel-1.6.0.0-1.20.b17.el5.i386.rpm
File outdated by:  RHSA-2014:0408
    MD5: 31bdba69c7b47c9d60ff86f8d49ba2f1
SHA-256: 1ed6b9cdd8d8d61f3f4d44fe401e3112935e082b85a7c5174496f6450403266a
java-1.6.0-openjdk-javadoc-1.6.0.0-1.20.b17.el5.i386.rpm
File outdated by:  RHSA-2014:0408
    MD5: c62fa82af152974843ac2561dc87512c
SHA-256: ee64086d198963f18ce12342309aabb339536c194ea7bc59025b6f1f1be0b8d8
java-1.6.0-openjdk-src-1.6.0.0-1.20.b17.el5.i386.rpm
File outdated by:  RHSA-2014:0408
    MD5: fdd791f494242011b91d8adf452cb063
SHA-256: 38aaddc5eb7d053adaeac4c758ecb458b4f3f9663ff0d444273f41ec94d15b1e
 
x86_64:
java-1.6.0-openjdk-1.6.0.0-1.20.b17.el5.x86_64.rpm
File outdated by:  RHSA-2014:0408
    MD5: 77fea983318c3d99b95953b74ffbaa2d
SHA-256: 36e6aba84329588b4766d8c606bcbecc7417572daefb46b77b659086201b4b3f
java-1.6.0-openjdk-demo-1.6.0.0-1.20.b17.el5.x86_64.rpm
File outdated by:  RHSA-2014:0408
    MD5: 8d55a86579a1b6a9c3caa00f02566b5d
SHA-256: 77dccf1a57320cad591c0e2f06173f84300e4a446a075e1201efc414d35792ac
java-1.6.0-openjdk-devel-1.6.0.0-1.20.b17.el5.x86_64.rpm
File outdated by:  RHSA-2014:0408
    MD5: dd6a1ab714295a5f142e8f3717fe3239
SHA-256: e08ec55f5706ce7c9136ad5ab34513cfcf5c89ad1e55b4356f8296a081801e2c
java-1.6.0-openjdk-javadoc-1.6.0.0-1.20.b17.el5.x86_64.rpm
File outdated by:  RHSA-2014:0408
    MD5: 2353920c9ef1c9c68ad9fcad690aaffb
SHA-256: 6231463213ceb0d56a6a05c8780043248f931064f6902365b55cab5fcd4a51d9
java-1.6.0-openjdk-src-1.6.0.0-1.20.b17.el5.x86_64.rpm
File outdated by:  RHSA-2014:0408
    MD5: 8c741872e06191a061eff4d50f7c2aa8
SHA-256: 09191f8f80a072b12a25b32693926e65885b145687032ec84c461bc9ea1443bd
 
Red Hat Enterprise Linux Desktop (v. 6)

SRPMS:
java-1.6.0-openjdk-1.6.0.0-1.39.b17.el6_0.src.rpm
File outdated by:  RHSA-2014:0408
    MD5: 6514691bb901076e08b49bf555377e55
SHA-256: 1e7d1361457b6b71f2306d6a8e6af4e96a3a7964ac9581503005eafe9fcd1b1d
 
IA-32:
java-1.6.0-openjdk-1.6.0.0-1.39.b17.el6_0.i686.rpm
File outdated by:  RHSA-2014:0408
    MD5: d806875316c1a60e209c080835012310
SHA-256: 8cba512ad54bd00d996d4f5fbf6a33806439e0dfa118f92bf8ece6c97cf52837
java-1.6.0-openjdk-debuginfo-1.6.0.0-1.39.b17.el6_0.i686.rpm
File outdated by:  RHSA-2014:0408
    MD5: 5c2ec7684f163c2cf2bec135ebf570f4
SHA-256: 93354e4d757e0a6478926a6bc8cd466e67a9247633300dc9ed86af4f0818eeb2
java-1.6.0-openjdk-demo-1.6.0.0-1.39.b17.el6_0.i686.rpm
File outdated by:  RHSA-2014:0408
    MD5: e2969457eff7707faddf66948f3121c2
SHA-256: 0d7c9c618ec56976b20eca781de6e4f7c7dd47f22be12f80257033dfc1de12d3
java-1.6.0-openjdk-devel-1.6.0.0-1.39.b17.el6_0.i686.rpm
File outdated by:  RHSA-2014:0408
    MD5: 55b308e3295e856e2468c76b1103c709
SHA-256: c609c2ceb3d043bb6ec80002b8ca583541fa14ce9a26613406ba2bca90c13e37
java-1.6.0-openjdk-javadoc-1.6.0.0-1.39.b17.el6_0.i686.rpm
File outdated by:  RHSA-2014:0408
    MD5: 3000cf91b1f59f2eb81e124c650bba99
SHA-256: a92eb112b7a6bcabae2656e397c2b9f51be6f7f3d3a10f7768843ab3e90d02cb
java-1.6.0-openjdk-src-1.6.0.0-1.39.b17.el6_0.i686.rpm
File outdated by:  RHSA-2014:0408
    MD5: c4836a8cd002b614c39e225bb3746856
SHA-256: 154e1a3779f49d967c000529d3f74ebc2ba99eeb69827a77b191a1b42e38b79e
 
x86_64:
java-1.6.0-openjdk-1.6.0.0-1.39.b17.el6_0.x86_64.rpm
File outdated by:  RHSA-2014:0408
    MD5: 83e631f0a30a889088372d9d643fbf91
SHA-256: 34525e3a2f1ca51c06a89ba8ca8d2ae0bf4c4638fcbc611be1193382d88e62cb
java-1.6.0-openjdk-debuginfo-1.6.0.0-1.39.b17.el6_0.x86_64.rpm
File outdated by:  RHSA-2014:0408
    MD5: 84729fb7caca453ade8ce4c297a006ca
SHA-256: a5e60a2f16bbf351f13e863cec481febf90d5948ec0efd862944df6ec3ed9e6f
java-1.6.0-openjdk-demo-1.6.0.0-1.39.b17.el6_0.x86_64.rpm
File outdated by:  RHSA-2014:0408
    MD5: ca2ca87d180eb02c2a772ca45cf9d1df
SHA-256: 54b67c0b445a7919eba13c063162911161df9c1292c90f4fc0eec903d98b386a
java-1.6.0-openjdk-devel-1.6.0.0-1.39.b17.el6_0.x86_64.rpm
File outdated by:  RHSA-2014:0408
    MD5: 4204c63ea788e7515807a8559f07ef29
SHA-256: 13f79765841718aa10f57915ad371a7e7df55fd1449539c2edce65cb0ae80734
java-1.6.0-openjdk-javadoc-1.6.0.0-1.39.b17.el6_0.x86_64.rpm
File outdated by:  RHSA-2014:0408
    MD5: cb321dbdffa0a78a6a94e33bd6683796
SHA-256: 08765212a2eef95faae06eb0cb6209b6f7e537eed1f31e8620fdeefa4844a164
java-1.6.0-openjdk-src-1.6.0.0-1.39.b17.el6_0.x86_64.rpm
File outdated by:  RHSA-2014:0408
    MD5: e483a66cc05461992cd5032e4ed1c312
SHA-256: af443c5b11344d48442c82483c0d077a62393257a8c2e4576c68cbc6e7e64f06
 
Red Hat Enterprise Linux EUS (v. 5.6.z server)

SRPMS:
java-1.6.0-openjdk-1.6.0.0-1.20.b17.el5.src.rpm
File outdated by:  RHSA-2011:0857
    MD5: e2c2fbb4aca52ebe72c80e39d664a023
SHA-256: fd3da7b1fd18284127a8a191c548741381cf93f80bd751fd720f0914e8434251
 
IA-32:
java-1.6.0-openjdk-1.6.0.0-1.20.b17.el5.i386.rpm
File outdated by:  RHSA-2011:0857
    MD5: 07738de7bd57c668e5d1ad70413c4ff2
SHA-256: 68c367162983077bfbc3888636ac6bff0f8dd0edcfd42b5fc93737fc70e43b55
java-1.6.0-openjdk-demo-1.6.0.0-1.20.b17.el5.i386.rpm
File outdated by:  RHSA-2011:0857
    MD5: 3bad36477e91509e51539c2f110863b4
SHA-256: d2dbe8487fc61b2e4e506e1a2d3f41537be3e81e72c1a722ab5595f0effae270
java-1.6.0-openjdk-devel-1.6.0.0-1.20.b17.el5.i386.rpm
File outdated by:  RHSA-2011:0857
    MD5: 31bdba69c7b47c9d60ff86f8d49ba2f1
SHA-256: 1ed6b9cdd8d8d61f3f4d44fe401e3112935e082b85a7c5174496f6450403266a
java-1.6.0-openjdk-javadoc-1.6.0.0-1.20.b17.el5.i386.rpm
File outdated by:  RHSA-2011:0857
    MD5: c62fa82af152974843ac2561dc87512c
SHA-256: ee64086d198963f18ce12342309aabb339536c194ea7bc59025b6f1f1be0b8d8
java-1.6.0-openjdk-src-1.6.0.0-1.20.b17.el5.i386.rpm
File outdated by:  RHSA-2011:0857
    MD5: fdd791f494242011b91d8adf452cb063
SHA-256: 38aaddc5eb7d053adaeac4c758ecb458b4f3f9663ff0d444273f41ec94d15b1e
 
x86_64:
java-1.6.0-openjdk-1.6.0.0-1.20.b17.el5.x86_64.rpm
File outdated by:  RHSA-2011:0857
    MD5: 77fea983318c3d99b95953b74ffbaa2d
SHA-256: 36e6aba84329588b4766d8c606bcbecc7417572daefb46b77b659086201b4b3f
java-1.6.0-openjdk-demo-1.6.0.0-1.20.b17.el5.x86_64.rpm
File outdated by:  RHSA-2011:0857
    MD5: 8d55a86579a1b6a9c3caa00f02566b5d
SHA-256: 77dccf1a57320cad591c0e2f06173f84300e4a446a075e1201efc414d35792ac
java-1.6.0-openjdk-devel-1.6.0.0-1.20.b17.el5.x86_64.rpm
File outdated by:  RHSA-2011:0857
    MD5: dd6a1ab714295a5f142e8f3717fe3239
SHA-256: e08ec55f5706ce7c9136ad5ab34513cfcf5c89ad1e55b4356f8296a081801e2c
java-1.6.0-openjdk-javadoc-1.6.0.0-1.20.b17.el5.x86_64.rpm
File outdated by:  RHSA-2011:0857
    MD5: 2353920c9ef1c9c68ad9fcad690aaffb
SHA-256: 6231463213ceb0d56a6a05c8780043248f931064f6902365b55cab5fcd4a51d9
java-1.6.0-openjdk-src-1.6.0.0-1.20.b17.el5.x86_64.rpm
File outdated by:  RHSA-2011:0857
    MD5: 8c741872e06191a061eff4d50f7c2aa8
SHA-256: 09191f8f80a072b12a25b32693926e65885b145687032ec84c461bc9ea1443bd
 
Red Hat Enterprise Linux HPC Node (v. 6)

SRPMS:
java-1.6.0-openjdk-1.6.0.0-1.39.b17.el6_0.src.rpm
File outdated by:  RHSA-2014:0408
    MD5: 6514691bb901076e08b49bf555377e55
SHA-256: 1e7d1361457b6b71f2306d6a8e6af4e96a3a7964ac9581503005eafe9fcd1b1d
 
x86_64:
java-1.6.0-openjdk-1.6.0.0-1.39.b17.el6_0.x86_64.rpm
File outdated by:  RHSA-2014:0408
    MD5: 83e631f0a30a889088372d9d643fbf91
SHA-256: 34525e3a2f1ca51c06a89ba8ca8d2ae0bf4c4638fcbc611be1193382d88e62cb
java-1.6.0-openjdk-debuginfo-1.6.0.0-1.39.b17.el6_0.x86_64.rpm
File outdated by:  RHSA-2014:0408
    MD5: 84729fb7caca453ade8ce4c297a006ca
SHA-256: a5e60a2f16bbf351f13e863cec481febf90d5948ec0efd862944df6ec3ed9e6f
java-1.6.0-openjdk-demo-1.6.0.0-1.39.b17.el6_0.x86_64.rpm
File outdated by:  RHSA-2014:0408
    MD5: ca2ca87d180eb02c2a772ca45cf9d1df
SHA-256: 54b67c0b445a7919eba13c063162911161df9c1292c90f4fc0eec903d98b386a
java-1.6.0-openjdk-devel-1.6.0.0-1.39.b17.el6_0.x86_64.rpm
File outdated by:  RHSA-2014:0408
    MD5: 4204c63ea788e7515807a8559f07ef29
SHA-256: 13f79765841718aa10f57915ad371a7e7df55fd1449539c2edce65cb0ae80734
java-1.6.0-openjdk-javadoc-1.6.0.0-1.39.b17.el6_0.x86_64.rpm
File outdated by:  RHSA-2014:0408
    MD5: cb321dbdffa0a78a6a94e33bd6683796
SHA-256: 08765212a2eef95faae06eb0cb6209b6f7e537eed1f31e8620fdeefa4844a164
java-1.6.0-openjdk-src-1.6.0.0-1.39.b17.el6_0.x86_64.rpm
File outdated by:  RHSA-2014:0408
    MD5: e483a66cc05461992cd5032e4ed1c312
SHA-256: af443c5b11344d48442c82483c0d077a62393257a8c2e4576c68cbc6e7e64f06
 
Red Hat Enterprise Linux Long Life (v. 5.6 server)

SRPMS:
java-1.6.0-openjdk-1.6.0.0-1.20.b17.el5.src.rpm
File outdated by:  RHSA-2011:0857
    MD5: e2c2fbb4aca52ebe72c80e39d664a023
SHA-256: fd3da7b1fd18284127a8a191c548741381cf93f80bd751fd720f0914e8434251
 
IA-32:
java-1.6.0-openjdk-1.6.0.0-1.20.b17.el5.i386.rpm
File outdated by:  RHSA-2011:0857
    MD5: 07738de7bd57c668e5d1ad70413c4ff2
SHA-256: 68c367162983077bfbc3888636ac6bff0f8dd0edcfd42b5fc93737fc70e43b55
java-1.6.0-openjdk-demo-1.6.0.0-1.20.b17.el5.i386.rpm
File outdated by:  RHSA-2011:0857
    MD5: 3bad36477e91509e51539c2f110863b4
SHA-256: d2dbe8487fc61b2e4e506e1a2d3f41537be3e81e72c1a722ab5595f0effae270
java-1.6.0-openjdk-devel-1.6.0.0-1.20.b17.el5.i386.rpm
File outdated by:  RHSA-2011:0857
    MD5: 31bdba69c7b47c9d60ff86f8d49ba2f1
SHA-256: 1ed6b9cdd8d8d61f3f4d44fe401e3112935e082b85a7c5174496f6450403266a
java-1.6.0-openjdk-javadoc-1.6.0.0-1.20.b17.el5.i386.rpm
File outdated by:  RHSA-2011:0857
    MD5: c62fa82af152974843ac2561dc87512c
SHA-256: ee64086d198963f18ce12342309aabb339536c194ea7bc59025b6f1f1be0b8d8
java-1.6.0-openjdk-src-1.6.0.0-1.20.b17.el5.i386.rpm
File outdated by:  RHSA-2011:0857
    MD5: fdd791f494242011b91d8adf452cb063
SHA-256: 38aaddc5eb7d053adaeac4c758ecb458b4f3f9663ff0d444273f41ec94d15b1e
 
x86_64:
java-1.6.0-openjdk-1.6.0.0-1.20.b17.el5.x86_64.rpm
File outdated by:  RHSA-2011:0857
    MD5: 77fea983318c3d99b95953b74ffbaa2d
SHA-256: 36e6aba84329588b4766d8c606bcbecc7417572daefb46b77b659086201b4b3f
java-1.6.0-openjdk-demo-1.6.0.0-1.20.b17.el5.x86_64.rpm
File outdated by:  RHSA-2011:0857
    MD5: 8d55a86579a1b6a9c3caa00f02566b5d
SHA-256: 77dccf1a57320cad591c0e2f06173f84300e4a446a075e1201efc414d35792ac
java-1.6.0-openjdk-devel-1.6.0.0-1.20.b17.el5.x86_64.rpm
File outdated by:  RHSA-2011:0857
    MD5: dd6a1ab714295a5f142e8f3717fe3239
SHA-256: e08ec55f5706ce7c9136ad5ab34513cfcf5c89ad1e55b4356f8296a081801e2c
java-1.6.0-openjdk-javadoc-1.6.0.0-1.20.b17.el5.x86_64.rpm
File outdated by:  RHSA-2011:0857
    MD5: 2353920c9ef1c9c68ad9fcad690aaffb
SHA-256: 6231463213ceb0d56a6a05c8780043248f931064f6902365b55cab5fcd4a51d9
java-1.6.0-openjdk-src-1.6.0.0-1.20.b17.el5.x86_64.rpm
File outdated by:  RHSA-2011:0857
    MD5: 8c741872e06191a061eff4d50f7c2aa8
SHA-256: 09191f8f80a072b12a25b32693926e65885b145687032ec84c461bc9ea1443bd
 
Red Hat Enterprise Linux Server (v. 6)

SRPMS:
java-1.6.0-openjdk-1.6.0.0-1.39.b17.el6_0.src.rpm
File outdated by:  RHSA-2014:0408
    MD5: 6514691bb901076e08b49bf555377e55
SHA-256: 1e7d1361457b6b71f2306d6a8e6af4e96a3a7964ac9581503005eafe9fcd1b1d
 
IA-32:
java-1.6.0-openjdk-1.6.0.0-1.39.b17.el6_0.i686.rpm
File outdated by:  RHSA-2014:0408
    MD5: d806875316c1a60e209c080835012310
SHA-256: 8cba512ad54bd00d996d4f5fbf6a33806439e0dfa118f92bf8ece6c97cf52837
java-1.6.0-openjdk-debuginfo-1.6.0.0-1.39.b17.el6_0.i686.rpm
File outdated by:  RHSA-2014:0408
    MD5: 5c2ec7684f163c2cf2bec135ebf570f4
SHA-256: 93354e4d757e0a6478926a6bc8cd466e67a9247633300dc9ed86af4f0818eeb2
java-1.6.0-openjdk-demo-1.6.0.0-1.39.b17.el6_0.i686.rpm
File outdated by:  RHSA-2014:0408
    MD5: e2969457eff7707faddf66948f3121c2
SHA-256: 0d7c9c618ec56976b20eca781de6e4f7c7dd47f22be12f80257033dfc1de12d3
java-1.6.0-openjdk-devel-1.6.0.0-1.39.b17.el6_0.i686.rpm
File outdated by:  RHSA-2014:0408
    MD5: 55b308e3295e856e2468c76b1103c709
SHA-256: c609c2ceb3d043bb6ec80002b8ca583541fa14ce9a26613406ba2bca90c13e37
java-1.6.0-openjdk-javadoc-1.6.0.0-1.39.b17.el6_0.i686.rpm
File outdated by:  RHSA-2014:0408
    MD5: 3000cf91b1f59f2eb81e124c650bba99
SHA-256: a92eb112b7a6bcabae2656e397c2b9f51be6f7f3d3a10f7768843ab3e90d02cb
java-1.6.0-openjdk-src-1.6.0.0-1.39.b17.el6_0.i686.rpm
File outdated by:  RHSA-2014:0408
    MD5: c4836a8cd002b614c39e225bb3746856
SHA-256: 154e1a3779f49d967c000529d3f74ebc2ba99eeb69827a77b191a1b42e38b79e
 
x86_64:
java-1.6.0-openjdk-1.6.0.0-1.39.b17.el6_0.x86_64.rpm
File outdated by:  RHSA-2014:0408
    MD5: 83e631f0a30a889088372d9d643fbf91
SHA-256: 34525e3a2f1ca51c06a89ba8ca8d2ae0bf4c4638fcbc611be1193382d88e62cb
java-1.6.0-openjdk-debuginfo-1.6.0.0-1.39.b17.el6_0.x86_64.rpm
File outdated by:  RHSA-2014:0408
    MD5: 84729fb7caca453ade8ce4c297a006ca
SHA-256: a5e60a2f16bbf351f13e863cec481febf90d5948ec0efd862944df6ec3ed9e6f
java-1.6.0-openjdk-demo-1.6.0.0-1.39.b17.el6_0.x86_64.rpm
File outdated by:  RHSA-2014:0408
    MD5: ca2ca87d180eb02c2a772ca45cf9d1df
SHA-256: 54b67c0b445a7919eba13c063162911161df9c1292c90f4fc0eec903d98b386a
java-1.6.0-openjdk-devel-1.6.0.0-1.39.b17.el6_0.x86_64.rpm
File outdated by:  RHSA-2014:0408
    MD5: 4204c63ea788e7515807a8559f07ef29
SHA-256: 13f79765841718aa10f57915ad371a7e7df55fd1449539c2edce65cb0ae80734
java-1.6.0-openjdk-javadoc-1.6.0.0-1.39.b17.el6_0.x86_64.rpm
File outdated by:  RHSA-2014:0408
    MD5: cb321dbdffa0a78a6a94e33bd6683796
SHA-256: 08765212a2eef95faae06eb0cb6209b6f7e537eed1f31e8620fdeefa4844a164
java-1.6.0-openjdk-src-1.6.0.0-1.39.b17.el6_0.x86_64.rpm
File outdated by:  RHSA-2014:0408
    MD5: e483a66cc05461992cd5032e4ed1c312
SHA-256: af443c5b11344d48442c82483c0d077a62393257a8c2e4576c68cbc6e7e64f06
 
Red Hat Enterprise Linux Server EUS (v. 6.0.z)

SRPMS:
java-1.6.0-openjdk-1.6.0.0-1.39.b17.el6_0.src.rpm
File outdated by:  RHSA-2014:0408
    MD5: 6514691bb901076e08b49bf555377e55
SHA-256: 1e7d1361457b6b71f2306d6a8e6af4e96a3a7964ac9581503005eafe9fcd1b1d
 
IA-32:
java-1.6.0-openjdk-1.6.0.0-1.39.b17.el6_0.i686.rpm     MD5: d806875316c1a60e209c080835012310
SHA-256: 8cba512ad54bd00d996d4f5fbf6a33806439e0dfa118f92bf8ece6c97cf52837
java-1.6.0-openjdk-debuginfo-1.6.0.0-1.39.b17.el6_0.i686.rpm     MD5: 5c2ec7684f163c2cf2bec135ebf570f4
SHA-256: 93354e4d757e0a6478926a6bc8cd466e67a9247633300dc9ed86af4f0818eeb2
java-1.6.0-openjdk-demo-1.6.0.0-1.39.b17.el6_0.i686.rpm     MD5: e2969457eff7707faddf66948f3121c2
SHA-256: 0d7c9c618ec56976b20eca781de6e4f7c7dd47f22be12f80257033dfc1de12d3
java-1.6.0-openjdk-devel-1.6.0.0-1.39.b17.el6_0.i686.rpm     MD5: 55b308e3295e856e2468c76b1103c709
SHA-256: c609c2ceb3d043bb6ec80002b8ca583541fa14ce9a26613406ba2bca90c13e37
java-1.6.0-openjdk-javadoc-1.6.0.0-1.39.b17.el6_0.i686.rpm     MD5: 3000cf91b1f59f2eb81e124c650bba99
SHA-256: a92eb112b7a6bcabae2656e397c2b9f51be6f7f3d3a10f7768843ab3e90d02cb
java-1.6.0-openjdk-src-1.6.0.0-1.39.b17.el6_0.i686.rpm     MD5: c4836a8cd002b614c39e225bb3746856
SHA-256: 154e1a3779f49d967c000529d3f74ebc2ba99eeb69827a77b191a1b42e38b79e
 
x86_64:
java-1.6.0-openjdk-1.6.0.0-1.39.b17.el6_0.x86_64.rpm     MD5: 83e631f0a30a889088372d9d643fbf91
SHA-256: 34525e3a2f1ca51c06a89ba8ca8d2ae0bf4c4638fcbc611be1193382d88e62cb
java-1.6.0-openjdk-debuginfo-1.6.0.0-1.39.b17.el6_0.x86_64.rpm     MD5: 84729fb7caca453ade8ce4c297a006ca
SHA-256: a5e60a2f16bbf351f13e863cec481febf90d5948ec0efd862944df6ec3ed9e6f
java-1.6.0-openjdk-demo-1.6.0.0-1.39.b17.el6_0.x86_64.rpm     MD5: ca2ca87d180eb02c2a772ca45cf9d1df
SHA-256: 54b67c0b445a7919eba13c063162911161df9c1292c90f4fc0eec903d98b386a
java-1.6.0-openjdk-devel-1.6.0.0-1.39.b17.el6_0.x86_64.rpm     MD5: 4204c63ea788e7515807a8559f07ef29
SHA-256: 13f79765841718aa10f57915ad371a7e7df55fd1449539c2edce65cb0ae80734
java-1.6.0-openjdk-javadoc-1.6.0.0-1.39.b17.el6_0.x86_64.rpm     MD5: cb321dbdffa0a78a6a94e33bd6683796
SHA-256: 08765212a2eef95faae06eb0cb6209b6f7e537eed1f31e8620fdeefa4844a164
java-1.6.0-openjdk-src-1.6.0.0-1.39.b17.el6_0.x86_64.rpm     MD5: e483a66cc05461992cd5032e4ed1c312
SHA-256: af443c5b11344d48442c82483c0d077a62393257a8c2e4576c68cbc6e7e64f06
 
Red Hat Enterprise Linux Workstation (v. 6)

SRPMS:
java-1.6.0-openjdk-1.6.0.0-1.39.b17.el6_0.src.rpm
File outdated by:  RHSA-2014:0408
    MD5: 6514691bb901076e08b49bf555377e55
SHA-256: 1e7d1361457b6b71f2306d6a8e6af4e96a3a7964ac9581503005eafe9fcd1b1d
 
IA-32:
java-1.6.0-openjdk-1.6.0.0-1.39.b17.el6_0.i686.rpm
File outdated by:  RHSA-2014:0408
    MD5: d806875316c1a60e209c080835012310
SHA-256: 8cba512ad54bd00d996d4f5fbf6a33806439e0dfa118f92bf8ece6c97cf52837
java-1.6.0-openjdk-debuginfo-1.6.0.0-1.39.b17.el6_0.i686.rpm
File outdated by:  RHSA-2014:0408
    MD5: 5c2ec7684f163c2cf2bec135ebf570f4
SHA-256: 93354e4d757e0a6478926a6bc8cd466e67a9247633300dc9ed86af4f0818eeb2
java-1.6.0-openjdk-demo-1.6.0.0-1.39.b17.el6_0.i686.rpm
File outdated by:  RHSA-2014:0408
    MD5: e2969457eff7707faddf66948f3121c2
SHA-256: 0d7c9c618ec56976b20eca781de6e4f7c7dd47f22be12f80257033dfc1de12d3
java-1.6.0-openjdk-devel-1.6.0.0-1.39.b17.el6_0.i686.rpm
File outdated by:  RHSA-2014:0408
    MD5: 55b308e3295e856e2468c76b1103c709
SHA-256: c609c2ceb3d043bb6ec80002b8ca583541fa14ce9a26613406ba2bca90c13e37
java-1.6.0-openjdk-javadoc-1.6.0.0-1.39.b17.el6_0.i686.rpm
File outdated by:  RHSA-2014:0408
    MD5: 3000cf91b1f59f2eb81e124c650bba99
SHA-256: a92eb112b7a6bcabae2656e397c2b9f51be6f7f3d3a10f7768843ab3e90d02cb
java-1.6.0-openjdk-src-1.6.0.0-1.39.b17.el6_0.i686.rpm
File outdated by:  RHSA-2014:0408
    MD5: c4836a8cd002b614c39e225bb3746856
SHA-256: 154e1a3779f49d967c000529d3f74ebc2ba99eeb69827a77b191a1b42e38b79e
 
x86_64:
java-1.6.0-openjdk-1.6.0.0-1.39.b17.el6_0.x86_64.rpm
File outdated by:  RHSA-2014:0408
    MD5: 83e631f0a30a889088372d9d643fbf91
SHA-256: 34525e3a2f1ca51c06a89ba8ca8d2ae0bf4c4638fcbc611be1193382d88e62cb
java-1.6.0-openjdk-debuginfo-1.6.0.0-1.39.b17.el6_0.x86_64.rpm
File outdated by:  RHSA-2014:0408
    MD5: 84729fb7caca453ade8ce4c297a006ca
SHA-256: a5e60a2f16bbf351f13e863cec481febf90d5948ec0efd862944df6ec3ed9e6f
java-1.6.0-openjdk-demo-1.6.0.0-1.39.b17.el6_0.x86_64.rpm
File outdated by:  RHSA-2014:0408
    MD5: ca2ca87d180eb02c2a772ca45cf9d1df
SHA-256: 54b67c0b445a7919eba13c063162911161df9c1292c90f4fc0eec903d98b386a
java-1.6.0-openjdk-devel-1.6.0.0-1.39.b17.el6_0.x86_64.rpm
File outdated by:  RHSA-2014:0408
    MD5: 4204c63ea788e7515807a8559f07ef29
SHA-256: 13f79765841718aa10f57915ad371a7e7df55fd1449539c2edce65cb0ae80734
java-1.6.0-openjdk-javadoc-1.6.0.0-1.39.b17.el6_0.x86_64.rpm
File outdated by:  RHSA-2014:0408
    MD5: cb321dbdffa0a78a6a94e33bd6683796
SHA-256: 08765212a2eef95faae06eb0cb6209b6f7e537eed1f31e8620fdeefa4844a164
java-1.6.0-openjdk-src-1.6.0.0-1.39.b17.el6_0.x86_64.rpm
File outdated by:  RHSA-2014:0408
    MD5: e483a66cc05461992cd5032e4ed1c312
SHA-256: af443c5b11344d48442c82483c0d077a62393257a8c2e4576c68cbc6e7e64f06
 
(The unlinked packages above are only available from the Red Hat Network)

Bugs fixed (see bugzilla for more information)

675942 - CVE-2010-4472 OpenJDK untrusted code allowed to replace DSIG/C14N implementation (6994263)
675958 - CVE-2010-4469 OpenJDK Hotspot verifier heap corruption (6878713)
675984 - CVE-2010-4465 OpenJDK Swing timer-based security manager bypass (6907662)
676005 - CVE-2010-4470 OpenJDK JAXP untrusted component state manipulation (6927050)
676019 - CVE-2010-4471 OpenJDK Java2D font-related system property leak (6985453)
676023 - CVE-2010-4448 OpenJDK DNS cache poisoning by untrusted applets (6981922)
676026 - CVE-2010-4450 OpenJDK Launcher incorrect processing of empty library path entries (6983554)


References



These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from:
https://www.redhat.com/security/team/key/#package

The Red Hat security contact is secalert@redhat.com. More contact details at http://www.redhat.com/security/team/contact/