Skip to navigation

Security Advisory Important: java-1.7.0-openjdk security update

Advisory: RHSA-2012:1223-1
Type: Security Advisory
Severity: Important
Issued on: 2012-09-03
Last updated on: 2012-09-03
Affected Products: Red Hat Enterprise Linux Desktop (v. 6)
Red Hat Enterprise Linux HPC Node (v. 6)
Red Hat Enterprise Linux Server (v. 6)
Red Hat Enterprise Linux Server EUS (v. 6.3.z)
Red Hat Enterprise Linux Workstation (v. 6)
CVEs (cve.mitre.org): CVE-2012-0547
CVE-2012-1682
CVE-2012-3136
CVE-2012-4681

Details

Updated java-1.7.0-openjdk packages that fix several security issues are
now available for Red Hat Enterprise Linux 6.

The Red Hat Security Response Team has rated this update as having
important security impact. Common Vulnerability Scoring System (CVSS) base
scores, which give detailed severity ratings, are available for each
vulnerability from the CVE links in the References section.

These packages provide the OpenJDK 7 Java Runtime Environment and the
OpenJDK 7 Software Development Kit.

Multiple improper permission check issues were discovered in the Beans
component in OpenJDK. An untrusted Java application or applet could use
these flaws to bypass Java sandbox restrictions. (CVE-2012-4681,
CVE-2012-1682, CVE-2012-3136)

A hardening fix was applied to the AWT component in OpenJDK, removing
functionality from the restricted SunToolkit class that was used in
combination with other flaws to bypass Java sandbox restrictions.
(CVE-2012-0547)

All users of java-1.7.0-openjdk are advised to upgrade to these updated
packages, which resolve these issues. All running instances of OpenJDK Java
must be restarted for the update to take effect.


Solution

Before applying this update, make sure all previously-released errata
relevant to your system have been applied.

This update is available via the Red Hat Network. Details on how to
use the Red Hat Network to apply this update are available at
https://access.redhat.com/knowledge/articles/11258

Updated packages

Red Hat Enterprise Linux Desktop (v. 6)

SRPMS:
java-1.7.0-openjdk-1.7.0.5-2.2.1.el6_3.3.src.rpm
File outdated by:  RHSA-2014:0406
    MD5: e63764e2370b02bd0d98eb9f53296e50
SHA-256: e9e2b809c47029771dcc17c27ab9d058df75f67207e240091dcb16a0dd7773de
 
IA-32:
java-1.7.0-openjdk-1.7.0.5-2.2.1.el6_3.3.i686.rpm
File outdated by:  RHSA-2014:0406
    MD5: 84597083c8c3192b33ee42d99b348814
SHA-256: dc5742dd8cbcf5d89bf430269592adefd37deb20541e8cae1ac134a5609d322d
java-1.7.0-openjdk-debuginfo-1.7.0.5-2.2.1.el6_3.3.i686.rpm
File outdated by:  RHSA-2014:0406
    MD5: 1e1d69fb2f8c760d7819ab7cfa703761
SHA-256: 0b21038442d95f08d562fb28f7cc8fa9c55b80e405de0174220b4216509a0e73
java-1.7.0-openjdk-demo-1.7.0.5-2.2.1.el6_3.3.i686.rpm
File outdated by:  RHSA-2014:0406
    MD5: 93fd569aab77ef01a8653875dd8ad281
SHA-256: e8ce715ce3185b20334678da2100beb318bdec97a87233816a4af696bda37631
java-1.7.0-openjdk-devel-1.7.0.5-2.2.1.el6_3.3.i686.rpm
File outdated by:  RHSA-2014:0406
    MD5: 5b1d62b07e411f0d29ee77c757889ea9
SHA-256: 53e7ba4fee22d906df0612d1c3699ab9fb447edb79b43027808755790b0f4085
java-1.7.0-openjdk-javadoc-1.7.0.5-2.2.1.el6_3.3.noarch.rpm
File outdated by:  RHSA-2014:0406
    MD5: 5af0cce132c65cd28e7c8131f7a55743
SHA-256: 7b0d0dede94920d400fd9a7f56e9e8214d9698aa57e6a64bbbe55b08b551c7c6
java-1.7.0-openjdk-src-1.7.0.5-2.2.1.el6_3.3.i686.rpm
File outdated by:  RHSA-2014:0406
    MD5: 06b9a52502610e4b35a8945a0b667ee2
SHA-256: 3a31c5e3a568af3f4e29a71189ce6495d589a50d5bf6565b8da11b129a5bbaf5
 
x86_64:
java-1.7.0-openjdk-1.7.0.5-2.2.1.el6_3.3.x86_64.rpm
File outdated by:  RHSA-2014:0406
    MD5: 9813e407637808a07c91a6063875ee5e
SHA-256: 90e19e82d0dc35e9080cb2c5bc2316bdd32469d13d4087ba35712f27d192a7bb
java-1.7.0-openjdk-debuginfo-1.7.0.5-2.2.1.el6_3.3.x86_64.rpm
File outdated by:  RHSA-2014:0406
    MD5: 17bec0dde5183abf0f7883604a635e6e
SHA-256: 264cbce6e44297ffa37a1796dbf1393cf85132755481a777680eb126d49a613a
java-1.7.0-openjdk-demo-1.7.0.5-2.2.1.el6_3.3.x86_64.rpm
File outdated by:  RHSA-2014:0406
    MD5: 4a2fc69b191d5eecbcc262b9fd91cbb4
SHA-256: f971292fd01489926e290635bc3613dac3fddd27bffb4c4b1075f4fedc2b2cdb
java-1.7.0-openjdk-devel-1.7.0.5-2.2.1.el6_3.3.x86_64.rpm
File outdated by:  RHSA-2014:0406
    MD5: 0a843615aa9066f041bb9c69baf2336b
SHA-256: 9da0d7c124dbdd8a5aa37da95c6f91506c356a7b5a0b91280b756c1d7e25e2f8
java-1.7.0-openjdk-javadoc-1.7.0.5-2.2.1.el6_3.3.noarch.rpm
File outdated by:  RHSA-2014:0406
    MD5: 5af0cce132c65cd28e7c8131f7a55743
SHA-256: 7b0d0dede94920d400fd9a7f56e9e8214d9698aa57e6a64bbbe55b08b551c7c6
java-1.7.0-openjdk-src-1.7.0.5-2.2.1.el6_3.3.x86_64.rpm
File outdated by:  RHSA-2014:0406
    MD5: b2f3e1866f12a3e6f52bb68cf341ec96
SHA-256: b407becb3ed2e3468d88e0d78ab261c528390cae798d4614f32b3eefca2a8577
 
Red Hat Enterprise Linux HPC Node (v. 6)

SRPMS:
java-1.7.0-openjdk-1.7.0.5-2.2.1.el6_3.3.src.rpm
File outdated by:  RHSA-2014:0406
    MD5: e63764e2370b02bd0d98eb9f53296e50
SHA-256: e9e2b809c47029771dcc17c27ab9d058df75f67207e240091dcb16a0dd7773de
 
x86_64:
java-1.7.0-openjdk-1.7.0.5-2.2.1.el6_3.3.x86_64.rpm
File outdated by:  RHSA-2012:1386
    MD5: 9813e407637808a07c91a6063875ee5e
SHA-256: 90e19e82d0dc35e9080cb2c5bc2316bdd32469d13d4087ba35712f27d192a7bb
java-1.7.0-openjdk-debuginfo-1.7.0.5-2.2.1.el6_3.3.x86_64.rpm
File outdated by:  RHSA-2014:0406
    MD5: 17bec0dde5183abf0f7883604a635e6e
SHA-256: 264cbce6e44297ffa37a1796dbf1393cf85132755481a777680eb126d49a613a
java-1.7.0-openjdk-demo-1.7.0.5-2.2.1.el6_3.3.x86_64.rpm
File outdated by:  RHSA-2014:0406
    MD5: 4a2fc69b191d5eecbcc262b9fd91cbb4
SHA-256: f971292fd01489926e290635bc3613dac3fddd27bffb4c4b1075f4fedc2b2cdb
java-1.7.0-openjdk-devel-1.7.0.5-2.2.1.el6_3.3.x86_64.rpm
File outdated by:  RHSA-2014:0406
    MD5: 0a843615aa9066f041bb9c69baf2336b
SHA-256: 9da0d7c124dbdd8a5aa37da95c6f91506c356a7b5a0b91280b756c1d7e25e2f8
java-1.7.0-openjdk-javadoc-1.7.0.5-2.2.1.el6_3.3.noarch.rpm
File outdated by:  RHSA-2014:0406
    MD5: 5af0cce132c65cd28e7c8131f7a55743
SHA-256: 7b0d0dede94920d400fd9a7f56e9e8214d9698aa57e6a64bbbe55b08b551c7c6
java-1.7.0-openjdk-src-1.7.0.5-2.2.1.el6_3.3.x86_64.rpm
File outdated by:  RHSA-2014:0406
    MD5: b2f3e1866f12a3e6f52bb68cf341ec96
SHA-256: b407becb3ed2e3468d88e0d78ab261c528390cae798d4614f32b3eefca2a8577
 
Red Hat Enterprise Linux Server (v. 6)

SRPMS:
java-1.7.0-openjdk-1.7.0.5-2.2.1.el6_3.3.src.rpm
File outdated by:  RHSA-2014:0406
    MD5: e63764e2370b02bd0d98eb9f53296e50
SHA-256: e9e2b809c47029771dcc17c27ab9d058df75f67207e240091dcb16a0dd7773de
 
IA-32:
java-1.7.0-openjdk-1.7.0.5-2.2.1.el6_3.3.i686.rpm
File outdated by:  RHSA-2014:0406
    MD5: 84597083c8c3192b33ee42d99b348814
SHA-256: dc5742dd8cbcf5d89bf430269592adefd37deb20541e8cae1ac134a5609d322d
java-1.7.0-openjdk-debuginfo-1.7.0.5-2.2.1.el6_3.3.i686.rpm
File outdated by:  RHSA-2014:0406
    MD5: 1e1d69fb2f8c760d7819ab7cfa703761
SHA-256: 0b21038442d95f08d562fb28f7cc8fa9c55b80e405de0174220b4216509a0e73
java-1.7.0-openjdk-demo-1.7.0.5-2.2.1.el6_3.3.i686.rpm
File outdated by:  RHSA-2014:0406
    MD5: 93fd569aab77ef01a8653875dd8ad281
SHA-256: e8ce715ce3185b20334678da2100beb318bdec97a87233816a4af696bda37631
java-1.7.0-openjdk-devel-1.7.0.5-2.2.1.el6_3.3.i686.rpm
File outdated by:  RHSA-2012:1386
    MD5: 5b1d62b07e411f0d29ee77c757889ea9
SHA-256: 53e7ba4fee22d906df0612d1c3699ab9fb447edb79b43027808755790b0f4085
java-1.7.0-openjdk-javadoc-1.7.0.5-2.2.1.el6_3.3.noarch.rpm
File outdated by:  RHSA-2013:1451
    MD5: 5af0cce132c65cd28e7c8131f7a55743
SHA-256: 7b0d0dede94920d400fd9a7f56e9e8214d9698aa57e6a64bbbe55b08b551c7c6
java-1.7.0-openjdk-src-1.7.0.5-2.2.1.el6_3.3.i686.rpm
File outdated by:  RHSA-2014:0406
    MD5: 06b9a52502610e4b35a8945a0b667ee2
SHA-256: 3a31c5e3a568af3f4e29a71189ce6495d589a50d5bf6565b8da11b129a5bbaf5
 
x86_64:
java-1.7.0-openjdk-1.7.0.5-2.2.1.el6_3.3.x86_64.rpm
File outdated by:  RHSA-2014:0406
    MD5: 9813e407637808a07c91a6063875ee5e
SHA-256: 90e19e82d0dc35e9080cb2c5bc2316bdd32469d13d4087ba35712f27d192a7bb
java-1.7.0-openjdk-debuginfo-1.7.0.5-2.2.1.el6_3.3.x86_64.rpm
File outdated by:  RHSA-2014:0406
    MD5: 17bec0dde5183abf0f7883604a635e6e
SHA-256: 264cbce6e44297ffa37a1796dbf1393cf85132755481a777680eb126d49a613a
java-1.7.0-openjdk-demo-1.7.0.5-2.2.1.el6_3.3.x86_64.rpm
File outdated by:  RHSA-2014:0406
    MD5: 4a2fc69b191d5eecbcc262b9fd91cbb4
SHA-256: f971292fd01489926e290635bc3613dac3fddd27bffb4c4b1075f4fedc2b2cdb
java-1.7.0-openjdk-devel-1.7.0.5-2.2.1.el6_3.3.x86_64.rpm
File outdated by:  RHSA-2012:1386
    MD5: 0a843615aa9066f041bb9c69baf2336b
SHA-256: 9da0d7c124dbdd8a5aa37da95c6f91506c356a7b5a0b91280b756c1d7e25e2f8
java-1.7.0-openjdk-javadoc-1.7.0.5-2.2.1.el6_3.3.noarch.rpm
File outdated by:  RHSA-2013:1451
    MD5: 5af0cce132c65cd28e7c8131f7a55743
SHA-256: 7b0d0dede94920d400fd9a7f56e9e8214d9698aa57e6a64bbbe55b08b551c7c6
java-1.7.0-openjdk-src-1.7.0.5-2.2.1.el6_3.3.x86_64.rpm
File outdated by:  RHSA-2014:0406
    MD5: b2f3e1866f12a3e6f52bb68cf341ec96
SHA-256: b407becb3ed2e3468d88e0d78ab261c528390cae798d4614f32b3eefca2a8577
 
Red Hat Enterprise Linux Server EUS (v. 6.3.z)

SRPMS:
java-1.7.0-openjdk-1.7.0.5-2.2.1.el6_3.3.src.rpm
File outdated by:  RHSA-2014:0406
    MD5: e63764e2370b02bd0d98eb9f53296e50
SHA-256: e9e2b809c47029771dcc17c27ab9d058df75f67207e240091dcb16a0dd7773de
 
IA-32:
java-1.7.0-openjdk-1.7.0.5-2.2.1.el6_3.3.i686.rpm
File outdated by:  RHSA-2013:0275
    MD5: 84597083c8c3192b33ee42d99b348814
SHA-256: dc5742dd8cbcf5d89bf430269592adefd37deb20541e8cae1ac134a5609d322d
java-1.7.0-openjdk-debuginfo-1.7.0.5-2.2.1.el6_3.3.i686.rpm
File outdated by:  RHSA-2013:0275
    MD5: 1e1d69fb2f8c760d7819ab7cfa703761
SHA-256: 0b21038442d95f08d562fb28f7cc8fa9c55b80e405de0174220b4216509a0e73
java-1.7.0-openjdk-demo-1.7.0.5-2.2.1.el6_3.3.i686.rpm
File outdated by:  RHSA-2013:0275
    MD5: 93fd569aab77ef01a8653875dd8ad281
SHA-256: e8ce715ce3185b20334678da2100beb318bdec97a87233816a4af696bda37631
java-1.7.0-openjdk-devel-1.7.0.5-2.2.1.el6_3.3.i686.rpm
File outdated by:  RHSA-2012:1386
    MD5: 5b1d62b07e411f0d29ee77c757889ea9
SHA-256: 53e7ba4fee22d906df0612d1c3699ab9fb447edb79b43027808755790b0f4085
java-1.7.0-openjdk-javadoc-1.7.0.5-2.2.1.el6_3.3.noarch.rpm
File outdated by:  RHSA-2013:0275
    MD5: 5af0cce132c65cd28e7c8131f7a55743
SHA-256: 7b0d0dede94920d400fd9a7f56e9e8214d9698aa57e6a64bbbe55b08b551c7c6
java-1.7.0-openjdk-src-1.7.0.5-2.2.1.el6_3.3.i686.rpm
File outdated by:  RHSA-2013:0275
    MD5: 06b9a52502610e4b35a8945a0b667ee2
SHA-256: 3a31c5e3a568af3f4e29a71189ce6495d589a50d5bf6565b8da11b129a5bbaf5
 
x86_64:
java-1.7.0-openjdk-1.7.0.5-2.2.1.el6_3.3.x86_64.rpm
File outdated by:  RHSA-2013:0275
    MD5: 9813e407637808a07c91a6063875ee5e
SHA-256: 90e19e82d0dc35e9080cb2c5bc2316bdd32469d13d4087ba35712f27d192a7bb
java-1.7.0-openjdk-debuginfo-1.7.0.5-2.2.1.el6_3.3.x86_64.rpm
File outdated by:  RHSA-2013:0275
    MD5: 17bec0dde5183abf0f7883604a635e6e
SHA-256: 264cbce6e44297ffa37a1796dbf1393cf85132755481a777680eb126d49a613a
java-1.7.0-openjdk-demo-1.7.0.5-2.2.1.el6_3.3.x86_64.rpm
File outdated by:  RHSA-2013:0275
    MD5: 4a2fc69b191d5eecbcc262b9fd91cbb4
SHA-256: f971292fd01489926e290635bc3613dac3fddd27bffb4c4b1075f4fedc2b2cdb
java-1.7.0-openjdk-devel-1.7.0.5-2.2.1.el6_3.3.x86_64.rpm
File outdated by:  RHSA-2012:1386
    MD5: 0a843615aa9066f041bb9c69baf2336b
SHA-256: 9da0d7c124dbdd8a5aa37da95c6f91506c356a7b5a0b91280b756c1d7e25e2f8
java-1.7.0-openjdk-javadoc-1.7.0.5-2.2.1.el6_3.3.noarch.rpm
File outdated by:  RHSA-2013:0275
    MD5: 5af0cce132c65cd28e7c8131f7a55743
SHA-256: 7b0d0dede94920d400fd9a7f56e9e8214d9698aa57e6a64bbbe55b08b551c7c6
java-1.7.0-openjdk-src-1.7.0.5-2.2.1.el6_3.3.x86_64.rpm
File outdated by:  RHSA-2013:0275
    MD5: b2f3e1866f12a3e6f52bb68cf341ec96
SHA-256: b407becb3ed2e3468d88e0d78ab261c528390cae798d4614f32b3eefca2a8577
 
Red Hat Enterprise Linux Workstation (v. 6)

SRPMS:
java-1.7.0-openjdk-1.7.0.5-2.2.1.el6_3.3.src.rpm
File outdated by:  RHSA-2014:0406
    MD5: e63764e2370b02bd0d98eb9f53296e50
SHA-256: e9e2b809c47029771dcc17c27ab9d058df75f67207e240091dcb16a0dd7773de
 
IA-32:
java-1.7.0-openjdk-1.7.0.5-2.2.1.el6_3.3.i686.rpm
File outdated by:  RHSA-2014:0406
    MD5: 84597083c8c3192b33ee42d99b348814
SHA-256: dc5742dd8cbcf5d89bf430269592adefd37deb20541e8cae1ac134a5609d322d
java-1.7.0-openjdk-debuginfo-1.7.0.5-2.2.1.el6_3.3.i686.rpm
File outdated by:  RHSA-2014:0406
    MD5: 1e1d69fb2f8c760d7819ab7cfa703761
SHA-256: 0b21038442d95f08d562fb28f7cc8fa9c55b80e405de0174220b4216509a0e73
java-1.7.0-openjdk-demo-1.7.0.5-2.2.1.el6_3.3.i686.rpm
File outdated by:  RHSA-2014:0406
    MD5: 93fd569aab77ef01a8653875dd8ad281
SHA-256: e8ce715ce3185b20334678da2100beb318bdec97a87233816a4af696bda37631
java-1.7.0-openjdk-devel-1.7.0.5-2.2.1.el6_3.3.i686.rpm
File outdated by:  RHSA-2012:1386
    MD5: 5b1d62b07e411f0d29ee77c757889ea9
SHA-256: 53e7ba4fee22d906df0612d1c3699ab9fb447edb79b43027808755790b0f4085
java-1.7.0-openjdk-javadoc-1.7.0.5-2.2.1.el6_3.3.noarch.rpm
File outdated by:  RHSA-2013:1451
    MD5: 5af0cce132c65cd28e7c8131f7a55743
SHA-256: 7b0d0dede94920d400fd9a7f56e9e8214d9698aa57e6a64bbbe55b08b551c7c6
java-1.7.0-openjdk-src-1.7.0.5-2.2.1.el6_3.3.i686.rpm
File outdated by:  RHSA-2014:0406
    MD5: 06b9a52502610e4b35a8945a0b667ee2
SHA-256: 3a31c5e3a568af3f4e29a71189ce6495d589a50d5bf6565b8da11b129a5bbaf5
 
x86_64:
java-1.7.0-openjdk-1.7.0.5-2.2.1.el6_3.3.x86_64.rpm
File outdated by:  RHSA-2014:0406
    MD5: 9813e407637808a07c91a6063875ee5e
SHA-256: 90e19e82d0dc35e9080cb2c5bc2316bdd32469d13d4087ba35712f27d192a7bb
java-1.7.0-openjdk-debuginfo-1.7.0.5-2.2.1.el6_3.3.x86_64.rpm
File outdated by:  RHSA-2014:0406
    MD5: 17bec0dde5183abf0f7883604a635e6e
SHA-256: 264cbce6e44297ffa37a1796dbf1393cf85132755481a777680eb126d49a613a
java-1.7.0-openjdk-demo-1.7.0.5-2.2.1.el6_3.3.x86_64.rpm
File outdated by:  RHSA-2014:0406
    MD5: 4a2fc69b191d5eecbcc262b9fd91cbb4
SHA-256: f971292fd01489926e290635bc3613dac3fddd27bffb4c4b1075f4fedc2b2cdb
java-1.7.0-openjdk-devel-1.7.0.5-2.2.1.el6_3.3.x86_64.rpm
File outdated by:  RHSA-2012:1386
    MD5: 0a843615aa9066f041bb9c69baf2336b
SHA-256: 9da0d7c124dbdd8a5aa37da95c6f91506c356a7b5a0b91280b756c1d7e25e2f8
java-1.7.0-openjdk-javadoc-1.7.0.5-2.2.1.el6_3.3.noarch.rpm
File outdated by:  RHSA-2013:1451
    MD5: 5af0cce132c65cd28e7c8131f7a55743
SHA-256: 7b0d0dede94920d400fd9a7f56e9e8214d9698aa57e6a64bbbe55b08b551c7c6
java-1.7.0-openjdk-src-1.7.0.5-2.2.1.el6_3.3.x86_64.rpm
File outdated by:  RHSA-2014:0406
    MD5: b2f3e1866f12a3e6f52bb68cf341ec96
SHA-256: b407becb3ed2e3468d88e0d78ab261c528390cae798d4614f32b3eefca2a8577
 
(The unlinked packages above are only available from the Red Hat Network)

Bugs fixed (see bugzilla for more information)

852051 - CVE-2012-4681 OpenJDK: beans insufficient permission checks, Java 7 0day (beans, 7162473)
853097 - CVE-2012-1682 OpenJDK: beans ClassFinder insufficient permission checks (beans, 7162476)
853138 - CVE-2012-3136 OpenJDK: beans MethodElementHandler insufficient permission checks (beans, 7194567)
853228 - CVE-2012-0547 OpenJDK: AWT hardening fixes (AWT, 7163201)


References



These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from:
https://www.redhat.com/security/team/key/#package

The Red Hat security contact is secalert@redhat.com. More contact details at http://www.redhat.com/security/team/contact/