Skip to navigation

Security Advisory Important: java-1.7.0-openjdk security update

Advisory: RHSA-2012:1386-2
Type: Security Advisory
Severity: Important
Issued on: 2012-10-17
Last updated on: 2012-11-13
Affected Products: Red Hat Enterprise Linux Desktop (v. 6)
Red Hat Enterprise Linux HPC Node (v. 6)
Red Hat Enterprise Linux Server (v. 6)
Red Hat Enterprise Linux Server EUS (v. 6.3.z)
Red Hat Enterprise Linux Workstation (v. 6)
CVEs (cve.mitre.org): CVE-2012-3216
CVE-2012-4416
CVE-2012-5068
CVE-2012-5069
CVE-2012-5070
CVE-2012-5071
CVE-2012-5072
CVE-2012-5073
CVE-2012-5074
CVE-2012-5075
CVE-2012-5076
CVE-2012-5077
CVE-2012-5079
CVE-2012-5081
CVE-2012-5084
CVE-2012-5085
CVE-2012-5086
CVE-2012-5087
CVE-2012-5088
CVE-2012-5089

Details

Updated java-1.7.0-openjdk packages that fix several security issues are
now available for Red Hat Enterprise Linux 6.

The Red Hat Security Response Team has rated this update as having
important security impact. Common Vulnerability Scoring System (CVSS) base
scores, which give detailed severity ratings, are available for each
vulnerability from the CVE links in the References section.

[Update 13 November 2012]
The file list of this advisory was updated to move java-1.7.0-openjdk-devel
from the optional repositories to the base repositories. Additionally,
java-1.7.0-openjdk for the HPC Node variant was also moved (this package
was already in the base repositories for other product variants). No
changes have been made to the packages themselves.

These packages provide the OpenJDK 7 Java Runtime Environment and the
OpenJDK 7 Software Development Kit.

Multiple improper permission check issues were discovered in the Beans,
Libraries, Swing, and JMX components in OpenJDK. An untrusted Java
application or applet could use these flaws to bypass Java sandbox
restrictions. (CVE-2012-5086, CVE-2012-5087, CVE-2012-5088, CVE-2012-5084,
CVE-2012-5089)

The default Java security properties configuration did not restrict access
to certain com.sun.org.glassfish packages. An untrusted Java application
or applet could use these flaws to bypass Java sandbox restrictions. This
update lists those packages as restricted. (CVE-2012-5076, CVE-2012-5074)

Multiple improper permission check issues were discovered in the Scripting,
JMX, Concurrency, Libraries, and Security components in OpenJDK. An
untrusted Java application or applet could use these flaws to bypass
certain Java sandbox restrictions. (CVE-2012-5068, CVE-2012-5071,
CVE-2012-5069, CVE-2012-5073, CVE-2012-5072)

It was discovered that java.util.ServiceLoader could create an instance of
an incompatible class while performing provider lookup. An untrusted Java
application or applet could use this flaw to bypass certain Java sandbox
restrictions. (CVE-2012-5079)

It was discovered that the Java Secure Socket Extension (JSSE) SSL/TLS
implementation did not properly handle handshake records containing an
overly large data length value. An unauthenticated, remote attacker could
possibly use this flaw to cause an SSL/TLS server to terminate with an
exception. (CVE-2012-5081)

It was discovered that the JMX component in OpenJDK could perform certain
actions in an insecure manner. An untrusted Java application or applet
could possibly use these flaws to disclose sensitive information.
(CVE-2012-5070, CVE-2012-5075)

A bug in the Java HotSpot Virtual Machine optimization code could cause it
to not perform array initialization in certain cases. An untrusted Java
application or applet could use this flaw to disclose portions of the
virtual machine's memory. (CVE-2012-4416)

It was discovered that the SecureRandom class did not properly protect
against the creation of multiple seeders. An untrusted Java application or
applet could possibly use this flaw to disclose sensitive information.
(CVE-2012-5077)

It was discovered that the java.io.FilePermission class exposed the hash
code of the canonicalized path name. An untrusted Java application or
applet could possibly use this flaw to determine certain system paths, such
as the current working directory. (CVE-2012-3216)

This update disables Gopher protocol support in the java.net package by
default. Gopher support can be enabled by setting the newly introduced
property, "jdk.net.registerGopherProtocol", to true. (CVE-2012-5085)

This erratum also upgrades the OpenJDK package to IcedTea7 2.3.3. Refer to
the NEWS file, linked to in the References, for further information.

All users of java-1.7.0-openjdk are advised to upgrade to these updated
packages, which resolve these issues. All running instances of OpenJDK Java
must be restarted for the update to take effect.


Solution

Before applying this update, make sure all previously-released errata
relevant to your system have been applied.

This update is available via the Red Hat Network. Details on how to
use the Red Hat Network to apply this update are available at
https://access.redhat.com/knowledge/articles/11258

Updated packages

Red Hat Enterprise Linux Desktop (v. 6)

SRPMS:
java-1.7.0-openjdk-1.7.0.9-2.3.3.el6_3.1.src.rpm
File outdated by:  RHSA-2014:0406
    MD5: 6b57dc877ab02941e960e002c10d4a6e
SHA-256: c4fcabd79bb05ff78a7a6f8a0ec2949a41f64bee8ea699c8967087515b88d1d0
 
IA-32:
java-1.7.0-openjdk-1.7.0.9-2.3.3.el6_3.1.i686.rpm
File outdated by:  RHSA-2014:0406
    MD5: 28a9b94d17fab739fb3d27ecb2a0e1b1
SHA-256: 55e6be59f06bcf5dc1a2f3fdfab183fd6cf947c23ca411484030aa92a091af46
java-1.7.0-openjdk-debuginfo-1.7.0.9-2.3.3.el6_3.1.i686.rpm
File outdated by:  RHSA-2014:0406
    MD5: d14af56363b6940d802380c38c6b1c86
SHA-256: e1dd3a52a20ea757b4e43a0a9577f79c3bad39b1a29955b076fd4f8b6b3bc257
java-1.7.0-openjdk-demo-1.7.0.9-2.3.3.el6_3.1.i686.rpm
File outdated by:  RHSA-2014:0406
    MD5: 0ad7dac86b39e3719c8b4d3611851325
SHA-256: 2936eba685d706a2bbf837100b4e9bc1e127665e50b05c6f7289ef726deeeff6
java-1.7.0-openjdk-devel-1.7.0.9-2.3.3.el6_3.1.i686.rpm
File outdated by:  RHSA-2014:0406
    MD5: be166f04f7b3fcf2c17ebedf21a78535
SHA-256: 1544e0cd31cc609ad2431dd893b2340741b1406d6d012663765bd71ba7f79b9e
java-1.7.0-openjdk-javadoc-1.7.0.9-2.3.3.el6_3.1.noarch.rpm
File outdated by:  RHSA-2014:0406
    MD5: dd43cce3a59d2ebb88f204ba415609c3
SHA-256: e5cbf0b18f4a284e7816c0a9d13e98be6a4b720098a5bc37e1c7be6897a64e62
java-1.7.0-openjdk-src-1.7.0.9-2.3.3.el6_3.1.i686.rpm
File outdated by:  RHSA-2014:0406
    MD5: 9b45e79f606a4828757922d5988c62ed
SHA-256: 1a2bb1a26ae5a8425e7777b6fc3a98b467055579ef6d3f06e05069fc62bd8576
 
x86_64:
java-1.7.0-openjdk-1.7.0.9-2.3.3.el6_3.1.x86_64.rpm
File outdated by:  RHSA-2014:0406
    MD5: 7bf73613d6271bc3768727554deff387
SHA-256: 6587afab8db7a5ed22443e209b44243f7e456a277474d90ead742c6f32d4f300
java-1.7.0-openjdk-debuginfo-1.7.0.9-2.3.3.el6_3.1.x86_64.rpm
File outdated by:  RHSA-2014:0406
    MD5: 99d1d11bd3b1afd0b24c5f51861be6a3
SHA-256: 3e526a16a06f6bee6f985f9dc3af284399296c5ea0eb80ec985118f19da2b6ab
java-1.7.0-openjdk-demo-1.7.0.9-2.3.3.el6_3.1.x86_64.rpm
File outdated by:  RHSA-2014:0406
    MD5: 8a4bb19e10f81effecb7f6226a2b4c1c
SHA-256: ecaec5cc8309af8cbacbff6462affeb93bf8fa5cd46d5e3723c0fb98087553df
java-1.7.0-openjdk-devel-1.7.0.9-2.3.3.el6_3.1.x86_64.rpm
File outdated by:  RHSA-2014:0406
    MD5: b5fe663e3f7b9d5ed1754fb4c9842640
SHA-256: 0a0f801c480be2692e1970def8c9f517c453dd698a96b1410ff7a3981fb68ab1
java-1.7.0-openjdk-javadoc-1.7.0.9-2.3.3.el6_3.1.noarch.rpm
File outdated by:  RHSA-2014:0406
    MD5: dd43cce3a59d2ebb88f204ba415609c3
SHA-256: e5cbf0b18f4a284e7816c0a9d13e98be6a4b720098a5bc37e1c7be6897a64e62
java-1.7.0-openjdk-src-1.7.0.9-2.3.3.el6_3.1.x86_64.rpm
File outdated by:  RHSA-2014:0406
    MD5: bfa56414f7ca3119ae29ce5f2085ab4c
SHA-256: 635458c4b27d7f32f737c0453d7bc5e0a3ddf56c72727a1b4bf1192fbdf0f1fd
 
Red Hat Enterprise Linux HPC Node (v. 6)

SRPMS:
java-1.7.0-openjdk-1.7.0.9-2.3.3.el6_3.1.src.rpm
File outdated by:  RHSA-2014:0406
    MD5: 6b57dc877ab02941e960e002c10d4a6e
SHA-256: c4fcabd79bb05ff78a7a6f8a0ec2949a41f64bee8ea699c8967087515b88d1d0
 
x86_64:
java-1.7.0-openjdk-1.7.0.9-2.3.3.el6_3.1.x86_64.rpm
File outdated by:  RHSA-2014:0406
    MD5: 7bf73613d6271bc3768727554deff387
SHA-256: 6587afab8db7a5ed22443e209b44243f7e456a277474d90ead742c6f32d4f300
java-1.7.0-openjdk-debuginfo-1.7.0.9-2.3.3.el6_3.1.x86_64.rpm
File outdated by:  RHSA-2014:0406
    MD5: 99d1d11bd3b1afd0b24c5f51861be6a3
SHA-256: 3e526a16a06f6bee6f985f9dc3af284399296c5ea0eb80ec985118f19da2b6ab
java-1.7.0-openjdk-demo-1.7.0.9-2.3.3.el6_3.1.x86_64.rpm
File outdated by:  RHSA-2014:0406
    MD5: 8a4bb19e10f81effecb7f6226a2b4c1c
SHA-256: ecaec5cc8309af8cbacbff6462affeb93bf8fa5cd46d5e3723c0fb98087553df
java-1.7.0-openjdk-devel-1.7.0.9-2.3.3.el6_3.1.x86_64.rpm
File outdated by:  RHSA-2014:0406
    MD5: b5fe663e3f7b9d5ed1754fb4c9842640
SHA-256: 0a0f801c480be2692e1970def8c9f517c453dd698a96b1410ff7a3981fb68ab1
java-1.7.0-openjdk-javadoc-1.7.0.9-2.3.3.el6_3.1.noarch.rpm
File outdated by:  RHSA-2014:0406
    MD5: dd43cce3a59d2ebb88f204ba415609c3
SHA-256: e5cbf0b18f4a284e7816c0a9d13e98be6a4b720098a5bc37e1c7be6897a64e62
java-1.7.0-openjdk-src-1.7.0.9-2.3.3.el6_3.1.x86_64.rpm
File outdated by:  RHSA-2014:0406
    MD5: bfa56414f7ca3119ae29ce5f2085ab4c
SHA-256: 635458c4b27d7f32f737c0453d7bc5e0a3ddf56c72727a1b4bf1192fbdf0f1fd
 
Red Hat Enterprise Linux Server (v. 6)

SRPMS:
java-1.7.0-openjdk-1.7.0.9-2.3.3.el6_3.1.src.rpm
File outdated by:  RHSA-2014:0406
    MD5: 6b57dc877ab02941e960e002c10d4a6e
SHA-256: c4fcabd79bb05ff78a7a6f8a0ec2949a41f64bee8ea699c8967087515b88d1d0
 
IA-32:
java-1.7.0-openjdk-1.7.0.9-2.3.3.el6_3.1.i686.rpm
File outdated by:  RHSA-2014:0406
    MD5: 28a9b94d17fab739fb3d27ecb2a0e1b1
SHA-256: 55e6be59f06bcf5dc1a2f3fdfab183fd6cf947c23ca411484030aa92a091af46
java-1.7.0-openjdk-debuginfo-1.7.0.9-2.3.3.el6_3.1.i686.rpm
File outdated by:  RHSA-2014:0406
    MD5: d14af56363b6940d802380c38c6b1c86
SHA-256: e1dd3a52a20ea757b4e43a0a9577f79c3bad39b1a29955b076fd4f8b6b3bc257
java-1.7.0-openjdk-demo-1.7.0.9-2.3.3.el6_3.1.i686.rpm
File outdated by:  RHSA-2014:0406
    MD5: 0ad7dac86b39e3719c8b4d3611851325
SHA-256: 2936eba685d706a2bbf837100b4e9bc1e127665e50b05c6f7289ef726deeeff6
java-1.7.0-openjdk-devel-1.7.0.9-2.3.3.el6_3.1.i686.rpm
File outdated by:  RHSA-2014:0406
    MD5: be166f04f7b3fcf2c17ebedf21a78535
SHA-256: 1544e0cd31cc609ad2431dd893b2340741b1406d6d012663765bd71ba7f79b9e
java-1.7.0-openjdk-javadoc-1.7.0.9-2.3.3.el6_3.1.noarch.rpm
File outdated by:  RHSA-2013:1451
    MD5: dd43cce3a59d2ebb88f204ba415609c3
SHA-256: e5cbf0b18f4a284e7816c0a9d13e98be6a4b720098a5bc37e1c7be6897a64e62
java-1.7.0-openjdk-src-1.7.0.9-2.3.3.el6_3.1.i686.rpm
File outdated by:  RHSA-2014:0406
    MD5: 9b45e79f606a4828757922d5988c62ed
SHA-256: 1a2bb1a26ae5a8425e7777b6fc3a98b467055579ef6d3f06e05069fc62bd8576
 
x86_64:
java-1.7.0-openjdk-1.7.0.9-2.3.3.el6_3.1.x86_64.rpm
File outdated by:  RHSA-2014:0406
    MD5: 7bf73613d6271bc3768727554deff387
SHA-256: 6587afab8db7a5ed22443e209b44243f7e456a277474d90ead742c6f32d4f300
java-1.7.0-openjdk-debuginfo-1.7.0.9-2.3.3.el6_3.1.x86_64.rpm
File outdated by:  RHSA-2014:0406
    MD5: 99d1d11bd3b1afd0b24c5f51861be6a3
SHA-256: 3e526a16a06f6bee6f985f9dc3af284399296c5ea0eb80ec985118f19da2b6ab
java-1.7.0-openjdk-demo-1.7.0.9-2.3.3.el6_3.1.x86_64.rpm
File outdated by:  RHSA-2014:0406
    MD5: 8a4bb19e10f81effecb7f6226a2b4c1c
SHA-256: ecaec5cc8309af8cbacbff6462affeb93bf8fa5cd46d5e3723c0fb98087553df
java-1.7.0-openjdk-devel-1.7.0.9-2.3.3.el6_3.1.x86_64.rpm
File outdated by:  RHSA-2014:0406
    MD5: b5fe663e3f7b9d5ed1754fb4c9842640
SHA-256: 0a0f801c480be2692e1970def8c9f517c453dd698a96b1410ff7a3981fb68ab1
java-1.7.0-openjdk-javadoc-1.7.0.9-2.3.3.el6_3.1.noarch.rpm
File outdated by:  RHSA-2013:1451
    MD5: dd43cce3a59d2ebb88f204ba415609c3
SHA-256: e5cbf0b18f4a284e7816c0a9d13e98be6a4b720098a5bc37e1c7be6897a64e62
java-1.7.0-openjdk-src-1.7.0.9-2.3.3.el6_3.1.x86_64.rpm
File outdated by:  RHSA-2014:0406
    MD5: bfa56414f7ca3119ae29ce5f2085ab4c
SHA-256: 635458c4b27d7f32f737c0453d7bc5e0a3ddf56c72727a1b4bf1192fbdf0f1fd
 
Red Hat Enterprise Linux Server EUS (v. 6.3.z)

SRPMS:
java-1.7.0-openjdk-1.7.0.9-2.3.3.el6_3.1.src.rpm
File outdated by:  RHSA-2014:0406
    MD5: 6b57dc877ab02941e960e002c10d4a6e
SHA-256: c4fcabd79bb05ff78a7a6f8a0ec2949a41f64bee8ea699c8967087515b88d1d0
 
IA-32:
java-1.7.0-openjdk-1.7.0.9-2.3.3.el6_3.1.i686.rpm
File outdated by:  RHSA-2013:0275
    MD5: 28a9b94d17fab739fb3d27ecb2a0e1b1
SHA-256: 55e6be59f06bcf5dc1a2f3fdfab183fd6cf947c23ca411484030aa92a091af46
java-1.7.0-openjdk-debuginfo-1.7.0.9-2.3.3.el6_3.1.i686.rpm
File outdated by:  RHSA-2013:0275
    MD5: d14af56363b6940d802380c38c6b1c86
SHA-256: e1dd3a52a20ea757b4e43a0a9577f79c3bad39b1a29955b076fd4f8b6b3bc257
java-1.7.0-openjdk-demo-1.7.0.9-2.3.3.el6_3.1.i686.rpm
File outdated by:  RHSA-2013:0275
    MD5: 0ad7dac86b39e3719c8b4d3611851325
SHA-256: 2936eba685d706a2bbf837100b4e9bc1e127665e50b05c6f7289ef726deeeff6
java-1.7.0-openjdk-devel-1.7.0.9-2.3.3.el6_3.1.i686.rpm
File outdated by:  RHSA-2013:0275
    MD5: be166f04f7b3fcf2c17ebedf21a78535
SHA-256: 1544e0cd31cc609ad2431dd893b2340741b1406d6d012663765bd71ba7f79b9e
java-1.7.0-openjdk-javadoc-1.7.0.9-2.3.3.el6_3.1.noarch.rpm
File outdated by:  RHSA-2013:0275
    MD5: dd43cce3a59d2ebb88f204ba415609c3
SHA-256: e5cbf0b18f4a284e7816c0a9d13e98be6a4b720098a5bc37e1c7be6897a64e62
java-1.7.0-openjdk-src-1.7.0.9-2.3.3.el6_3.1.i686.rpm
File outdated by:  RHSA-2013:0275
    MD5: 9b45e79f606a4828757922d5988c62ed
SHA-256: 1a2bb1a26ae5a8425e7777b6fc3a98b467055579ef6d3f06e05069fc62bd8576
 
x86_64:
java-1.7.0-openjdk-1.7.0.9-2.3.3.el6_3.1.x86_64.rpm
File outdated by:  RHSA-2013:0275
    MD5: 7bf73613d6271bc3768727554deff387
SHA-256: 6587afab8db7a5ed22443e209b44243f7e456a277474d90ead742c6f32d4f300
java-1.7.0-openjdk-debuginfo-1.7.0.9-2.3.3.el6_3.1.x86_64.rpm
File outdated by:  RHSA-2013:0275
    MD5: 99d1d11bd3b1afd0b24c5f51861be6a3
SHA-256: 3e526a16a06f6bee6f985f9dc3af284399296c5ea0eb80ec985118f19da2b6ab
java-1.7.0-openjdk-demo-1.7.0.9-2.3.3.el6_3.1.x86_64.rpm
File outdated by:  RHSA-2013:0275
    MD5: 8a4bb19e10f81effecb7f6226a2b4c1c
SHA-256: ecaec5cc8309af8cbacbff6462affeb93bf8fa5cd46d5e3723c0fb98087553df
java-1.7.0-openjdk-devel-1.7.0.9-2.3.3.el6_3.1.x86_64.rpm
File outdated by:  RHSA-2013:0275
    MD5: b5fe663e3f7b9d5ed1754fb4c9842640
SHA-256: 0a0f801c480be2692e1970def8c9f517c453dd698a96b1410ff7a3981fb68ab1
java-1.7.0-openjdk-javadoc-1.7.0.9-2.3.3.el6_3.1.noarch.rpm
File outdated by:  RHSA-2013:0275
    MD5: dd43cce3a59d2ebb88f204ba415609c3
SHA-256: e5cbf0b18f4a284e7816c0a9d13e98be6a4b720098a5bc37e1c7be6897a64e62
java-1.7.0-openjdk-src-1.7.0.9-2.3.3.el6_3.1.x86_64.rpm
File outdated by:  RHSA-2013:0275
    MD5: bfa56414f7ca3119ae29ce5f2085ab4c
SHA-256: 635458c4b27d7f32f737c0453d7bc5e0a3ddf56c72727a1b4bf1192fbdf0f1fd
 
Red Hat Enterprise Linux Workstation (v. 6)

SRPMS:
java-1.7.0-openjdk-1.7.0.9-2.3.3.el6_3.1.src.rpm
File outdated by:  RHSA-2014:0406
    MD5: 6b57dc877ab02941e960e002c10d4a6e
SHA-256: c4fcabd79bb05ff78a7a6f8a0ec2949a41f64bee8ea699c8967087515b88d1d0
 
IA-32:
java-1.7.0-openjdk-1.7.0.9-2.3.3.el6_3.1.i686.rpm
File outdated by:  RHSA-2014:0406
    MD5: 28a9b94d17fab739fb3d27ecb2a0e1b1
SHA-256: 55e6be59f06bcf5dc1a2f3fdfab183fd6cf947c23ca411484030aa92a091af46
java-1.7.0-openjdk-debuginfo-1.7.0.9-2.3.3.el6_3.1.i686.rpm
File outdated by:  RHSA-2014:0406
    MD5: d14af56363b6940d802380c38c6b1c86
SHA-256: e1dd3a52a20ea757b4e43a0a9577f79c3bad39b1a29955b076fd4f8b6b3bc257
java-1.7.0-openjdk-demo-1.7.0.9-2.3.3.el6_3.1.i686.rpm
File outdated by:  RHSA-2014:0406
    MD5: 0ad7dac86b39e3719c8b4d3611851325
SHA-256: 2936eba685d706a2bbf837100b4e9bc1e127665e50b05c6f7289ef726deeeff6
java-1.7.0-openjdk-devel-1.7.0.9-2.3.3.el6_3.1.i686.rpm
File outdated by:  RHSA-2014:0406
    MD5: be166f04f7b3fcf2c17ebedf21a78535
SHA-256: 1544e0cd31cc609ad2431dd893b2340741b1406d6d012663765bd71ba7f79b9e
java-1.7.0-openjdk-javadoc-1.7.0.9-2.3.3.el6_3.1.noarch.rpm
File outdated by:  RHSA-2013:1451
    MD5: dd43cce3a59d2ebb88f204ba415609c3
SHA-256: e5cbf0b18f4a284e7816c0a9d13e98be6a4b720098a5bc37e1c7be6897a64e62
java-1.7.0-openjdk-src-1.7.0.9-2.3.3.el6_3.1.i686.rpm
File outdated by:  RHSA-2014:0406
    MD5: 9b45e79f606a4828757922d5988c62ed
SHA-256: 1a2bb1a26ae5a8425e7777b6fc3a98b467055579ef6d3f06e05069fc62bd8576
 
x86_64:
java-1.7.0-openjdk-1.7.0.9-2.3.3.el6_3.1.x86_64.rpm
File outdated by:  RHSA-2014:0406
    MD5: 7bf73613d6271bc3768727554deff387
SHA-256: 6587afab8db7a5ed22443e209b44243f7e456a277474d90ead742c6f32d4f300
java-1.7.0-openjdk-debuginfo-1.7.0.9-2.3.3.el6_3.1.x86_64.rpm
File outdated by:  RHSA-2014:0406
    MD5: 99d1d11bd3b1afd0b24c5f51861be6a3
SHA-256: 3e526a16a06f6bee6f985f9dc3af284399296c5ea0eb80ec985118f19da2b6ab
java-1.7.0-openjdk-demo-1.7.0.9-2.3.3.el6_3.1.x86_64.rpm
File outdated by:  RHSA-2014:0406
    MD5: 8a4bb19e10f81effecb7f6226a2b4c1c
SHA-256: ecaec5cc8309af8cbacbff6462affeb93bf8fa5cd46d5e3723c0fb98087553df
java-1.7.0-openjdk-devel-1.7.0.9-2.3.3.el6_3.1.x86_64.rpm
File outdated by:  RHSA-2014:0406
    MD5: b5fe663e3f7b9d5ed1754fb4c9842640
SHA-256: 0a0f801c480be2692e1970def8c9f517c453dd698a96b1410ff7a3981fb68ab1
java-1.7.0-openjdk-javadoc-1.7.0.9-2.3.3.el6_3.1.noarch.rpm
File outdated by:  RHSA-2013:1451
    MD5: dd43cce3a59d2ebb88f204ba415609c3
SHA-256: e5cbf0b18f4a284e7816c0a9d13e98be6a4b720098a5bc37e1c7be6897a64e62
java-1.7.0-openjdk-src-1.7.0.9-2.3.3.el6_3.1.x86_64.rpm
File outdated by:  RHSA-2014:0406
    MD5: bfa56414f7ca3119ae29ce5f2085ab4c
SHA-256: 635458c4b27d7f32f737c0453d7bc5e0a3ddf56c72727a1b4bf1192fbdf0f1fd
 
(The unlinked packages above are only available from the Red Hat Network)

Bugs fixed (see bugzilla for more information)

856124 - CVE-2012-4416 OpenJDK: uninitialized Array JVM memory disclosure (Hotspot, 7198606)
865346 - CVE-2012-3216 OpenJDK: java.io.FilePermission information leak (Libraries, 6631398)
865348 - CVE-2012-5068 OpenJDK: RhinoScriptEngine security bypass (Scripting, 7143535)
865350 - CVE-2012-5070 OpenJDK: EnvHelp information disclosure (JMX, 7158796)
865352 - CVE-2012-5076 OpenJDK: com.sun.org.glassfish.* not restricted packages (JAX-WS, 7163198)
865354 - CVE-2012-5077 OpenJDK: SecureRandom mulitple seeders information disclosure (Security, 7167656)
865357 - CVE-2012-5073 OpenJDK: LogManager security bypass (Libraries, 7169884)
865359 - CVE-2012-5074 OpenJDK: com.sun.org.glassfish.* not restricted packages (JAX-WS, 7169887)
865363 - CVE-2012-5075 OpenJDK: RMIConnectionImpl information disclosure (JMX, 7169888)
865365 - CVE-2012-5072 OpenJDK: AccessController.doPrivilegedWithCombiner() information disclosure (Security, 7172522)
865370 - CVE-2012-5081 OpenJDK: JSSE denial of service (JSSE, 7186286)
865428 - CVE-2012-5086 OpenJDK: XMLDecoder sandbox restriction bypass (Beans, 7195917)
865434 - CVE-2012-5087 OpenJDK: PropertyElementHandler insufficient access checks (Beans, 7195549)
865471 - CVE-2012-5088 OpenJDK: MethodHandle insufficient access control checks (Libraries, 7196190)
865511 - CVE-2012-5084 OpenJDK: DefaultFormatter insufficient data validation (Swing, 7195194)
865514 - CVE-2012-5089 OpenJDK: RMIConnectionImpl insufficient access control checks (JMX, 7198296)
865519 - CVE-2012-5071 OpenJDK: DescriptorSupport insufficient package access checks (JMX, 7192975)
865531 - CVE-2012-5069 OpenJDK: Executors state handling issues (Concurrency, 7189103)
865541 - CVE-2012-5085 OpenJDK: disable Gopher support by default (Gopher, 7189567)
865568 - CVE-2012-5079 OpenJDK: ServiceLoader reject not subtype classes without instantiating (Libraries, 7195919)


References



These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from:
https://www.redhat.com/security/team/key/#package

The Red Hat security contact is secalert@redhat.com. More contact details at http://www.redhat.com/security/team/contact/