Skip to navigation

Security Advisory Important: java-1.7.0-openjdk security update

Advisory: RHSA-2013:0275-1
Type: Security Advisory
Severity: Important
Issued on: 2013-02-20
Last updated on: 2013-02-20
Affected Products: Red Hat Enterprise Linux (v. 5 server)
Red Hat Enterprise Linux Desktop (v. 5 client)
Red Hat Enterprise Linux Desktop (v. 6)
Red Hat Enterprise Linux EUS (v. 5.9.z server)
Red Hat Enterprise Linux HPC Node (v. 6)
Red Hat Enterprise Linux Long Life (v. 5.9 server)
Red Hat Enterprise Linux Server (v. 6)
Red Hat Enterprise Linux Server EUS (v. 6.3.z)
Red Hat Enterprise Linux Workstation (v. 6)
CVEs (cve.mitre.org): CVE-2013-0169
CVE-2013-1484
CVE-2013-1485
CVE-2013-1486

Details

Updated java-1.7.0-openjdk packages that fix several security issues are
now available for Red Hat Enterprise Linux 5 and 6.

The Red Hat Security Response Team has rated this update as having
important security impact. Common Vulnerability Scoring System (CVSS) base
scores, which give detailed severity ratings, are available for each
vulnerability from the CVE links in the References section.

These packages provide the OpenJDK 7 Java Runtime Environment and the
OpenJDK 7 Software Development Kit.

Multiple improper permission check issues were discovered in the JMX and
Libraries components in OpenJDK. An untrusted Java application or applet
could use these flaws to bypass Java sandbox restrictions. (CVE-2013-1486,
CVE-2013-1484)

An improper permission check issue was discovered in the Libraries
component in OpenJDK. An untrusted Java application or applet could use
this flaw to bypass certain Java sandbox restrictions. (CVE-2013-1485)

It was discovered that OpenJDK leaked timing information when decrypting
TLS/SSL protocol encrypted records when CBC-mode cipher suites were used.
A remote attacker could possibly use this flaw to retrieve plain text from
the encrypted packets by using a TLS/SSL server as a padding oracle.
(CVE-2013-0169)

This erratum also upgrades the OpenJDK package to IcedTea7 2.3.7. Refer to
the NEWS file, linked to in the References, for further information.

All users of java-1.7.0-openjdk are advised to upgrade to these updated
packages, which resolve these issues. All running instances of OpenJDK Java
must be restarted for the update to take effect.


Solution

Before applying this update, make sure all previously-released errata
relevant to your system have been applied.

This update is available via the Red Hat Network. Details on how to
use the Red Hat Network to apply this update are available at
https://access.redhat.com/knowledge/articles/11258

Updated packages

Red Hat Enterprise Linux (v. 5 server)

SRPMS:
java-1.7.0-openjdk-1.7.0.9-2.3.7.1.el5_9.src.rpm
File outdated by:  RHBA-2013:1005
    MD5: 9554657a22dffa37731644d5347ae560
SHA-256: eafa75caf47c5d2a9263c065629b7411ddd308b6a88bac0f3a058294bfb7132a
 
IA-32:
java-1.7.0-openjdk-1.7.0.9-2.3.7.1.el5_9.i386.rpm
File outdated by:  RHSA-2014:0407
    MD5: 109ee4b1f5ed925bcaa3daea4fb92274
SHA-256: 220413a6181fe7782385760e6e1bb17da4f125d48adb28d697e220ba398695b1
java-1.7.0-openjdk-debuginfo-1.7.0.9-2.3.7.1.el5_9.i386.rpm
File outdated by:  RHSA-2014:0407
    MD5: 8433cd0788729262ae707f908b4e91d7
SHA-256: 4b9c372b5f6ad8d881b52f50b52a3a5a46df8e40e165ed9c684a56ad2f2f9cca
java-1.7.0-openjdk-demo-1.7.0.9-2.3.7.1.el5_9.i386.rpm
File outdated by:  RHSA-2014:0407
    MD5: cb97bd57a37f2e933e5eeb923b56d142
SHA-256: 00eca183e7b0d65a37096819987585c3bf00b70b30e5b40427d5cb0c8f44ad67
java-1.7.0-openjdk-devel-1.7.0.9-2.3.7.1.el5_9.i386.rpm
File outdated by:  RHSA-2014:0407
    MD5: 0edb4a38bcaabfaae254c42f02ec4847
SHA-256: 6c7b61dde4801b68d223bd978bc9f4ae0dbf723b7053fa13b6a382cb5cfb076d
java-1.7.0-openjdk-javadoc-1.7.0.9-2.3.7.1.el5_9.i386.rpm
File outdated by:  RHSA-2014:0407
    MD5: 85f38dbd49b4df0139d78d885748f959
SHA-256: 46302fcdf2bc201277ae2436a74546d01bb1152619408acca68190d753ef87df
java-1.7.0-openjdk-src-1.7.0.9-2.3.7.1.el5_9.i386.rpm
File outdated by:  RHSA-2014:0407
    MD5: 6b8a755a65b480ba976f4e30912bf403
SHA-256: 24e71861cd42b9bc03dd6743068fa39773daeb0c1f98b8b6674aa3cdcb5aef55
 
x86_64:
java-1.7.0-openjdk-1.7.0.9-2.3.7.1.el5_9.x86_64.rpm
File outdated by:  RHSA-2014:0407
    MD5: 99ec30dc46834bfe7d3af16d0195d25f
SHA-256: 94c244cd67e59e08a7a65e0e610097c19f66012775582843c537d5df3f05aa34
java-1.7.0-openjdk-debuginfo-1.7.0.9-2.3.7.1.el5_9.x86_64.rpm
File outdated by:  RHSA-2014:0407
    MD5: dc64a8df044f1e44eda11c826a5f726f
SHA-256: 9da99c2a6d23e117baa0fb6d6582bc2bbdd4746bac59cca0c68aee49a155b918
java-1.7.0-openjdk-demo-1.7.0.9-2.3.7.1.el5_9.x86_64.rpm
File outdated by:  RHSA-2014:0407
    MD5: 9ef05c21a17fb3e29c790ae228219afe
SHA-256: 26f10ed139b1be9d60c5df9b140f96261eb86176d4fdb2d2cdf88863a764d4f2
java-1.7.0-openjdk-devel-1.7.0.9-2.3.7.1.el5_9.x86_64.rpm
File outdated by:  RHSA-2014:0407
    MD5: e5d122ae743bc1b5f2bdd402eb956b50
SHA-256: f97dfb5007bd685b5c52ca8a686a58adf0290afb42655884e57bc57f676f8c0a
java-1.7.0-openjdk-javadoc-1.7.0.9-2.3.7.1.el5_9.x86_64.rpm
File outdated by:  RHSA-2014:0407
    MD5: ed1606a97cd55d307a95284001b6424c
SHA-256: ca683260d9602ea87f1268ce3e0672deb03d7d2f76c3a4f6b1829cc45e577ece
java-1.7.0-openjdk-src-1.7.0.9-2.3.7.1.el5_9.x86_64.rpm
File outdated by:  RHSA-2014:0407
    MD5: 4162dc779adaee666852969164107008
SHA-256: edf326fe94763ddab6141adb039971a458ccd26a1b2ec150cecee85acd86c44b
 
Red Hat Enterprise Linux Desktop (v. 5 client)

SRPMS:
java-1.7.0-openjdk-1.7.0.9-2.3.7.1.el5_9.src.rpm
File outdated by:  RHBA-2013:1005
    MD5: 9554657a22dffa37731644d5347ae560
SHA-256: eafa75caf47c5d2a9263c065629b7411ddd308b6a88bac0f3a058294bfb7132a
 
IA-32:
java-1.7.0-openjdk-1.7.0.9-2.3.7.1.el5_9.i386.rpm
File outdated by:  RHSA-2014:0407
    MD5: 109ee4b1f5ed925bcaa3daea4fb92274
SHA-256: 220413a6181fe7782385760e6e1bb17da4f125d48adb28d697e220ba398695b1
java-1.7.0-openjdk-debuginfo-1.7.0.9-2.3.7.1.el5_9.i386.rpm
File outdated by:  RHSA-2014:0407
    MD5: 8433cd0788729262ae707f908b4e91d7
SHA-256: 4b9c372b5f6ad8d881b52f50b52a3a5a46df8e40e165ed9c684a56ad2f2f9cca
java-1.7.0-openjdk-demo-1.7.0.9-2.3.7.1.el5_9.i386.rpm
File outdated by:  RHSA-2014:0407
    MD5: cb97bd57a37f2e933e5eeb923b56d142
SHA-256: 00eca183e7b0d65a37096819987585c3bf00b70b30e5b40427d5cb0c8f44ad67
java-1.7.0-openjdk-devel-1.7.0.9-2.3.7.1.el5_9.i386.rpm
File outdated by:  RHSA-2014:0407
    MD5: 0edb4a38bcaabfaae254c42f02ec4847
SHA-256: 6c7b61dde4801b68d223bd978bc9f4ae0dbf723b7053fa13b6a382cb5cfb076d
java-1.7.0-openjdk-javadoc-1.7.0.9-2.3.7.1.el5_9.i386.rpm
File outdated by:  RHSA-2014:0407
    MD5: 85f38dbd49b4df0139d78d885748f959
SHA-256: 46302fcdf2bc201277ae2436a74546d01bb1152619408acca68190d753ef87df
java-1.7.0-openjdk-src-1.7.0.9-2.3.7.1.el5_9.i386.rpm
File outdated by:  RHSA-2014:0407
    MD5: 6b8a755a65b480ba976f4e30912bf403
SHA-256: 24e71861cd42b9bc03dd6743068fa39773daeb0c1f98b8b6674aa3cdcb5aef55
 
x86_64:
java-1.7.0-openjdk-1.7.0.9-2.3.7.1.el5_9.x86_64.rpm
File outdated by:  RHSA-2014:0407
    MD5: 99ec30dc46834bfe7d3af16d0195d25f
SHA-256: 94c244cd67e59e08a7a65e0e610097c19f66012775582843c537d5df3f05aa34
java-1.7.0-openjdk-debuginfo-1.7.0.9-2.3.7.1.el5_9.x86_64.rpm
File outdated by:  RHSA-2014:0407
    MD5: dc64a8df044f1e44eda11c826a5f726f
SHA-256: 9da99c2a6d23e117baa0fb6d6582bc2bbdd4746bac59cca0c68aee49a155b918
java-1.7.0-openjdk-demo-1.7.0.9-2.3.7.1.el5_9.x86_64.rpm
File outdated by:  RHSA-2014:0407
    MD5: 9ef05c21a17fb3e29c790ae228219afe
SHA-256: 26f10ed139b1be9d60c5df9b140f96261eb86176d4fdb2d2cdf88863a764d4f2
java-1.7.0-openjdk-devel-1.7.0.9-2.3.7.1.el5_9.x86_64.rpm
File outdated by:  RHSA-2014:0407
    MD5: e5d122ae743bc1b5f2bdd402eb956b50
SHA-256: f97dfb5007bd685b5c52ca8a686a58adf0290afb42655884e57bc57f676f8c0a
java-1.7.0-openjdk-javadoc-1.7.0.9-2.3.7.1.el5_9.x86_64.rpm
File outdated by:  RHSA-2014:0407
    MD5: ed1606a97cd55d307a95284001b6424c
SHA-256: ca683260d9602ea87f1268ce3e0672deb03d7d2f76c3a4f6b1829cc45e577ece
java-1.7.0-openjdk-src-1.7.0.9-2.3.7.1.el5_9.x86_64.rpm
File outdated by:  RHSA-2014:0407
    MD5: 4162dc779adaee666852969164107008
SHA-256: edf326fe94763ddab6141adb039971a458ccd26a1b2ec150cecee85acd86c44b
 
Red Hat Enterprise Linux Desktop (v. 6)

SRPMS:
java-1.7.0-openjdk-1.7.0.9-2.3.7.1.el6_3.src.rpm
File outdated by:  RHSA-2014:0406
    MD5: 7e19dd440528936e3e9e30aa9d9ae3f7
SHA-256: 31ce97fb7343dd420d3b1a71667b2cce118eac2463bf6cdd3d9c05ea8ae861e8
 
IA-32:
java-1.7.0-openjdk-1.7.0.9-2.3.7.1.el6_3.i686.rpm
File outdated by:  RHSA-2014:0406
    MD5: 22c90f6ba5457f60496adb1cc5331bfa
SHA-256: c231650324872368363942beae7ef4018a4e6c51984f49da4e256a78dea89ec7
java-1.7.0-openjdk-debuginfo-1.7.0.9-2.3.7.1.el6_3.i686.rpm
File outdated by:  RHSA-2014:0406
    MD5: 1327cddf55c6efdeff2bce341e693471
SHA-256: 0ae4c6cf4aa8700c94437b5b7d1b93ee3b5d8b551647bd5fe036ab35f8892094
java-1.7.0-openjdk-demo-1.7.0.9-2.3.7.1.el6_3.i686.rpm
File outdated by:  RHSA-2014:0406
    MD5: 869d47542bf2fdabea8d9813c3554b7f
SHA-256: 3f51074ddecaefa19033079ac6e1bb82e1ea4a4f70adf4139a440861d430a0db
java-1.7.0-openjdk-devel-1.7.0.9-2.3.7.1.el6_3.i686.rpm
File outdated by:  RHSA-2014:0406
    MD5: 3e1c097f219c2cbff1562635673d234f
SHA-256: 5e6b9eed0dad9cbc3eb7b59149aad062abd6a1ff4c08de0ae142e723bb14bb25
java-1.7.0-openjdk-javadoc-1.7.0.9-2.3.7.1.el6_3.noarch.rpm
File outdated by:  RHSA-2014:0406
    MD5: 10d45c26d42087a15b1d0a2d90173db4
SHA-256: 4fb5e034ad7c4ab932010d0dbe7b8c96d866b4e2bd4b0202f1fbbb5427f2509d
java-1.7.0-openjdk-src-1.7.0.9-2.3.7.1.el6_3.i686.rpm
File outdated by:  RHSA-2014:0406
    MD5: b378af95ec1cb9559f78478f3217e052
SHA-256: 7fbf82f4c0960c482a2ece9f1f4e47250adca87d71258f723bfee4e2ee1f6958
 
x86_64:
java-1.7.0-openjdk-1.7.0.9-2.3.7.1.el6_3.x86_64.rpm
File outdated by:  RHSA-2014:0406
    MD5: 428b253c8cf6ba359b6587927ac6786f
SHA-256: b52e970b241afe7c153c55b95e5ede3c29e976a55ec8d5e066dd78dcb3248393
java-1.7.0-openjdk-debuginfo-1.7.0.9-2.3.7.1.el6_3.x86_64.rpm
File outdated by:  RHSA-2014:0406
    MD5: 7881ff81a2a186d56e6bf26760e9dec9
SHA-256: 6434c514be6e26be953244897a09dfa5328e3f5e3b09027cb897d795b78a1247
java-1.7.0-openjdk-demo-1.7.0.9-2.3.7.1.el6_3.x86_64.rpm
File outdated by:  RHSA-2014:0406
    MD5: 046fbbe6575ba7c789c6366f19bee52d
SHA-256: bc64a1aadee19ca8714faf5333931979a9e490773f1f105cbad283ff3b767662
java-1.7.0-openjdk-devel-1.7.0.9-2.3.7.1.el6_3.x86_64.rpm
File outdated by:  RHSA-2014:0406
    MD5: 1760174fd9f2f034ec6720b50d252e47
SHA-256: 2e64dbfcd46d1f838375c796ed69f8be8f9f0cf3af5c84bd4fd0fd2462b9d82f
java-1.7.0-openjdk-javadoc-1.7.0.9-2.3.7.1.el6_3.noarch.rpm
File outdated by:  RHSA-2014:0406
    MD5: 10d45c26d42087a15b1d0a2d90173db4
SHA-256: 4fb5e034ad7c4ab932010d0dbe7b8c96d866b4e2bd4b0202f1fbbb5427f2509d
java-1.7.0-openjdk-src-1.7.0.9-2.3.7.1.el6_3.x86_64.rpm
File outdated by:  RHSA-2014:0406
    MD5: 8aad4d88274133f2a932ff4bb6db90d3
SHA-256: 4dc4e1dbf5fa7ac2da045455ece2c4d9240c103a07098afaa92f77d2bd048848
 
Red Hat Enterprise Linux EUS (v. 5.9.z server)

SRPMS:
java-1.7.0-openjdk-1.7.0.9-2.3.7.1.el5_9.src.rpm
File outdated by:  RHBA-2013:1005
    MD5: 9554657a22dffa37731644d5347ae560
SHA-256: eafa75caf47c5d2a9263c065629b7411ddd308b6a88bac0f3a058294bfb7132a
 
IA-32:
java-1.7.0-openjdk-1.7.0.9-2.3.7.1.el5_9.i386.rpm
File outdated by:  RHBA-2013:1005
    MD5: 109ee4b1f5ed925bcaa3daea4fb92274
SHA-256: 220413a6181fe7782385760e6e1bb17da4f125d48adb28d697e220ba398695b1
java-1.7.0-openjdk-debuginfo-1.7.0.9-2.3.7.1.el5_9.i386.rpm
File outdated by:  RHBA-2013:1005
    MD5: 8433cd0788729262ae707f908b4e91d7
SHA-256: 4b9c372b5f6ad8d881b52f50b52a3a5a46df8e40e165ed9c684a56ad2f2f9cca
java-1.7.0-openjdk-demo-1.7.0.9-2.3.7.1.el5_9.i386.rpm
File outdated by:  RHBA-2013:1005
    MD5: cb97bd57a37f2e933e5eeb923b56d142
SHA-256: 00eca183e7b0d65a37096819987585c3bf00b70b30e5b40427d5cb0c8f44ad67
java-1.7.0-openjdk-devel-1.7.0.9-2.3.7.1.el5_9.i386.rpm
File outdated by:  RHBA-2013:1005
    MD5: 0edb4a38bcaabfaae254c42f02ec4847
SHA-256: 6c7b61dde4801b68d223bd978bc9f4ae0dbf723b7053fa13b6a382cb5cfb076d
java-1.7.0-openjdk-javadoc-1.7.0.9-2.3.7.1.el5_9.i386.rpm
File outdated by:  RHBA-2013:1005
    MD5: 85f38dbd49b4df0139d78d885748f959
SHA-256: 46302fcdf2bc201277ae2436a74546d01bb1152619408acca68190d753ef87df
java-1.7.0-openjdk-src-1.7.0.9-2.3.7.1.el5_9.i386.rpm
File outdated by:  RHBA-2013:1005
    MD5: 6b8a755a65b480ba976f4e30912bf403
SHA-256: 24e71861cd42b9bc03dd6743068fa39773daeb0c1f98b8b6674aa3cdcb5aef55
 
x86_64:
java-1.7.0-openjdk-1.7.0.9-2.3.7.1.el5_9.x86_64.rpm
File outdated by:  RHBA-2013:1005
    MD5: 99ec30dc46834bfe7d3af16d0195d25f
SHA-256: 94c244cd67e59e08a7a65e0e610097c19f66012775582843c537d5df3f05aa34
java-1.7.0-openjdk-debuginfo-1.7.0.9-2.3.7.1.el5_9.x86_64.rpm
File outdated by:  RHBA-2013:1005
    MD5: dc64a8df044f1e44eda11c826a5f726f
SHA-256: 9da99c2a6d23e117baa0fb6d6582bc2bbdd4746bac59cca0c68aee49a155b918
java-1.7.0-openjdk-demo-1.7.0.9-2.3.7.1.el5_9.x86_64.rpm
File outdated by:  RHBA-2013:1005
    MD5: 9ef05c21a17fb3e29c790ae228219afe
SHA-256: 26f10ed139b1be9d60c5df9b140f96261eb86176d4fdb2d2cdf88863a764d4f2
java-1.7.0-openjdk-devel-1.7.0.9-2.3.7.1.el5_9.x86_64.rpm
File outdated by:  RHBA-2013:1005
    MD5: e5d122ae743bc1b5f2bdd402eb956b50
SHA-256: f97dfb5007bd685b5c52ca8a686a58adf0290afb42655884e57bc57f676f8c0a
java-1.7.0-openjdk-javadoc-1.7.0.9-2.3.7.1.el5_9.x86_64.rpm
File outdated by:  RHBA-2013:1005
    MD5: ed1606a97cd55d307a95284001b6424c
SHA-256: ca683260d9602ea87f1268ce3e0672deb03d7d2f76c3a4f6b1829cc45e577ece
java-1.7.0-openjdk-src-1.7.0.9-2.3.7.1.el5_9.x86_64.rpm
File outdated by:  RHBA-2013:1005
    MD5: 4162dc779adaee666852969164107008
SHA-256: edf326fe94763ddab6141adb039971a458ccd26a1b2ec150cecee85acd86c44b
 
Red Hat Enterprise Linux HPC Node (v. 6)

SRPMS:
java-1.7.0-openjdk-1.7.0.9-2.3.7.1.el6_3.src.rpm
File outdated by:  RHSA-2014:0406
    MD5: 7e19dd440528936e3e9e30aa9d9ae3f7
SHA-256: 31ce97fb7343dd420d3b1a71667b2cce118eac2463bf6cdd3d9c05ea8ae861e8
 
x86_64:
java-1.7.0-openjdk-1.7.0.9-2.3.7.1.el6_3.x86_64.rpm
File outdated by:  RHSA-2014:0406
    MD5: 428b253c8cf6ba359b6587927ac6786f
SHA-256: b52e970b241afe7c153c55b95e5ede3c29e976a55ec8d5e066dd78dcb3248393
java-1.7.0-openjdk-debuginfo-1.7.0.9-2.3.7.1.el6_3.x86_64.rpm
File outdated by:  RHSA-2014:0406
    MD5: 7881ff81a2a186d56e6bf26760e9dec9
SHA-256: 6434c514be6e26be953244897a09dfa5328e3f5e3b09027cb897d795b78a1247
java-1.7.0-openjdk-demo-1.7.0.9-2.3.7.1.el6_3.x86_64.rpm
File outdated by:  RHSA-2014:0406
    MD5: 046fbbe6575ba7c789c6366f19bee52d
SHA-256: bc64a1aadee19ca8714faf5333931979a9e490773f1f105cbad283ff3b767662
java-1.7.0-openjdk-devel-1.7.0.9-2.3.7.1.el6_3.x86_64.rpm
File outdated by:  RHSA-2014:0406
    MD5: 1760174fd9f2f034ec6720b50d252e47
SHA-256: 2e64dbfcd46d1f838375c796ed69f8be8f9f0cf3af5c84bd4fd0fd2462b9d82f
java-1.7.0-openjdk-javadoc-1.7.0.9-2.3.7.1.el6_3.noarch.rpm
File outdated by:  RHSA-2014:0406
    MD5: 10d45c26d42087a15b1d0a2d90173db4
SHA-256: 4fb5e034ad7c4ab932010d0dbe7b8c96d866b4e2bd4b0202f1fbbb5427f2509d
java-1.7.0-openjdk-src-1.7.0.9-2.3.7.1.el6_3.x86_64.rpm
File outdated by:  RHSA-2014:0406
    MD5: 8aad4d88274133f2a932ff4bb6db90d3
SHA-256: 4dc4e1dbf5fa7ac2da045455ece2c4d9240c103a07098afaa92f77d2bd048848
 
Red Hat Enterprise Linux Long Life (v. 5.9 server)

SRPMS:
java-1.7.0-openjdk-1.7.0.9-2.3.7.1.el5_9.src.rpm
File outdated by:  RHBA-2013:1005
    MD5: 9554657a22dffa37731644d5347ae560
SHA-256: eafa75caf47c5d2a9263c065629b7411ddd308b6a88bac0f3a058294bfb7132a
 
IA-32:
java-1.7.0-openjdk-1.7.0.9-2.3.7.1.el5_9.i386.rpm
File outdated by:  RHBA-2013:1005
    MD5: 109ee4b1f5ed925bcaa3daea4fb92274
SHA-256: 220413a6181fe7782385760e6e1bb17da4f125d48adb28d697e220ba398695b1
java-1.7.0-openjdk-debuginfo-1.7.0.9-2.3.7.1.el5_9.i386.rpm
File outdated by:  RHBA-2013:1005
    MD5: 8433cd0788729262ae707f908b4e91d7
SHA-256: 4b9c372b5f6ad8d881b52f50b52a3a5a46df8e40e165ed9c684a56ad2f2f9cca
java-1.7.0-openjdk-demo-1.7.0.9-2.3.7.1.el5_9.i386.rpm
File outdated by:  RHBA-2013:1005
    MD5: cb97bd57a37f2e933e5eeb923b56d142
SHA-256: 00eca183e7b0d65a37096819987585c3bf00b70b30e5b40427d5cb0c8f44ad67
java-1.7.0-openjdk-devel-1.7.0.9-2.3.7.1.el5_9.i386.rpm
File outdated by:  RHBA-2013:1005
    MD5: 0edb4a38bcaabfaae254c42f02ec4847
SHA-256: 6c7b61dde4801b68d223bd978bc9f4ae0dbf723b7053fa13b6a382cb5cfb076d
java-1.7.0-openjdk-javadoc-1.7.0.9-2.3.7.1.el5_9.i386.rpm
File outdated by:  RHBA-2013:1005
    MD5: 85f38dbd49b4df0139d78d885748f959
SHA-256: 46302fcdf2bc201277ae2436a74546d01bb1152619408acca68190d753ef87df
java-1.7.0-openjdk-src-1.7.0.9-2.3.7.1.el5_9.i386.rpm
File outdated by:  RHBA-2013:1005
    MD5: 6b8a755a65b480ba976f4e30912bf403
SHA-256: 24e71861cd42b9bc03dd6743068fa39773daeb0c1f98b8b6674aa3cdcb5aef55
 
x86_64:
java-1.7.0-openjdk-1.7.0.9-2.3.7.1.el5_9.x86_64.rpm
File outdated by:  RHBA-2013:1005
    MD5: 99ec30dc46834bfe7d3af16d0195d25f
SHA-256: 94c244cd67e59e08a7a65e0e610097c19f66012775582843c537d5df3f05aa34
java-1.7.0-openjdk-debuginfo-1.7.0.9-2.3.7.1.el5_9.x86_64.rpm
File outdated by:  RHBA-2013:1005
    MD5: dc64a8df044f1e44eda11c826a5f726f
SHA-256: 9da99c2a6d23e117baa0fb6d6582bc2bbdd4746bac59cca0c68aee49a155b918
java-1.7.0-openjdk-demo-1.7.0.9-2.3.7.1.el5_9.x86_64.rpm
File outdated by:  RHBA-2013:1005
    MD5: 9ef05c21a17fb3e29c790ae228219afe
SHA-256: 26f10ed139b1be9d60c5df9b140f96261eb86176d4fdb2d2cdf88863a764d4f2
java-1.7.0-openjdk-devel-1.7.0.9-2.3.7.1.el5_9.x86_64.rpm
File outdated by:  RHBA-2013:1005
    MD5: e5d122ae743bc1b5f2bdd402eb956b50
SHA-256: f97dfb5007bd685b5c52ca8a686a58adf0290afb42655884e57bc57f676f8c0a
java-1.7.0-openjdk-javadoc-1.7.0.9-2.3.7.1.el5_9.x86_64.rpm
File outdated by:  RHBA-2013:1005
    MD5: ed1606a97cd55d307a95284001b6424c
SHA-256: ca683260d9602ea87f1268ce3e0672deb03d7d2f76c3a4f6b1829cc45e577ece
java-1.7.0-openjdk-src-1.7.0.9-2.3.7.1.el5_9.x86_64.rpm
File outdated by:  RHBA-2013:1005
    MD5: 4162dc779adaee666852969164107008
SHA-256: edf326fe94763ddab6141adb039971a458ccd26a1b2ec150cecee85acd86c44b
 
Red Hat Enterprise Linux Server (v. 6)

SRPMS:
java-1.7.0-openjdk-1.7.0.9-2.3.7.1.el6_3.src.rpm
File outdated by:  RHSA-2014:0406
    MD5: 7e19dd440528936e3e9e30aa9d9ae3f7
SHA-256: 31ce97fb7343dd420d3b1a71667b2cce118eac2463bf6cdd3d9c05ea8ae861e8
 
IA-32:
java-1.7.0-openjdk-1.7.0.9-2.3.7.1.el6_3.i686.rpm
File outdated by:  RHSA-2014:0406
    MD5: 22c90f6ba5457f60496adb1cc5331bfa
SHA-256: c231650324872368363942beae7ef4018a4e6c51984f49da4e256a78dea89ec7
java-1.7.0-openjdk-debuginfo-1.7.0.9-2.3.7.1.el6_3.i686.rpm
File outdated by:  RHSA-2014:0406
    MD5: 1327cddf55c6efdeff2bce341e693471
SHA-256: 0ae4c6cf4aa8700c94437b5b7d1b93ee3b5d8b551647bd5fe036ab35f8892094
java-1.7.0-openjdk-demo-1.7.0.9-2.3.7.1.el6_3.i686.rpm
File outdated by:  RHSA-2014:0406
    MD5: 869d47542bf2fdabea8d9813c3554b7f
SHA-256: 3f51074ddecaefa19033079ac6e1bb82e1ea4a4f70adf4139a440861d430a0db
java-1.7.0-openjdk-devel-1.7.0.9-2.3.7.1.el6_3.i686.rpm
File outdated by:  RHSA-2014:0406
    MD5: 3e1c097f219c2cbff1562635673d234f
SHA-256: 5e6b9eed0dad9cbc3eb7b59149aad062abd6a1ff4c08de0ae142e723bb14bb25
java-1.7.0-openjdk-javadoc-1.7.0.9-2.3.7.1.el6_3.noarch.rpm
File outdated by:  RHSA-2013:1451
    MD5: 10d45c26d42087a15b1d0a2d90173db4
SHA-256: 4fb5e034ad7c4ab932010d0dbe7b8c96d866b4e2bd4b0202f1fbbb5427f2509d
java-1.7.0-openjdk-src-1.7.0.9-2.3.7.1.el6_3.i686.rpm
File outdated by:  RHSA-2014:0406
    MD5: b378af95ec1cb9559f78478f3217e052
SHA-256: 7fbf82f4c0960c482a2ece9f1f4e47250adca87d71258f723bfee4e2ee1f6958
 
x86_64:
java-1.7.0-openjdk-1.7.0.9-2.3.7.1.el6_3.x86_64.rpm
File outdated by:  RHSA-2014:0406
    MD5: 428b253c8cf6ba359b6587927ac6786f
SHA-256: b52e970b241afe7c153c55b95e5ede3c29e976a55ec8d5e066dd78dcb3248393
java-1.7.0-openjdk-debuginfo-1.7.0.9-2.3.7.1.el6_3.x86_64.rpm
File outdated by:  RHSA-2014:0406
    MD5: 7881ff81a2a186d56e6bf26760e9dec9
SHA-256: 6434c514be6e26be953244897a09dfa5328e3f5e3b09027cb897d795b78a1247
java-1.7.0-openjdk-demo-1.7.0.9-2.3.7.1.el6_3.x86_64.rpm
File outdated by:  RHSA-2014:0406
    MD5: 046fbbe6575ba7c789c6366f19bee52d
SHA-256: bc64a1aadee19ca8714faf5333931979a9e490773f1f105cbad283ff3b767662
java-1.7.0-openjdk-devel-1.7.0.9-2.3.7.1.el6_3.x86_64.rpm
File outdated by:  RHSA-2014:0406
    MD5: 1760174fd9f2f034ec6720b50d252e47
SHA-256: 2e64dbfcd46d1f838375c796ed69f8be8f9f0cf3af5c84bd4fd0fd2462b9d82f
java-1.7.0-openjdk-javadoc-1.7.0.9-2.3.7.1.el6_3.noarch.rpm
File outdated by:  RHSA-2013:1451
    MD5: 10d45c26d42087a15b1d0a2d90173db4
SHA-256: 4fb5e034ad7c4ab932010d0dbe7b8c96d866b4e2bd4b0202f1fbbb5427f2509d
java-1.7.0-openjdk-src-1.7.0.9-2.3.7.1.el6_3.x86_64.rpm
File outdated by:  RHSA-2014:0406
    MD5: 8aad4d88274133f2a932ff4bb6db90d3
SHA-256: 4dc4e1dbf5fa7ac2da045455ece2c4d9240c103a07098afaa92f77d2bd048848
 
Red Hat Enterprise Linux Server EUS (v. 6.3.z)

SRPMS:
java-1.7.0-openjdk-1.7.0.9-2.3.7.1.el6_3.src.rpm
File outdated by:  RHSA-2014:0406
    MD5: 7e19dd440528936e3e9e30aa9d9ae3f7
SHA-256: 31ce97fb7343dd420d3b1a71667b2cce118eac2463bf6cdd3d9c05ea8ae861e8
 
IA-32:
java-1.7.0-openjdk-1.7.0.9-2.3.7.1.el6_3.i686.rpm     MD5: 22c90f6ba5457f60496adb1cc5331bfa
SHA-256: c231650324872368363942beae7ef4018a4e6c51984f49da4e256a78dea89ec7
java-1.7.0-openjdk-debuginfo-1.7.0.9-2.3.7.1.el6_3.i686.rpm     MD5: 1327cddf55c6efdeff2bce341e693471
SHA-256: 0ae4c6cf4aa8700c94437b5b7d1b93ee3b5d8b551647bd5fe036ab35f8892094
java-1.7.0-openjdk-demo-1.7.0.9-2.3.7.1.el6_3.i686.rpm     MD5: 869d47542bf2fdabea8d9813c3554b7f
SHA-256: 3f51074ddecaefa19033079ac6e1bb82e1ea4a4f70adf4139a440861d430a0db
java-1.7.0-openjdk-devel-1.7.0.9-2.3.7.1.el6_3.i686.rpm     MD5: 3e1c097f219c2cbff1562635673d234f
SHA-256: 5e6b9eed0dad9cbc3eb7b59149aad062abd6a1ff4c08de0ae142e723bb14bb25
java-1.7.0-openjdk-javadoc-1.7.0.9-2.3.7.1.el6_3.noarch.rpm     MD5: 10d45c26d42087a15b1d0a2d90173db4
SHA-256: 4fb5e034ad7c4ab932010d0dbe7b8c96d866b4e2bd4b0202f1fbbb5427f2509d
java-1.7.0-openjdk-src-1.7.0.9-2.3.7.1.el6_3.i686.rpm     MD5: b378af95ec1cb9559f78478f3217e052
SHA-256: 7fbf82f4c0960c482a2ece9f1f4e47250adca87d71258f723bfee4e2ee1f6958
 
x86_64:
java-1.7.0-openjdk-1.7.0.9-2.3.7.1.el6_3.x86_64.rpm     MD5: 428b253c8cf6ba359b6587927ac6786f
SHA-256: b52e970b241afe7c153c55b95e5ede3c29e976a55ec8d5e066dd78dcb3248393
java-1.7.0-openjdk-debuginfo-1.7.0.9-2.3.7.1.el6_3.x86_64.rpm     MD5: 7881ff81a2a186d56e6bf26760e9dec9
SHA-256: 6434c514be6e26be953244897a09dfa5328e3f5e3b09027cb897d795b78a1247
java-1.7.0-openjdk-demo-1.7.0.9-2.3.7.1.el6_3.x86_64.rpm     MD5: 046fbbe6575ba7c789c6366f19bee52d
SHA-256: bc64a1aadee19ca8714faf5333931979a9e490773f1f105cbad283ff3b767662
java-1.7.0-openjdk-devel-1.7.0.9-2.3.7.1.el6_3.x86_64.rpm     MD5: 1760174fd9f2f034ec6720b50d252e47
SHA-256: 2e64dbfcd46d1f838375c796ed69f8be8f9f0cf3af5c84bd4fd0fd2462b9d82f
java-1.7.0-openjdk-javadoc-1.7.0.9-2.3.7.1.el6_3.noarch.rpm     MD5: 10d45c26d42087a15b1d0a2d90173db4
SHA-256: 4fb5e034ad7c4ab932010d0dbe7b8c96d866b4e2bd4b0202f1fbbb5427f2509d
java-1.7.0-openjdk-src-1.7.0.9-2.3.7.1.el6_3.x86_64.rpm     MD5: 8aad4d88274133f2a932ff4bb6db90d3
SHA-256: 4dc4e1dbf5fa7ac2da045455ece2c4d9240c103a07098afaa92f77d2bd048848
 
Red Hat Enterprise Linux Workstation (v. 6)

SRPMS:
java-1.7.0-openjdk-1.7.0.9-2.3.7.1.el6_3.src.rpm
File outdated by:  RHSA-2014:0406
    MD5: 7e19dd440528936e3e9e30aa9d9ae3f7
SHA-256: 31ce97fb7343dd420d3b1a71667b2cce118eac2463bf6cdd3d9c05ea8ae861e8
 
IA-32:
java-1.7.0-openjdk-1.7.0.9-2.3.7.1.el6_3.i686.rpm
File outdated by:  RHSA-2014:0406
    MD5: 22c90f6ba5457f60496adb1cc5331bfa
SHA-256: c231650324872368363942beae7ef4018a4e6c51984f49da4e256a78dea89ec7
java-1.7.0-openjdk-debuginfo-1.7.0.9-2.3.7.1.el6_3.i686.rpm
File outdated by:  RHSA-2014:0406
    MD5: 1327cddf55c6efdeff2bce341e693471
SHA-256: 0ae4c6cf4aa8700c94437b5b7d1b93ee3b5d8b551647bd5fe036ab35f8892094
java-1.7.0-openjdk-demo-1.7.0.9-2.3.7.1.el6_3.i686.rpm
File outdated by:  RHSA-2014:0406
    MD5: 869d47542bf2fdabea8d9813c3554b7f
SHA-256: 3f51074ddecaefa19033079ac6e1bb82e1ea4a4f70adf4139a440861d430a0db
java-1.7.0-openjdk-devel-1.7.0.9-2.3.7.1.el6_3.i686.rpm
File outdated by:  RHSA-2014:0406
    MD5: 3e1c097f219c2cbff1562635673d234f
SHA-256: 5e6b9eed0dad9cbc3eb7b59149aad062abd6a1ff4c08de0ae142e723bb14bb25
java-1.7.0-openjdk-javadoc-1.7.0.9-2.3.7.1.el6_3.noarch.rpm
File outdated by:  RHSA-2013:1451
    MD5: 10d45c26d42087a15b1d0a2d90173db4
SHA-256: 4fb5e034ad7c4ab932010d0dbe7b8c96d866b4e2bd4b0202f1fbbb5427f2509d
java-1.7.0-openjdk-src-1.7.0.9-2.3.7.1.el6_3.i686.rpm
File outdated by:  RHSA-2014:0406
    MD5: b378af95ec1cb9559f78478f3217e052
SHA-256: 7fbf82f4c0960c482a2ece9f1f4e47250adca87d71258f723bfee4e2ee1f6958
 
x86_64:
java-1.7.0-openjdk-1.7.0.9-2.3.7.1.el6_3.x86_64.rpm
File outdated by:  RHSA-2014:0406
    MD5: 428b253c8cf6ba359b6587927ac6786f
SHA-256: b52e970b241afe7c153c55b95e5ede3c29e976a55ec8d5e066dd78dcb3248393
java-1.7.0-openjdk-debuginfo-1.7.0.9-2.3.7.1.el6_3.x86_64.rpm
File outdated by:  RHSA-2014:0406
    MD5: 7881ff81a2a186d56e6bf26760e9dec9
SHA-256: 6434c514be6e26be953244897a09dfa5328e3f5e3b09027cb897d795b78a1247
java-1.7.0-openjdk-demo-1.7.0.9-2.3.7.1.el6_3.x86_64.rpm
File outdated by:  RHSA-2014:0406
    MD5: 046fbbe6575ba7c789c6366f19bee52d
SHA-256: bc64a1aadee19ca8714faf5333931979a9e490773f1f105cbad283ff3b767662
java-1.7.0-openjdk-devel-1.7.0.9-2.3.7.1.el6_3.x86_64.rpm
File outdated by:  RHSA-2014:0406
    MD5: 1760174fd9f2f034ec6720b50d252e47
SHA-256: 2e64dbfcd46d1f838375c796ed69f8be8f9f0cf3af5c84bd4fd0fd2462b9d82f
java-1.7.0-openjdk-javadoc-1.7.0.9-2.3.7.1.el6_3.noarch.rpm
File outdated by:  RHSA-2013:1451
    MD5: 10d45c26d42087a15b1d0a2d90173db4
SHA-256: 4fb5e034ad7c4ab932010d0dbe7b8c96d866b4e2bd4b0202f1fbbb5427f2509d
java-1.7.0-openjdk-src-1.7.0.9-2.3.7.1.el6_3.x86_64.rpm
File outdated by:  RHSA-2014:0406
    MD5: 8aad4d88274133f2a932ff4bb6db90d3
SHA-256: 4dc4e1dbf5fa7ac2da045455ece2c4d9240c103a07098afaa92f77d2bd048848
 
(The unlinked packages above are only available from the Red Hat Network)

Bugs fixed (see bugzilla for more information)

907589 - CVE-2013-0169 SSL/TLS: CBC padding timing attack (lucky-13)
913014 - CVE-2013-1486 OpenJDK: MBeanServer insufficient privilege restrictions (JMX, 8006446)
913021 - CVE-2013-1484 OpenJDK: MethodHandleProxies insufficient privilege checks (Libraries, 8004937)
913025 - CVE-2013-1485 OpenJDK: MethodHandles insufficient privilege checks (Libraries, 8006439)


References



These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from:
https://www.redhat.com/security/team/key/#package

The Red Hat security contact is secalert@redhat.com. More contact details at http://www.redhat.com/security/team/contact/