Skip to navigation

Security Advisory Critical: java-1.7.0-oracle security update

Advisory: RHSA-2013:1440-3
Type: Security Advisory
Severity: Critical
Issued on: 2013-10-17
Last updated on: 2013-10-23
Affected Products: RHEL Desktop Supplementary (v. 5 client)
RHEL Supplementary (v. 5 server)
Red Hat Enterprise Linux Desktop Supplementary (v. 6)
Red Hat Enterprise Linux HPC Node Supplementary (v. 6)
Red Hat Enterprise Linux Server Supplementary (v. 6)
Red Hat Enterprise Linux Server Supplementary AUS (v. 6.4)
Red Hat Enterprise Linux Server Supplementary EUS (v. 6.4.z)
Red Hat Enterprise Linux Workstation Supplementary (v. 6)
CVEs (cve.mitre.org): CVE-2013-3829
CVE-2013-4002
CVE-2013-5772
CVE-2013-5774
CVE-2013-5775
CVE-2013-5776
CVE-2013-5777
CVE-2013-5778
CVE-2013-5780
CVE-2013-5782
CVE-2013-5783
CVE-2013-5784
CVE-2013-5787
CVE-2013-5788
CVE-2013-5789
CVE-2013-5790
CVE-2013-5797
CVE-2013-5800
CVE-2013-5801
CVE-2013-5802
CVE-2013-5803
CVE-2013-5804
CVE-2013-5809
CVE-2013-5810
CVE-2013-5812
CVE-2013-5814
CVE-2013-5817
CVE-2013-5818
CVE-2013-5819
CVE-2013-5820
CVE-2013-5823
CVE-2013-5824
CVE-2013-5825
CVE-2013-5829
CVE-2013-5830
CVE-2013-5831
CVE-2013-5832
CVE-2013-5838
CVE-2013-5840
CVE-2013-5842
CVE-2013-5843
CVE-2013-5844
CVE-2013-5846
CVE-2013-5848
CVE-2013-5849
CVE-2013-5850
CVE-2013-5851
CVE-2013-5852
CVE-2013-5854

Details

Updated java-1.7.0-oracle packages that fix several security issues are now
available for Red Hat Enterprise Linux 5 and 6 Supplementary.

The Red Hat Security Response Team has rated this update as having critical
security impact. Common Vulnerability Scoring System (CVSS) base scores,
which give detailed severity ratings, are available for each vulnerability
from the CVE links in the References section.

[Updated 23rd October 2013]
The package list in this erratum has been updated to make the packages
available in the Red Hat Enterprise Linux 5 Desktop Supplementary channels
on the Red Hat Network.

Oracle Java SE version 7 includes the Oracle Java Runtime Environment and
the Oracle Java Software Development Kit.

This update fixes several vulnerabilities in the Oracle Java Runtime
Environment and the Oracle Java Software Development Kit. Further
information about these flaws can be found on the Oracle Java SE Critical
Patch Update Advisory page, listed in the References section.
(CVE-2013-3829, CVE-2013-4002, CVE-2013-5772, CVE-2013-5774, CVE-2013-5775,
CVE-2013-5776, CVE-2013-5777, CVE-2013-5778, CVE-2013-5780, CVE-2013-5782,
CVE-2013-5783, CVE-2013-5784, CVE-2013-5787, CVE-2013-5788, CVE-2013-5789,
CVE-2013-5790, CVE-2013-5797, CVE-2013-5800, CVE-2013-5801, CVE-2013-5802,
CVE-2013-5803, CVE-2013-5804, CVE-2013-5809, CVE-2013-5810, CVE-2013-5812,
CVE-2013-5814, CVE-2013-5817, CVE-2013-5818, CVE-2013-5819, CVE-2013-5820,
CVE-2013-5823, CVE-2013-5824, CVE-2013-5825, CVE-2013-5829, CVE-2013-5830,
CVE-2013-5831, CVE-2013-5832, CVE-2013-5838, CVE-2013-5840, CVE-2013-5842,
CVE-2013-5843, CVE-2013-5844, CVE-2013-5846, CVE-2013-5848, CVE-2013-5849,
CVE-2013-5850, CVE-2013-5851, CVE-2013-5852, CVE-2013-5854)

All users of java-1.7.0-oracle are advised to upgrade to these updated
packages, which provide Oracle Java 7 Update 45 and resolve these issues.
All running instances of Oracle Java must be restarted for the update to
take effect.


Solution

Before applying this update, make sure all previously released errata
relevant to your system have been applied.

This update is available via the Red Hat Network. Details on how to
use the Red Hat Network to apply this update are available at
https://access.redhat.com/site/articles/11258

Updated packages

RHEL Desktop Supplementary (v. 5 client)

SRPMS:
java-1.7.0-oracle-1.7.0.45-1jpp.1.el5_10.src.rpm
File outdated by:  RHSA-2014:0412
    MD5: 33d9308be5876a48b7c7e8f818a1451f
SHA-256: 34b5e81b5087a8ac484724ad2d89bed15f3f8c01b95b09908745611d4487720e
 
IA-32:
java-1.7.0-oracle-1.7.0.45-1jpp.1.el5_10.i386.rpm
File outdated by:  RHSA-2014:0412
    MD5: 103febf5e2d7f41b392a1939bd5600e7
SHA-256: db90b3a0eac4492633601da6b4b060ee3e558d32e45838165f0044ec7d1ea4c7
java-1.7.0-oracle-devel-1.7.0.45-1jpp.1.el5_10.i386.rpm
File outdated by:  RHSA-2014:0412
    MD5: 132086e4003aacf1d85a4976e8196550
SHA-256: 79856604a28480a602cd7c61fcb8cb4060ff33615bc88cf61f93a28024f52d45
java-1.7.0-oracle-javafx-1.7.0.45-1jpp.1.el5_10.i386.rpm
File outdated by:  RHSA-2014:0412
    MD5: 389e97f8ffa510ef0f2ec15d2e3bba90
SHA-256: 976bffb4f586ae26a9db9165cafcfdee3780ae8d5f273f27ca030fb2089b006c
java-1.7.0-oracle-jdbc-1.7.0.45-1jpp.1.el5_10.i386.rpm
File outdated by:  RHSA-2014:0412
    MD5: 65839fd85b3edbde9531fa126b78c701
SHA-256: db372a85de834b3e3e135c1314f6104a53e38ba98e1524dae6989e18a712e059
java-1.7.0-oracle-plugin-1.7.0.45-1jpp.1.el5_10.i386.rpm
File outdated by:  RHSA-2014:0412
    MD5: 3b0f756ba3a5a3a78a572a2c9658ec93
SHA-256: 069327b68a742ca92f1fe53417524050993f0cb85e1c5b8d8951b3c698ff913d
java-1.7.0-oracle-src-1.7.0.45-1jpp.1.el5_10.i386.rpm
File outdated by:  RHSA-2014:0412
    MD5: 778629a4d70d73155f485eb1cf72ac4c
SHA-256: 314d2b6c3fe29f9d545f5d4581194d6cac612d7695fce663c4339766b54822ec
 
x86_64:
java-1.7.0-oracle-1.7.0.45-1jpp.1.el5_10.x86_64.rpm
File outdated by:  RHSA-2014:0412
    MD5: 5650785ec9fc0630f9d917e489005ef7
SHA-256: 4f88326b7f5c530256423f6afce3ef5047b1fc75dd64ef2ba8d28d324f6e7b92
java-1.7.0-oracle-devel-1.7.0.45-1jpp.1.el5_10.x86_64.rpm
File outdated by:  RHSA-2014:0412
    MD5: 9c07a08c6491ea05551e1c0f4badf288
SHA-256: 6e4c358eadbab9ae5bee2625281f527ac9d12dbf869a7194bd08c1e003446f1b
java-1.7.0-oracle-javafx-1.7.0.45-1jpp.1.el5_10.x86_64.rpm
File outdated by:  RHSA-2014:0412
    MD5: 5c7d25cb9b8a0b86919d5ef94e15313f
SHA-256: 9caed8ac696c277cad174aaca999e11d0af6623400f1d25c35c0ae9210f34741
java-1.7.0-oracle-jdbc-1.7.0.45-1jpp.1.el5_10.x86_64.rpm
File outdated by:  RHSA-2014:0412
    MD5: 32b867e7abf8de33d6db7b1b75456573
SHA-256: 75ae98f5098a323232aabb1e39c093eec136dd18356f81563eb9563b9a8b61d7
java-1.7.0-oracle-plugin-1.7.0.45-1jpp.1.el5_10.x86_64.rpm
File outdated by:  RHSA-2014:0412
    MD5: 6b06df85465115d20272d39a60ce9e88
SHA-256: ae423a83504eec1cdecef631e4ef996d80861ebc2def101c8c8a9956a3812a6d
java-1.7.0-oracle-src-1.7.0.45-1jpp.1.el5_10.x86_64.rpm
File outdated by:  RHSA-2014:0412
    MD5: e3ac1d48bbe173252dc689aa7f91bd9f
SHA-256: 72a321bb3fb16fe9fd762b86458443506c3fb35f6c1e72d0e8f7b7649eb8f41f
 
RHEL Supplementary (v. 5 server)

SRPMS:
java-1.7.0-oracle-1.7.0.45-1jpp.1.el5_10.src.rpm
File outdated by:  RHSA-2014:0412
    MD5: 33d9308be5876a48b7c7e8f818a1451f
SHA-256: 34b5e81b5087a8ac484724ad2d89bed15f3f8c01b95b09908745611d4487720e
 
IA-32:
java-1.7.0-oracle-1.7.0.45-1jpp.1.el5_10.i386.rpm
File outdated by:  RHSA-2014:0412
    MD5: 103febf5e2d7f41b392a1939bd5600e7
SHA-256: db90b3a0eac4492633601da6b4b060ee3e558d32e45838165f0044ec7d1ea4c7
java-1.7.0-oracle-devel-1.7.0.45-1jpp.1.el5_10.i386.rpm
File outdated by:  RHSA-2014:0412
    MD5: 132086e4003aacf1d85a4976e8196550
SHA-256: 79856604a28480a602cd7c61fcb8cb4060ff33615bc88cf61f93a28024f52d45
java-1.7.0-oracle-javafx-1.7.0.45-1jpp.1.el5_10.i386.rpm
File outdated by:  RHSA-2014:0412
    MD5: 389e97f8ffa510ef0f2ec15d2e3bba90
SHA-256: 976bffb4f586ae26a9db9165cafcfdee3780ae8d5f273f27ca030fb2089b006c
java-1.7.0-oracle-jdbc-1.7.0.45-1jpp.1.el5_10.i386.rpm
File outdated by:  RHSA-2014:0412
    MD5: 65839fd85b3edbde9531fa126b78c701
SHA-256: db372a85de834b3e3e135c1314f6104a53e38ba98e1524dae6989e18a712e059
java-1.7.0-oracle-plugin-1.7.0.45-1jpp.1.el5_10.i386.rpm
File outdated by:  RHSA-2014:0412
    MD5: 3b0f756ba3a5a3a78a572a2c9658ec93
SHA-256: 069327b68a742ca92f1fe53417524050993f0cb85e1c5b8d8951b3c698ff913d
java-1.7.0-oracle-src-1.7.0.45-1jpp.1.el5_10.i386.rpm
File outdated by:  RHSA-2014:0412
    MD5: 778629a4d70d73155f485eb1cf72ac4c
SHA-256: 314d2b6c3fe29f9d545f5d4581194d6cac612d7695fce663c4339766b54822ec
 
x86_64:
java-1.7.0-oracle-1.7.0.45-1jpp.1.el5_10.x86_64.rpm
File outdated by:  RHSA-2014:0412
    MD5: 5650785ec9fc0630f9d917e489005ef7
SHA-256: 4f88326b7f5c530256423f6afce3ef5047b1fc75dd64ef2ba8d28d324f6e7b92
java-1.7.0-oracle-devel-1.7.0.45-1jpp.1.el5_10.x86_64.rpm
File outdated by:  RHSA-2014:0412
    MD5: 9c07a08c6491ea05551e1c0f4badf288
SHA-256: 6e4c358eadbab9ae5bee2625281f527ac9d12dbf869a7194bd08c1e003446f1b
java-1.7.0-oracle-javafx-1.7.0.45-1jpp.1.el5_10.x86_64.rpm
File outdated by:  RHSA-2014:0412
    MD5: 5c7d25cb9b8a0b86919d5ef94e15313f
SHA-256: 9caed8ac696c277cad174aaca999e11d0af6623400f1d25c35c0ae9210f34741
java-1.7.0-oracle-jdbc-1.7.0.45-1jpp.1.el5_10.x86_64.rpm
File outdated by:  RHSA-2014:0412
    MD5: 32b867e7abf8de33d6db7b1b75456573
SHA-256: 75ae98f5098a323232aabb1e39c093eec136dd18356f81563eb9563b9a8b61d7
java-1.7.0-oracle-plugin-1.7.0.45-1jpp.1.el5_10.x86_64.rpm
File outdated by:  RHSA-2014:0412
    MD5: 6b06df85465115d20272d39a60ce9e88
SHA-256: ae423a83504eec1cdecef631e4ef996d80861ebc2def101c8c8a9956a3812a6d
java-1.7.0-oracle-src-1.7.0.45-1jpp.1.el5_10.x86_64.rpm
File outdated by:  RHSA-2014:0412
    MD5: e3ac1d48bbe173252dc689aa7f91bd9f
SHA-256: 72a321bb3fb16fe9fd762b86458443506c3fb35f6c1e72d0e8f7b7649eb8f41f
 
Red Hat Enterprise Linux Desktop Supplementary (v. 6)

IA-32:
java-1.7.0-oracle-1.7.0.45-1jpp.2.el6_4.i686.rpm
File outdated by:  RHSA-2014:0412
    MD5: 1c24104288f1170a8c2577b0b085fcf5
SHA-256: a6e93c7739f33e99fcc0bba97c368f9f31a9ab33a5bebea107a3620ce8670163
java-1.7.0-oracle-devel-1.7.0.45-1jpp.2.el6_4.i686.rpm
File outdated by:  RHSA-2014:0412
    MD5: 82568f90764c85a2743b5b621990ab4d
SHA-256: aad0e8e687c77c87c3a41639d819067b5277be1f6c08dc4f7bc5f5cf130fa860
java-1.7.0-oracle-javafx-1.7.0.45-1jpp.2.el6_4.i686.rpm
File outdated by:  RHSA-2014:0412
    MD5: f6d12cb48b240658fbab6e49e17dac11
SHA-256: b55bc2c43f66184e46646b5f5144cc2e4a77b451e98483869c0efacd5acf3d39
java-1.7.0-oracle-jdbc-1.7.0.45-1jpp.2.el6_4.i686.rpm
File outdated by:  RHSA-2014:0412
    MD5: 6ef3138d56230794e3b8c1c17c4a2880
SHA-256: 7ce8511aed67dc3b75c6ba8eaece0fcc3e138d5a4077b85bd181fba4feddba40
java-1.7.0-oracle-plugin-1.7.0.45-1jpp.2.el6_4.i686.rpm
File outdated by:  RHSA-2014:0412
    MD5: f8ec5d068c73021682c739be9bee1fd8
SHA-256: 4e19fca905baa54f91bccba989e666eb740974d66ae736f9b47ba39241822a18
java-1.7.0-oracle-src-1.7.0.45-1jpp.2.el6_4.i686.rpm
File outdated by:  RHSA-2014:0412
    MD5: 3eee7ea903ed312376e4e9b27a0c7a40
SHA-256: 51c00655cce346608bff3e1be564cfd883aecb2972ab31b937513356be4672c9
 
x86_64:
java-1.7.0-oracle-1.7.0.45-1jpp.2.el6_4.x86_64.rpm
File outdated by:  RHSA-2014:0412
    MD5: 351b3351d7828f163e92cbd3ff46ad8b
SHA-256: 24eaed3c8a28e8adb57758243eb0f0897e0929c30a35f1a2b7e70268391363cd
java-1.7.0-oracle-devel-1.7.0.45-1jpp.2.el6_4.x86_64.rpm
File outdated by:  RHSA-2014:0412
    MD5: e9904b1638ccf756a233db6dd5eab56a
SHA-256: 9fcb8049b7771d733617942fb75eff387d64431607c9db616b439bc7f94035b1
java-1.7.0-oracle-javafx-1.7.0.45-1jpp.2.el6_4.x86_64.rpm
File outdated by:  RHSA-2014:0412
    MD5: 46c7a16b889060e6659423443f4f32bd
SHA-256: 41fcb26dbdd906beb1981971b11b9a0722741d59190b54041ef287f94bca1d51
java-1.7.0-oracle-jdbc-1.7.0.45-1jpp.2.el6_4.x86_64.rpm
File outdated by:  RHSA-2014:0412
    MD5: 27e7068e763fb360666b278930cc6114
SHA-256: 9f41089e4e76eccdce723db654e4b69542039f40d3af8d59d0e3d09f6ea6d82b
java-1.7.0-oracle-plugin-1.7.0.45-1jpp.2.el6_4.x86_64.rpm
File outdated by:  RHSA-2014:0412
    MD5: f5d7c1cec742d24ecdee8966361889ea
SHA-256: 0515b8fff77cdbe375cb91c1a62c64f59d0f27139ac75a5771a63b17972d2747
java-1.7.0-oracle-src-1.7.0.45-1jpp.2.el6_4.x86_64.rpm
File outdated by:  RHSA-2014:0412
    MD5: 5313c675ea9c7a8fdf7908b8ea4ed193
SHA-256: cce53a9afc73f175704bd07fa053ab5297589fc7059effe415d9050b3c50991c
 
Red Hat Enterprise Linux HPC Node Supplementary (v. 6)

x86_64:
java-1.7.0-oracle-1.7.0.45-1jpp.2.el6_4.x86_64.rpm
File outdated by:  RHSA-2014:0412
    MD5: 351b3351d7828f163e92cbd3ff46ad8b
SHA-256: 24eaed3c8a28e8adb57758243eb0f0897e0929c30a35f1a2b7e70268391363cd
java-1.7.0-oracle-devel-1.7.0.45-1jpp.2.el6_4.x86_64.rpm
File outdated by:  RHSA-2014:0412
    MD5: e9904b1638ccf756a233db6dd5eab56a
SHA-256: 9fcb8049b7771d733617942fb75eff387d64431607c9db616b439bc7f94035b1
java-1.7.0-oracle-javafx-1.7.0.45-1jpp.2.el6_4.x86_64.rpm
File outdated by:  RHSA-2014:0412
    MD5: 46c7a16b889060e6659423443f4f32bd
SHA-256: 41fcb26dbdd906beb1981971b11b9a0722741d59190b54041ef287f94bca1d51
java-1.7.0-oracle-src-1.7.0.45-1jpp.2.el6_4.x86_64.rpm
File outdated by:  RHSA-2014:0412
    MD5: 5313c675ea9c7a8fdf7908b8ea4ed193
SHA-256: cce53a9afc73f175704bd07fa053ab5297589fc7059effe415d9050b3c50991c
 
Red Hat Enterprise Linux Server Supplementary (v. 6)

IA-32:
java-1.7.0-oracle-1.7.0.45-1jpp.2.el6_4.i686.rpm
File outdated by:  RHSA-2014:0412
    MD5: 1c24104288f1170a8c2577b0b085fcf5
SHA-256: a6e93c7739f33e99fcc0bba97c368f9f31a9ab33a5bebea107a3620ce8670163
java-1.7.0-oracle-devel-1.7.0.45-1jpp.2.el6_4.i686.rpm
File outdated by:  RHSA-2014:0412
    MD5: 82568f90764c85a2743b5b621990ab4d
SHA-256: aad0e8e687c77c87c3a41639d819067b5277be1f6c08dc4f7bc5f5cf130fa860
java-1.7.0-oracle-javafx-1.7.0.45-1jpp.2.el6_4.i686.rpm
File outdated by:  RHSA-2014:0412
    MD5: f6d12cb48b240658fbab6e49e17dac11
SHA-256: b55bc2c43f66184e46646b5f5144cc2e4a77b451e98483869c0efacd5acf3d39
java-1.7.0-oracle-jdbc-1.7.0.45-1jpp.2.el6_4.i686.rpm
File outdated by:  RHSA-2014:0412
    MD5: 6ef3138d56230794e3b8c1c17c4a2880
SHA-256: 7ce8511aed67dc3b75c6ba8eaece0fcc3e138d5a4077b85bd181fba4feddba40
java-1.7.0-oracle-plugin-1.7.0.45-1jpp.2.el6_4.i686.rpm
File outdated by:  RHSA-2014:0412
    MD5: f8ec5d068c73021682c739be9bee1fd8
SHA-256: 4e19fca905baa54f91bccba989e666eb740974d66ae736f9b47ba39241822a18
java-1.7.0-oracle-src-1.7.0.45-1jpp.2.el6_4.i686.rpm
File outdated by:  RHSA-2014:0412
    MD5: 3eee7ea903ed312376e4e9b27a0c7a40
SHA-256: 51c00655cce346608bff3e1be564cfd883aecb2972ab31b937513356be4672c9
 
x86_64:
java-1.7.0-oracle-1.7.0.45-1jpp.2.el6_4.x86_64.rpm
File outdated by:  RHSA-2014:0412
    MD5: 351b3351d7828f163e92cbd3ff46ad8b
SHA-256: 24eaed3c8a28e8adb57758243eb0f0897e0929c30a35f1a2b7e70268391363cd
java-1.7.0-oracle-devel-1.7.0.45-1jpp.2.el6_4.x86_64.rpm
File outdated by:  RHSA-2014:0412
    MD5: e9904b1638ccf756a233db6dd5eab56a
SHA-256: 9fcb8049b7771d733617942fb75eff387d64431607c9db616b439bc7f94035b1
java-1.7.0-oracle-javafx-1.7.0.45-1jpp.2.el6_4.x86_64.rpm
File outdated by:  RHSA-2014:0412
    MD5: 46c7a16b889060e6659423443f4f32bd
SHA-256: 41fcb26dbdd906beb1981971b11b9a0722741d59190b54041ef287f94bca1d51
java-1.7.0-oracle-jdbc-1.7.0.45-1jpp.2.el6_4.x86_64.rpm
File outdated by:  RHSA-2014:0412
    MD5: 27e7068e763fb360666b278930cc6114
SHA-256: 9f41089e4e76eccdce723db654e4b69542039f40d3af8d59d0e3d09f6ea6d82b
java-1.7.0-oracle-plugin-1.7.0.45-1jpp.2.el6_4.x86_64.rpm
File outdated by:  RHSA-2014:0412
    MD5: f5d7c1cec742d24ecdee8966361889ea
SHA-256: 0515b8fff77cdbe375cb91c1a62c64f59d0f27139ac75a5771a63b17972d2747
java-1.7.0-oracle-src-1.7.0.45-1jpp.2.el6_4.x86_64.rpm
File outdated by:  RHSA-2014:0412
    MD5: 5313c675ea9c7a8fdf7908b8ea4ed193
SHA-256: cce53a9afc73f175704bd07fa053ab5297589fc7059effe415d9050b3c50991c
 
Red Hat Enterprise Linux Server Supplementary AUS (v. 6.4)

x86_64:
java-1.7.0-oracle-1.7.0.45-1jpp.2.el6_4.x86_64.rpm     MD5: 351b3351d7828f163e92cbd3ff46ad8b
SHA-256: 24eaed3c8a28e8adb57758243eb0f0897e0929c30a35f1a2b7e70268391363cd
java-1.7.0-oracle-devel-1.7.0.45-1jpp.2.el6_4.x86_64.rpm     MD5: e9904b1638ccf756a233db6dd5eab56a
SHA-256: 9fcb8049b7771d733617942fb75eff387d64431607c9db616b439bc7f94035b1
java-1.7.0-oracle-javafx-1.7.0.45-1jpp.2.el6_4.x86_64.rpm     MD5: 46c7a16b889060e6659423443f4f32bd
SHA-256: 41fcb26dbdd906beb1981971b11b9a0722741d59190b54041ef287f94bca1d51
java-1.7.0-oracle-jdbc-1.7.0.45-1jpp.2.el6_4.x86_64.rpm     MD5: 27e7068e763fb360666b278930cc6114
SHA-256: 9f41089e4e76eccdce723db654e4b69542039f40d3af8d59d0e3d09f6ea6d82b
java-1.7.0-oracle-plugin-1.7.0.45-1jpp.2.el6_4.x86_64.rpm     MD5: f5d7c1cec742d24ecdee8966361889ea
SHA-256: 0515b8fff77cdbe375cb91c1a62c64f59d0f27139ac75a5771a63b17972d2747
java-1.7.0-oracle-src-1.7.0.45-1jpp.2.el6_4.x86_64.rpm     MD5: 5313c675ea9c7a8fdf7908b8ea4ed193
SHA-256: cce53a9afc73f175704bd07fa053ab5297589fc7059effe415d9050b3c50991c
 
Red Hat Enterprise Linux Server Supplementary EUS (v. 6.4.z)

IA-32:
java-1.7.0-oracle-1.7.0.45-1jpp.2.el6_4.i686.rpm     MD5: 1c24104288f1170a8c2577b0b085fcf5
SHA-256: a6e93c7739f33e99fcc0bba97c368f9f31a9ab33a5bebea107a3620ce8670163
java-1.7.0-oracle-devel-1.7.0.45-1jpp.2.el6_4.i686.rpm     MD5: 82568f90764c85a2743b5b621990ab4d
SHA-256: aad0e8e687c77c87c3a41639d819067b5277be1f6c08dc4f7bc5f5cf130fa860
java-1.7.0-oracle-javafx-1.7.0.45-1jpp.2.el6_4.i686.rpm     MD5: f6d12cb48b240658fbab6e49e17dac11
SHA-256: b55bc2c43f66184e46646b5f5144cc2e4a77b451e98483869c0efacd5acf3d39
java-1.7.0-oracle-jdbc-1.7.0.45-1jpp.2.el6_4.i686.rpm     MD5: 6ef3138d56230794e3b8c1c17c4a2880
SHA-256: 7ce8511aed67dc3b75c6ba8eaece0fcc3e138d5a4077b85bd181fba4feddba40
java-1.7.0-oracle-plugin-1.7.0.45-1jpp.2.el6_4.i686.rpm     MD5: f8ec5d068c73021682c739be9bee1fd8
SHA-256: 4e19fca905baa54f91bccba989e666eb740974d66ae736f9b47ba39241822a18
java-1.7.0-oracle-src-1.7.0.45-1jpp.2.el6_4.i686.rpm     MD5: 3eee7ea903ed312376e4e9b27a0c7a40
SHA-256: 51c00655cce346608bff3e1be564cfd883aecb2972ab31b937513356be4672c9
 
x86_64:
java-1.7.0-oracle-1.7.0.45-1jpp.2.el6_4.x86_64.rpm     MD5: 351b3351d7828f163e92cbd3ff46ad8b
SHA-256: 24eaed3c8a28e8adb57758243eb0f0897e0929c30a35f1a2b7e70268391363cd
java-1.7.0-oracle-devel-1.7.0.45-1jpp.2.el6_4.x86_64.rpm     MD5: e9904b1638ccf756a233db6dd5eab56a
SHA-256: 9fcb8049b7771d733617942fb75eff387d64431607c9db616b439bc7f94035b1
java-1.7.0-oracle-javafx-1.7.0.45-1jpp.2.el6_4.x86_64.rpm     MD5: 46c7a16b889060e6659423443f4f32bd
SHA-256: 41fcb26dbdd906beb1981971b11b9a0722741d59190b54041ef287f94bca1d51
java-1.7.0-oracle-jdbc-1.7.0.45-1jpp.2.el6_4.x86_64.rpm     MD5: 27e7068e763fb360666b278930cc6114
SHA-256: 9f41089e4e76eccdce723db654e4b69542039f40d3af8d59d0e3d09f6ea6d82b
java-1.7.0-oracle-plugin-1.7.0.45-1jpp.2.el6_4.x86_64.rpm     MD5: f5d7c1cec742d24ecdee8966361889ea
SHA-256: 0515b8fff77cdbe375cb91c1a62c64f59d0f27139ac75a5771a63b17972d2747
java-1.7.0-oracle-src-1.7.0.45-1jpp.2.el6_4.x86_64.rpm     MD5: 5313c675ea9c7a8fdf7908b8ea4ed193
SHA-256: cce53a9afc73f175704bd07fa053ab5297589fc7059effe415d9050b3c50991c
 
Red Hat Enterprise Linux Workstation Supplementary (v. 6)

IA-32:
java-1.7.0-oracle-1.7.0.45-1jpp.2.el6_4.i686.rpm
File outdated by:  RHSA-2014:0412
    MD5: 1c24104288f1170a8c2577b0b085fcf5
SHA-256: a6e93c7739f33e99fcc0bba97c368f9f31a9ab33a5bebea107a3620ce8670163
java-1.7.0-oracle-devel-1.7.0.45-1jpp.2.el6_4.i686.rpm
File outdated by:  RHSA-2014:0412
    MD5: 82568f90764c85a2743b5b621990ab4d
SHA-256: aad0e8e687c77c87c3a41639d819067b5277be1f6c08dc4f7bc5f5cf130fa860
java-1.7.0-oracle-javafx-1.7.0.45-1jpp.2.el6_4.i686.rpm
File outdated by:  RHSA-2014:0412
    MD5: f6d12cb48b240658fbab6e49e17dac11
SHA-256: b55bc2c43f66184e46646b5f5144cc2e4a77b451e98483869c0efacd5acf3d39
java-1.7.0-oracle-jdbc-1.7.0.45-1jpp.2.el6_4.i686.rpm
File outdated by:  RHSA-2014:0412
    MD5: 6ef3138d56230794e3b8c1c17c4a2880
SHA-256: 7ce8511aed67dc3b75c6ba8eaece0fcc3e138d5a4077b85bd181fba4feddba40
java-1.7.0-oracle-plugin-1.7.0.45-1jpp.2.el6_4.i686.rpm
File outdated by:  RHSA-2014:0412
    MD5: f8ec5d068c73021682c739be9bee1fd8
SHA-256: 4e19fca905baa54f91bccba989e666eb740974d66ae736f9b47ba39241822a18
java-1.7.0-oracle-src-1.7.0.45-1jpp.2.el6_4.i686.rpm
File outdated by:  RHSA-2014:0412
    MD5: 3eee7ea903ed312376e4e9b27a0c7a40
SHA-256: 51c00655cce346608bff3e1be564cfd883aecb2972ab31b937513356be4672c9
 
x86_64:
java-1.7.0-oracle-1.7.0.45-1jpp.2.el6_4.x86_64.rpm
File outdated by:  RHSA-2014:0412
    MD5: 351b3351d7828f163e92cbd3ff46ad8b
SHA-256: 24eaed3c8a28e8adb57758243eb0f0897e0929c30a35f1a2b7e70268391363cd
java-1.7.0-oracle-devel-1.7.0.45-1jpp.2.el6_4.x86_64.rpm
File outdated by:  RHSA-2014:0412
    MD5: e9904b1638ccf756a233db6dd5eab56a
SHA-256: 9fcb8049b7771d733617942fb75eff387d64431607c9db616b439bc7f94035b1
java-1.7.0-oracle-javafx-1.7.0.45-1jpp.2.el6_4.x86_64.rpm
File outdated by:  RHSA-2014:0412
    MD5: 46c7a16b889060e6659423443f4f32bd
SHA-256: 41fcb26dbdd906beb1981971b11b9a0722741d59190b54041ef287f94bca1d51
java-1.7.0-oracle-jdbc-1.7.0.45-1jpp.2.el6_4.x86_64.rpm
File outdated by:  RHSA-2014:0412
    MD5: 27e7068e763fb360666b278930cc6114
SHA-256: 9f41089e4e76eccdce723db654e4b69542039f40d3af8d59d0e3d09f6ea6d82b
java-1.7.0-oracle-plugin-1.7.0.45-1jpp.2.el6_4.x86_64.rpm
File outdated by:  RHSA-2014:0412
    MD5: f5d7c1cec742d24ecdee8966361889ea
SHA-256: 0515b8fff77cdbe375cb91c1a62c64f59d0f27139ac75a5771a63b17972d2747
java-1.7.0-oracle-src-1.7.0.45-1jpp.2.el6_4.x86_64.rpm
File outdated by:  RHSA-2014:0412
    MD5: 5313c675ea9c7a8fdf7908b8ea4ed193
SHA-256: cce53a9afc73f175704bd07fa053ab5297589fc7059effe415d9050b3c50991c
 
(The unlinked packages above are only available from the Red Hat Network)

Bugs fixed (see bugzilla for more information)

1018713 - CVE-2013-5803 OpenJDK: insufficient checks of KDC replies (JGSS, 8014341)
1018717 - CVE-2013-5772 OpenJDK: insufficient html escaping in jhat (jhat, 8011081)
1018720 - CVE-2013-5797 OpenJDK: insufficient escaping of window title string (Javadoc, 8016675)
1018727 - CVE-2013-5784 OpenJDK: insufficient InterfaceImplementor security checks (Scripting, 8017299)
1018736 - CVE-2013-5790 OpenJDK: insufficient security checks (Beans, 8012071)
1018750 - CVE-2013-5849 OpenJDK: insufficient DataFlavor security checks (AWT, 8012277)
1018755 - CVE-2013-5800 OpenJDK: default keytab path information leak (JGSS, 8022931)
1018785 - CVE-2013-5780 OpenJDK: key data leak via toString() methods (Libraries, 8011071)
1018831 - CVE-2013-5840 OpenJDK: getDeclaringClass() information leak (Libraries, 8014349)
1018972 - CVE-2013-5820 OpenJDK: insufficient security checks (JAXWS, 8017505)
1018977 - CVE-2013-5851 OpenJDK: XML stream factory finder information leak (JAXP, 8013502)
1018984 - CVE-2013-5778 OpenJDK: image conversion out of bounds read (2D, 8014102)
1019108 - CVE-2013-5782 OpenJDK: Incorrect awt_getPixelByte/awt_getPixelShort/awt_setPixelByte/awt_setPixelShort image raster checks (2D, 8014093)
1019110 - CVE-2013-5830 OpenJDK: checkPackageAccess missing security check (Libraries, 8017291)
1019113 - CVE-2013-5809 OpenJDK: JPEGImageReader and JPEGImageWriter missing band size checks (2D, 8013510)
1019115 - CVE-2013-5829 OpenJDK: Java2d Disposer security bypass (2D, 8017287)
1019117 - CVE-2013-5814 OpenJDK: RMIConnection stub missing permission check (CORBA, 8011157)
1019118 - CVE-2013-5817 OpenJDK: VersionHelper12 does not honor modifyThreadGroup restriction (JNDI, 8013739)
1019123 - CVE-2013-5842 OpenJDK: ObjectInputStream/ObjectOutputStream missing checks (Libraries, 8014987)
1019127 - CVE-2013-5850 OpenJDK: Missing CORBA security checks (Libraries, 8017196)
1019130 - CVE-2013-5802 OpenJDK: javax.xml.transform.TransformerFactory does not properly honor XMLConstants.FEATURE_SECURE_PROCESSING (JAXP, 8012425)
1019131 - CVE-2013-5804 OpenJDK: javac does not ignore certain ignorable characters (Javadoc, 8016653)
1019133 - CVE-2013-3829 OpenJDK: java.util.TimeZone does not restrict setting of default time zone (Libraries, 8001029)
1019137 - CVE-2013-5783 OpenJDK: JTable not properly performing certain access checks (Swing, 8013744)
1019139 - CVE-2013-5825 OpenJDK: XML parsing Denial of Service (JAXP, 8014530)
1019145 - CVE-2013-5823 OpenJDK: com.sun.org.apache.xml.internal.security.utils.UnsyncByteArrayOutputStream Denial of Service (Security, 8021290)
1019147 - CVE-2013-5774 OpenJDK: Inet6Address class IPv6 address processing errors (Libraries, 8015743)
1019176 - CVE-2013-4002 OpenJDK: XML parsing Denial of Service (JAXP, 8017298)
1019300 - CVE-2013-5838 OpenJDK: Vulnerability in Libraries component (Libraries, 7023639)
1019691 - CVE-2013-5824 Oracle JDK: unspecified vulnerability fixed in 7u45 (Deployment)
1019692 - CVE-2013-5788 Oracle JDK: unspecified vulnerability fixed in 7u45 (Deployment)
1019693 - CVE-2013-5787 Oracle JDK: unspecified vulnerability fixed in 7u45 (Deployment)
1019697 - CVE-2013-5789 Oracle JDK: unspecified vulnerability fixed in 7u45 (Deployment)
1019701 - CVE-2013-5843 Oracle JDK: unspecified vulnerability fixed in 7u45 (2D)
1019702 - CVE-2013-5832 Oracle JDK: unspecified vulnerability fixed in 7u45 (Deployment)
1019705 - CVE-2013-5852 Oracle JDK: unspecified vulnerability fixed in 7u45 (Deployment)
1019706 - CVE-2013-5812 Oracle JDK: unspecified vulnerability fixed in 7u45 (Deployment)
1019710 - CVE-2013-5801 Oracle JDK: unspecified vulnerability fixed in 7u45 (2D)
1019712 - CVE-2013-5776 Oracle JDK: unspecified vulnerability fixed in 7u45 (Deployment)
1019713 - CVE-2013-5818 Oracle JDK: unspecified vulnerability fixed in 7u45 (Deployment)
1019715 - CVE-2013-5819 Oracle JDK: unspecified vulnerability fixed in 7u45 (Deployment)
1019716 - CVE-2013-5831 Oracle JDK: unspecified vulnerability fixed in 7u45 (Deployment)
1019720 - CVE-2013-5848 Oracle JDK: unspecified vulnerability fixed in 7u45 (Deployment)
1019722 - CVE-2013-5846 CVE-2013-5810 CVE-2013-5844 CVE-2013-5777 CVE-2013-5775 CVE-2013-5854 Oracle JDK: multiple unspecified vulnerabilities fixed in 7u45 (JavaFX)


References

https://www.redhat.com/security/data/cve/CVE-2013-3829.html
https://www.redhat.com/security/data/cve/CVE-2013-4002.html
https://www.redhat.com/security/data/cve/CVE-2013-5772.html
https://www.redhat.com/security/data/cve/CVE-2013-5774.html
https://www.redhat.com/security/data/cve/CVE-2013-5775.html
https://www.redhat.com/security/data/cve/CVE-2013-5776.html
https://www.redhat.com/security/data/cve/CVE-2013-5777.html
https://www.redhat.com/security/data/cve/CVE-2013-5778.html
https://www.redhat.com/security/data/cve/CVE-2013-5780.html
https://www.redhat.com/security/data/cve/CVE-2013-5782.html
https://www.redhat.com/security/data/cve/CVE-2013-5783.html
https://www.redhat.com/security/data/cve/CVE-2013-5784.html
https://www.redhat.com/security/data/cve/CVE-2013-5787.html
https://www.redhat.com/security/data/cve/CVE-2013-5788.html
https://www.redhat.com/security/data/cve/CVE-2013-5789.html
https://www.redhat.com/security/data/cve/CVE-2013-5790.html
https://www.redhat.com/security/data/cve/CVE-2013-5797.html
https://www.redhat.com/security/data/cve/CVE-2013-5800.html
https://www.redhat.com/security/data/cve/CVE-2013-5801.html
https://www.redhat.com/security/data/cve/CVE-2013-5802.html
https://www.redhat.com/security/data/cve/CVE-2013-5803.html
https://www.redhat.com/security/data/cve/CVE-2013-5804.html
https://www.redhat.com/security/data/cve/CVE-2013-5809.html
https://www.redhat.com/security/data/cve/CVE-2013-5810.html
https://www.redhat.com/security/data/cve/CVE-2013-5812.html
https://www.redhat.com/security/data/cve/CVE-2013-5814.html
https://www.redhat.com/security/data/cve/CVE-2013-5817.html
https://www.redhat.com/security/data/cve/CVE-2013-5818.html
https://www.redhat.com/security/data/cve/CVE-2013-5819.html
https://www.redhat.com/security/data/cve/CVE-2013-5820.html
https://www.redhat.com/security/data/cve/CVE-2013-5823.html
https://www.redhat.com/security/data/cve/CVE-2013-5824.html
https://www.redhat.com/security/data/cve/CVE-2013-5825.html
https://www.redhat.com/security/data/cve/CVE-2013-5829.html
https://www.redhat.com/security/data/cve/CVE-2013-5830.html
https://www.redhat.com/security/data/cve/CVE-2013-5831.html
https://www.redhat.com/security/data/cve/CVE-2013-5832.html
https://www.redhat.com/security/data/cve/CVE-2013-5838.html
https://www.redhat.com/security/data/cve/CVE-2013-5840.html
https://www.redhat.com/security/data/cve/CVE-2013-5842.html
https://www.redhat.com/security/data/cve/CVE-2013-5843.html
https://www.redhat.com/security/data/cve/CVE-2013-5844.html
https://www.redhat.com/security/data/cve/CVE-2013-5846.html
https://www.redhat.com/security/data/cve/CVE-2013-5848.html
https://www.redhat.com/security/data/cve/CVE-2013-5849.html
https://www.redhat.com/security/data/cve/CVE-2013-5850.html
https://www.redhat.com/security/data/cve/CVE-2013-5851.html
https://www.redhat.com/security/data/cve/CVE-2013-5852.html
https://www.redhat.com/security/data/cve/CVE-2013-5854.html
https://access.redhat.com/security/updates/classification/#critical
http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html
http://www.oracle.com/technetwork/java/javase/7u45-relnotes-2016950.html
http://www.oracle.com/technetwork/java/javase/7u40-relnotes-2004172.html


These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from:
https://www.redhat.com/security/team/key/#package

The Red Hat security contact is secalert@redhat.com. More contact details at http://www.redhat.com/security/team/contact/