Security Advisory Critical: java-1.7.0-openjdk security update

Advisory: RHSA-2014:0026-4
Type: Security Advisory
Severity: Critical
Issued on: 2014-01-15
Last updated on: 2014-01-15
Affected Products: Red Hat Enterprise Linux Desktop (v. 6)
Red Hat Enterprise Linux HPC Node (v. 6)
Red Hat Enterprise Linux Server (v. 6)
Red Hat Enterprise Linux Server AUS (v. 6.5)
Red Hat Enterprise Linux Server EUS (v. 6.5.z)
Red Hat Enterprise Linux Workstation (v. 6)
CVEs (cve.mitre.org): CVE-2013-5878
CVE-2013-5884
CVE-2013-5893
CVE-2013-5896
CVE-2013-5907
CVE-2013-5910
CVE-2014-0368
CVE-2014-0373
CVE-2014-0376
CVE-2014-0411
CVE-2014-0416
CVE-2014-0422
CVE-2014-0423
CVE-2014-0428

Details

Updated java-1.7.0-openjdk packages that fix various security issues are
now available for Red Hat Enterprise Linux 6.

The Red Hat Security Response Team has rated this update as having critical
security impact. Common Vulnerability Scoring System (CVSS) base scores,
which give detailed severity ratings, are available for each vulnerability
from the CVE links in the References section.

These packages provide the OpenJDK 7 Java Runtime Environment and the
OpenJDK 7 Software Development Kit.

An input validation flaw was discovered in the font layout engine in the 2D
component. A specially crafted font file could trigger Java Virtual Machine
memory corruption when processed. An untrusted Java application or applet
could possibly use this flaw to bypass Java sandbox restrictions.
(CVE-2013-5907)

Multiple improper permission check issues were discovered in the CORBA,
JNDI, and Libraries components in OpenJDK. An untrusted Java application or
applet could use these flaws to bypass Java sandbox restrictions.
(CVE-2014-0428, CVE-2014-0422, CVE-2013-5893)

Multiple improper permission check issues were discovered in the
Serviceability, Security, CORBA, JAAS, JAXP, and Networking components in
OpenJDK. An untrusted Java application or applet could use these flaws to
bypass certain Java sandbox restrictions. (CVE-2014-0373, CVE-2013-5878,
CVE-2013-5910, CVE-2013-5896, CVE-2013-5884, CVE-2014-0416, CVE-2014-0376,
CVE-2014-0368)

It was discovered that the Beans component did not restrict processing of
XML external entities. This flaw could cause a Java application using Beans
to leak sensitive information, or affect application availability.
(CVE-2014-0423)

It was discovered that the JSSE component could leak timing information
during the TLS/SSL handshake. This could possibly lead to disclosure of
information about the used encryption keys. (CVE-2014-0411)

Note: The java-1.7.0-openjdk package shipped with Red Hat Enterprise Linux
6.5 via RHBA-2013:1611 replaced "java7" with "java" in the provides list.
This update re-adds "java7" to the provides list to maintain backwards
compatibility with releases prior to Red Hat Enterprise Linux 6.5.

Note: If the web browser plug-in provided by the icedtea-web package was
installed, the issues exposed via Java applets could have been exploited
without user interaction if a user visited a malicious website.

All users of java-1.7.0-openjdk are advised to upgrade to these updated
packages, which resolve these issues. All running instances of OpenJDK Java
must be restarted for the update to take effect.


Solution

Before applying this update, make sure all previously released errata
relevant to your system have been applied.

This update is available via the Red Hat Network. Details on how to use the
Red Hat Network to apply this update are available at
https://access.redhat.com/site/articles/11258

Updated packages

Red Hat Enterprise Linux Desktop (v. 6)

SRPMS:
java-1.7.0-openjdk-1.7.0.51-2.4.4.1.el6_5.src.rpm
File outdated by:  RHSA-2015:0067
    MD5: 4937cddbe5ef4e4a7b2935bd3e004c39
SHA-256: f96de6fcca83d54d6f80699cc79dea9dddcd7ba67d4e79e2f0ac0cb2863643d4
 
IA-32:
java-1.7.0-openjdk-1.7.0.51-2.4.4.1.el6_5.i686.rpm
File outdated by:  RHSA-2015:0067
    MD5: 0f3c4bd14360ed925a4bc4d17724a6ea
SHA-256: 5c26f67145a05541ab4ded8c5bbef64d892db5818e2a41064ae2f8a0a2098fc3
java-1.7.0-openjdk-debuginfo-1.7.0.51-2.4.4.1.el6_5.i686.rpm
File outdated by:  RHSA-2015:0067
    MD5: 74297aaccbe5cce906a09dc0c166b358
SHA-256: d7829f21cb98a1a056ca152ae0b50a3d371a9b401689b64a036dacfdc75c5aa2
java-1.7.0-openjdk-demo-1.7.0.51-2.4.4.1.el6_5.i686.rpm
File outdated by:  RHSA-2015:0067
    MD5: 24e59378a3d1110c8f686be3eae0130b
SHA-256: 07d53ae1eb336b35a4697378664145ac7565c3c6b14ceaf48a7d6af77b8892d4
java-1.7.0-openjdk-devel-1.7.0.51-2.4.4.1.el6_5.i686.rpm
File outdated by:  RHSA-2014:1620
    MD5: aaa3227307b8833f8790c81ea8e4380a
SHA-256: 0dd8f6e5e5e54273a8a553158b61ecef6440f962875aa489f4189022dd1a10a2
java-1.7.0-openjdk-javadoc-1.7.0.51-2.4.4.1.el6_5.noarch.rpm
File outdated by:  RHSA-2015:0067
    MD5: c6fb52433048a01050e2332e0448fe7b
SHA-256: 14c0a0ae63c32a58489269dca402d60eda1f99b1dd5d1e6a43590e2a76eaa79c
java-1.7.0-openjdk-src-1.7.0.51-2.4.4.1.el6_5.i686.rpm
File outdated by:  RHSA-2015:0067
    MD5: c0a04677e07591366f6ffd2023a3c5cc
SHA-256: 638e7fd8f01373c28d8d92f0a9249dcadcbb2c0fb7a66070a794df94ad59e389
 
x86_64:
java-1.7.0-openjdk-1.7.0.51-2.4.4.1.el6_5.x86_64.rpm
File outdated by:  RHSA-2015:0067
    MD5: ff4719d5ce6f8d4ca7b560af989c2217
SHA-256: c19adbc6b59e3c25fdf2a8c6f872412aa25a7c19bcaaf96a623c4fa64c895d98
java-1.7.0-openjdk-debuginfo-1.7.0.51-2.4.4.1.el6_5.x86_64.rpm
File outdated by:  RHSA-2015:0067
    MD5: 24522493f0e48042758eba79c38e007c
SHA-256: c25805d021a91ebaa8cf10c7723e690684ee038690f2c064399b785d9f28878a
java-1.7.0-openjdk-demo-1.7.0.51-2.4.4.1.el6_5.x86_64.rpm
File outdated by:  RHSA-2015:0067
    MD5: b2447dbffacce35c36a4b7ac1eed3758
SHA-256: af8e24cd57a3dabe02b06bd75b802f7e833464acee2597374972ca31abc8bbdc
java-1.7.0-openjdk-devel-1.7.0.51-2.4.4.1.el6_5.x86_64.rpm
File outdated by:  RHSA-2014:1620
    MD5: 8492a44511df2f27e95bc632bc93cb05
SHA-256: eee1dfc4d0a81e34b8178ad9b70e619f2bbe5126cd1b2b017de4550b551610cd
java-1.7.0-openjdk-javadoc-1.7.0.51-2.4.4.1.el6_5.noarch.rpm
File outdated by:  RHSA-2015:0067
    MD5: c6fb52433048a01050e2332e0448fe7b
SHA-256: 14c0a0ae63c32a58489269dca402d60eda1f99b1dd5d1e6a43590e2a76eaa79c
java-1.7.0-openjdk-src-1.7.0.51-2.4.4.1.el6_5.x86_64.rpm
File outdated by:  RHSA-2015:0067
    MD5: c830611d23c963efcf264dabfab92485
SHA-256: 05fbacf5983721610bd68283f931ce08ee911420c92dd1a927d22cf9948644b2
 
Red Hat Enterprise Linux HPC Node (v. 6)

SRPMS:
java-1.7.0-openjdk-1.7.0.51-2.4.4.1.el6_5.src.rpm
File outdated by:  RHSA-2015:0067
    MD5: 4937cddbe5ef4e4a7b2935bd3e004c39
SHA-256: f96de6fcca83d54d6f80699cc79dea9dddcd7ba67d4e79e2f0ac0cb2863643d4
 
x86_64:
java-1.7.0-openjdk-1.7.0.51-2.4.4.1.el6_5.x86_64.rpm
File outdated by:  RHSA-2015:0067
    MD5: ff4719d5ce6f8d4ca7b560af989c2217
SHA-256: c19adbc6b59e3c25fdf2a8c6f872412aa25a7c19bcaaf96a623c4fa64c895d98
java-1.7.0-openjdk-debuginfo-1.7.0.51-2.4.4.1.el6_5.x86_64.rpm
File outdated by:  RHSA-2015:0067
    MD5: 24522493f0e48042758eba79c38e007c
SHA-256: c25805d021a91ebaa8cf10c7723e690684ee038690f2c064399b785d9f28878a
java-1.7.0-openjdk-demo-1.7.0.51-2.4.4.1.el6_5.x86_64.rpm
File outdated by:  RHSA-2015:0067
    MD5: b2447dbffacce35c36a4b7ac1eed3758
SHA-256: af8e24cd57a3dabe02b06bd75b802f7e833464acee2597374972ca31abc8bbdc
java-1.7.0-openjdk-devel-1.7.0.51-2.4.4.1.el6_5.x86_64.rpm
File outdated by:  RHSA-2014:1620
    MD5: 8492a44511df2f27e95bc632bc93cb05
SHA-256: eee1dfc4d0a81e34b8178ad9b70e619f2bbe5126cd1b2b017de4550b551610cd
java-1.7.0-openjdk-javadoc-1.7.0.51-2.4.4.1.el6_5.noarch.rpm
File outdated by:  RHSA-2015:0067
    MD5: c6fb52433048a01050e2332e0448fe7b
SHA-256: 14c0a0ae63c32a58489269dca402d60eda1f99b1dd5d1e6a43590e2a76eaa79c
java-1.7.0-openjdk-src-1.7.0.51-2.4.4.1.el6_5.x86_64.rpm
File outdated by:  RHSA-2015:0067
    MD5: c830611d23c963efcf264dabfab92485
SHA-256: 05fbacf5983721610bd68283f931ce08ee911420c92dd1a927d22cf9948644b2
 
Red Hat Enterprise Linux Server (v. 6)

SRPMS:
java-1.7.0-openjdk-1.7.0.51-2.4.4.1.el6_5.src.rpm
File outdated by:  RHSA-2015:0067
    MD5: 4937cddbe5ef4e4a7b2935bd3e004c39
SHA-256: f96de6fcca83d54d6f80699cc79dea9dddcd7ba67d4e79e2f0ac0cb2863643d4
 
IA-32:
java-1.7.0-openjdk-1.7.0.51-2.4.4.1.el6_5.i686.rpm
File outdated by:  RHSA-2015:0067
    MD5: 0f3c4bd14360ed925a4bc4d17724a6ea
SHA-256: 5c26f67145a05541ab4ded8c5bbef64d892db5818e2a41064ae2f8a0a2098fc3
java-1.7.0-openjdk-debuginfo-1.7.0.51-2.4.4.1.el6_5.i686.rpm
File outdated by:  RHSA-2015:0067
    MD5: 74297aaccbe5cce906a09dc0c166b358
SHA-256: d7829f21cb98a1a056ca152ae0b50a3d371a9b401689b64a036dacfdc75c5aa2
java-1.7.0-openjdk-demo-1.7.0.51-2.4.4.1.el6_5.i686.rpm
File outdated by:  RHSA-2015:0067
    MD5: 24e59378a3d1110c8f686be3eae0130b
SHA-256: 07d53ae1eb336b35a4697378664145ac7565c3c6b14ceaf48a7d6af77b8892d4
java-1.7.0-openjdk-devel-1.7.0.51-2.4.4.1.el6_5.i686.rpm
File outdated by:  RHSA-2015:0067
    MD5: aaa3227307b8833f8790c81ea8e4380a
SHA-256: 0dd8f6e5e5e54273a8a553158b61ecef6440f962875aa489f4189022dd1a10a2
java-1.7.0-openjdk-javadoc-1.7.0.51-2.4.4.1.el6_5.noarch.rpm
File outdated by:  RHSA-2014:1620
    MD5: c6fb52433048a01050e2332e0448fe7b
SHA-256: 14c0a0ae63c32a58489269dca402d60eda1f99b1dd5d1e6a43590e2a76eaa79c
java-1.7.0-openjdk-src-1.7.0.51-2.4.4.1.el6_5.i686.rpm
File outdated by:  RHSA-2015:0067
    MD5: c0a04677e07591366f6ffd2023a3c5cc
SHA-256: 638e7fd8f01373c28d8d92f0a9249dcadcbb2c0fb7a66070a794df94ad59e389
 
x86_64:
java-1.7.0-openjdk-1.7.0.51-2.4.4.1.el6_5.x86_64.rpm
File outdated by:  RHSA-2015:0067
    MD5: ff4719d5ce6f8d4ca7b560af989c2217
SHA-256: c19adbc6b59e3c25fdf2a8c6f872412aa25a7c19bcaaf96a623c4fa64c895d98
java-1.7.0-openjdk-debuginfo-1.7.0.51-2.4.4.1.el6_5.x86_64.rpm
File outdated by:  RHSA-2015:0067
    MD5: 24522493f0e48042758eba79c38e007c
SHA-256: c25805d021a91ebaa8cf10c7723e690684ee038690f2c064399b785d9f28878a
java-1.7.0-openjdk-demo-1.7.0.51-2.4.4.1.el6_5.x86_64.rpm
File outdated by:  RHSA-2015:0067
    MD5: b2447dbffacce35c36a4b7ac1eed3758
SHA-256: af8e24cd57a3dabe02b06bd75b802f7e833464acee2597374972ca31abc8bbdc
java-1.7.0-openjdk-devel-1.7.0.51-2.4.4.1.el6_5.x86_64.rpm
File outdated by:  RHSA-2015:0067
    MD5: 8492a44511df2f27e95bc632bc93cb05
SHA-256: eee1dfc4d0a81e34b8178ad9b70e619f2bbe5126cd1b2b017de4550b551610cd
java-1.7.0-openjdk-javadoc-1.7.0.51-2.4.4.1.el6_5.noarch.rpm
File outdated by:  RHSA-2014:1620
    MD5: c6fb52433048a01050e2332e0448fe7b
SHA-256: 14c0a0ae63c32a58489269dca402d60eda1f99b1dd5d1e6a43590e2a76eaa79c
java-1.7.0-openjdk-src-1.7.0.51-2.4.4.1.el6_5.x86_64.rpm
File outdated by:  RHSA-2015:0067
    MD5: c830611d23c963efcf264dabfab92485
SHA-256: 05fbacf5983721610bd68283f931ce08ee911420c92dd1a927d22cf9948644b2
 
Red Hat Enterprise Linux Server AUS (v. 6.5)

SRPMS:
java-1.7.0-openjdk-1.7.0.51-2.4.4.1.el6_5.src.rpm
File outdated by:  RHSA-2015:0067
    MD5: 4937cddbe5ef4e4a7b2935bd3e004c39
SHA-256: f96de6fcca83d54d6f80699cc79dea9dddcd7ba67d4e79e2f0ac0cb2863643d4
 
x86_64:
java-1.7.0-openjdk-1.7.0.51-2.4.4.1.el6_5.x86_64.rpm
File outdated by:  RHSA-2014:0889
    MD5: ff4719d5ce6f8d4ca7b560af989c2217
SHA-256: c19adbc6b59e3c25fdf2a8c6f872412aa25a7c19bcaaf96a623c4fa64c895d98
java-1.7.0-openjdk-debuginfo-1.7.0.51-2.4.4.1.el6_5.x86_64.rpm
File outdated by:  RHSA-2014:0889
    MD5: 24522493f0e48042758eba79c38e007c
SHA-256: c25805d021a91ebaa8cf10c7723e690684ee038690f2c064399b785d9f28878a
java-1.7.0-openjdk-demo-1.7.0.51-2.4.4.1.el6_5.x86_64.rpm
File outdated by:  RHSA-2014:0889
    MD5: b2447dbffacce35c36a4b7ac1eed3758
SHA-256: af8e24cd57a3dabe02b06bd75b802f7e833464acee2597374972ca31abc8bbdc
java-1.7.0-openjdk-devel-1.7.0.51-2.4.4.1.el6_5.x86_64.rpm
File outdated by:  RHSA-2014:0889
    MD5: 8492a44511df2f27e95bc632bc93cb05
SHA-256: eee1dfc4d0a81e34b8178ad9b70e619f2bbe5126cd1b2b017de4550b551610cd
java-1.7.0-openjdk-javadoc-1.7.0.51-2.4.4.1.el6_5.noarch.rpm
File outdated by:  RHSA-2014:0889
    MD5: c6fb52433048a01050e2332e0448fe7b
SHA-256: 14c0a0ae63c32a58489269dca402d60eda1f99b1dd5d1e6a43590e2a76eaa79c
java-1.7.0-openjdk-src-1.7.0.51-2.4.4.1.el6_5.x86_64.rpm
File outdated by:  RHSA-2014:0889
    MD5: c830611d23c963efcf264dabfab92485
SHA-256: 05fbacf5983721610bd68283f931ce08ee911420c92dd1a927d22cf9948644b2
 
Red Hat Enterprise Linux Server EUS (v. 6.5.z)

SRPMS:
java-1.7.0-openjdk-1.7.0.51-2.4.4.1.el6_5.src.rpm
File outdated by:  RHSA-2015:0067
    MD5: 4937cddbe5ef4e4a7b2935bd3e004c39
SHA-256: f96de6fcca83d54d6f80699cc79dea9dddcd7ba67d4e79e2f0ac0cb2863643d4
 
IA-32:
java-1.7.0-openjdk-1.7.0.51-2.4.4.1.el6_5.i686.rpm
File outdated by:  RHSA-2014:0889
    MD5: 0f3c4bd14360ed925a4bc4d17724a6ea
SHA-256: 5c26f67145a05541ab4ded8c5bbef64d892db5818e2a41064ae2f8a0a2098fc3
java-1.7.0-openjdk-debuginfo-1.7.0.51-2.4.4.1.el6_5.i686.rpm
File outdated by:  RHSA-2014:0889
    MD5: 74297aaccbe5cce906a09dc0c166b358
SHA-256: d7829f21cb98a1a056ca152ae0b50a3d371a9b401689b64a036dacfdc75c5aa2
java-1.7.0-openjdk-demo-1.7.0.51-2.4.4.1.el6_5.i686.rpm
File outdated by:  RHSA-2014:0889
    MD5: 24e59378a3d1110c8f686be3eae0130b
SHA-256: 07d53ae1eb336b35a4697378664145ac7565c3c6b14ceaf48a7d6af77b8892d4
java-1.7.0-openjdk-devel-1.7.0.51-2.4.4.1.el6_5.i686.rpm
File outdated by:  RHSA-2014:0889
    MD5: aaa3227307b8833f8790c81ea8e4380a
SHA-256: 0dd8f6e5e5e54273a8a553158b61ecef6440f962875aa489f4189022dd1a10a2
java-1.7.0-openjdk-javadoc-1.7.0.51-2.4.4.1.el6_5.noarch.rpm
File outdated by:  RHSA-2014:0889
    MD5: c6fb52433048a01050e2332e0448fe7b
SHA-256: 14c0a0ae63c32a58489269dca402d60eda1f99b1dd5d1e6a43590e2a76eaa79c
java-1.7.0-openjdk-src-1.7.0.51-2.4.4.1.el6_5.i686.rpm
File outdated by:  RHSA-2014:0889
    MD5: c0a04677e07591366f6ffd2023a3c5cc
SHA-256: 638e7fd8f01373c28d8d92f0a9249dcadcbb2c0fb7a66070a794df94ad59e389
 
x86_64:
java-1.7.0-openjdk-1.7.0.51-2.4.4.1.el6_5.x86_64.rpm
File outdated by:  RHSA-2014:0889
    MD5: ff4719d5ce6f8d4ca7b560af989c2217
SHA-256: c19adbc6b59e3c25fdf2a8c6f872412aa25a7c19bcaaf96a623c4fa64c895d98
java-1.7.0-openjdk-debuginfo-1.7.0.51-2.4.4.1.el6_5.x86_64.rpm
File outdated by:  RHSA-2014:0889
    MD5: 24522493f0e48042758eba79c38e007c
SHA-256: c25805d021a91ebaa8cf10c7723e690684ee038690f2c064399b785d9f28878a
java-1.7.0-openjdk-demo-1.7.0.51-2.4.4.1.el6_5.x86_64.rpm
File outdated by:  RHSA-2014:0889
    MD5: b2447dbffacce35c36a4b7ac1eed3758
SHA-256: af8e24cd57a3dabe02b06bd75b802f7e833464acee2597374972ca31abc8bbdc
java-1.7.0-openjdk-devel-1.7.0.51-2.4.4.1.el6_5.x86_64.rpm
File outdated by:  RHSA-2014:0889
    MD5: 8492a44511df2f27e95bc632bc93cb05
SHA-256: eee1dfc4d0a81e34b8178ad9b70e619f2bbe5126cd1b2b017de4550b551610cd
java-1.7.0-openjdk-javadoc-1.7.0.51-2.4.4.1.el6_5.noarch.rpm
File outdated by:  RHSA-2014:0889
    MD5: c6fb52433048a01050e2332e0448fe7b
SHA-256: 14c0a0ae63c32a58489269dca402d60eda1f99b1dd5d1e6a43590e2a76eaa79c
java-1.7.0-openjdk-src-1.7.0.51-2.4.4.1.el6_5.x86_64.rpm
File outdated by:  RHSA-2014:0889
    MD5: c830611d23c963efcf264dabfab92485
SHA-256: 05fbacf5983721610bd68283f931ce08ee911420c92dd1a927d22cf9948644b2
 
Red Hat Enterprise Linux Workstation (v. 6)

SRPMS:
java-1.7.0-openjdk-1.7.0.51-2.4.4.1.el6_5.src.rpm
File outdated by:  RHSA-2015:0067
    MD5: 4937cddbe5ef4e4a7b2935bd3e004c39
SHA-256: f96de6fcca83d54d6f80699cc79dea9dddcd7ba67d4e79e2f0ac0cb2863643d4
 
IA-32:
java-1.7.0-openjdk-1.7.0.51-2.4.4.1.el6_5.i686.rpm
File outdated by:  RHSA-2015:0067
    MD5: 0f3c4bd14360ed925a4bc4d17724a6ea
SHA-256: 5c26f67145a05541ab4ded8c5bbef64d892db5818e2a41064ae2f8a0a2098fc3
java-1.7.0-openjdk-debuginfo-1.7.0.51-2.4.4.1.el6_5.i686.rpm
File outdated by:  RHSA-2015:0067
    MD5: 74297aaccbe5cce906a09dc0c166b358
SHA-256: d7829f21cb98a1a056ca152ae0b50a3d371a9b401689b64a036dacfdc75c5aa2
java-1.7.0-openjdk-demo-1.7.0.51-2.4.4.1.el6_5.i686.rpm
File outdated by:  RHSA-2015:0067
    MD5: 24e59378a3d1110c8f686be3eae0130b
SHA-256: 07d53ae1eb336b35a4697378664145ac7565c3c6b14ceaf48a7d6af77b8892d4
java-1.7.0-openjdk-devel-1.7.0.51-2.4.4.1.el6_5.i686.rpm
File outdated by:  RHSA-2015:0067
    MD5: aaa3227307b8833f8790c81ea8e4380a
SHA-256: 0dd8f6e5e5e54273a8a553158b61ecef6440f962875aa489f4189022dd1a10a2
java-1.7.0-openjdk-javadoc-1.7.0.51-2.4.4.1.el6_5.noarch.rpm
File outdated by:  RHSA-2014:1620
    MD5: c6fb52433048a01050e2332e0448fe7b
SHA-256: 14c0a0ae63c32a58489269dca402d60eda1f99b1dd5d1e6a43590e2a76eaa79c
java-1.7.0-openjdk-src-1.7.0.51-2.4.4.1.el6_5.i686.rpm
File outdated by:  RHSA-2015:0067
    MD5: c0a04677e07591366f6ffd2023a3c5cc
SHA-256: 638e7fd8f01373c28d8d92f0a9249dcadcbb2c0fb7a66070a794df94ad59e389
 
x86_64:
java-1.7.0-openjdk-1.7.0.51-2.4.4.1.el6_5.x86_64.rpm
File outdated by:  RHSA-2015:0067
    MD5: ff4719d5ce6f8d4ca7b560af989c2217
SHA-256: c19adbc6b59e3c25fdf2a8c6f872412aa25a7c19bcaaf96a623c4fa64c895d98
java-1.7.0-openjdk-debuginfo-1.7.0.51-2.4.4.1.el6_5.x86_64.rpm
File outdated by:  RHSA-2015:0067
    MD5: 24522493f0e48042758eba79c38e007c
SHA-256: c25805d021a91ebaa8cf10c7723e690684ee038690f2c064399b785d9f28878a
java-1.7.0-openjdk-demo-1.7.0.51-2.4.4.1.el6_5.x86_64.rpm
File outdated by:  RHSA-2015:0067
    MD5: b2447dbffacce35c36a4b7ac1eed3758
SHA-256: af8e24cd57a3dabe02b06bd75b802f7e833464acee2597374972ca31abc8bbdc
java-1.7.0-openjdk-devel-1.7.0.51-2.4.4.1.el6_5.x86_64.rpm
File outdated by:  RHSA-2015:0067
    MD5: 8492a44511df2f27e95bc632bc93cb05
SHA-256: eee1dfc4d0a81e34b8178ad9b70e619f2bbe5126cd1b2b017de4550b551610cd
java-1.7.0-openjdk-javadoc-1.7.0.51-2.4.4.1.el6_5.noarch.rpm
File outdated by:  RHSA-2014:1620
    MD5: c6fb52433048a01050e2332e0448fe7b
SHA-256: 14c0a0ae63c32a58489269dca402d60eda1f99b1dd5d1e6a43590e2a76eaa79c
java-1.7.0-openjdk-src-1.7.0.51-2.4.4.1.el6_5.x86_64.rpm
File outdated by:  RHSA-2015:0067
    MD5: c830611d23c963efcf264dabfab92485
SHA-256: 05fbacf5983721610bd68283f931ce08ee911420c92dd1a927d22cf9948644b2
 
(The unlinked packages above are only available from the Red Hat Network)

Bugs fixed (see bugzilla for more information)

1051519 - CVE-2014-0428 OpenJDK: insufficient security checks in IIOP streams (CORBA, 8025767)
1051528 - CVE-2014-0422 OpenJDK: insufficient package access checks in the Naming component (JNDI, 8025758)
1051549 - CVE-2013-5893 OpenJDK: JVM method processing issues (Libraries, 8029507)
1051699 - CVE-2014-0373 OpenJDK: SnmpStatusException handling issues (Serviceability, 7068126)
1051823 - CVE-2013-5878 OpenJDK: null xmlns handling issue (Security, 8025026)
1051911 - CVE-2013-5884 OpenJDK: insufficient security checks in CORBA stub factories (CORBA, 8026193)
1051912 - CVE-2014-0416 OpenJDK: insecure subject principals set handling (JAAS, 8024306)
1051923 - CVE-2014-0376 OpenJDK: document builder missing security checks (JAXP, 8027201, 8025018)
1052915 - CVE-2013-5907 ICU: Layout Engine LookupProcessor insufficient input checks (JDK 2D, 8025034)
1052919 - CVE-2014-0368 OpenJDK: insufficient Socket checkListen checks (Networking, 8011786)
1052942 - CVE-2013-5910 OpenJDK: XML canonicalizer mutable strings passed to untrusted code (Security, 8026417)
1053010 - CVE-2014-0411 OpenJDK: TLS/SSL handshake timing issues (JSSE, 8023069)
1053066 - CVE-2014-0423 OpenJDK: XXE issue in decoder (Beans, 8023245)
1053266 - CVE-2013-5896 OpenJDK: com.sun.corba.se. should be restricted package (CORBA, 8025022)


References



These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from:
https://www.redhat.com/security/team/key/#package

The Red Hat security contact is secalert@redhat.com. More contact details at http://www.redhat.com/security/team/contact/