Security Advisory Important: java-1.6.0-openjdk security update

Advisory: RHSA-2014:0097-1
Type: Security Advisory
Severity: Important
Issued on: 2014-01-27
Last updated on: 2014-01-27
Affected Products: Red Hat Enterprise Linux (v. 5 server)
Red Hat Enterprise Linux Desktop (v. 5 client)
Red Hat Enterprise Linux Desktop (v. 6)
Red Hat Enterprise Linux HPC Node (v. 6)
Red Hat Enterprise Linux Server (v. 6)
Red Hat Enterprise Linux Server AUS (v. 6.5)
Red Hat Enterprise Linux Server EUS (v. 6.5.z)
Red Hat Enterprise Linux Workstation (v. 6)
CVEs (cve.mitre.org): CVE-2013-5878
CVE-2013-5884
CVE-2013-5896
CVE-2013-5907
CVE-2013-5910
CVE-2014-0368
CVE-2014-0373
CVE-2014-0376
CVE-2014-0411
CVE-2014-0416
CVE-2014-0422
CVE-2014-0423
CVE-2014-0428

Details

Updated java-1.6.0-openjdk packages that fix various security issues are
now available for Red Hat Enterprise Linux 5 and 6.

The Red Hat Security Response Team has rated this update as having
important security impact. Common Vulnerability Scoring System (CVSS) base
scores, which give detailed severity ratings, are available for each
vulnerability from the CVE links in the References section.

These packages provide the OpenJDK 6 Java Runtime Environment and the
OpenJDK 6 Java Software Development Kit.

An input validation flaw was discovered in the font layout engine in the 2D
component. A specially crafted font file could trigger a Java Virtual
Machine memory corruption when processed. An untrusted Java application or
applet could possibly use this flaw to bypass Java sandbox restrictions.
(CVE-2013-5907)

Multiple improper permission check issues were discovered in the CORBA and
JNDI components in OpenJDK. An untrusted Java application or applet could
use these flaws to bypass Java sandbox restrictions. (CVE-2014-0428,
CVE-2014-0422)

Multiple improper permission check issues were discovered in the
Serviceability, Security, CORBA, JAAS, JAXP, and Networking components in
OpenJDK. An untrusted Java application or applet could use these flaws to
bypass certain Java sandbox restrictions. (CVE-2014-0373, CVE-2013-5878,
CVE-2013-5910, CVE-2013-5896, CVE-2013-5884, CVE-2014-0416, CVE-2014-0376,
CVE-2014-0368)

It was discovered that the Beans component did not restrict processing of
XML external entities. This flaw could cause a Java application using Beans
to leak sensitive information, or affect application availability.
(CVE-2014-0423)

It was discovered that the JSSE component could leak timing information
during the TLS/SSL handshake. This could possibly lead to a disclosure of
information about the used encryption keys. (CVE-2014-0411)

All users of java-1.6.0-openjdk are advised to upgrade to these updated
packages, which resolve these issues. All running instances of OpenJDK Java
must be restarted for the update to take effect.


Solution

Before applying this update, make sure all previously released errata
relevant to your system have been applied.

This update is available via the Red Hat Network. Details on how to use the
Red Hat Network to apply this update are available at
https://access.redhat.com/site/articles/11258

Updated packages

Red Hat Enterprise Linux (v. 5 server)

SRPMS:
java-1.6.0-openjdk-1.6.0.0-3.1.13.1.el5_10.src.rpm
File outdated by:  RHSA-2015:1526
    MD5: 980b52aa84ad05bd2ef4dd5901cbac6d
SHA-256: 02742608095a358d15ad92c22ca733824884c1fb9d2c1d4a1a2180f18c9ce665
 
IA-32:
java-1.6.0-openjdk-1.6.0.0-3.1.13.1.el5_10.i386.rpm
File outdated by:  RHSA-2015:1526
    MD5: c254e583776b101c60d9cbad54ef4ca3
SHA-256: de605da694c4da0bd58d434604b3f5c8238fa87ecad5e9930f7fb91e46aa9449
java-1.6.0-openjdk-debuginfo-1.6.0.0-3.1.13.1.el5_10.i386.rpm
File outdated by:  RHSA-2015:1526
    MD5: d4ea209490d8a31e09a4dc524f2553a6
SHA-256: a52ac16981ad5502e11985b478dbd100efbefad109730cac323b119d21dc0563
java-1.6.0-openjdk-demo-1.6.0.0-3.1.13.1.el5_10.i386.rpm
File outdated by:  RHSA-2015:1526
    MD5: 5715b70f6f5ea1e4e7e081e5a4c38122
SHA-256: 14f2eced1c3f605ee0398c569e04ef4b0fcbe77bc940c54fc94507ead6ef3c96
java-1.6.0-openjdk-devel-1.6.0.0-3.1.13.1.el5_10.i386.rpm
File outdated by:  RHSA-2015:1526
    MD5: 9fee636332b402d487d9a1b42b0aa529
SHA-256: 1d462321fff86b7ea5b77ceb4f60e182f677533bc2615925a10cfebbfe4d8a61
java-1.6.0-openjdk-javadoc-1.6.0.0-3.1.13.1.el5_10.i386.rpm
File outdated by:  RHSA-2015:1526
    MD5: fecfd92a19bbd4bf73e600d50052f717
SHA-256: 10ff2ffb68994dbbec4226d75495d0c9dc7b3cf08345101051a97d3dd179de96
java-1.6.0-openjdk-src-1.6.0.0-3.1.13.1.el5_10.i386.rpm
File outdated by:  RHSA-2015:1526
    MD5: aa90616fca5025f2e980943a5c21dd02
SHA-256: 2c5f71d770abeb143616b77a8676ee93912a7d31f181a079da93776c2bc14f98
 
x86_64:
java-1.6.0-openjdk-1.6.0.0-3.1.13.1.el5_10.x86_64.rpm
File outdated by:  RHSA-2015:1526
    MD5: e6509892ccc6ec3aef3ca20d1e46dc79
SHA-256: 79a796eeeb49af2d8b733604e1af020aacc55fbbccaf910bdef270494d263c28
java-1.6.0-openjdk-debuginfo-1.6.0.0-3.1.13.1.el5_10.x86_64.rpm
File outdated by:  RHSA-2015:1526
    MD5: 8bdc4da1a0c0fb6e535ee6b8bfa5cfea
SHA-256: efd5b75e25890472fb20f8a1a3ef160829b42d89d90be1314dc1206c4bbdaae7
java-1.6.0-openjdk-demo-1.6.0.0-3.1.13.1.el5_10.x86_64.rpm
File outdated by:  RHSA-2015:1526
    MD5: 635759ba663c77df502c5dd87c160701
SHA-256: 5f17b6ec5a72113f924be0aa1623974d296e91045e754a1a8466e22e695e5fff
java-1.6.0-openjdk-devel-1.6.0.0-3.1.13.1.el5_10.x86_64.rpm
File outdated by:  RHSA-2015:1526
    MD5: 33b7c89330ac4c6031e3557484d0a2a8
SHA-256: 6de7c190f67bf7a0b0ce325dc7febd27486c5f458860fbd92c6db6c994062060
java-1.6.0-openjdk-javadoc-1.6.0.0-3.1.13.1.el5_10.x86_64.rpm
File outdated by:  RHSA-2015:1526
    MD5: 59071a09e42bc1d8475eb2d071c83158
SHA-256: 2ce423dfbdc1dc7403cdc4c9392eeb6120b7594c4cbcb5518323ad6082a87731
java-1.6.0-openjdk-src-1.6.0.0-3.1.13.1.el5_10.x86_64.rpm
File outdated by:  RHSA-2015:1526
    MD5: a4a494552c3244323eaa3f860887b89a
SHA-256: 555c25151fab9b59adc11d52e6603c7994b56856052d08e3e1453aa607c7addf
 
Red Hat Enterprise Linux Desktop (v. 5 client)

SRPMS:
java-1.6.0-openjdk-1.6.0.0-3.1.13.1.el5_10.src.rpm
File outdated by:  RHSA-2015:1526
    MD5: 980b52aa84ad05bd2ef4dd5901cbac6d
SHA-256: 02742608095a358d15ad92c22ca733824884c1fb9d2c1d4a1a2180f18c9ce665
 
IA-32:
java-1.6.0-openjdk-1.6.0.0-3.1.13.1.el5_10.i386.rpm
File outdated by:  RHSA-2015:1526
    MD5: c254e583776b101c60d9cbad54ef4ca3
SHA-256: de605da694c4da0bd58d434604b3f5c8238fa87ecad5e9930f7fb91e46aa9449
java-1.6.0-openjdk-debuginfo-1.6.0.0-3.1.13.1.el5_10.i386.rpm
File outdated by:  RHSA-2015:1526
    MD5: d4ea209490d8a31e09a4dc524f2553a6
SHA-256: a52ac16981ad5502e11985b478dbd100efbefad109730cac323b119d21dc0563
java-1.6.0-openjdk-demo-1.6.0.0-3.1.13.1.el5_10.i386.rpm
File outdated by:  RHSA-2015:1526
    MD5: 5715b70f6f5ea1e4e7e081e5a4c38122
SHA-256: 14f2eced1c3f605ee0398c569e04ef4b0fcbe77bc940c54fc94507ead6ef3c96
java-1.6.0-openjdk-devel-1.6.0.0-3.1.13.1.el5_10.i386.rpm
File outdated by:  RHSA-2015:1526
    MD5: 9fee636332b402d487d9a1b42b0aa529
SHA-256: 1d462321fff86b7ea5b77ceb4f60e182f677533bc2615925a10cfebbfe4d8a61
java-1.6.0-openjdk-javadoc-1.6.0.0-3.1.13.1.el5_10.i386.rpm
File outdated by:  RHSA-2015:1526
    MD5: fecfd92a19bbd4bf73e600d50052f717
SHA-256: 10ff2ffb68994dbbec4226d75495d0c9dc7b3cf08345101051a97d3dd179de96
java-1.6.0-openjdk-src-1.6.0.0-3.1.13.1.el5_10.i386.rpm
File outdated by:  RHSA-2015:1526
    MD5: aa90616fca5025f2e980943a5c21dd02
SHA-256: 2c5f71d770abeb143616b77a8676ee93912a7d31f181a079da93776c2bc14f98
 
x86_64:
java-1.6.0-openjdk-1.6.0.0-3.1.13.1.el5_10.x86_64.rpm
File outdated by:  RHSA-2015:1526
    MD5: e6509892ccc6ec3aef3ca20d1e46dc79
SHA-256: 79a796eeeb49af2d8b733604e1af020aacc55fbbccaf910bdef270494d263c28
java-1.6.0-openjdk-debuginfo-1.6.0.0-3.1.13.1.el5_10.x86_64.rpm
File outdated by:  RHSA-2015:1526
    MD5: 8bdc4da1a0c0fb6e535ee6b8bfa5cfea
SHA-256: efd5b75e25890472fb20f8a1a3ef160829b42d89d90be1314dc1206c4bbdaae7
java-1.6.0-openjdk-demo-1.6.0.0-3.1.13.1.el5_10.x86_64.rpm
File outdated by:  RHSA-2015:1526
    MD5: 635759ba663c77df502c5dd87c160701
SHA-256: 5f17b6ec5a72113f924be0aa1623974d296e91045e754a1a8466e22e695e5fff
java-1.6.0-openjdk-devel-1.6.0.0-3.1.13.1.el5_10.x86_64.rpm
File outdated by:  RHSA-2015:1526
    MD5: 33b7c89330ac4c6031e3557484d0a2a8
SHA-256: 6de7c190f67bf7a0b0ce325dc7febd27486c5f458860fbd92c6db6c994062060
java-1.6.0-openjdk-javadoc-1.6.0.0-3.1.13.1.el5_10.x86_64.rpm
File outdated by:  RHSA-2015:1526
    MD5: 59071a09e42bc1d8475eb2d071c83158
SHA-256: 2ce423dfbdc1dc7403cdc4c9392eeb6120b7594c4cbcb5518323ad6082a87731
java-1.6.0-openjdk-src-1.6.0.0-3.1.13.1.el5_10.x86_64.rpm
File outdated by:  RHSA-2015:1526
    MD5: a4a494552c3244323eaa3f860887b89a
SHA-256: 555c25151fab9b59adc11d52e6603c7994b56856052d08e3e1453aa607c7addf
 
Red Hat Enterprise Linux Desktop (v. 6)

SRPMS:
java-1.6.0-openjdk-1.6.0.0-3.1.13.1.el6_5.src.rpm
File outdated by:  RHSA-2015:1526
    MD5: 03c085cfc6a33cfc50e321f66a58189e
SHA-256: 27d4707b2f5a18e0d3f745622e98316bf522d3ae72e40c9289f0cb53646d1319
 
IA-32:
java-1.6.0-openjdk-1.6.0.0-3.1.13.1.el6_5.i686.rpm
File outdated by:  RHSA-2015:1526
    MD5: 56b8b00ff07d183b3ca4b141bf79648b
SHA-256: 34b677f8ac1f93b697fc7672dcb252256d6ced2eddcfc03a63cdd3682cb4a73c
java-1.6.0-openjdk-debuginfo-1.6.0.0-3.1.13.1.el6_5.i686.rpm
File outdated by:  RHSA-2015:1526
    MD5: 8beb6be08c7b86f06187aabba577ed1d
SHA-256: 69cdf3091287d360fd28c10a720cd44744d13041c4721822c88f306933fbe543
java-1.6.0-openjdk-demo-1.6.0.0-3.1.13.1.el6_5.i686.rpm
File outdated by:  RHSA-2015:1526
    MD5: 6c64af70001f771e5e91bdcaa384c2ac
SHA-256: f336a4f867b8a7598bc7dc4ac94a6f047e4e7267797ba7d2e01c25c8cea6c44c
java-1.6.0-openjdk-devel-1.6.0.0-3.1.13.1.el6_5.i686.rpm
File outdated by:  RHSA-2015:1526
    MD5: 5d5d6842d9e4374c549ec0ad25e7ebd2
SHA-256: 35b2de49dd74d472834cd03c2f40fa17d4799c93743e7f198ea83d3044c4eac2
java-1.6.0-openjdk-javadoc-1.6.0.0-3.1.13.1.el6_5.i686.rpm
File outdated by:  RHSA-2015:1526
    MD5: 094cfdd02e926fb2131983ef755a372f
SHA-256: 1b74c2017449a6b3b184075fd0bf69b805b21de032c583ce3bca4fe2be7be384
java-1.6.0-openjdk-src-1.6.0.0-3.1.13.1.el6_5.i686.rpm
File outdated by:  RHSA-2015:1526
    MD5: 90e19178bd38608552a7bf88ff3cceb9
SHA-256: 633833fd08ea35ce12415841e2821ccb29bf7a4379860be36fe4dd5546094206
 
x86_64:
java-1.6.0-openjdk-1.6.0.0-3.1.13.1.el6_5.x86_64.rpm
File outdated by:  RHSA-2015:1526
    MD5: e479d437ea5fd4ce0228b2af0bf9c8d2
SHA-256: c5866dd39c87ba76e7aeaf87b85145d9f85c2587a9ec1d318963d3d44951c360
java-1.6.0-openjdk-debuginfo-1.6.0.0-3.1.13.1.el6_5.x86_64.rpm
File outdated by:  RHSA-2015:1526
    MD5: 4cb13dd673b7a8409cc3012fd58ac341
SHA-256: c4c8937e7b117c47fc085c445e47f7cb84408b4b8adf59006e96392bcda3a750
java-1.6.0-openjdk-demo-1.6.0.0-3.1.13.1.el6_5.x86_64.rpm
File outdated by:  RHSA-2015:1526
    MD5: 0c1c95c3f2579b7a1e68805119941795
SHA-256: 5c2fe920f386578b81325bbefef55d3f0467f80eb0610bc8ae1be9b870f6d8dd
java-1.6.0-openjdk-devel-1.6.0.0-3.1.13.1.el6_5.x86_64.rpm
File outdated by:  RHSA-2015:1526
    MD5: b458a91781bdcd4dd8c2cebc32e6db28
SHA-256: 7691fcf970b952ebeba22cdc8990eff307d5772ffc50ea8903f048ed8295f2c4
java-1.6.0-openjdk-javadoc-1.6.0.0-3.1.13.1.el6_5.x86_64.rpm
File outdated by:  RHSA-2015:1526
    MD5: 8de5bc5492c628e78d8347c43829ec09
SHA-256: 355af3a9d7d901d0c1fb1dd837310643f0bd549883e522d6ebf2ab85b08f60af
java-1.6.0-openjdk-src-1.6.0.0-3.1.13.1.el6_5.x86_64.rpm
File outdated by:  RHSA-2015:1526
    MD5: 58f2663d5f36feaf12fb8a57f44b92a5
SHA-256: 58e8509f5481953981cb10608e54273bd0aa013e896fe43262584684a0aee7a2
 
Red Hat Enterprise Linux HPC Node (v. 6)

SRPMS:
java-1.6.0-openjdk-1.6.0.0-3.1.13.1.el6_5.src.rpm
File outdated by:  RHSA-2015:1526
    MD5: 03c085cfc6a33cfc50e321f66a58189e
SHA-256: 27d4707b2f5a18e0d3f745622e98316bf522d3ae72e40c9289f0cb53646d1319
 
x86_64:
java-1.6.0-openjdk-1.6.0.0-3.1.13.1.el6_5.x86_64.rpm
File outdated by:  RHSA-2015:1526
    MD5: e479d437ea5fd4ce0228b2af0bf9c8d2
SHA-256: c5866dd39c87ba76e7aeaf87b85145d9f85c2587a9ec1d318963d3d44951c360
java-1.6.0-openjdk-debuginfo-1.6.0.0-3.1.13.1.el6_5.x86_64.rpm
File outdated by:  RHSA-2015:1526
    MD5: 4cb13dd673b7a8409cc3012fd58ac341
SHA-256: c4c8937e7b117c47fc085c445e47f7cb84408b4b8adf59006e96392bcda3a750
java-1.6.0-openjdk-demo-1.6.0.0-3.1.13.1.el6_5.x86_64.rpm
File outdated by:  RHSA-2015:1526
    MD5: 0c1c95c3f2579b7a1e68805119941795
SHA-256: 5c2fe920f386578b81325bbefef55d3f0467f80eb0610bc8ae1be9b870f6d8dd
java-1.6.0-openjdk-devel-1.6.0.0-3.1.13.1.el6_5.x86_64.rpm
File outdated by:  RHSA-2015:1526
    MD5: b458a91781bdcd4dd8c2cebc32e6db28
SHA-256: 7691fcf970b952ebeba22cdc8990eff307d5772ffc50ea8903f048ed8295f2c4
java-1.6.0-openjdk-javadoc-1.6.0.0-3.1.13.1.el6_5.x86_64.rpm
File outdated by:  RHSA-2015:1526
    MD5: 8de5bc5492c628e78d8347c43829ec09
SHA-256: 355af3a9d7d901d0c1fb1dd837310643f0bd549883e522d6ebf2ab85b08f60af
java-1.6.0-openjdk-src-1.6.0.0-3.1.13.1.el6_5.x86_64.rpm
File outdated by:  RHSA-2015:1526
    MD5: 58f2663d5f36feaf12fb8a57f44b92a5
SHA-256: 58e8509f5481953981cb10608e54273bd0aa013e896fe43262584684a0aee7a2
 
Red Hat Enterprise Linux Server (v. 6)

SRPMS:
java-1.6.0-openjdk-1.6.0.0-3.1.13.1.el6_5.src.rpm
File outdated by:  RHSA-2015:1526
    MD5: 03c085cfc6a33cfc50e321f66a58189e
SHA-256: 27d4707b2f5a18e0d3f745622e98316bf522d3ae72e40c9289f0cb53646d1319
 
IA-32:
java-1.6.0-openjdk-1.6.0.0-3.1.13.1.el6_5.i686.rpm
File outdated by:  RHSA-2015:1526
    MD5: 56b8b00ff07d183b3ca4b141bf79648b
SHA-256: 34b677f8ac1f93b697fc7672dcb252256d6ced2eddcfc03a63cdd3682cb4a73c
java-1.6.0-openjdk-debuginfo-1.6.0.0-3.1.13.1.el6_5.i686.rpm
File outdated by:  RHSA-2015:1526
    MD5: 8beb6be08c7b86f06187aabba577ed1d
SHA-256: 69cdf3091287d360fd28c10a720cd44744d13041c4721822c88f306933fbe543
java-1.6.0-openjdk-demo-1.6.0.0-3.1.13.1.el6_5.i686.rpm
File outdated by:  RHSA-2015:1526
    MD5: 6c64af70001f771e5e91bdcaa384c2ac
SHA-256: f336a4f867b8a7598bc7dc4ac94a6f047e4e7267797ba7d2e01c25c8cea6c44c
java-1.6.0-openjdk-devel-1.6.0.0-3.1.13.1.el6_5.i686.rpm
File outdated by:  RHSA-2015:1526
    MD5: 5d5d6842d9e4374c549ec0ad25e7ebd2
SHA-256: 35b2de49dd74d472834cd03c2f40fa17d4799c93743e7f198ea83d3044c4eac2
java-1.6.0-openjdk-javadoc-1.6.0.0-3.1.13.1.el6_5.i686.rpm
File outdated by:  RHSA-2015:1526
    MD5: 094cfdd02e926fb2131983ef755a372f
SHA-256: 1b74c2017449a6b3b184075fd0bf69b805b21de032c583ce3bca4fe2be7be384
java-1.6.0-openjdk-src-1.6.0.0-3.1.13.1.el6_5.i686.rpm
File outdated by:  RHSA-2015:1526
    MD5: 90e19178bd38608552a7bf88ff3cceb9
SHA-256: 633833fd08ea35ce12415841e2821ccb29bf7a4379860be36fe4dd5546094206
 
x86_64:
java-1.6.0-openjdk-1.6.0.0-3.1.13.1.el6_5.x86_64.rpm
File outdated by:  RHSA-2015:1526
    MD5: e479d437ea5fd4ce0228b2af0bf9c8d2
SHA-256: c5866dd39c87ba76e7aeaf87b85145d9f85c2587a9ec1d318963d3d44951c360
java-1.6.0-openjdk-debuginfo-1.6.0.0-3.1.13.1.el6_5.x86_64.rpm
File outdated by:  RHSA-2015:1526
    MD5: 4cb13dd673b7a8409cc3012fd58ac341
SHA-256: c4c8937e7b117c47fc085c445e47f7cb84408b4b8adf59006e96392bcda3a750
java-1.6.0-openjdk-demo-1.6.0.0-3.1.13.1.el6_5.x86_64.rpm
File outdated by:  RHSA-2015:1526
    MD5: 0c1c95c3f2579b7a1e68805119941795
SHA-256: 5c2fe920f386578b81325bbefef55d3f0467f80eb0610bc8ae1be9b870f6d8dd
java-1.6.0-openjdk-devel-1.6.0.0-3.1.13.1.el6_5.x86_64.rpm
File outdated by:  RHSA-2015:1526
    MD5: b458a91781bdcd4dd8c2cebc32e6db28
SHA-256: 7691fcf970b952ebeba22cdc8990eff307d5772ffc50ea8903f048ed8295f2c4
java-1.6.0-openjdk-javadoc-1.6.0.0-3.1.13.1.el6_5.x86_64.rpm
File outdated by:  RHSA-2015:1526
    MD5: 8de5bc5492c628e78d8347c43829ec09
SHA-256: 355af3a9d7d901d0c1fb1dd837310643f0bd549883e522d6ebf2ab85b08f60af
java-1.6.0-openjdk-src-1.6.0.0-3.1.13.1.el6_5.x86_64.rpm
File outdated by:  RHSA-2015:1526
    MD5: 58f2663d5f36feaf12fb8a57f44b92a5
SHA-256: 58e8509f5481953981cb10608e54273bd0aa013e896fe43262584684a0aee7a2
 
Red Hat Enterprise Linux Server AUS (v. 6.5)

SRPMS:
java-1.6.0-openjdk-1.6.0.0-3.1.13.1.el6_5.src.rpm
File outdated by:  RHSA-2015:1526
    MD5: 03c085cfc6a33cfc50e321f66a58189e
SHA-256: 27d4707b2f5a18e0d3f745622e98316bf522d3ae72e40c9289f0cb53646d1319
 
x86_64:
java-1.6.0-openjdk-1.6.0.0-3.1.13.1.el6_5.x86_64.rpm
File outdated by:  RHBA-2014:1113
    MD5: e479d437ea5fd4ce0228b2af0bf9c8d2
SHA-256: c5866dd39c87ba76e7aeaf87b85145d9f85c2587a9ec1d318963d3d44951c360
java-1.6.0-openjdk-debuginfo-1.6.0.0-3.1.13.1.el6_5.x86_64.rpm
File outdated by:  RHBA-2014:1113
    MD5: 4cb13dd673b7a8409cc3012fd58ac341
SHA-256: c4c8937e7b117c47fc085c445e47f7cb84408b4b8adf59006e96392bcda3a750
java-1.6.0-openjdk-demo-1.6.0.0-3.1.13.1.el6_5.x86_64.rpm
File outdated by:  RHBA-2014:1113
    MD5: 0c1c95c3f2579b7a1e68805119941795
SHA-256: 5c2fe920f386578b81325bbefef55d3f0467f80eb0610bc8ae1be9b870f6d8dd
java-1.6.0-openjdk-devel-1.6.0.0-3.1.13.1.el6_5.x86_64.rpm
File outdated by:  RHBA-2014:1113
    MD5: b458a91781bdcd4dd8c2cebc32e6db28
SHA-256: 7691fcf970b952ebeba22cdc8990eff307d5772ffc50ea8903f048ed8295f2c4
java-1.6.0-openjdk-javadoc-1.6.0.0-3.1.13.1.el6_5.x86_64.rpm
File outdated by:  RHBA-2014:1113
    MD5: 8de5bc5492c628e78d8347c43829ec09
SHA-256: 355af3a9d7d901d0c1fb1dd837310643f0bd549883e522d6ebf2ab85b08f60af
java-1.6.0-openjdk-src-1.6.0.0-3.1.13.1.el6_5.x86_64.rpm
File outdated by:  RHBA-2014:1113
    MD5: 58f2663d5f36feaf12fb8a57f44b92a5
SHA-256: 58e8509f5481953981cb10608e54273bd0aa013e896fe43262584684a0aee7a2
 
Red Hat Enterprise Linux Server EUS (v. 6.5.z)

SRPMS:
java-1.6.0-openjdk-1.6.0.0-3.1.13.1.el6_5.src.rpm
File outdated by:  RHSA-2015:1526
    MD5: 03c085cfc6a33cfc50e321f66a58189e
SHA-256: 27d4707b2f5a18e0d3f745622e98316bf522d3ae72e40c9289f0cb53646d1319
 
IA-32:
java-1.6.0-openjdk-1.6.0.0-3.1.13.1.el6_5.i686.rpm
File outdated by:  RHBA-2014:1113
    MD5: 56b8b00ff07d183b3ca4b141bf79648b
SHA-256: 34b677f8ac1f93b697fc7672dcb252256d6ced2eddcfc03a63cdd3682cb4a73c
java-1.6.0-openjdk-debuginfo-1.6.0.0-3.1.13.1.el6_5.i686.rpm
File outdated by:  RHBA-2014:1113
    MD5: 8beb6be08c7b86f06187aabba577ed1d
SHA-256: 69cdf3091287d360fd28c10a720cd44744d13041c4721822c88f306933fbe543
java-1.6.0-openjdk-demo-1.6.0.0-3.1.13.1.el6_5.i686.rpm
File outdated by:  RHBA-2014:1113
    MD5: 6c64af70001f771e5e91bdcaa384c2ac
SHA-256: f336a4f867b8a7598bc7dc4ac94a6f047e4e7267797ba7d2e01c25c8cea6c44c
java-1.6.0-openjdk-devel-1.6.0.0-3.1.13.1.el6_5.i686.rpm
File outdated by:  RHBA-2014:1113
    MD5: 5d5d6842d9e4374c549ec0ad25e7ebd2
SHA-256: 35b2de49dd74d472834cd03c2f40fa17d4799c93743e7f198ea83d3044c4eac2
java-1.6.0-openjdk-javadoc-1.6.0.0-3.1.13.1.el6_5.i686.rpm
File outdated by:  RHBA-2014:1113
    MD5: 094cfdd02e926fb2131983ef755a372f
SHA-256: 1b74c2017449a6b3b184075fd0bf69b805b21de032c583ce3bca4fe2be7be384
java-1.6.0-openjdk-src-1.6.0.0-3.1.13.1.el6_5.i686.rpm
File outdated by:  RHBA-2014:1113
    MD5: 90e19178bd38608552a7bf88ff3cceb9
SHA-256: 633833fd08ea35ce12415841e2821ccb29bf7a4379860be36fe4dd5546094206
 
x86_64:
java-1.6.0-openjdk-1.6.0.0-3.1.13.1.el6_5.x86_64.rpm
File outdated by:  RHBA-2014:1113
    MD5: e479d437ea5fd4ce0228b2af0bf9c8d2
SHA-256: c5866dd39c87ba76e7aeaf87b85145d9f85c2587a9ec1d318963d3d44951c360
java-1.6.0-openjdk-debuginfo-1.6.0.0-3.1.13.1.el6_5.x86_64.rpm
File outdated by:  RHBA-2014:1113
    MD5: 4cb13dd673b7a8409cc3012fd58ac341
SHA-256: c4c8937e7b117c47fc085c445e47f7cb84408b4b8adf59006e96392bcda3a750
java-1.6.0-openjdk-demo-1.6.0.0-3.1.13.1.el6_5.x86_64.rpm
File outdated by:  RHBA-2014:1113
    MD5: 0c1c95c3f2579b7a1e68805119941795
SHA-256: 5c2fe920f386578b81325bbefef55d3f0467f80eb0610bc8ae1be9b870f6d8dd
java-1.6.0-openjdk-devel-1.6.0.0-3.1.13.1.el6_5.x86_64.rpm
File outdated by:  RHBA-2014:1113
    MD5: b458a91781bdcd4dd8c2cebc32e6db28
SHA-256: 7691fcf970b952ebeba22cdc8990eff307d5772ffc50ea8903f048ed8295f2c4
java-1.6.0-openjdk-javadoc-1.6.0.0-3.1.13.1.el6_5.x86_64.rpm
File outdated by:  RHBA-2014:1113
    MD5: 8de5bc5492c628e78d8347c43829ec09
SHA-256: 355af3a9d7d901d0c1fb1dd837310643f0bd549883e522d6ebf2ab85b08f60af
java-1.6.0-openjdk-src-1.6.0.0-3.1.13.1.el6_5.x86_64.rpm
File outdated by:  RHBA-2014:1113
    MD5: 58f2663d5f36feaf12fb8a57f44b92a5
SHA-256: 58e8509f5481953981cb10608e54273bd0aa013e896fe43262584684a0aee7a2
 
Red Hat Enterprise Linux Workstation (v. 6)

SRPMS:
java-1.6.0-openjdk-1.6.0.0-3.1.13.1.el6_5.src.rpm
File outdated by:  RHSA-2015:1526
    MD5: 03c085cfc6a33cfc50e321f66a58189e
SHA-256: 27d4707b2f5a18e0d3f745622e98316bf522d3ae72e40c9289f0cb53646d1319
 
IA-32:
java-1.6.0-openjdk-1.6.0.0-3.1.13.1.el6_5.i686.rpm
File outdated by:  RHSA-2015:1526
    MD5: 56b8b00ff07d183b3ca4b141bf79648b
SHA-256: 34b677f8ac1f93b697fc7672dcb252256d6ced2eddcfc03a63cdd3682cb4a73c
java-1.6.0-openjdk-debuginfo-1.6.0.0-3.1.13.1.el6_5.i686.rpm
File outdated by:  RHSA-2015:1526
    MD5: 8beb6be08c7b86f06187aabba577ed1d
SHA-256: 69cdf3091287d360fd28c10a720cd44744d13041c4721822c88f306933fbe543
java-1.6.0-openjdk-demo-1.6.0.0-3.1.13.1.el6_5.i686.rpm
File outdated by:  RHSA-2015:1526
    MD5: 6c64af70001f771e5e91bdcaa384c2ac
SHA-256: f336a4f867b8a7598bc7dc4ac94a6f047e4e7267797ba7d2e01c25c8cea6c44c
java-1.6.0-openjdk-devel-1.6.0.0-3.1.13.1.el6_5.i686.rpm
File outdated by:  RHSA-2015:1526
    MD5: 5d5d6842d9e4374c549ec0ad25e7ebd2
SHA-256: 35b2de49dd74d472834cd03c2f40fa17d4799c93743e7f198ea83d3044c4eac2
java-1.6.0-openjdk-javadoc-1.6.0.0-3.1.13.1.el6_5.i686.rpm
File outdated by:  RHSA-2015:1526
    MD5: 094cfdd02e926fb2131983ef755a372f
SHA-256: 1b74c2017449a6b3b184075fd0bf69b805b21de032c583ce3bca4fe2be7be384
java-1.6.0-openjdk-src-1.6.0.0-3.1.13.1.el6_5.i686.rpm
File outdated by:  RHSA-2015:1526
    MD5: 90e19178bd38608552a7bf88ff3cceb9
SHA-256: 633833fd08ea35ce12415841e2821ccb29bf7a4379860be36fe4dd5546094206
 
x86_64:
java-1.6.0-openjdk-1.6.0.0-3.1.13.1.el6_5.x86_64.rpm
File outdated by:  RHSA-2015:1526
    MD5: e479d437ea5fd4ce0228b2af0bf9c8d2
SHA-256: c5866dd39c87ba76e7aeaf87b85145d9f85c2587a9ec1d318963d3d44951c360
java-1.6.0-openjdk-debuginfo-1.6.0.0-3.1.13.1.el6_5.x86_64.rpm
File outdated by:  RHSA-2015:1526
    MD5: 4cb13dd673b7a8409cc3012fd58ac341
SHA-256: c4c8937e7b117c47fc085c445e47f7cb84408b4b8adf59006e96392bcda3a750
java-1.6.0-openjdk-demo-1.6.0.0-3.1.13.1.el6_5.x86_64.rpm
File outdated by:  RHSA-2015:1526
    MD5: 0c1c95c3f2579b7a1e68805119941795
SHA-256: 5c2fe920f386578b81325bbefef55d3f0467f80eb0610bc8ae1be9b870f6d8dd
java-1.6.0-openjdk-devel-1.6.0.0-3.1.13.1.el6_5.x86_64.rpm
File outdated by:  RHSA-2015:1526
    MD5: b458a91781bdcd4dd8c2cebc32e6db28
SHA-256: 7691fcf970b952ebeba22cdc8990eff307d5772ffc50ea8903f048ed8295f2c4
java-1.6.0-openjdk-javadoc-1.6.0.0-3.1.13.1.el6_5.x86_64.rpm
File outdated by:  RHSA-2015:1526
    MD5: 8de5bc5492c628e78d8347c43829ec09
SHA-256: 355af3a9d7d901d0c1fb1dd837310643f0bd549883e522d6ebf2ab85b08f60af
java-1.6.0-openjdk-src-1.6.0.0-3.1.13.1.el6_5.x86_64.rpm
File outdated by:  RHSA-2015:1526
    MD5: 58f2663d5f36feaf12fb8a57f44b92a5
SHA-256: 58e8509f5481953981cb10608e54273bd0aa013e896fe43262584684a0aee7a2
 
(The unlinked packages above are only available from the Red Hat Network)

Bugs fixed (see bugzilla for more information)

1051519 - CVE-2014-0428 OpenJDK: insufficient security checks in IIOP streams (CORBA, 8025767)
1051528 - CVE-2014-0422 OpenJDK: insufficient package access checks in the Naming component (JNDI, 8025758)
1051699 - CVE-2014-0373 OpenJDK: SnmpStatusException handling issues (Serviceability, 7068126)
1051823 - CVE-2013-5878 OpenJDK: null xmlns handling issue (Security, 8025026)
1051911 - CVE-2013-5884 OpenJDK: insufficient security checks in CORBA stub factories (CORBA, 8026193)
1051912 - CVE-2014-0416 OpenJDK: insecure subject principals set handling (JAAS, 8024306)
1051923 - CVE-2014-0376 OpenJDK: document builder missing security checks (JAXP, 8027201, 8025018)
1052915 - CVE-2013-5907 ICU: Layout Engine LookupProcessor insufficient input checks (JDK 2D, 8025034)
1052919 - CVE-2014-0368 OpenJDK: insufficient Socket checkListen checks (Networking, 8011786)
1052942 - CVE-2013-5910 OpenJDK: XML canonicalizer mutable strings passed to untrusted code (Security, 8026417)
1053010 - CVE-2014-0411 OpenJDK: TLS/SSL handshake timing issues (JSSE, 8023069)
1053066 - CVE-2014-0423 OpenJDK: XXE issue in decoder (Beans, 8023245)
1053266 - CVE-2013-5896 OpenJDK: com.sun.corba.se. should be restricted package (CORBA, 8025022)


References



These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from:
https://www.redhat.com/security/team/key/#package

The Red Hat security contact is secalert@redhat.com. More contact details at http://www.redhat.com/security/team/contact/