what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New

Mandriva Linux Security Advisory 2011-126

Mandriva Linux Security Advisory 2011-126
Posted Aug 16, 2011
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2011-126 - Multiple vulnerabilities were discovered and corrected in java-1.6.0-openjdk. Everything referenced in this advisory points to unspecified vulnerabilities.

tags | advisory, java, vulnerability
systems | linux, mandriva
advisories | CVE-2011-0865, CVE-2011-0862, CVE-2011-0867, CVE-2011-0869, CVE-2011-0868, CVE-2011-0864, CVE-2011-0871
SHA-256 | 0fd3ead6a18f48776a8de698c79e5fb054e0a66a4c03e68db89c37346d36c80f

Mandriva Linux Security Advisory 2011-126

Change Mirror Download
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

_______________________________________________________________________

Mandriva Linux Security Advisory MDVSA-2011:126
http://www.mandriva.com/security/
_______________________________________________________________________

Package : java-1.6.0-openjdk
Date : August 15, 2011
Affected: 2009.0, 2010.1, Enterprise Server 5.0
_______________________________________________________________________

Problem Description:

Multiple vulnerabilities were discovered and corrected in
java-1.6.0-openjdk:

Unspecified vulnerability in the Java Runtime Environment (JRE)
component in Oracle Java SE 6 Update 25 and earlier, 5.0 Update 29
and earlier, and 1.4.2_31 and earlier allows remote untrusted Java
Web Start applications and untrusted Java applets to affect integrity
via unknown vectors related to Deserialization (CVE-2011-0865).

Multiple unspecified vulnerabilities in the Java Runtime Environment
(JRE) component in Oracle Java SE 6 Update 25 and earlier, 5.0 Update
29 and earlier, and 1.4.2_31 and earlier allow remote attackers
to affect confidentiality, integrity, and availability via unknown
vectors related to 2D (CVE-2011-0862).

Unspecified vulnerability in the Java Runtime Environment (JRE)
component in Oracle Java SE 6 Update 25 and earlier, 5.0 Update 29
and earlier, and 1.4.2_31 and earlier allows remote untrusted Java Web
Start applications and untrusted Java applets to affect confidentiality
via unknown vectors related to Networking (CVE-2011-0867).

Unspecified vulnerability in the Java Runtime Environment (JRE)
component in Oracle Java SE 6 Update 26 and earlier allows remote
untrusted Java Web Start applications and untrusted Java applets
to affect confidentiality via unknown vectors related to SAAJ
(CVE-2011-0869).

Unspecified vulnerability in the Java Runtime Environment (JRE)
component in Oracle Java SE 6 Update 25 and earlier allows remote
attackers to affect confidentiality via unknown vectors related to 2D
(CVE-2011-0868).

Unspecified vulnerability in the Java Runtime Environment (JRE)
component in Oracle Java SE 6 Update 25 and earlier, 5.0 Update
29 and earlier, and 1.4.2_31 and earlier allows remote untrusted
Java Web Start applications and untrusted Java applets to affect
confidentiality, integrity, and availability via unknown vectors
related to HotSpot (CVE-2011-0864).

Unspecified vulnerability in the Java Runtime Environment (JRE)
component in Oracle Java SE 6 Update 25 and earlier, 5.0 Update
29 and earlier, and 1.4.2_31 and earlier allows remote untrusted
Java Web Start applications and untrusted Java applets to affect
confidentiality, integrity, and availability via unknown vectors
related to Swing (CVE-2011-0871).

Packages for 2009.0 are provided as of the Extended Maintenance
Program. Please visit this link to learn more:
http://store.mandriva.com/product_info.php?cPath=149&products_id=490

The updated packages have been upgraded to versions which is not
vulnerable to these issues.
_______________________________________________________________________

References:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0865
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0862
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0867
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0869
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0868
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0864
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0871
_______________________________________________________________________

Updated Packages:

Mandriva Linux 2009.0:
19d265aa46efb3258d4b4cc7e73dbbb5 2009.0/i586/icedtea-web-1.0.4-0.2mdv2009.0.i586.rpm
c1f3d3c181547b334ae1c8b15d5237a0 2009.0/i586/java-1.6.0-openjdk-1.6.0.0-22.b22.2mdv2009.0.i586.rpm
d9f5607c72e4f4a4505177ea3ea969be 2009.0/i586/java-1.6.0-openjdk-demo-1.6.0.0-22.b22.2mdv2009.0.i586.rpm
53b0c3bb0e810c59d6eaef6e042da0b8 2009.0/i586/java-1.6.0-openjdk-devel-1.6.0.0-22.b22.2mdv2009.0.i586.rpm
7f943009d100860baac42203568e6ac4 2009.0/i586/java-1.6.0-openjdk-javadoc-1.6.0.0-22.b22.2mdv2009.0.i586.rpm
bc5eeeefc469ffa521ed38987498336b 2009.0/i586/java-1.6.0-openjdk-src-1.6.0.0-22.b22.2mdv2009.0.i586.rpm
48be307c53c6eecca3f3dc1490f229d9 2009.0/i586/libxrender1-0.9.6-0.1mdv2009.0.i586.rpm
554c86426aeec975f3a50c18c96adadc 2009.0/i586/libxrender-devel-0.9.6-0.1mdv2009.0.i586.rpm
e07e83effc61bde329ea7e224460a327 2009.0/i586/libxrender-static-devel-0.9.6-0.1mdv2009.0.i586.rpm
508b185fd12ecc76467b49f24d7b2217 2009.0/SRPMS/icedtea-web-1.0.4-0.2mdv2009.0.src.rpm
6af1f5671e368bd1b4c58dd16ea0017c 2009.0/SRPMS/java-1.6.0-openjdk-1.6.0.0-22.b22.2mdv2009.0.src.rpm
54be43c2618facb1d935cb520aefa833 2009.0/SRPMS/libxrender-0.9.6-0.1mdv2009.0.src.rpm

Mandriva Linux 2009.0/X86_64:
ae9f928190ede8942ac1aff89fe2f463 2009.0/x86_64/icedtea-web-1.0.4-0.2mdv2009.0.x86_64.rpm
fa2141bfeb38567d55713e1cc0d0cebf 2009.0/x86_64/java-1.6.0-openjdk-1.6.0.0-22.b22.2mdv2009.0.x86_64.rpm
174eaeed97f7b861138ae96c9b5d8993 2009.0/x86_64/java-1.6.0-openjdk-demo-1.6.0.0-22.b22.2mdv2009.0.x86_64.rpm
6db525e9a731a01eefe9ffeb61d3add0 2009.0/x86_64/java-1.6.0-openjdk-devel-1.6.0.0-22.b22.2mdv2009.0.x86_64.rpm
f0c543aea5e2073b58f3a09d8081e785 2009.0/x86_64/java-1.6.0-openjdk-javadoc-1.6.0.0-22.b22.2mdv2009.0.x86_64.rpm
dea21aca839de0d21601887308449b32 2009.0/x86_64/java-1.6.0-openjdk-src-1.6.0.0-22.b22.2mdv2009.0.x86_64.rpm
5dc2eadd81004cc5aa1644521b9e40af 2009.0/x86_64/lib64xrender1-0.9.6-0.1mdv2009.0.x86_64.rpm
001c4afe613fa6dcc317cf71896be57b 2009.0/x86_64/lib64xrender-devel-0.9.6-0.1mdv2009.0.x86_64.rpm
5539885e9c91f5114dec2476df3b4cc6 2009.0/x86_64/lib64xrender-static-devel-0.9.6-0.1mdv2009.0.x86_64.rpm
508b185fd12ecc76467b49f24d7b2217 2009.0/SRPMS/icedtea-web-1.0.4-0.2mdv2009.0.src.rpm
6af1f5671e368bd1b4c58dd16ea0017c 2009.0/SRPMS/java-1.6.0-openjdk-1.6.0.0-22.b22.2mdv2009.0.src.rpm
54be43c2618facb1d935cb520aefa833 2009.0/SRPMS/libxrender-0.9.6-0.1mdv2009.0.src.rpm

Mandriva Linux 2010.1:
af7f9f7275e503319c42604e44a93f78 2010.1/i586/icedtea-web-1.0.4-0.2mdv2010.2.i586.rpm
235712e4b1e878607715ad1e2a2fc6e7 2010.1/i586/java-1.6.0-openjdk-1.6.0.0-22.b22.2mdv2010.2.i586.rpm
cb738210a1d89e1d7a6f35e7c711ab10 2010.1/i586/java-1.6.0-openjdk-demo-1.6.0.0-22.b22.2mdv2010.2.i586.rpm
8a426eac6eb9787a15b9cd0a69a3d415 2010.1/i586/java-1.6.0-openjdk-devel-1.6.0.0-22.b22.2mdv2010.2.i586.rpm
f452545a878a69df9d7bbf26f17e009e 2010.1/i586/java-1.6.0-openjdk-javadoc-1.6.0.0-22.b22.2mdv2010.2.i586.rpm
9e7ed926eadbd1be9a371627fb5e7cbc 2010.1/i586/java-1.6.0-openjdk-src-1.6.0.0-22.b22.2mdv2010.2.i586.rpm
0c235232aa7bc5ed98c459c7a8538acf 2010.1/i586/libxrender1-0.9.6-0.1mdv2010.2.i586.rpm
6bc3d56a7395063f4cb7bd3de9744ff2 2010.1/i586/libxrender-devel-0.9.6-0.1mdv2010.2.i586.rpm
78dae2ae6305cb11b9938fd9470c87a8 2010.1/i586/libxrender-static-devel-0.9.6-0.1mdv2010.2.i586.rpm
ee8f5afeb5896a84ccb4459c47ed1b11 2010.1/SRPMS/icedtea-web-1.0.4-0.2mdv2010.2.src.rpm
ee1ed4d0bd5e2754464df0597b8a55aa 2010.1/SRPMS/java-1.6.0-openjdk-1.6.0.0-22.b22.2mdv2010.2.src.rpm
55b0784e0c2b42114998cf694ef1fb02 2010.1/SRPMS/libxrender-0.9.6-0.1mdv2010.2.src.rpm

Mandriva Linux 2010.1/X86_64:
0bd89ff2c5ddcc783092e8dcc9acaec1 2010.1/x86_64/icedtea-web-1.0.4-0.2mdv2010.2.x86_64.rpm
93172eb2586f4f3dbae66d0abaf88c81 2010.1/x86_64/java-1.6.0-openjdk-1.6.0.0-22.b22.2mdv2010.2.x86_64.rpm
967c5bb38487820b259d192aefbcb9e6 2010.1/x86_64/java-1.6.0-openjdk-demo-1.6.0.0-22.b22.2mdv2010.2.x86_64.rpm
8676fc951ad6ec322579db64714b1486 2010.1/x86_64/java-1.6.0-openjdk-devel-1.6.0.0-22.b22.2mdv2010.2.x86_64.rpm
caf43f0f0225dc5c903317a022e38a69 2010.1/x86_64/java-1.6.0-openjdk-javadoc-1.6.0.0-22.b22.2mdv2010.2.x86_64.rpm
6bed48be7d85aec169b7860da60f400b 2010.1/x86_64/java-1.6.0-openjdk-src-1.6.0.0-22.b22.2mdv2010.2.x86_64.rpm
0bf576b059af48591c95fc9364c86083 2010.1/x86_64/lib64xrender1-0.9.6-0.1mdv2010.2.x86_64.rpm
af28d32a7d64d44d96c73ee784fbb725 2010.1/x86_64/lib64xrender-devel-0.9.6-0.1mdv2010.2.x86_64.rpm
a0dbb140973cdb9d57fc04c3a4c69126 2010.1/x86_64/lib64xrender-static-devel-0.9.6-0.1mdv2010.2.x86_64.rpm
ee8f5afeb5896a84ccb4459c47ed1b11 2010.1/SRPMS/icedtea-web-1.0.4-0.2mdv2010.2.src.rpm
ee1ed4d0bd5e2754464df0597b8a55aa 2010.1/SRPMS/java-1.6.0-openjdk-1.6.0.0-22.b22.2mdv2010.2.src.rpm
55b0784e0c2b42114998cf694ef1fb02 2010.1/SRPMS/libxrender-0.9.6-0.1mdv2010.2.src.rpm

Mandriva Enterprise Server 5:
804975906b9a7af0dd528a2cfdb16ac6 mes5/i586/icedtea-web-1.0.4-0.2mdvmes5.2.i586.rpm
4bc3bd160048659e0e29008b51a9023a mes5/i586/java-1.6.0-openjdk-1.6.0.0-22.b22.2mdvmes5.2.i586.rpm
c899d91a69b2dfafec9b17a7c884969b mes5/i586/java-1.6.0-openjdk-demo-1.6.0.0-22.b22.2mdvmes5.2.i586.rpm
c605a09cc06a5b85a385332cf2796725 mes5/i586/java-1.6.0-openjdk-devel-1.6.0.0-22.b22.2mdvmes5.2.i586.rpm
039af4fca1593a5b3a0d0eae0ca76692 mes5/i586/java-1.6.0-openjdk-javadoc-1.6.0.0-22.b22.2mdvmes5.2.i586.rpm
ec14265c03a3636a43b5c99c743b18a0 mes5/i586/java-1.6.0-openjdk-src-1.6.0.0-22.b22.2mdvmes5.2.i586.rpm
d3d1636413e0f54d2c7c349600657675 mes5/i586/libxrender1-0.9.6-0.1mdvmes5.2.i586.rpm
6adfc8948ce1f7fe3f517229db281454 mes5/i586/libxrender-devel-0.9.6-0.1mdvmes5.2.i586.rpm
f5f988a83c0a7c3713530d46fcc4a0f7 mes5/i586/libxrender-static-devel-0.9.6-0.1mdvmes5.2.i586.rpm
c7c4c75829e2d8622c2e947605a27091 mes5/SRPMS/icedtea-web-1.0.4-0.2mdvmes5.2.src.rpm
5b7a1163490afaf752c05102c23be41f mes5/SRPMS/java-1.6.0-openjdk-1.6.0.0-22.b22.2mdvmes5.2.src.rpm
709ae35d50b7155fe89a6fd2d26eb865 mes5/SRPMS/libxrender-0.9.6-0.1mdvmes5.2.src.rpm

Mandriva Enterprise Server 5/X86_64:
f670e23a581cca291ece27139e788dc1 mes5/x86_64/icedtea-web-1.0.4-0.2mdvmes5.2.x86_64.rpm
0f3893008199b11f87d18edce4554de6 mes5/x86_64/java-1.6.0-openjdk-1.6.0.0-22.b22.2mdvmes5.2.x86_64.rpm
6fad2efe89e7efe9387933e65e3cadd0 mes5/x86_64/java-1.6.0-openjdk-demo-1.6.0.0-22.b22.2mdvmes5.2.x86_64.rpm
80a052ca0777874763cf1735b4f706ff mes5/x86_64/java-1.6.0-openjdk-devel-1.6.0.0-22.b22.2mdvmes5.2.x86_64.rpm
6990b2b5c0de9c1e2d7248a021ef0ba8 mes5/x86_64/java-1.6.0-openjdk-javadoc-1.6.0.0-22.b22.2mdvmes5.2.x86_64.rpm
4a39be86e947e6a61fb3002a130c83e1 mes5/x86_64/java-1.6.0-openjdk-src-1.6.0.0-22.b22.2mdvmes5.2.x86_64.rpm
a4b0d0938c5802bf0e998c38f0f0f427 mes5/x86_64/lib64xrender1-0.9.6-0.1mdvmes5.2.x86_64.rpm
dfebaaf4394ac9f1f8a8f465784ceb63 mes5/x86_64/lib64xrender-devel-0.9.6-0.1mdvmes5.2.x86_64.rpm
2ba6d8a3903b1ff61f3494bacde1048b mes5/x86_64/lib64xrender-static-devel-0.9.6-0.1mdvmes5.2.x86_64.rpm
c7c4c75829e2d8622c2e947605a27091 mes5/SRPMS/icedtea-web-1.0.4-0.2mdvmes5.2.src.rpm
5b7a1163490afaf752c05102c23be41f mes5/SRPMS/java-1.6.0-openjdk-1.6.0.0-22.b22.2mdvmes5.2.src.rpm
709ae35d50b7155fe89a6fd2d26eb865 mes5/SRPMS/libxrender-0.9.6-0.1mdvmes5.2.src.rpm
_______________________________________________________________________

To upgrade automatically use MandrivaUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.

All packages are signed by Mandriva for security. You can obtain the
GPG public key of the Mandriva Security Team by executing:

gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

You can view other update advisories for Mandriva Linux at:

http://www.mandriva.com/security/advisories

If you want to report vulnerabilities, please contact

security_(at)_mandriva.com
_______________________________________________________________________

Type Bits/KeyID Date User ID
pub 1024D/22458A98 2000-07-10 Mandriva Security Team
<security*mandriva.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)

iD8DBQFOSSBxmqjQ0CJFipgRAge9AKC/zeEWPazF5pZpS7q1uKjW/Gk1bgCgtDCN
xWq7I61m6QqApgs/cRKngYg=
=HCN8
-----END PGP SIGNATURE-----
Login or Register to add favorites

File Archive:

December 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Dec 1st
    0 Files
  • 2
    Dec 2nd
    41 Files
  • 3
    Dec 3rd
    25 Files
  • 4
    Dec 4th
    0 Files
  • 5
    Dec 5th
    0 Files
  • 6
    Dec 6th
    0 Files
  • 7
    Dec 7th
    0 Files
  • 8
    Dec 8th
    0 Files
  • 9
    Dec 9th
    0 Files
  • 10
    Dec 10th
    0 Files
  • 11
    Dec 11th
    0 Files
  • 12
    Dec 12th
    0 Files
  • 13
    Dec 13th
    0 Files
  • 14
    Dec 14th
    0 Files
  • 15
    Dec 15th
    0 Files
  • 16
    Dec 16th
    0 Files
  • 17
    Dec 17th
    0 Files
  • 18
    Dec 18th
    0 Files
  • 19
    Dec 19th
    0 Files
  • 20
    Dec 20th
    0 Files
  • 21
    Dec 21st
    0 Files
  • 22
    Dec 22nd
    0 Files
  • 23
    Dec 23rd
    0 Files
  • 24
    Dec 24th
    0 Files
  • 25
    Dec 25th
    0 Files
  • 26
    Dec 26th
    0 Files
  • 27
    Dec 27th
    0 Files
  • 28
    Dec 28th
    0 Files
  • 29
    Dec 29th
    0 Files
  • 30
    Dec 30th
    0 Files
  • 31
    Dec 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close