Gentoo Linux Security Advisory 201401-30 - Multiple vulnerabilities have been found in the Oracle JRE/JDK, allowing attackers to cause unspecified impact. Versions less than or equal to 1.6.0.45 are affected.
72f2aefba431a697c1d570fbb434eb79207fb4a72606cbe6c7ddb60e387613d9
HP Security Bulletin HPSBUX02784 SSRT100871 - Potential security vulnerabilities have been identified in Java Runtime Environment (JRE) and Java Developer Kit (JDK) running on HP-UX. These vulnerabilities could allow remote unauthorized access, disclosure of information, and other vulnerabilities. Revision 1 of this advisory.
c8cd23f3678147e9687ce204ce5796798aa365b0cbd0273a21667ba087d2b32d
Red Hat Security Advisory 2012-0514-01 - The IBM Java SE version 6 release includes the IBM Java 6 Runtime Environment and the IBM Java 6 Software Development Kit. This update fixes several vulnerabilities in the IBM Java 6 Runtime Environment and the IBM Java 6 Software Development Kit.
c68d983985bbac883534803d400c741a3bcffae537b924190a690eefdff3d8de
Red Hat Security Advisory 2012-0508-01 - The IBM 1.5.0 Java release includes the IBM Java 2 Runtime Environment and the IBM Java 2 Software Development Kit. This update fixes several vulnerabilities in the IBM Java 2 Runtime Environment and the IBM Java 2 Software Development Kit.
86cdccdd75a2167c965a21dcf8b602ed42e2bf5e67e39de3e1dd59929dafce0e
HP Security Bulletin HPSBUX02760 SSRT100805 - Potential security vulnerabilities have been identified in Java Runtime Environment (JRE) and Java Developer Kit (JDK) running on HP-UX. These vulnerabilities could allow remote unauthorized access, disclosure of information, and other vulnerabilities. Revision 1 of this advisory.
acfdae2c78ed11317e15f892b2f10a4eaa37c64d3c9e0846dbb5792aa6d01b95
HP Security Bulletin HPSBUX02757 SSRT100779 2 - Potential security vulnerabilities have been identified in Java Runtime Environment (JRE) and Java Developer Kit (JDK) running on HP-UX. These vulnerabilities could allow remote unauthorized access, disclosure of information, and other vulnerabilities. Revision 2 of this advisory.
c5a0e87798a83e3a26479d57dc941d9529228666687065183c587e8f64dae163
Apple Security Advisory 2012-04-03-1 - Java for OS X 2012-001 and Java for Mac OS X 10.6 Update 7 is now available. It addresses multiple vulnerabilities that exist in Java 1.6.0_29, the most serious of which may allow an untrusted Java applet to execute arbitrary code outside the Java sandbox.
9b2491e0649107046854a66362922281cb8a88f0446d805f1131dd3c839681ab
Ubuntu Security Notice 1373-2 - USN 1373-1 fixed vulnerabilities in OpenJDK 6 in Ubuntu 10.04 LTS, Ubuntu 10.10 and Ubuntu 11.04 for all architectures except for ARM (armel). This provides the corresponding OpenJDK 6 update for use with the ARM (armel) architecture in Ubuntu 10.04 LTS, Ubuntu 10.10 and Ubuntu 11.04.
d63f63cce13067e86594d7b41cc4fcfc48a0a4fe97f8a49fdbb9d9b6da4a1a42
Debian Linux Security Advisory 2420-1 - Several vulnerabilities have been discovered in OpenJDK, an implementation of the Oracle Java platform.
fa1b83bdce1c8a57ecb30bfd91b17d3c396d3e17e373a4a5a9bbff32d14720f2
Ubuntu Security Notice 1373-1 - It was discovered that the Java HttpServer class did not limit the number of headers read from a HTTP request. A remote attacker could cause a denial of service by sending special requests that trigger hash collisions predictably. Various other issues were also addressed.
f5d1680ea07c3d083ccb24ffe7ffae199ba83aed9e742267a6ecfcda91111e3c
Red Hat Security Advisory 2012-0322-01 - These packages provide the OpenJDK 6 Java Runtime Environment and the OpenJDK 6 Software Development Kit. It was discovered that Java2D did not properly check graphics rendering objects before passing them to the native renderer. Malicious input, or an untrusted Java application or applet could use this flaw to crash the Java Virtual Machine, or bypass Java sandbox restrictions. It was discovered that the exception thrown on deserialization failure did not always contain a proper identification of the cause of the failure. An untrusted Java application or applet could use this flaw to bypass Java sandbox restrictions.
a47b8edfd1d4bed1bde89335a2a2494f395ff12d9652b721790b470340985519
Mandriva Linux Security Advisory 2012-021 - Multiple security issues were identified and fixed in OpenJDK (icedtea6). The updated packages provides icedtea6-1.10.6 which is not vulnerable to these issues.
5b2fd88e8a9ff6a537fe564785369fae1a0e6c2783336b7003b1192898240b20
PRE-CERT Security Advisory - The function countCENHeaders() in zip_util.c of the java.util.zip implementation contains an off-by-one bug. The bug can be exploited via corrupted ZIP files to cause an endless recursion. The endless recursion results in a segmentation fault of the JVM. Oracle Java SE and IcedTea6 have multiple affected versions.
b5f37a7f307a6f81bd2dc8df66689823d138dc57ed9df9c9fb504453144b4fc0
Red Hat Security Advisory 2012-0139-01 - The Sun 1.6.0 Java release includes the Sun Java 6 Runtime Environment and the Sun Java 6 Software Development Kit. This update fixes several vulnerabilities in the Sun Java 6 Runtime Environment and the Sun Java 6 Software Development Kit. Further information about these flaws can be found on the Oracle Java SE Critical Patch page, listed in the References section. All users of java-1.6.0-sun are advised to upgrade to these updated packages, which provide JDK and JRE 6 Update 31 and resolve these issues. All running instances of Sun Java must be restarted for the update to take effect.
59b1b1771497372d96df83e9b666267326a847cc6eb7bd98422eeda63449205d
Red Hat Security Advisory 2012-0135-01 - These packages provide the OpenJDK 6 Java Runtime Environment and the OpenJDK 6 Software Development Kit. It was discovered that Java2D did not properly check graphics rendering objects before passing them to the native renderer. Malicious input, or an untrusted Java application or applet could use this flaw to crash the Java Virtual Machine, or bypass Java sandbox restrictions. It was discovered that the exception thrown on deserialization failure did not always contain a proper identification of the cause of the failure. An untrusted Java application or applet could use this flaw to bypass Java sandbox restrictions.
03a52258048d18b15e6ac5ca0a3669a39f7dda305c6e46f2a57b7e2a22041bd8