RHSA-2012:0006Critical
Red Hat Security Advisory: java-1.4.2-ibm security update
🔗 CVE IDs covered (9)
📋 Description
CVE-2011-3389 — HTTPS: block-wise chosen-plaintext attack against SSL/TLS (BEAST) CVE-2011-3545 — JDK: unspecified vulnerability fixed in 6u29 (Sound) CVE-2011-3547 — OpenJDK: InputStream skip() information leak (Networking/IO, 7000600) CVE-2011-3548 — OpenJDK: mutable static AWTKeyStroke.ctor (AWT, 7019773) CVE-2011-3549 — JDK: unspecified vulnerability fixed in 6u29 (Swing) CVE-2011-3552 — OpenJDK: excessive default UDP socket limit under SecurityManager (Networking, 7032417) CVE-2011-3556 — OpenJDK: RMI DGC server remote code execution (RMI, 7077466) CVE-2011-3557 — OpenJDK: RMI registry privileged code execution (RMI, 7083012) CVE-2011-3560 — OpenJDK: missing checkSetFactory calls in HttpsURLConnection (JSSE, 7096936)
🔗 References (13)
- selfhttps://access.redhat.com/errata/RHSA-2012:0006
- externalhttps://access.redhat.com/security/updates/classification/#critical
- externalhttp://www.ibm.com/developerworks/java/jdk/alerts/
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=737506
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=745379
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=745387
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=745397
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=745459
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=745464
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=745473
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=747191
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=747198
- selfhttps://security.access.redhat.com/data/csaf/v2/advisories/2012/rhsa-2012_0006.json