Red Hat Security Advisory: java-1.6.0-ibm security update
🔗 CVE IDs covered (18)
📋 Description
CVE-2011-3389 — HTTPS: block-wise chosen-plaintext attack against SSL/TLS (BEAST) CVE-2011-3516 — JDK: unspecified vulnerability fixed in 6u29 (Deployment) CVE-2011-3521 — OpenJDK: IIOP deserialization code execution (Deserialization, 7055902) CVE-2011-3544 — OpenJDK: missing SecurityManager checks in scripting engine (Scripting, 7046823) CVE-2011-3545 — JDK: unspecified vulnerability fixed in 6u29 (Sound) CVE-2011-3546 — JDK: unspecified vulnerability fixed in 6u29 (Deployment) CVE-2011-3547 — OpenJDK: InputStream skip() information leak (Networking/IO, 7000600) CVE-2011-3548 — OpenJDK: mutable static AWTKeyStroke.ctor (AWT, 7019773) CVE-2011-3549 — JDK: unspecified vulnerability fixed in 6u29 (Swing) CVE-2011-3550 — JDK: unspecified vulnerability fixed in 6u29 (AWT) CVE-2011-3551 — OpenJDK: Java2D TransformHelper integer overflow (2D, 7023640) CVE-2011-3552 — OpenJDK: excessive default UDP socket limit under SecurityManager (Networking, 7032417) CVE-2011-3553 — OpenJDK: JAX-WS stack-traces information leak (JAX-WS, 7046794) CVE-2011-3554 — OpenJDK: insufficient pack200 JAR files uncompress error checks (Runtime, 7057857) CVE-2011-3556 — OpenJDK: RMI DGC server remote code execution (RMI, 7077466) CVE-2011-3557 — OpenJDK: RMI registry privileged code execution (RMI, 7083012) CVE-2011-3560 — OpenJDK: missing checkSetFactory calls in HttpsURLConnection (JSSE, 7096936) CVE-2011-3561 — JDK: unspecified vulnerability fixed in 6u29 (Deployment)
🔗 References (22)
- selfhttps://access.redhat.com/errata/RHSA-2012:0034
- externalhttps://access.redhat.com/security/updates/classification/#critical
- externalhttp://www.ibm.com/developerworks/java/jdk/alerts/
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=737506
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=745379
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=745387
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=745391
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=745397
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=745399
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=745442
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=745447
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=745459
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=745464
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=745473
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=745476
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=747191
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=747198
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=747200
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=747203
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=747205
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=747208
- selfhttps://security.access.redhat.com/data/csaf/v2/advisories/2012/rhsa-2012_0034.json