Red Hat Security Advisory: java-1.5.0-ibm security update
🔗 CVE IDs covered (12)
📋 Description
CVE-2011-3389 — HTTPS: block-wise chosen-plaintext attack against SSL/TLS (BEAST) CVE-2011-3557 — OpenJDK: RMI registry privileged code execution (RMI, 7083012) CVE-2011-3560 — OpenJDK: missing checkSetFactory calls in HttpsURLConnection (JSSE, 7096936) CVE-2011-3563 — OpenJDK: JavaSound incorrect bounds check (Sound, 7088367) CVE-2012-0498 — JDK: unspecified vulnerability fixed in 6u31 and 7u3 (2D) CVE-2012-0499 — JDK: unspecified vulnerability fixed in 6u31 and 7u3 (2D) CVE-2012-0501 — OpenJDK: off-by-one bug in ZIP reading code (JRE, 7118283) CVE-2012-0502 — OpenJDK: KeyboardFocusManager focus stealing (AWT, 7110683) CVE-2012-0503 — OpenJDK: unrestricted use of TimeZone.setDefault() (i18n, 7110687) CVE-2012-0505 — OpenJDK: incomplete info in the deserialization exception (Serialization, 7110700) CVE-2012-0506 — OpenJDK: mutable repository identifiers (CORBA, 7110704) CVE-2012-0507 — OpenJDK: AtomicReferenceArray insufficient array type check (Concurrency, 7082299)
🔗 References (16)
- selfhttps://access.redhat.com/errata/RHSA-2012:0508
- externalhttps://access.redhat.com/security/updates/classification/#critical
- externalhttp://www.ibm.com/developerworks/java/jdk/alerts/
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=737506
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=745379
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=745464
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=788624
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=788976
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=788994
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=789295
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=789297
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=789299
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=789300
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=790720
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=790722
- selfhttps://security.access.redhat.com/data/csaf/v2/advisories/2012/rhsa-2012_0508.json