Red Hat Security Advisory: java-1.6.0-openjdk security update
🔗 CVE IDs covered (14)
📋 Description
CVE-2013-4578 — OpenJDK: jarsigner does not detect unsigned bytecode injected into signed jars CVE-2013-5878 — OpenJDK: null xmlns handling issue (Security, 8025026) CVE-2013-5884 — OpenJDK: insufficient security checks in CORBA stub factories (CORBA, 8026193) CVE-2013-5896 — OpenJDK: com.sun.corba.se. should be restricted package (CORBA, 8025022) CVE-2013-5907 — ICU: Layout Engine LookupProcessor insufficient input checks (JDK 2D, 8025034) CVE-2013-5910 — OpenJDK: XML canonicalizer mutable strings passed to untrusted code (Security, 8026417) CVE-2014-0368 — OpenJDK: insufficient Socket checkListen checks (Networking, 8011786) CVE-2014-0373 — OpenJDK: SnmpStatusException handling issues (Serviceability, 7068126) CVE-2014-0376 — OpenJDK: document builder missing security checks (JAXP, 8027201, 8025018) CVE-2014-0411 — OpenJDK: TLS/SSL handshake timing issues (JSSE, 8023069) CVE-2014-0416 — OpenJDK: insecure subject principals set handling (JAAS, 8024306) CVE-2014-0422 — OpenJDK: insufficient package access checks in the Naming component (JNDI, 8025758) CVE-2014-0423 — OpenJDK: XXE issue in decoder (Beans, 8023245) CVE-2014-0428 — OpenJDK: insufficient security checks in IIOP streams (CORBA, 8025767)
🔗 References (16)
- selfhttps://access.redhat.com/errata/RHSA-2014:0097
- externalhttps://access.redhat.com/security/updates/classification/#important
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1051519
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1051528
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1051699
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1051823
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1051911
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1051912
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1051923
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1052915
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1052919
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1052942
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1053010
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1053066
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1053266
- selfhttps://security.access.redhat.com/data/csaf/v2/advisories/2014/rhsa-2014_0097.json