Red Hat Security Advisory: java-1.5.0-ibm security update
🔗 CVE IDs covered (14)
📋 Description
CVE-2013-6629 — libjpeg: information leak (read of uninitialized memory) CVE-2014-0429 — OpenJDK: Incorrect mlib/raster image validation (2D, 8027841) CVE-2014-0446 — OpenJDK: Protect logger handlers (Libraries, 8029740) CVE-2014-0451 — OpenJDK: AWT incorrect FlavorMap seperation (AWT, 8026797) CVE-2014-0453 — OpenJDK: RSA unpadding timing issues (Security, 8027766) CVE-2014-0457 — OpenJDK: ServiceLoader Exception handling security bypass (Libraries, 8031394) CVE-2014-0460 — OpenJDK: missing randomization of JNDI DNS client query IDs (JNDI, 8030731) CVE-2014-0878 — JDK: Vulnerability in the IBMSecureRandom implementation of the IBMJCE and IBMSecureRandom cryptographic providers CVE-2014-1876 — OpenJDK: insecure temporary file use in unpack200 (Libraries, 8033618) CVE-2014-2398 — OpenJDK: insufficient escaping of window title string (Javadoc, 8026736) CVE-2014-2401 — JDK: unspecified vulnerability fixed in 5.0u75, 6u75, 7u55 and 8u5 (2D) CVE-2014-2412 — OpenJDK: AWT thread context handling (AWT, 8025010) CVE-2014-2421 — OpenJDK: JPEG decoder input stream handling (2D, 8029854) CVE-2014-2427 — OpenJDK: remove insecure Java Sound provider caching (Sound, 8026163)
🔗 References (17)
- selfhttps://access.redhat.com/errata/RHSA-2014:0509
- externalhttps://access.redhat.com/security/updates/classification/#important
- externalhttps://www.ibm.com/developerworks/java/jdk/alerts/
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1031734
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1060907
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1086632
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1086645
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1087409
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1087411
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1087417
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1087427
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1087428
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1087439
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1087441
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1087442
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1088030
- selfhttps://security.access.redhat.com/data/csaf/v2/advisories/2014/rhsa-2014_0509.json