RHSA-2014:0685High

Red Hat Security Advisory: java-1.6.0-openjdk security update

Published
June 10, 2014
Last Modified
June 27, 2026

🔗 CVE IDs covered (19)

📋 Description

CVE-2014-0429 — OpenJDK: Incorrect mlib/raster image validation (2D, 8027841) CVE-2014-0446 — OpenJDK: Protect logger handlers (Libraries, 8029740) CVE-2014-0451 — OpenJDK: AWT incorrect FlavorMap seperation (AWT, 8026797) CVE-2014-0452 — OpenJDK: incorrect caching of data initialized via TCCL (JAXWS, 8026801) CVE-2014-0453 — OpenJDK: RSA unpadding timing issues (Security, 8027766) CVE-2014-0456 — OpenJDK: System.arraycopy() element race condition (Hotspot, 8029858) CVE-2014-0457 — OpenJDK: ServiceLoader Exception handling security bypass (Libraries, 8031394) CVE-2014-0458 — OpenJDK: Activation framework default command map caching (JAX-WS, 8025152) CVE-2014-0460 — OpenJDK: missing randomization of JNDI DNS client query IDs (JNDI, 8030731) CVE-2014-0461 — OpenJDK: Better ScriptEngineManager ScriptEngine management (Libraries, 8036794) CVE-2014-1876 — OpenJDK: insecure temporary file use in unpack200 (Libraries, 8033618) CVE-2014-2397 — OpenJDK: classfile parser invalid BootstrapMethods attribute length (Hotspot, 8034926) CVE-2014-2398 — OpenJDK: insufficient escaping of window title string (Javadoc, 8026736) CVE-2014-2403 — OpenJDK: JAXP CharInfo file access restriction (JAXP, 8029282) CVE-2014-2412 — OpenJDK: AWT thread context handling (AWT, 8025010) CVE-2014-2414 — OpenJDK: incorrect caching of data initialized via TCCL (JAXB, 8025030) CVE-2014-2421 — OpenJDK: JPEG decoder input stream handling (2D, 8029854) CVE-2014-2423 — OpenJDK: incorrect caching of data initialized via TCCL (JAXWS, 8026188) CVE-2014-2427 — OpenJDK: remove insecure Java Sound provider caching (Sound, 8026163)

🔗 References (22)