RHSA-2015:0086High

Red Hat Security Advisory: java-1.6.0-sun security update

Published
January 26, 2015
Last Modified
June 27, 2026

🔗 CVE IDs covered (14)

📋 Description

CVE-2014-3566 — SSL/TLS: Padding Oracle On Downgraded Legacy Encryption attack CVE-2014-6585 — ICU: font parsing OOB read (OpenJDK 2D, 8055489) CVE-2014-6587 — OpenJDK: MulticastSocket NULL pointer dereference (Libraries, 8056264) CVE-2014-6591 — ICU: font parsing OOB read (OpenJDK 2D, 8056276) CVE-2014-6593 — OpenJDK: incorrect tracking of ChangeCipherSpec during SSL/TLS handshake (JSSE, 8057555) CVE-2014-6601 — OpenJDK: class verifier insufficient invokespecial calls verification (Hotspot, 8058982) CVE-2015-0383 — OpenJDK: insecure hsperfdata temporary file handling (Hotspot, 8050807) CVE-2015-0395 — OpenJDK: phantom references handling issue in garbage collector (Hotspot, 8047125) CVE-2015-0403 — JDK: unspecified vulnerability fixed in 6u91, 7u75 and 8u31 (Deployment) CVE-2015-0406 — JDK: unspecified vulnerability fixed in 6u91, 7u75 and 8u31 (Deployment) CVE-2015-0407 — OpenJDK: directory information leak via file chooser (Swing, 8055304) CVE-2015-0408 — OpenJDK: incorrect context class loader use in RMI transport (RMI, 8055309) CVE-2015-0410 — OpenJDK: DER decoder infinite loop (Security, 8059485) CVE-2015-0412 — OpenJDK: insufficient code privileges checks (JAX-WS, 8054367)

🔗 References (19)