Red Hat Security Advisory: java-1.6.0-sun security update
🔗 CVE IDs covered (14)
📋 Description
CVE-2014-3566 — SSL/TLS: Padding Oracle On Downgraded Legacy Encryption attack CVE-2014-6585 — ICU: font parsing OOB read (OpenJDK 2D, 8055489) CVE-2014-6587 — OpenJDK: MulticastSocket NULL pointer dereference (Libraries, 8056264) CVE-2014-6591 — ICU: font parsing OOB read (OpenJDK 2D, 8056276) CVE-2014-6593 — OpenJDK: incorrect tracking of ChangeCipherSpec during SSL/TLS handshake (JSSE, 8057555) CVE-2014-6601 — OpenJDK: class verifier insufficient invokespecial calls verification (Hotspot, 8058982) CVE-2015-0383 — OpenJDK: insecure hsperfdata temporary file handling (Hotspot, 8050807) CVE-2015-0395 — OpenJDK: phantom references handling issue in garbage collector (Hotspot, 8047125) CVE-2015-0403 — JDK: unspecified vulnerability fixed in 6u91, 7u75 and 8u31 (Deployment) CVE-2015-0406 — JDK: unspecified vulnerability fixed in 6u91, 7u75 and 8u31 (Deployment) CVE-2015-0407 — OpenJDK: directory information leak via file chooser (Swing, 8055304) CVE-2015-0408 — OpenJDK: incorrect context class loader use in RMI transport (RMI, 8055309) CVE-2015-0410 — OpenJDK: DER decoder infinite loop (Security, 8059485) CVE-2015-0412 — OpenJDK: insufficient code privileges checks (JAX-WS, 8054367)
🔗 References (19)
- selfhttps://access.redhat.com/errata/RHSA-2015:0086
- externalhttps://access.redhat.com/security/updates/classification/#important
- externalhttp://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html#AppendixJAVA
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1152789#c82
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1123870
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1152789
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1183020
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1183021
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1183023
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1183031
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1183043
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1183044
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1183049
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1183645
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1183646
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1183715
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1184275
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1184277
- selfhttps://security.access.redhat.com/data/csaf/v2/advisories/2015/rhsa-2015_0086.json