Fedora 15 : java-1.6.0-openjdk-1.6.0.0-65.1.10.8.fc15 (2012-9541)

high Nessus Plugin ID 59547

Synopsis

The remote Fedora host is missing a security update.

Description

Security fixes S7079902, CVE-2012-1711: Refine CORBA data models S7110720: Issue with vm config file loadingIssue with vm config file loading S7143606, CVE-2012-1717: File.createTempFile should be improved for temporary files created by the platform. S7143614, CVE-2012-1716: SynthLookAndFeel stability improvement S7143617, CVE-2012-1713: Improve fontmanager layout lookup operations S7143851, CVE-2012-1719: Improve IIOP stub and tie generation in RMIC S7143872, CVE-2012-1718: Improve certificate extension processing S7145239:
Finetune package definition restriction S7152811, CVE-2012-1723:
Issues in client compiler S7157609, CVE-2012-1724: Issues with loop S7160677: missing else in fix for 7152811 S7160757, CVE-2012-1725:
Problem with hotspot/runtime_classfile Bug fixes PR1018: JVM fails due to SEGV during rendering some Unicode characters (part of 6886358)

- Updated to IcedTea6 1.10.7

- Removed patch5

- Fixed build with GCC 4.7

- Bug fixes

- PR732: Use xsltproc for bootstrap xslt in place of Xerces/Xalan

- PR881: Sign tests (wsse.policy.basic) failures with OpenJDK6

- Specify both source and target in IT_GET_DTDTYPE_CHECK.

- PR758: [regression] javah from 6hg/b23 generates `jlong' from `private int'

- Install nss.cfg into j2re-image too.

- Backports

- S6792400: Avoid loading of Normalizer resources for simple uses

- S7103224: collision between __LEAF define in interfaceSupport.hpp and /usr/include/sys/cdefs.h with gcc

- S7140882: Don't return booleans from methods returning pointers

- Updated to IcedTea6-1.11.2

- Bug fixes

- RH789154: javac error messages no longer contain the full path to the offending file :

- PR797: Compiler error message does not display entire file name and path

- PR881: Sign tests (wsse.policy.basic) failures with OpenJDK6

- PR886: 6-1.11.1 fails to build CACAO on ppc

- Specify both source and target in IT_GET_DTDTYPE_CHECK.

- Install nss.cfg into j2re-image too.

- PR584: Don't use shared Eden in incremental mode.

- Backports

- S6792400: Avoid loading of Normalizer resources for simple uses

Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

Solution

Update the affected java-1.6.0-openjdk package.

See Also

http://www.nessus.org/u?25dfbf6c

Plugin Details

Severity: High

ID: 59547

File Name: fedora_2012-9541.nasl

Version: 1.13

Type: local

Agent: unix

Published: 6/18/2012

Updated: 1/11/2021

Supported Sensors: Agentless Assessment, Continuous Assessment, Frictionless Assessment Agent, Nessus Agent, Nessus

Vulnerability Information

CPE: p-cpe:/a:fedoraproject:fedora:java-1.6.0-openjdk, cpe:/o:fedoraproject:fedora:15

Required KB Items: Host/local_checks_enabled, Host/RedHat/release, Host/RedHat/rpm-list

Patch Publication Date: 6/15/2012

Reference Information

FEDORA: 2012-9541