MGASA-2012-0122
| Date: | June 20th, 2012 |
| Affected releases: | 2 |
Description:
Updated java-1.7.0-openjdk packages fix security vulnerabilities:
Multiple flaws were discovered in the CORBA (Common Object Request
Broker Architecture) implementation in Java. A malicious Java
application or applet could use these flaws to bypass Java sandbox
restrictions or modify immutable object data (CVE-2012-1711,
CVE-2012-1719).
It was discovered that the SynthLookAndFeel class from Swing did
not properly prevent access to certain UI elements from outside
the current application context. A malicious Java application or
applet could use this flaw to crash the Java Virtual Machine, or
bypass Java sandbox restrictions (CVE-2012-1716).
Multiple flaws were discovered in the font manager's layout lookup
implementation. A specially-crafted font file could cause the Java
Virtual Machine to crash or, possibly, execute arbitrary code with
the privileges of the user running the virtual machine (CVE-2012-1713).
Multiple flaws were found in the way the Java HotSpot Virtual
Machine verified the bytecode of the class file to be executed. A
specially-crafted Java application or applet could use these flaws
to crash the Java Virtual Machine, or bypass Java sandbox
restrictions (CVE-2012-1723, CVE-2012-1725).
It was discovered that the Java XML parser did not properly handle
certain XML documents. An attacker able to make a Java application
parse a specially-crafted XML file could use this flaw to make the
XML parser enter an infinite loop (CVE-2012-1724).
It was discovered that the Java security classes did not properly
handle Certificate Revocation Lists (CRL). CRL containing entries
with duplicate certificate serial numbers could have been ignored
(CVE-2012-1718).
It was discovered that various classes of the Java Runtime library
could create temporary files with insecure permissions. A local
attacker could use this flaw to gain access to the content of such
temporary files (CVE-2012-1717).
It was discovered that java.lang.invoke.MethodHandles.Lookup did not
properly honor access modes. An untrusted Java application or applet
could use this flaw to bypass Java sandbox restrictions (CVE-2012-1726).
The package has been updated to IcedTea-2.2.1, which is not
vulnerable to these issues.
Updated Packages:
java-1.7.0-openjdk-1.7.0.3-2.2.1.0.2.mga2
java-1.7.0-openjdk-demo-1.7.0.3-2.2.1.0.2.mga2
java-1.7.0-openjdk-devel-1.7.0.3-2.2.1.0.2.mga2
java-1.7.0-openjdk-javadoc-1.7.0.3-2.2.1.0.2.mga2
java-1.7.0-openjdk-src-1.7.0.3-2.2.1.0.2.mga2
References:
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1711
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1713
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1716
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1717
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1718
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1719
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1723
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1724
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1725
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1726
https://bugzilla.redhat.com/show_bug.cgi?id=829377
http://blog.fuseyism.com/index.php/2012/06/13/security-icedtea-2-1-1-2-2-1-released/
http://www.oracle.com/technetwork/topics/security/javacpujun2012-1515912.html
https://rhn.redhat.com/errata/RHSA-2012-0729.html
https://bugs.mageia.org/show_bug.cgi?id=6450
