MGASA-2012-0252
Date: | September 4th, 2012 |
Affected releases: | 1, 2 |
Description:
Updated java-1.6.0-openjdk packages fix security vulnerabilities:
IcedTea6 has been updated to versions 1.10.9 and 1.11.4, which fix an
XMLDecoder security issue via ClassFinder (CVE-2012-1682) and an issue
with AWT internals references (CVE-2012-0547), along with other bugs.
Updated Packages:
Mageia 1:
java-1.6.0-openjdk-1.6.0.0-29.b22.1.mga1
java-1.6.0-openjdk-devel-1.6.0.0-29.b22.1.mga1
java-1.6.0-openjdk-demo-1.6.0.0-29.b22.1.mga1
java-1.6.0-openjdk-src-1.6.0.0-29.b22.1.mga1
java-1.6.0-openjdk-javadoc-1.6.0.0-29.b22.1.mga1
Mageia 2:
java-1.6.0-openjdk-1.6.0.0-34.b24.1.mga2
java-1.6.0-openjdk-devel-1.6.0.0-34.b24.1.mga2
java-1.6.0-openjdk-demo-1.6.0.0-34.b24.1.mga2
java-1.6.0-openjdk-src-1.6.0.0-34.b24.1.mga2
java-1.6.0-openjdk-javadoc-1.6.0.0-34.b24.1.mga2
References:
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=2012-0547
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=2012-1682
http://blog.fuseyism.com/index.php/2012/08/31/security-icedtea6-1-10-9-1-11-4-icedtea-2-3-2-released/
http://www.oracle.com/technetwork/topics/security/alert-cve-2012-4681-1835715.html
https://bugs.mageia.org/show_bug.cgi?id=7279