openSUSE-SU-2010:1017-1 (important): java-1_6_0-openjdk: security update

3 Dec 2010

      openSUSE Security Update: java-1_6_0-openjdk: security update
______________________________________________________________________________

Announcement ID:    openSUSE-SU-2010:1017-1
Rating:             important
References:         #656742 
Cross-References:   CVE-2010-3860
Affected Products:
                    openSUSE 11.3
                    openSUSE 11.2
                    openSUSE 11.1
______________________________________________________________________________

   An update that fixes one vulnerability is now available.

Description:

   This update of IcedTea fixes an information leak in System
   property via public static. (CVE-2010-3860)

Patch Instructions:

   To install this openSUSE Security Update use YaST online_update.
   Alternatively you can run the command listed for your product:

   - openSUSE 11.3:

      zypper in -t patch java-1_6_0-openjdk-3618

   - openSUSE 11.2:

      zypper in -t patch java-1_6_0-openjdk-3618

   - openSUSE 11.1:

      zypper in -t patch java-1_6_0-openjdk-3618

   To bring your system up-to-date, use "zypper patch".

Package List:

   - openSUSE 11.3 (i586 x86_64):

      java-1_6_0-openjdk-1.6.0.0_b20.1.9.2-0.2.1
      java-1_6_0-openjdk-devel-1.6.0.0_b20.1.9.2-0.2.1
      java-1_6_0-openjdk-plugin-1.6.0.0_b20.1.9.2-0.2.1

   - openSUSE 11.3 (noarch):

      java-1_6_0-openjdk-demo-1.6.0.0_b20.1.9.2-0.2.1
      java-1_6_0-openjdk-javadoc-1.6.0.0_b20.1.9.2-0.2.1
      java-1_6_0-openjdk-src-1.6.0.0_b20.1.9.2-0.2.1

   - openSUSE 11.2 (i586 x86_64):

      java-1_6_0-openjdk-1.6.0.0_b20.1.9.2-0.2.1
      java-1_6_0-openjdk-devel-1.6.0.0_b20.1.9.2-0.2.1
      java-1_6_0-openjdk-plugin-1.6.0.0_b20.1.9.2-0.2.1

   - openSUSE 11.2 (noarch):

      java-1_6_0-openjdk-demo-1.6.0.0_b20.1.9.2-0.2.1
      java-1_6_0-openjdk-javadoc-1.6.0.0_b20.1.9.2-0.2.1
      java-1_6_0-openjdk-src-1.6.0.0_b20.1.9.2-0.2.1

   - openSUSE 11.1 (i586 x86_64):

      java-1_6_0-openjdk-1.6.0.0_b20.1.9.2-0.1.1
      java-1_6_0-openjdk-demo-1.6.0.0_b20.1.9.2-0.1.1
      java-1_6_0-openjdk-devel-1.6.0.0_b20.1.9.2-0.1.1
      java-1_6_0-openjdk-javadoc-1.6.0.0_b20.1.9.2-0.1.1
      java-1_6_0-openjdk-plugin-1.6.0.0_b20.1.9.2-0.1.1
      java-1_6_0-openjdk-src-1.6.0.0_b20.1.9.2-0.1.1

References:

   http://support.novell.com/security/cve/CVE-2010-3860.html
   https://bugzilla.novell.com/656742

opensuse-security＠opensuse.org

tags

participants (1)