Mailinglist Archive: opensuse-updates (72 mails)

< Previous Next >
openSUSE-SU-2010:0553-1 (moderate): java-1_6_0-openjdk security update
  • From: opensuse-security@xxxxxxxxxxxx
  • Date: Thu, 26 Aug 2010 17:08:09 +0200 (CEST)
  • Message-id: <20100826150809.49E6EBE29@xxxxxxxxxxxxxx>
openSUSE Security Update: java-1_6_0-openjdk security update
______________________________________________________________________________

Announcement ID: openSUSE-SU-2010:0553-1
Rating: moderate
References: #623905
Cross-References: CVE-2010-2548 CVE-2010-2783
Affected Products:
openSUSE 11.3
openSUSE 11.2
openSUSE 11.1
______________________________________________________________________________

An update that fixes two vulnerabilities is now available.

Description:

icedtea included in java-1_6_0-openjdk was updated to
version 1.8.1 which fixes two security issues:

CVE-2010-2783: IcedTea 'Extended JNLP Services' arbitrary
file access CVE-2010-2548: IcedTea Incomplete property
access check for unsigned applications

The new version also fixes many non-security bugs. For
details please see
http://blog.fuseyism.com/index.php/2010/07/28/icedtea6-181-r
eleased/


Patch Instructions:

To install this openSUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:

- openSUSE 11.3:

zypper in -t patch java-1_6_0-openjdk-3003

- openSUSE 11.2:

zypper in -t patch java-1_6_0-openjdk-3003

- openSUSE 11.1:

zypper in -t patch java-1_6_0-openjdk-3003

To bring your system up-to-date, use "zypper patch".


Package List:

- openSUSE 11.3 (i586 x86_64):

java-1_6_0-openjdk-1.6.0.0_b18-1.1.5
java-1_6_0-openjdk-devel-1.6.0.0_b18-1.1.5
java-1_6_0-openjdk-plugin-1.6.0.0_b18-1.1.5

- openSUSE 11.3 (noarch):

java-1_6_0-openjdk-demo-1.6.0.0_b18-1.1.5
java-1_6_0-openjdk-javadoc-1.6.0.0_b18-1.1.5
java-1_6_0-openjdk-src-1.6.0.0_b18-1.1.5

- openSUSE 11.2 (i586 x86_64):

java-1_6_0-openjdk-1.6.0.0_b18-1.1.3
java-1_6_0-openjdk-devel-1.6.0.0_b18-1.1.3
java-1_6_0-openjdk-plugin-1.6.0.0_b18-1.1.3

- openSUSE 11.2 (noarch):

java-1_6_0-openjdk-demo-1.6.0.0_b18-1.1.3
java-1_6_0-openjdk-javadoc-1.6.0.0_b18-1.1.3
java-1_6_0-openjdk-src-1.6.0.0_b18-1.1.3

- openSUSE 11.1 (i586 ppc x86_64):

java-1_6_0-openjdk-1.6.0.0_b18-1.2.3
java-1_6_0-openjdk-demo-1.6.0.0_b18-1.2.3
java-1_6_0-openjdk-devel-1.6.0.0_b18-1.2.3
java-1_6_0-openjdk-javadoc-1.6.0.0_b18-1.2.3
java-1_6_0-openjdk-plugin-1.6.0.0_b18-1.2.3
java-1_6_0-openjdk-src-1.6.0.0_b18-1.2.3


References:

http://support.novell.com/security/cve/CVE-2010-2548.html
http://support.novell.com/security/cve/CVE-2010-2783.html
https://bugzilla.novell.com/623905


< Previous Next >
This Thread
  • No further messages