java security update

2016-03-25T04:16:25
ID CESA-2016:0513
Type centos
Reporter CentOS Project
Modified 2016-03-25T04:16:25

Description

CentOS Errata and Security Advisory CESA-2016:0513

The java-1.8.0-openjdk packages contain the latest version of the Open Java Development Kit (OpenJDK), OpenJDK 8. These packages provide a fully compliant implementation of Java SE 8.

Security Fix(es):

  • An improper type safety check was discovered in the Hotspot component. An untrusted Java application or applet could use this flaw to bypass Java Sandbox restrictions. (CVE-2016-0636)

Merged security bulletin from advisories: http://lists.centos.org/pipermail/centos-announce/2016-March/021778.html

Affected packages: java-1.8.0-openjdk java-1.8.0-openjdk-accessibility java-1.8.0-openjdk-accessibility-debug java-1.8.0-openjdk-debug java-1.8.0-openjdk-demo java-1.8.0-openjdk-demo-debug java-1.8.0-openjdk-devel java-1.8.0-openjdk-devel-debug java-1.8.0-openjdk-headless java-1.8.0-openjdk-headless-debug java-1.8.0-openjdk-javadoc java-1.8.0-openjdk-javadoc-debug java-1.8.0-openjdk-src java-1.8.0-openjdk-src-debug

Upstream details at: https://rhn.redhat.com/errata/RHSA-2016-0513.html