java-1.6.0-openjdk security update

2011-06-08T00:00:00
ID ELSA-2011-0857
Type oraclelinux
Reporter Oracle
Modified 2011-06-08T00:00:00

Description

[1:1.6.0.0-1.22.1.9.8.0.1.el5_6] - Add oracle-enterprise.patch [1:1.6.0.0-1.22.1.9.8] - Resolves: rhbz#668488 - Bumped to IcedTea6 1.9.8 - RH706250, S6213702, CVE-2011-0872: (so) non-blocking sockets with TCP urgent disabled get still selected for read ops (win) - RH706106, S6618658, CVE-2011-0865: Vulnerability in deserialization - RH706111, S7012520, CVE-2011-0815: Heap overflow vulnerability in FileDialog.show() - RH706139, S7013519, CVE-2011-0822, CVE-2011-0862: Integer overflows in 2D code - RH706153, S7013969, CVE-2011-0867: NetworkInterface.toString can reveal bindings - RH706234, S7013971, CVE-2011-0869: Vulnerability in SAAJ - RH706239, S7016340, CVE-2011-0870: Vulnerability in SAAJ - RH706241, S7016495, CVE-2011-0868: Crash in Java 2D transforming an image with scale close to zero - RH706248, S7020198, CVE-2011-0871: ImageIcon creates Component with null acc - RH706245, S7020373, CVE-2011-0864: JSR rewriting can overflow memory address size variables [1:1.6.0.0-1.22.1.9.7] - Resolves bz690289 - Import from RHEL-5_6-Z - Updated to IcedTea6 1.9.7 - Removed all plugin/webstart related commented lines - Modified bz entry format in previous logs to get around cvs ack checking bug