(RHSA-2013:0165) Important: java-1.7.0-openjdk security update

These packages provide the OpenJDK 7 Java Runtime Environment and the
OpenJDK 7 Software Development Kit.

Two improper permission check issues were discovered in the reflection API
in OpenJDK. An untrusted Java application or applet could use these flaws
to bypass Java sandbox restrictions. (CVE-2012-3174, CVE-2013-0422)

This erratum also upgrades the OpenJDK package to IcedTea7 2.3.4. Refer to
the NEWS file, linked to in the References, for further information.

All users of java-1.7.0-openjdk are advised to upgrade to these updated
packages, which resolve these issues. All running instances of OpenJDK Java
must be restarted for the update to take effect.