(RHSA-2014:0902) Critical: java-1.7.0-oracle security update

2014-07-1801:28:56

access.redhat.com

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.565 Medium

EPSS

Percentile

97.2%

JSON

Oracle Java SE version 7 includes the Oracle Java Runtime Environment and
the Oracle Java Software Development Kit.

This update fixes several vulnerabilities in the Oracle Java Runtime
Environment and the Oracle Java Software Development Kit. Further
information about these flaws can be found on the Oracle Java SE Critical
Patch Update Advisory page, listed in the References section.
(CVE-2014-4219, CVE-2014-2490, CVE-2014-4216, CVE-2014-4223, CVE-2014-4262,
CVE-2014-2483, CVE-2014-4209, CVE-2014-4218, CVE-2014-4252, CVE-2014-4266,
CVE-2014-4221, CVE-2014-4244, CVE-2014-4263, CVE-2014-4227, CVE-2014-4265,
CVE-2014-4220, CVE-2014-4208, CVE-2014-4264)

The CVE-2014-4262 issue was discovered by Florian Weimer of Red Hat
Product Security.

Note: The way in which the Oracle Java SE packages are delivered has
changed. They now reside in a separate channel/repository that requires
action from the user to perform prior to getting updated packages.
For information on subscribing to the new channel/repository please refer
to: https://access.redhat.com/solutions/732883

All users of java-1.7.0-oracle are advised to upgrade to these updated
packages, which provide Oracle Java 7 Update 65 and resolve these issues.
All running instances of Oracle Java must be restarted for the update to
take effect.

OSVersionArchitecturePackageVersionFilename
RedHat7x86_64java-1.7.0-oracle-plugin< 1.7.0.65-1jpp.1.el7java-1.7.0-oracle-plugin-1.7.0.65-1jpp.1.el7.x86_64.rpm
RedHat5x86_64java-1.7.0-oracle-plugin< 1.7.0.65-1jpp.2.el5_10java-1.7.0-oracle-plugin-1.7.0.65-1jpp.2.el5_10.x86_64.rpm
RedHat6x86_64java-1.7.0-oracle-devel< 1.7.0.65-1jpp.1.el6_5java-1.7.0-oracle-devel-1.7.0.65-1jpp.1.el6_5.x86_64.rpm
RedHat6x86_64java-1.7.0-oracle-javafx< 1.7.0.65-1jpp.1.el6_5java-1.7.0-oracle-javafx-1.7.0.65-1jpp.1.el6_5.x86_64.rpm
RedHat5i386java-1.7.0-oracle-devel< 1.7.0.65-1jpp.2.el5_10java-1.7.0-oracle-devel-1.7.0.65-1jpp.2.el5_10.i386.rpm
RedHat5i386java-1.7.0-oracle< 1.7.0.65-1jpp.2.el5_10java-1.7.0-oracle-1.7.0.65-1jpp.2.el5_10.i386.rpm
RedHat6i686java-1.7.0-oracle-javafx< 1.7.0.65-1jpp.1.el6_5java-1.7.0-oracle-javafx-1.7.0.65-1jpp.1.el6_5.i686.rpm
RedHat6x86_64java-1.7.0-oracle-jdbc< 1.7.0.65-1jpp.1.el6_5java-1.7.0-oracle-jdbc-1.7.0.65-1jpp.1.el6_5.x86_64.rpm
RedHat6i686java-1.7.0-oracle-devel< 1.7.0.65-1jpp.1.el6_5java-1.7.0-oracle-devel-1.7.0.65-1jpp.1.el6_5.i686.rpm
RedHat7i686java-1.7.0-oracle-devel< 1.7.0.65-1jpp.1.el7java-1.7.0-oracle-devel-1.7.0.65-1jpp.1.el7.i686.rpm

OS	Version	Architecture	Package	Version	Filename
RedHat	7	x86_64	java-1.7.0-oracle-plugin	< 1.7.0.65-1jpp.1.el7	java-1.7.0-oracle-plugin-1.7.0.65-1jpp.1.el7.x86_64.rpm
RedHat	5	x86_64	java-1.7.0-oracle-plugin	< 1.7.0.65-1jpp.2.el5_10	java-1.7.0-oracle-plugin-1.7.0.65-1jpp.2.el5_10.x86_64.rpm
RedHat	6	x86_64	java-1.7.0-oracle-devel	< 1.7.0.65-1jpp.1.el6_5	java-1.7.0-oracle-devel-1.7.0.65-1jpp.1.el6_5.x86_64.rpm
RedHat	6	x86_64	java-1.7.0-oracle-javafx	< 1.7.0.65-1jpp.1.el6_5	java-1.7.0-oracle-javafx-1.7.0.65-1jpp.1.el6_5.x86_64.rpm
RedHat	5	i386	java-1.7.0-oracle-devel	< 1.7.0.65-1jpp.2.el5_10	java-1.7.0-oracle-devel-1.7.0.65-1jpp.2.el5_10.i386.rpm
RedHat	5	i386	java-1.7.0-oracle	< 1.7.0.65-1jpp.2.el5_10	java-1.7.0-oracle-1.7.0.65-1jpp.2.el5_10.i386.rpm
RedHat	6	i686	java-1.7.0-oracle-javafx	< 1.7.0.65-1jpp.1.el6_5	java-1.7.0-oracle-javafx-1.7.0.65-1jpp.1.el6_5.i686.rpm
RedHat	6	x86_64	java-1.7.0-oracle-jdbc	< 1.7.0.65-1jpp.1.el6_5	java-1.7.0-oracle-jdbc-1.7.0.65-1jpp.1.el6_5.x86_64.rpm
RedHat	6	i686	java-1.7.0-oracle-devel	< 1.7.0.65-1jpp.1.el6_5	java-1.7.0-oracle-devel-1.7.0.65-1jpp.1.el6_5.i686.rpm
RedHat	7	i686	java-1.7.0-oracle-devel	< 1.7.0.65-1jpp.1.el7	java-1.7.0-oracle-devel-1.7.0.65-1jpp.1.el7.i686.rpm