Java Code, Details Released for Potential Sandbox Bypass Issue

Additional details and code demonstrating a possible security vulnerability in Java were released this morning by a Polish security research company, bringing to a head a three-week long debate between the researcher and Oracle over whether the issue is indeed a vulnerability or an allowed behavi...

SuSE 11.2 Security Update : Java (SAT Patch Number 7450)

IBM Java 1.4.2 has been updated to SR13-FP15 which fixes various critical security issues and bugs. Please see the IBM JDK Alert page for more information : http://www.ibm.com/developerworks/java/jdk/alerts/ Security issues fixed : - / CVE-2013-0443. CVE-2013-1478 / CVE-2013-1480 / CVE-2013-1476 ...

JDK: unspecified vulnerability fixed in 6u39 and 7u13 (Deployment)

Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 7 through Update 11 and 6 through Update 38 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment, a different vulnerability than other CVEs...

java security update

CentOS Errata and Security Advisory CESA-2013:0603 Updated java-1.7.0-openjdk packages that fix two security issues are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System...

Mac OS X : Java for Mac OS X 10.6 Update 14

The remote Mac OS X host has a version of Java for Mac OS X 10.6 that is missing Update 14, which updates the Java version to 1.6.043. It is, therefore, affected by two security vulnerabilities, the most serious of which may allow an untrusted Java applet to execute arbitrary code with the...

Oracle Rushes Emergency Java Update to Patch McRAT Vulnerabilities

Oracle has once again released an emergency Java update to patch zero-day vulnerabilities in the browser plug-in, the fifth time it has updated the platform this year. Today’s update patches CVE-2013-1493 and CVE-2013-0809, the former was discovered last week being exploited in the wild for Java ...

java-1_6_0-openjdk: update to icedtea 1.12.3 (important)

java-160-openjdk was updated to IcedTea 1.12.3 bnc804654 containing security and bugfixes: Security fixes - S8006446: Restrict MBeanServer access CVE-2013-1486 - S8006777: Improve TLS handling of invalid messages Lucky 13 CVE-2013-0169 - S8007688: Blacklist known bad certificate issued by DigiCer...

SuSE 11.2 Security Update : Java (SAT Patch Number 7385)

java-160-openjdk has been updated to IcedTea 1.12.3 bnc804654 which contains security and bugfixes : - Security fixes - S8006446: Restrict MBeanServer access. CVE-2013-1486 - S8006777: Improve TLS handling of invalid messages Lucky 13. CVE-2013-0169 - S8007688: Blacklist known bad certificate...

java-1.6.0-openjdk security update

1:1.6.0.0-1.56.1.11.8 - Rebuild with updated sources - Resolves: rhbz911524 1:1.6.0.0-1.55.1.11.8 - Updated to icedtea6 1.11.8 - Removed patch9 7201064.patch - Removed patch10 8005615.patch - Removed not-applied patch 6664509.patch - Removed mauve as deadly outdated and run on QA - jtreg kept,...

java-1.6.0-openjdk security update

1:1.6.0.0-1.35.1.11.8.0.1.el59 - Add oracle-enterprise.patch 1:1.6.0.0-1.35.1.11.8 - Rebuild with updated source tarball - Resolves: rhbz911522 1:1.6.0.0-1.34.1.11.8 - Updated to icedtea6 1.11.8 - Removed patch9 7201064.patch - Removed patch10 8005615.patch - Removed not-applied patch 6664509.pat...

Oracle Java contains multiple vulnerabilities

Overview Java 7 Update 11, Java 6 Update 38, and earlier versions of Java contain vulnerabilities that can allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description The Oracle Java Runtime Environment JRE allows users to run Java applications in a...

java-1_6_0-openjdk: update to 1.11.5 icedtea (important)

This version upgrade to 1.11.5 fixed various security and non-security issues...

java-1.6.0-openjdk security update

1:1.6.0.0-1.50.1.11.5 - Changed permissions of sa-jdi.jar to correct 644 - Resolves: rhbz865045 1:1.6.0.0-1.49.1.11.5 - Updated to IcedTea6 1.11.5 - Resolves rhbzs 856124, 865346, 865348, 865350, 865352, 865354, 865357, 865359, 865363, 865365, 865370, 865428, 865471, 865434, 865511, 865514, 86551...

Apple Fixes Flaws, Updates Java 6 for OS X

Apple pushed out a Java update for its Snow Leopard, Lion and Mountain Lion systems Wednesday, fixing vulnerabilities Oracle tackled in last week’s emergency CVE-2012-4681 patch. Both Java for Mac OS X 10.6 Update 10 and Java for OS X 2012-005 update the Java SE 6 plugin and, in what might be a...

Mac OS X : Java for OS X 2012-005

The remote Mac OS X 10.7 or 10.8 host is running a version of Java for Mac OS X that is missing update 2012-005, which updates the Java version to 1.6.035. As such, it potentially contains two methods that do not properly restrict access to information about other classes. Specifically, the...

java-1.6.0-openjdk security update

1:1.6.0.0-1.49.1.11.4 - Updated to latest IedTea6 1.11.4 - Resolves: rhbz853345 1:1.6.0.0-1.48.1.11.3 - Access gnome bridge jar is forced to have 644 permissions - Resolves: rhbz828752 1:1.6.0.0-1.47.1.11.3 - Modified patch3, java-1.6.0-openjdk-java-access-bridge-security.patch: -...

Scientific Linux Security Update : java (jdk 1.6.0) on SL4.x, SL5.x i386/x86_64

The jdk in Scientific Linux 4 and 5 is being updated from 1.5.0 to 1.6.0. This update provides some security updates, as well as several feature updates. Java code that was able to run on version 1.5.0 should be able run on the 1.6.0 version. It is recommended that you recompiled your java code o...

CentOS Update for java CESA-2012:0135 centos6

Check for the Version of java OpenVAS Vulnerability Test CentOS Update for java CESA-2012:0135 centos6 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...

Apple Releases Java Update for OS X Lion and Mac OS X

Apple has released a Java update to address multiple vulnerabilities for the following products: Mac OS X v10.6.8 Mac OS X Server v10.6.8 OS X Lion v10.7.4 OS X Lion Server v10.7.4 These vulnerabilities may allow an attacker to execute arbitrary code or cause a denial-of-service condition. US-CER...

Mac OS X : Java for OS X 2012-004

The remote Mac OS X 10.7 host is running a version of Java for Mac OS X that is missing update 2012-004, which updates the Java version to 1.6.033. As such, it is affected by several security vulnerabilities, the most serious of which may allow an untrusted Java applet to execute arbitrary code...