SuseSUSE-SU-2013:0315-1Security update for Java 1.6.0 (important)
0.093 Low
EPSS
Percentile
94.1%
java-1_6_0-openjdk based on Icedtea6-1.12.2 was released,
fixing various security issues:
New in release 1.12.2 (2012-02-03):
Security fixes
o S6563318, CVE-2013-0424: RMI data sanitization
o S6664509, CVE-2013-0425: Add logging context o S6664528,
CVE-2013-0426: Find log level matching its name or value
given at construction time o S6776941: CVE-2013-0427:
Improve thread pool shutdown o S7141694, CVE-2013-0429:
Improving CORBA internals o S7173145: Improve in-memory
representation of splashscreens o S7186945: Unpack200
improvement o S7186946: Refine unpacker resource usage o
S7186948: Improve Swing data validation o S7186952,
CVE-2013-0432: Improve clipboard access o S7186954: Improve
connection performance o S7186957: Improve Pack200 data
validation o S7192392, CVE-2013-0443: Better validation of
client keys o S7192393, CVE-2013-0440: Better Checking of
order of TLS Messages o S7192977, CVE-2013-0442: Issue in
toolkit thread o S7197546, CVE-2013-0428: (proxy) Reflect
about creating reflective proxies o S7200491: Tighten up
JTable layout code o S7200500: Launcher better input
validation o S7201064: Better dialogue checking o S7201066,
CVE-2013-0441: Change modifiers on unused fields o
S7201068, CVE-2013-0435: Better handling of UI elements o
S7201070: Serialization to conform to protocol o S7201071,
CVE-2013-0433: InetSocketAddress serialization issue o
S8000210: Improve JarFile code quality o S8000537,
CVE-2013-0450: Contextualize RequiredModelMBean class o
S8000540, CVE-2013-1475: Improve IIOP type reuse management
o S8000631, CVE-2013-1476: Restrict access to class
constructor o S8001235, CVE-2013-0434: Improve JAXP HTTP
handling o S8001242: Improve RMI HTTP conformance o
S8001307: Modify ACC_SUPER behavior o S8001972,
CVE-2013-1478: Improve image processing o S8002325,
CVE-2013-1480: Improve management of images
*
Backports
o S7010849: 5/5 Extraneous javac source/target
options when building sa-jdi o S8004341: Two JCK tests
fails with 7u11 b06 o S8005615: Java Logger fails to load
tomcat logger implementation (JULI)
*
Bug fixes
o PR1297: cacao and jamvm parallel unpack
failures o PR1301: PR1171 causes builds of Zero to fail
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| SUSE Linux Enterprise Desktop | 11.2 | x86_64 | java-1_6_0-openjdk-devel | < 1.6.0.0_b27.1.12.2-0.2.1 | java-1_6_0-openjdk-devel-1.6.0.0_b27.1.12.2-0.2.1.x86_64.rpm |
| SUSE Linux Enterprise Desktop | 11.2 | i586 | java-1_6_0-openjdk-devel | < 1.6.0.0_b27.1.12.2-0.2.1 | java-1_6_0-openjdk-devel-1.6.0.0_b27.1.12.2-0.2.1.i586.rpm |
| SUSE Linux Enterprise Desktop | 11.2 | i586 | java-1_6_0-openjdk | < 1.6.0.0_b27.1.12.2-0.2.1 | java-1_6_0-openjdk-1.6.0.0_b27.1.12.2-0.2.1.i586.rpm |
| SUSE Linux Enterprise Desktop | 11.2 | x86_64 | java-1_6_0-openjdk | < 1.6.0.0_b27.1.12.2-0.2.1 | java-1_6_0-openjdk-1.6.0.0_b27.1.12.2-0.2.1.x86_64.rpm |
| SUSE Linux Enterprise Desktop | 11.2 | x86_64 | java-1_6_0-openjdk-demo | < 1.6.0.0_b27.1.12.2-0.2.1 | java-1_6_0-openjdk-demo-1.6.0.0_b27.1.12.2-0.2.1.x86_64.rpm |
| SUSE Linux Enterprise Desktop | 11.2 | i586 | java-1_6_0-openjdk-demo | < 1.6.0.0_b27.1.12.2-0.2.1 | java-1_6_0-openjdk-demo-1.6.0.0_b27.1.12.2-0.2.1.i586.rpm |
Related
