[SECURITY] Fedora 18 Update: java-1.7.0-openjdk-1.7.0.6-2.3.1.fc18.2

updates at fedoraproject.org updates at fedoraproject.org
Mon Sep 17 22:40:47 UTC 2012


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2012-13100
2012-09-01 16:48:40
--------------------------------------------------------------------------------

Name        : java-1.7.0-openjdk
Product     : Fedora 18
Version     : 1.7.0.6
Release     : 2.3.1.fc18.2
URL         : http://openjdk.java.net/
Summary     : OpenJDK Runtime Environment
Description :
The OpenJDK runtime environment.

--------------------------------------------------------------------------------
Update Information:

This update is fixing recent important security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE.

It was discovered that the Beans component in OpenJDK did not perform permission checks properly. An untrusted Java application or applet could use this flaw to use classes from restricted packages, allowing it to bypass Java sandbox restrictions. (CVE-2012-4681)

http://blog.fuseyism.com/index.php/2012/08/31/security-icedtea6-1-10-9-1-11-4-icedtea-2-3-2-released/
--------------------------------------------------------------------------------

This update can be installed with the "yum" update program.  Use 
su -c 'yum update java-1.7.0-openjdk' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora Project GPG key.  More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------


More information about the package-announce mailing list