Ispravljeni su višestruki nedostaci programskog paketa java-1.6.0-openjdk koje zlonamjerni korisnik može iskoristiti za zaobilaženje postavljenih ograničenja ili izvođenje DoS napada.
Paket:
java-1.6.0-openjdk
Operacijski sustavi:
CentOS
Kritičnost:
6.8
Problem:
neodgovarajuća provjera ulaznih podataka, neodgovarajuće rukovanje datotekama, pogreška u programskoj funkciji, pogreška u programskoj komponenti
CentOS Errata and Security Advisory 2012:0729 Critical
Upstream details at : https://rhn.redhat.com/errata/RHSA-2012-0729.html
The following updated files have been uploaded and are currently
syncing to the mirrors: ( sha256sum Filename )
i386:
f6064d60ec45630845556ea2bfbf70ebbc5ea95717803eb8027128f9655bc5d3
java-1.6.0-openjdk-1.6.0.0-1.48.1.11.3.el6_2.i686.rpm
bdbcde99f4db7a8f3fb1718f34af8dbe54e6c253c3a7049a23afa1f95a920494
java-1.6.0-openjdk-demo-1.6.0.0-1.48.1.11.3.el6_2.i686.rpm
6382c6a20130004aa6a3a34c39ffd61cd49ebddcb4670c8b110b5094943a76f8
java-1.6.0-openjdk-devel-1.6.0.0-1.48.1.11.3.el6_2.i686.rpm
264fed7959f4939ddc6549e33f2e37af2c6e1a9692be0055f0fb3dec03c1cc4e
java-1.6.0-openjdk-javadoc-1.6.0.0-1.48.1.11.3.el6_2.i686.rpm
b4d12776a4096262a4afb507186986695174aa496b0e9400aa57d500375e2eb6
java-1.6.0-openjdk-src-1.6.0.0-1.48.1.11.3.el6_2.i686.rpm
x86_64:
294692a655d216d9694d4689aa905751ee441fd12bdba84eb0201cb982d1364b
java-1.6.0-openjdk-1.6.0.0-1.48.1.11.3.el6_2.x86_64.rpm
aa479002a611beb1f85db30896cc18eb93499c1ba80cd210bdb4a0f9bc2e61f5
java-1.6.0-openjdk-demo-1.6.0.0-1.48.1.11.3.el6_2.x86_64.rpm
04417bda745a7af5bf82eb91ad2c522471a530822eb271ecbb6f04d29d2f8b54
java-1.6.0-openjdk-devel-1.6.0.0-1.48.1.11.3.el6_2.x86_64.rpm
4023d85f98a659ffd44cafda01d52092db6a2c36624b758415d47182308c150a
java-1.6.0-openjdk-javadoc-1.6.0.0-1.48.1.11.3.el6_2.x86_64.rpm
a73b6aeb73341c9319cbf6950b95a6a9eb3b5fd381ec0ed8949d092ea64d215f
java-1.6.0-openjdk-src-1.6.0.0-1.48.1.11.3.el6_2.x86_64.rpm
Source:
55fecca6690cbd8855e3da09599f8de4cdb51ac812b457a5ca69a3f0ce2c0f15
java-1.6.0-openjdk-1.6.0.0-1.48.1.11.3.el6_2.src.rpm
--
Johnny Hughes
CentOS Project { http://www.centos.org/ }
irc: hughesjr, #Ova e-mail adresa je zaštićena od spambota. Potrebno je omogućiti JavaScript da je vidite.
_______________________________________________
CentOS-announce mailing list
Ova e-mail adresa je zaštićena od spambota. Potrebno je omogućiti JavaScript da je vidite.
http://lists.centos.org/mailman/listinfo/centos-announce
CentOS Errata and Security Advisory 2012:0730 Important
Upstream details at : https://rhn.redhat.com/errata/RHSA-2012-0730.html
The following updated files have been uploaded and are currently
syncing to the mirrors: ( sha256sum Filename )
i386:
f1f34d561b7a8792c87baa365b8c476dbc16149df94ea0a932e022d474097445
java-1.6.0-openjdk-1.6.0.0-1.27.1.10.8.el5_8.i386.rpm
0cea3bb758babe5704bdf9897f07f29a96eb97c4be5ce21c618fc8d33747b04a
java-1.6.0-openjdk-demo-1.6.0.0-1.27.1.10.8.el5_8.i386.rpm
71ab34ae5c8c4d7e43a61fcfae9e10f50941cbeebc2e0fe23d82285817b21efb
java-1.6.0-openjdk-devel-1.6.0.0-1.27.1.10.8.el5_8.i386.rpm
21f4b7cbe5175549528a3dac11c505f28b7a668e9dde5ccbf17cf345cf83575b
java-1.6.0-openjdk-javadoc-1.6.0.0-1.27.1.10.8.el5_8.i386.rpm
280419ee63d45161e204fef85af031d278eb0909e9cc1bafc452b0705db7836e
java-1.6.0-openjdk-src-1.6.0.0-1.27.1.10.8.el5_8.i386.rpm
x86_64:
1b0412bd15d348d4877e0fbd9cd50e82c3e6dce631bf308f6f8858de98f7b5f2
java-1.6.0-openjdk-1.6.0.0-1.27.1.10.8.el5_8.x86_64.rpm
b9dcd93b7fa94e31887896710a5fa359db59f4e9718560529595b54a68153434
java-1.6.0-openjdk-demo-1.6.0.0-1.27.1.10.8.el5_8.x86_64.rpm
5f3e3f41f9e0f012d12d42fc238ca0c71bbebc2e50c090a104797ef9f216d723
java-1.6.0-openjdk-devel-1.6.0.0-1.27.1.10.8.el5_8.x86_64.rpm
9a78d0538ab735128188ea3a6aa5664db2111d94c2e8162f1acd44875c4aaa29
java-1.6.0-openjdk-javadoc-1.6.0.0-1.27.1.10.8.el5_8.x86_64.rpm
f5b83eb56f378bcf7dfbb99231b715455b98c0dd6c259b4373b6c5822bece004
java-1.6.0-openjdk-src-1.6.0.0-1.27.1.10.8.el5_8.x86_64.rpm
Source:
49f7df8ca0562c4a706c0553ac41c4b625a2035d21ba7a730c154d3f79c95b43
java-1.6.0-openjdk-1.6.0.0-1.27.1.10.8.el5_8.src.rpm
--
Johnny Hughes
CentOS Project { http://www.centos.org/ }
irc: hughesjr, #Ova e-mail adresa je zaštićena od spambota. Potrebno je omogućiti JavaScript da je vidite.
_______________________________________________
CentOS-announce mailing list
Ova e-mail adresa je zaštićena od spambota. Potrebno je omogućiti JavaScript da je vidite.
http://lists.centos.org/mailman/listinfo/centos-announce
Posljednje sigurnosne preporuke