U radu programskih paketa java-1.6.0-openjdk i java-1.7.0-openjdk uočeni su propusti koje zlonamjerni korisnici mogu iskoristiti za zaobilaženje Java sandbox ograničenja.
Paket:
java-1.6.0-openjdk , java-1.7.0-openjdk
Operacijski sustavi:
CentOS
Problem:
nepravilno rukovanje ovlastima, nespecificirana pogreška, pogreška u programskoj komponenti
CentOS Errata and Security Advisory 2012:1221 Critical
Upstream details at : https://rhn.redhat.com/errata/RHSA-2012-1221.html
The following updated files have been uploaded and are currently
syncing to the mirrors: ( sha256sum Filename )
i386:
6c75ff9d48c096fa7b78bbf3f6d67937aa3d48777194f74d314c1d1ad0fcc62c
java-1.6.0-openjdk-1.6.0.0-1.49.1.11.4.el6_3.i686.rpm
5b95328885583e5e69bfabc5f27797583b9fdbb47dd5fa5e541d9bde31318801
java-1.6.0-openjdk-demo-1.6.0.0-1.49.1.11.4.el6_3.i686.rpm
0119b805901d9344426d973a1bd77da13002354cf1f091f2f4a94c45e1ad17bd
java-1.6.0-openjdk-devel-1.6.0.0-1.49.1.11.4.el6_3.i686.rpm
a4a2630a5007972874ae6dbc10522a1ce8602352bc531e740d2f2a921820e8e1
java-1.6.0-openjdk-javadoc-1.6.0.0-1.49.1.11.4.el6_3.i686.rpm
acca3275c347a7e738db0756a9b7b9340612958d72cbf93f9c36dac6c7757973
java-1.6.0-openjdk-src-1.6.0.0-1.49.1.11.4.el6_3.i686.rpm
x86_64:
df906a20948fc625926989f3d03f42d5628129ad47ea59eaa9c546896346c7e3
java-1.6.0-openjdk-1.6.0.0-1.49.1.11.4.el6_3.x86_64.rpm
981ed048849bc576743c73d978331ec1c3e45e5fb6a05319bbc5cd4520aa5ca1
java-1.6.0-openjdk-demo-1.6.0.0-1.49.1.11.4.el6_3.x86_64.rpm
263ae33b51a30827ff98c868a595515e1517e45348c821213f89d77dd8e2c787
java-1.6.0-openjdk-devel-1.6.0.0-1.49.1.11.4.el6_3.x86_64.rpm
6d4080e3c8e7e121fa933bc15ba3d39669e70d752a28a1f3801e237bd9ab16db
java-1.6.0-openjdk-javadoc-1.6.0.0-1.49.1.11.4.el6_3.x86_64.rpm
0772cac395f48052b06c32c98e7805ad321082c5ae054167ae18589c76bc5a83
java-1.6.0-openjdk-src-1.6.0.0-1.49.1.11.4.el6_3.x86_64.rpm
Source:
a5ccb6965085f3af104b7e8d5203c371f70e3e358c5b5a9f10fb90f731aa4c26
java-1.6.0-openjdk-1.6.0.0-1.49.1.11.4.el6_3.src.rpm
--
Johnny Hughes
CentOS Project { http://www.centos.org/ }
irc: hughesjr, #Ova e-mail adresa je zaštićena od spambota. Potrebno je omogućiti JavaScript da je vidite.
_______________________________________________
CentOS-announce mailing list
Ova e-mail adresa je zaštićena od spambota. Potrebno je omogućiti JavaScript da je vidite.
http://lists.centos.org/mailman/listinfo/centos-announce
CentOS Errata and Security Advisory 2012:1223 Important
Upstream details at : https://rhn.redhat.com/errata/RHSA-2012-1223.html
The following updated files have been uploaded and are currently
syncing to the mirrors: ( sha256sum Filename )
i386:
40bed4840d6570db1175d265b941d4f7f7d0eb1a91a809b2aad90558b3d348a4
java-1.7.0-openjdk-1.7.0.5-2.2.1.el6_3.3.i686.rpm
1769a1d9de30ec1586c195c120c09cc7f1350940db72e61fe7ad6a027680b4ec
java-1.7.0-openjdk-demo-1.7.0.5-2.2.1.el6_3.3.i686.rpm
b77eebe55882a621adcb2aceb079c79b339cf240bf2260b3f3f10f71b24ebcb0
java-1.7.0-openjdk-devel-1.7.0.5-2.2.1.el6_3.3.i686.rpm
85516034a5b9506aee3f03dbb0b6c1487f94ff0847e1104c60ef23bcc9737f18
java-1.7.0-openjdk-javadoc-1.7.0.5-2.2.1.el6_3.3.noarch.rpm
525d6689e3fef59b843528bdd8359592a1f97fdfeb812de3436128304bdcd443
java-1.7.0-openjdk-src-1.7.0.5-2.2.1.el6_3.3.i686.rpm
x86_64:
d573ee363b21f7794e2f7a804cbcd4911506ab8cefb8a16411dc172151902a77
java-1.7.0-openjdk-1.7.0.5-2.2.1.el6_3.3.x86_64.rpm
d35d1323fe933b04e12fb1388075446482e3dcd1a2032525fb2871f1e3e5713e
java-1.7.0-openjdk-demo-1.7.0.5-2.2.1.el6_3.3.x86_64.rpm
901d6722670331994178433a77b54170ceacfa1a61043b220ea7a9d96033371e
java-1.7.0-openjdk-devel-1.7.0.5-2.2.1.el6_3.3.x86_64.rpm
014bf1f06c25667035c74b41ddd24184edf5a7a56aa531cd502cec65f52a7415
java-1.7.0-openjdk-javadoc-1.7.0.5-2.2.1.el6_3.3.noarch.rpm
c48dfb1146b2ff3d5d31b149b24844f18505d06784a2d881773d634b26caa551
java-1.7.0-openjdk-src-1.7.0.5-2.2.1.el6_3.3.x86_64.rpm
Source:
524e1160f7a2dc48ca66ae197fa48484a529daee6f4250e98b4d15993fb190ef
java-1.7.0-openjdk-1.7.0.5-2.2.1.el6_3.3.src.rpm
--
Johnny Hughes
CentOS Project { http://www.centos.org/ }
irc: hughesjr, #Ova e-mail adresa je zaštićena od spambota. Potrebno je omogućiti JavaScript da je vidite.
_______________________________________________
CentOS-announce mailing list
Ova e-mail adresa je zaštićena od spambota. Potrebno je omogućiti JavaScript da je vidite.
http://lists.centos.org/mailman/listinfo/centos-announce
CentOS Errata and Security Advisory 2012:1222 Important
Upstream details at : https://rhn.redhat.com/errata/RHSA-2012-1222.html
The following updated files have been uploaded and are currently
syncing to the mirrors: ( sha256sum Filename )
i386:
7437228e7156444c66d7b294837461204fb6303d331c17c4237af90a90f8bcb0
java-1.6.0-openjdk-1.6.0.0-1.28.1.10.9.el5_8.i386.rpm
07dc1e991473ae1da5d1c033d25c2216f7fa7814709c4f58810215387f218f9f
java-1.6.0-openjdk-demo-1.6.0.0-1.28.1.10.9.el5_8.i386.rpm
e2f87b2b5a96be0f99c1688d5c7099a7843598a66126ddf137563e3a01da4eb7
java-1.6.0-openjdk-devel-1.6.0.0-1.28.1.10.9.el5_8.i386.rpm
4a68635e06caaa6787309d7d309f3e65af129bf5e095def18a3e38fdd629c544
java-1.6.0-openjdk-javadoc-1.6.0.0-1.28.1.10.9.el5_8.i386.rpm
9d4c16dbc547af1b18068240e5ddfe7480cbe04369ec72501277fc06530b89a2
java-1.6.0-openjdk-src-1.6.0.0-1.28.1.10.9.el5_8.i386.rpm
x86_64:
ee32cf42ce06d2b5d2419769f318cf9cbdf1fdbe8bbb2c97f9f717c8b811411a
java-1.6.0-openjdk-1.6.0.0-1.28.1.10.9.el5_8.x86_64.rpm
0581f1db2864f8c5ea8c3965313cd328eaacf4634af6675e3b3f0ab7d6f3c03a
java-1.6.0-openjdk-demo-1.6.0.0-1.28.1.10.9.el5_8.x86_64.rpm
1d728ea74749e7e63460eeaf3bf1d230d3bd1a2b3b2fc73c5e60b9b4292290fc
java-1.6.0-openjdk-devel-1.6.0.0-1.28.1.10.9.el5_8.x86_64.rpm
019dc8e8dc0401516de68ecaaed0696ed64c4030b3f4dc4ccdde7a22102b45cb
java-1.6.0-openjdk-javadoc-1.6.0.0-1.28.1.10.9.el5_8.x86_64.rpm
7219714f7a3149afc32e59a38e2c99cf917e1dc96051b197f1fb582c50d5e5a2
java-1.6.0-openjdk-src-1.6.0.0-1.28.1.10.9.el5_8.x86_64.rpm
Source:
ac255c4302ac6887872278bbc4bb9064e4bd267beccc5e2729fc62414b21c3e3
java-1.6.0-openjdk-1.6.0.0-1.28.1.10.9.el5_8.src.rpm
--
Johnny Hughes
CentOS Project { http://www.centos.org/ }
irc: hughesjr, #Ova e-mail adresa je zaštićena od spambota. Potrebno je omogućiti JavaScript da je vidite.
_______________________________________________
CentOS-announce mailing list
Ova e-mail adresa je zaštićena od spambota. Potrebno je omogućiti JavaScript da je vidite.
http://lists.centos.org/mailman/listinfo/centos-announce
Posljednje sigurnosne preporuke