Nom du paquet
java-1.7.0-openjdk
Date
2013-04-10
Advisory ID
MDVSA-2013:095
Affected versions
MBS1 x86_64

Problem description

Updated java-1.7.0-openjdk packages fix security vulnerabilities:

Two improper permission check issues were discovered in the reflection
API in OpenJDK. An untrusted Java application or applet could use
these flaws to bypass Java sandbox restrictions (CVE-2012-3174,
CVE-2013-0422).

Multiple improper permission check issues were discovered in the AWT,
CORBA, JMX, Libraries, and Beans components in OpenJDK. An untrusted
Java application or applet could use these flaws to bypass Java
sandbox restrictions (CVE-2013-0442, CVE-2013-0445, CVE-2013-0441,
CVE-2013-1475, CVE-2013-1476, CVE-2013-0429, CVE-2013-0450,
CVE-2013-0425, CVE-2013-0426, CVE-2013-0428, CVE-2013-0444).

Multiple flaws were found in the way image parsers in the 2D and AWT
components handled image raster parameters. A specially-crafted image
could cause Java Virtual Machine memory corruption and, possibly,
lead to arbitrary code execution with the virtual machine privileges
(CVE-2013-1478, CVE-2013-1480).

A flaw was found in the AWT component's clipboard handling code. An
untrusted Java application or applet could use this flaw to access
clipboard data, bypassing Java sandbox restrictions (CVE-2013-0432).

The default Java security properties configuration did not restrict
access to certain com.sun.xml.internal packages. An untrusted Java
application or applet could use this flaw to access information,
bypassing certain Java sandbox restrictions. This update lists the
whole package as restricted (CVE-2013-0435).

Multiple improper permission check issues were discovered in the
JMX, Libraries, Networking, and JAXP components. An untrusted Java
application or applet could use these flaws to bypass certain Java
sandbox restrictions (CVE-2013-0431, CVE-2013-0427, CVE-2013-0433,
CVE-2013-0434).

It was discovered that the RMI component's CGIHandler class used
user inputs in error messages without any sanitization. An attacker
could use this flaw to perform a cross-site scripting (XSS) attack
(CVE-2013-0424).

It was discovered that the SSL/TLS implementation in the JSSE component
did not properly enforce handshake message ordering, allowing an
unlimited number of handshake restarts. A remote attacker could use
this flaw to make an SSL/TLS server using JSSE consume an excessive
amount of CPU by continuously restarting the handshake (CVE-2013-0440).

It was discovered that the JSSE component did not properly validate
Diffie-Hellman public keys. An SSL/TLS client could possibly use this
flaw to perform a small subgroup attack (CVE-2013-0443).

Multiple improper permission check issues were discovered in the JMX
and Libraries components in OpenJDK. An untrusted Java application
or applet could use these flaws to bypass Java sandbox restrictions
(CVE-2013-1486, CVE-2013-1484).

An improper permission check issue was discovered in the Libraries
component in OpenJDK. An untrusted Java application or applet could use
this flaw to bypass certain Java sandbox restrictions (CVE-2013-1485).

It was discovered that OpenJDK leaked timing information when
decrypting TLS/SSL protocol encrypted records when CBC-mode cipher
suites were used. A remote attacker could possibly use this flaw to
retrieve plain text from the encrypted packets by using a TLS/SSL
server as a padding oracle (CVE-2013-0169).

An integer overflow flaw was found in the way the 2D component
handled certain sample model instances. A specially-crafted sample
model instance could cause Java Virtual Machine memory corruption
and, possibly, lead to arbitrary code execution with virtual machine
privileges (CVE-2013-0809).

It was discovered that the 2D component did not properly reject certain
malformed images. Specially-crafted raster parameters could cause Java
Virtual Machine memory corruption and, possibly, lead to arbitrary
code execution with virtual machine privileges (CVE-2013-1493).

Updated packages

MBS1 x86_64

 b951d387ee818e0b204cb1a239ac2ae1  mbs1/x86_64/java-1.7.0-openjdk-1.7.0.6-2.3.8.1.1.mbs1.x86_64.rpm
 00676ff0eefe12d69e0b93ee4f9ac8c4  mbs1/x86_64/java-1.7.0-openjdk-demo-1.7.0.6-2.3.8.1.1.mbs1.x86_64.rpm
 3733ddb46d4ba9fe639d90271c1113c3  mbs1/x86_64/java-1.7.0-openjdk-devel-1.7.0.6-2.3.8.1.1.mbs1.x86_64.rpm
 1d47fd14d7fe3a20d81c5cf808e75fe6  mbs1/x86_64/java-1.7.0-openjdk-javadoc-1.7.0.6-2.3.8.1.1.mbs1.noarch.rpm
 baab88a94f04c3c3f0fc322fe2562c9b  mbs1/x86_64/java-1.7.0-openjdk-src-1.7.0.6-2.3.8.1.1.mbs1.x86_64.rpm 
 d019dda16506ffb609ae8ce66a7cda7c  mbs1/SRPMS/java-1.7.0-openjdk-1.7.0.6-2.3.8.1.1.mbs1.src.rpm

References