Bug List: (This bug is not in your last search results)   Show last search results      Search page      Enter new bug
Bug#: 190686
Alias:
Product:
Component:
Status: RESOLVED
Resolution: FIXED
Assigned To: Gentoo Security <security@gentoo.org>
Hardware:
OS:
Version:
Priority:
Severity:
Reporter: Matt Fleming (RETIRED) <mjf@gentoo.org>
Add CC:
CC:
Remove selected CCs
URL:
Summary:
Status Whiteboard:
Keywords:
Flags: Requestee:
 
 
  ()

Filename Description Type Creator Created Size Actions
Create a New Attachment (proposed patch, testcase, etc.) View All

Bug 190686 depends on: Show dependency tree
Bug 190686 blocks:

Additional Comments: (this is where you put emerge --info)


Not eligible to see or edit group visibility for this bug.






View Bug Activity   |   Format For Printing   |   XML   |   Clone This Bug

Description:   Opened: 2007-08-29 18:56 0000 
Some vulnerabilities have been reported in JRockit, which can be
exploited by malicious people to bypass certain security
restrictions, conduct cross-site scripting attacks, to cause a DoS
(Denial of Service), or to compromise a vulnerable system.

1) An integer overflow error within the parser for embedded ICC
profiles of JPG and BMP images can be exploited to cause a DoS or to
potentially execute arbitrary code.

For more information see vulnerability #1 in:
SA25295

2) An error within the BMP file parser can be exploited to cause a
DoS.

For more information see vulnerability #2 in:
SA25295

3) An error when generating HTML documentation pages with JavaDoc can
potentially be exploited to conduct cross-site scripting attacks.

For more information:
SA25769

4) An error exists when processing SSL/TLS handshake requests can be
exploited to cause a DoS.

For more information see vulnerability #1:
SA26015

5) An error within the Java Runtime Environment Applet Class Loader
can be exploited to establish restricted network connections to
certain services running on the local host.

For more information see vulnerability #2:
SA26015

6) An error when processing XSLT stylesheets contained in XSLT
Transforms in XML signatures can be exploited to execute arbitrary
code.

For more information:
SA26031

7) An unspecified error in the parsing of fonts contained in Java
applets can be exploited to read and write local files, or to execute
local applications.

For more information:
SA26402

The vulnerabilities affect BEA JRockit versions R27.3.1 and prior,
and BEA JRockit versions 7.0 SP6 and prior.

SOLUTION:
Apply patches (see vendor advisories for details).

PROVIDED AND/OR DISCOVERED BY:
Reported by the vendor.

ORIGINAL ADVISORY:
4) http://dev2dev.bea.com/pub/advisory/249
1,2,3,5,6,7) http://dev2dev.bea.com/pub/advisory/248

------- Comment #1 From Matt Fleming (RETIRED) 2007-08-29 18:59:27 0000 ------- 
CC'ing maintainers and setting whiteboard status.

------- Comment #2 From Vlastimil Babka (Caster) 2007-08-31 13:27:32 0000 ------- 
Thanks for the info. Would never find it by my occasional looking at the
download pages, they released it in a nonstandard way, hm.

Added, had to make up the _p1 suffix to distinguish it, which upstream didn't.

Arches please stabilize:
1.4.2.14_p1 (x86+ia64 only)
1.5.0.11_p1 (all)

------- Comment #3 From Chris Gianelloni (RETIRED) 2007-08-31 17:43:44 0000 ------- 
My weblogic likes it on amd64, so I like it... amd64 stable...

------- Comment #4 From Christian Faulhammer 2007-09-01 08:37:31 0000 ------- 
x86 stable

------- Comment #5 From Raúl Porcel 2007-09-01 10:27:10 0000 ------- 
ia64 stable

------- Comment #6 From Pierre-Yves Rofes 2007-09-08 12:15:44 0000 ------- 
B2 so no need for a vote. glsa request filed.

------- Comment #7 From Raphael Marichez 2007-09-23 22:33:41 0000 ------- 
it's GLSA 200709-15, s'ry for the delay

------- Comment #8 From Vlastimil Babka (Caster) 2007-09-24 18:34:04 0000 ------- 
Just wondering why you didn't cover both slots as usual and glsa recommends
only >=1.5.0.11_p1 ?
Bug List: (This bug is not in your last search results)   Show last search results      Search page      Enter new bug