Summary: | Sun JRE/JDK <1.6.0.20 java webstart code execution vulnerability (CVE-2010-{0886,0887}) | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Hanno Böck <hanno> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | major | CC: | gnu_andrew, java |
Priority: | High | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | http://www.reversemode.com/index.php?option=com_content&task=view&id=67&Itemid=1 | ||
Whiteboard: | A2 [glsa] | ||
Package list: | Runtime testing required: | --- | |
Bug Depends on: | 306579 | ||
Bug Blocks: |
Description
Hanno Böck
2010-04-10 15:24:46 UTC
Andrew: you aware? does it apply to icedtea's plugin? Sun's Web Start implementation was never open-sourced. So it's not part of IcedTea or OpenJDK. To our knowledge, this exploit does not affect the IcedTea plugin. The MIME type given in the exploit is not accepted by the IcedTea plugin and even if VM arguments can reach it, a whitelist of such arguments is used to filter them. Updating summary. Also it's doubtful if this affects linux even with sun-jdk. http://java.sun.com/javase/6/webnotes/6u20.html I can't decide from the list of bugs if this is the fix for this or not. Full descriptions seem to be not public, damnit. http://www.oracle.com/technology/deploy/security/alerts/alert-cve-2010-0886.html they say the webstart thing doesn't affect linux, but there's also another bug in the plugin, which does also 6u20 dlj was released: https://jdk-distros.dev.java.net/developer.html will bump in 3-4 hours unless someone is faster Sorry, the previous version didn't last long... Arches, please test and mark stable: =dev-java/sun-jre-bin-1.6.0.20 =dev-java/sun-jdk-1.6.0.20 Target keywords : "amd64 x86" =app-emulation/emul-linux-x86-java-1.6.0.20 Target keywords : "amd64" It looks good to go on the x86 side. x86 stable amd64 stable, all arches done. GLSA together with bug 306579. CVE-2010-0886 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0886): Unspecified vulnerability in the Java Deployment Toolkit component in Oracle Java SE and Java for Business JDK and JRE 6 Update 10 through 19 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. CVE-2010-0887 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0887): Unspecified vulnerability in the New Java Plug-in component in Oracle Java SE and Java for Business JDK and JRE 6 Update 18 and 19 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. GLSA 201006-18 |