Summary: | dev-java/sun-jdk, sun-jre-bin, app-emulation/emul-linux-x86-java <1.6.0.26: Multiple vulnerabilities (CVE-2011-{0802,0814,0815,0862,0863,0864,0865,0867,0868,0869,0871,0872,0873}) | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Tim Sammut (RETIRED) <underling> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | normal | CC: | alexanderyt, java |
Priority: | High | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | http://www.oracle.com/technetwork/topics/security/javacpujune2011-313339.html | ||
Whiteboard: | B2 [glsa] | ||
Package list: | Runtime testing required: | --- | |
Bug Depends on: | |||
Bug Blocks: | 215614, 370787, 377623 |
Description
Tim Sammut (RETIRED)
2011-06-07 20:35:16 UTC
Please stabilize dev-java/sun-jdk-1.6.0.26 dev-java/sun-jre-bin-1.6.0.26 (amd64 only) app-emulation/emul-linux-x86-java-1.6.0.26 amd64 ok x86 stable amd64 done. Thanks Agostino Thanks, everyone. Added to existing GLSA request. CVE-2011-0873 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0873): Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 6 Update 25 and earlier, and 5.0 Update 29 and earlier, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D. CVE-2011-0872 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0872): Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 6 Update 25 and earlier allows remote attackers to affect availability via unknown vectors related to NIO. CVE-2011-0871 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0871): Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 6 Update 25 and earlier, 5.0 Update 29 and earlier, and 1.4.2_31 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality, integrity, and availability via unknown vectors related to Swing. CVE-2011-0869 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0869): Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 6 Update 26 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality via unknown vectors related to SAAJ. CVE-2011-0868 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0868): Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 6 Update 25 and earlier allows remote attackers to affect confidentiality via unknown vectors related to 2D. CVE-2011-0867 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0867): Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 6 Update 25 and earlier, 5.0 Update 29 and earlier, and 1.4.2_31 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality via unknown vectors related to Networking. CVE-2011-0865 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0865): Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 6 Update 25 and earlier, 5.0 Update 29 and earlier, and 1.4.2_31 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect integrity via unknown vectors related to Deserialization. CVE-2011-0864 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0864): Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 6 Update 25 and earlier, 5.0 Update 29 and earlier, and 1.4.2_31 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality, integrity, and availability via unknown vectors related to HotSpot. CVE-2011-0863 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0863): Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 6 Update 25 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality, integrity, and availability via unknown vectors related to Deployment. CVE-2011-0862 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0862): Multiple unspecified vulnerabilities in the Java Runtime Environment (JRE) component in Oracle Java SE 6 Update 25 and earlier, 5.0 Update 29 and earlier, and 1.4.2_31 and earlier allow remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D. CVE-2011-0815 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0815): Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 6 Update 25 and earlier, 5.0 Update 29 and earlier, and 1.4.2_31 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality, integrity, and availability via unknown vectors related to AWT. CVE-2011-0814 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0814): Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 6 Update 25 and earlier, 5.0 Update 29 and earlier, and 1.4.2_31 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Sound, a different vulnerability than CVE-2011-0802. CVE-2011-0802 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0802): Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 6 Update 25 and earlier, 5.0 Update 29 and earlier, and 1.4.2_31 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Sound, a different vulnerability than CVE-2011-0814. This issue was resolved and addressed in GLSA 201111-02 at http://security.gentoo.org/glsa/glsa-201111-02.xml by GLSA coordinator Alex Legler (a3li). This issue was resolved and addressed in GLSA 201111-02 at http://security.gentoo.org/glsa/glsa-201111-02.xml by GLSA coordinator Alex Legler (a3li). |