Sheeps! On 5 Dec 2011, at 19:28, Florian Weimer <f...@deneb.enyo.de> wrote:
> -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > - ------------------------------------------------------------------------- > Debian Security Advisory DSA-2358-1 secur...@debian.org > http://www.debian.org/security/ > December 05, 2011 http://www.debian.org/security/faq > - ------------------------------------------------------------------------- > > Package : openjdk-6 > Vulnerability : several > Problem type : remote > Debian-specific: no > CVE ID : CVE-2011-0862 CVE-2011-0864 CVE-2011-0865 CVE-2011-0867 > CVE-2011-0868 CVE-2011-0869 CVE-2011-0871 CVE-2011-3389 CVE-2011-3521 > CVE-2011-3544 CVE-2011-3547 CVE-2011-3548 CVE-2011-3551 CVE-2011-3552 > CVE-2011-3553 CVE-2011-3554 CVE-2011-3556 CVE-2011-3557 CVE-2011-3560 > > Several vulnerabilities have been discovered in OpenJDK, an > implementation of the Java platform. This combines the two previous > openjdk-6 advisories, DSA-2311-1 and DSA-2356-1. > > CVE-2011-0862 > Integer overflow errors in the JPEG and font parser allow > untrusted code (including applets) to elevate its privileges. > > CVE-2011-0864 > Hotspot, the just-in-time compiler in OpenJDK, mishandled > certain byte code instructions, allowing untrusted code > (including applets) to crash the virtual machine. > > CVE-2011-0865 > A race condition in signed object deserialization could > allow untrusted code to modify signed content, apparently > leaving its signature intact. > > CVE-2011-0867 > Untrusted code (including applets) could access information > about network interfaces which was not intended to be public. > (Note that the interface MAC address is still available to > untrusted code.) > > CVE-2011-0868 > A float-to-long conversion could overflow, , allowing > untrusted code (including applets) to crash the virtual > machine. > > CVE-2011-0869 > Untrusted code (including applets) could intercept HTTP > requests by reconfiguring proxy settings through a SOAP > connection. > > CVE-2011-0871 > Untrusted code (including applets) could elevate its > privileges through the Swing MediaTracker code. > > CVE-2011-3389 > The TLS implementation does not guard properly against certain > chosen-plaintext attacks when block ciphers are used in CBC > mode. > > CVE-2011-3521 > The CORBA implementation contains a deserialization > vulnerability in the IIOP implementation, allowing untrusted > Java code (such as applets) to elevate its privileges. > > CVE-2011-3544 > The Java scripting engine lacks necessary security manager > checks, allowing untrusted Java code (such as applets) to > elevate its privileges. > > CVE-2011-3547 > The skip() method in java.io.InputStream uses a shared buffer, > allowing untrusted Java code (such as applets) to access data > that is skipped by other code. > > CVE-2011-3548 > The java.awt.AWTKeyStroke class contains a flaw which allows > untrusted Java code (such as applets) to elevate its > privileges. > > CVE-2011-3551 > The Java2D C code contains an integer overflow which results > in a heap-based buffer overflow, potentially allowing > untrusted Java code (such as applets) to elevate its > privileges. > > CVE-2011-3552 > Malicous Java code can use up an excessive amount of UDP > ports, leading to a denial of service. > > CVE-2011-3553 > JAX-WS enables stack traces for certain server responses by > default, potentially leaking sensitive information. > > CVE-2011-3554 > JAR files in pack200 format are not properly checked for > errors, potentially leading to arbitrary code execution when > unpacking crafted pack200 files. > > CVE-2011-3556 > The RMI Registry server lacks access restrictions on certain > methods, allowing a remote client to execute arbitary code. > > CVE-2011-3557 > The RMI Registry server fails to properly restrict privileges > of untrusted Java code, allowing RMI clients to elevate their > privileges on the RMI Registry server. > > CVE-2011-3560 > The com.sun.net.ssl.HttpsURLConnection class does not perform > proper security manager checks in the setSSLSocketFactory() > method, allowing untrusted Java code to bypass security policy > restrictions. > > For the oldstable distribution (lenny), these problems have been fixed > in version 6b18-1.8.10-0~lenny1. > > We recommend that you upgrade your openjdk-6 packages. > > Further information about Debian Security Advisories, how to apply > these updates to your system and frequently asked questions can be > found at: http://www.debian.org/security/ > > Mailing list: debian-security-annou...@lists.debian.org > -----BEGIN PGP SIGNATURE----- > Version: GnuPG v1.4.9 (GNU/Linux) > > iQEcBAEBAgAGBQJO3RnzAAoJEL97/wQC1SS+zXQH/0Pi6nBlmJGO1Kee2vWJ6i8S > yomxE3+neJRnm74MG6jto+PkEpoH7hBot5tAT4r5GnNjXKJJJGV+Qb3zLKuKnLWp > Yr8z8AnxHJNOO4Fs99vP0ocKF+Modr/rtGx8rziJ4uDjpc/GtPzUrfbKC4wYuWtD > iX1Pnx/AL7/IVsOuOqoRKvwqWb5hoCSHZfLvepCu4ClaRa2Im3Zd8GzRXjj1l3l8 > hQIjuLsIOjWv0uK+fTlbibOubBi+CrRdHY9mPrgergDuCmR0ZN+pcMhwHFtfgdj+ > KBvHIBVk5l3PY9KhrGkHsv6fsPNHKlo2o2QAjQ3Klw+fQsATwU5LmzRpAH38v0E= > =4MRP > -----END PGP SIGNATURE----- > > > -- > To UNSUBSCRIBE, email to debian-security-announce-requ...@lists.debian.org > with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org > Archive: http://lists.debian.org/87pqg2q0po....@mid.deneb.enyo.de > -- To UNSUBSCRIBE, email to debian-security-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/-4488950595965921788@unknownmsgid