Security packages for Java posted for testing at
ftp://ftp.scientificlinux.org/linux/scientific/40rolling/testing/i386/RPMS/
ftp://ftp.scientificlinux.org/linux/scientific/40rolling/testing/x86_64/RPMS/
ftp://ftp.scientificlinux.org/linux/scientific/5rolling/testing/i386/
ftp://ftp.scientificlinux.org/linux/scientific/5rolling/testing/x86_64/
Next week these packages will be officially released. This delay is to
allow you time to test and verify your production applications will run
as expected once this security update is applied.
If you do not want this security update please consult your site's local
security policy to determine how you should proceed. Scientific Linux
will automatically feature this update next week.
The update advisory is posted below:
Synopsis: Critical: java-1.6.0-sun security update
Issue Date: 2012-02-16
CVE Numbers: CVE-2011-3563 CVE-2011-3571 CVE-2011-5035
CVE-2012-0498 CVE-2012-0499 CVE-2012-0500
CVE-2012-0501 CVE-2012-0502 CVE-2012-0503
CVE-2012-0505 CVE-2012-0506
The Sun 1.6.0 Java release includes the Sun Java 6 Runtime Environment
and the Sun Java 6 Software Development Kit.
This update fixes several vulnerabilities in the Sun Java 6 Runtime
Environment and the Sun Java 6 Software Development Kit. Further
information about these flaws can be found on the Oracle Java SE
Critical Patch page. (CVE-2011-3563, CVE-2011-3571, CVE-2011-5035,
CVE-2012-0498, CVE-2012-0499, CVE-2012-0500,CVE-2012-0501,
CVE-2012-0502, CVE-2012-0503, CVE-2012-0505, CVE-2012-0506)
