Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

openjdk-6, openjdk-7 vulnerabilities

Related Vulnerabilities: CVE-2012-3216   CVE-2012-5069   CVE-2012-5072   CVE-2012-5075   CVE-2012-5077   CVE-2012-5085   CVE-2012-4416   CVE-2012-5071   CVE-2012-1531   CVE-2012-1532   CVE-2012-1533   CVE-2012-3143   CVE-2012-3159   CVE-2012-5068   CVE-2012-5083   CVE-2012-5084   CVE-2012-5086   CVE-2012-5089   CVE-2012-5067   CVE-2012-5070   CVE-2012-5073   CVE-2012-5079   CVE-2012-5074   CVE-2012-5076   CVE-2012-5087   CVE-2012-5088   CVE-2012-5081  

Several security issues were fixed in OpenJDK.

Several information disclosure vulnerabilities were discovered in the OpenJDK JRE. (CVE-2012-3216, CVE-2012-5069, CVE-2012-5072, CVE-2012-5075, CVE-2012-5077, CVE-2012-5085)

Source

26 October 2012

openjdk-6, openjdk-7 vulnerabilities

A security issue affects these releases of Ubuntu and its derivatives:

  • Ubuntu 12.10
  • Ubuntu 12.04 LTS
  • Ubuntu 11.10
  • Ubuntu 11.04
  • Ubuntu 10.04 LTS

Summary

Several security issues were fixed in OpenJDK.

Software Description

  • openjdk-7 - Open Source Java implementation
  • openjdk-6 - Open Source Java implementation

Details

Several information disclosure vulnerabilities were discovered in the OpenJDK JRE. (CVE-2012-3216, CVE-2012-5069, CVE-2012-5072, CVE-2012-5075, CVE-2012-5077, CVE-2012-5085)

Vulnerabilities were discovered in the OpenJDK JRE related to information disclosure and data integrity. (CVE-2012-4416, CVE-2012-5071)

Several vulnerabilities were discovered in the OpenJDK JRE related to information disclosure and data integrity. An attacker could exploit these to cause a denial of service. (CVE-2012-1531, CVE-2012-1532, CVE-2012-1533, CVE-2012-3143, CVE-2012-3159, CVE-2012-5068, CVE-2012-5083, CVE-2012-5084, CVE-2012-5086, CVE-2012-5089)

Information disclosure vulnerabilities were discovered in the OpenJDK JRE. These issues only affected Ubuntu 12.10. (CVE-2012-5067, CVE-2012-5070)

Vulnerabilities were discovered in the OpenJDK JRE related to data integrity. (CVE-2012-5073, CVE-2012-5079)

A vulnerability was discovered in the OpenJDK JRE related to information disclosure and data integrity. This issue only affected Ubuntu 12.10. (CVE-2012-5074)

Several vulnerabilities were discovered in the OpenJDK JRE related to information disclosure and data integrity. An attacker could exploit these to cause a denial of service. These issues only affected Ubuntu 12.10. (CVE-2012-5076, CVE-2012-5087, CVE-2012-5088)

A denial of service vulnerability was found in OpenJDK. (CVE-2012-5081)

Please see the following for more information: http://www.oracle.com/technetwork/topics/security/javacpuoct2012-1515924.html

Update instructions

The problem can be corrected by updating your system to the following package versions:

Ubuntu 12.10
icedtea-7-jre-cacao - 7u9-2.3.3-0ubuntu1~12.10.1
icedtea-7-jre-jamvm - 7u9-2.3.3-0ubuntu1~12.10.1
openjdk-7-jre - 7u9-2.3.3-0ubuntu1~12.10.1
openjdk-7-jre-headless - 7u9-2.3.3-0ubuntu1~12.10.1
openjdk-7-jre-lib - 7u9-2.3.3-0ubuntu1~12.10.1
openjdk-7-jre-zero - 7u9-2.3.3-0ubuntu1~12.10.1
Ubuntu 12.04 LTS
icedtea-6-jre-cacao - 6b24-1.11.5-0ubuntu1~12.04.1
icedtea-6-jre-jamvm - 6b24-1.11.5-0ubuntu1~12.04.1
openjdk-6-jre - 6b24-1.11.5-0ubuntu1~12.04.1
openjdk-6-jre-headless - 6b24-1.11.5-0ubuntu1~12.04.1
openjdk-6-jre-lib - 6b24-1.11.5-0ubuntu1~12.04.1
openjdk-6-jre-zero - 6b24-1.11.5-0ubuntu1~12.04.1
Ubuntu 11.10
icedtea-6-jre-cacao - 6b24-1.11.5-0ubuntu1~11.10.1
icedtea-6-jre-jamvm - 6b24-1.11.5-0ubuntu1~11.10.1
openjdk-6-jre - 6b24-1.11.5-0ubuntu1~11.10.1
openjdk-6-jre-headless - 6b24-1.11.5-0ubuntu1~11.10.1
openjdk-6-jre-lib - 6b24-1.11.5-0ubuntu1~11.10.1
openjdk-6-jre-zero - 6b24-1.11.5-0ubuntu1~11.10.1
Ubuntu 11.04
icedtea-6-jre-cacao - 6b24-1.11.5-0ubuntu1~11.04.1
icedtea-6-jre-jamvm - 6b24-1.11.5-0ubuntu1~11.04.1
openjdk-6-jre - 6b24-1.11.5-0ubuntu1~11.04.1
openjdk-6-jre-headless - 6b24-1.11.5-0ubuntu1~11.04.1
openjdk-6-jre-lib - 6b24-1.11.5-0ubuntu1~11.04.1
openjdk-6-jre-zero - 6b24-1.11.5-0ubuntu1~11.04.1
Ubuntu 10.04 LTS
icedtea-6-jre-cacao - 6b24-1.11.5-0ubuntu1~10.04.2
openjdk-6-jre - 6b24-1.11.5-0ubuntu1~10.04.2
openjdk-6-jre-headless - 6b24-1.11.5-0ubuntu1~10.04.2
openjdk-6-jre-lib - 6b24-1.11.5-0ubuntu1~10.04.2
openjdk-6-jre-zero - 6b24-1.11.5-0ubuntu1~10.04.2

To update your system, please follow these instructions: https://wiki.ubuntu.com/Security/Upgrades.

This update uses a new upstream release, which includes additional bug fixes. After a standard system update you need to restart any Java applications or applets to make all the necessary changes.

References

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook

Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started