java-1.7.0-openjdk-1.7.0.65-2.5.1.2.AXS4
エラータID: AXSA:2014-453:03
Release date:
Thursday, July 17, 2014 - 10:43
Subject:
java-1.7.0-openjdk-1.7.0.65-2.5.1.2.AXS4
Affected Channels:
Asianux Server 4 for x86
Asianux Server 4 for x86_64
Severity:
High
Description:
The OpenJDK runtime environment.
Security issues fixed with this release:
CVE-2014-2483
CVE-2014-2490
CVE-2014-4209
CVE-2014-4216
CVE-2014-4218
CVE-2014-4219
CVE-2014-4221
CVE-2014-4223
CVE-2014-4244
CVE-2014-4252
CVE-2014-4262
CVE-2014-4263
CVE-2014-4266
all of issues are,
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
see links.
Solution:
update packages.
CVEs:
CVE-2014-2483
Unspecified vulnerability in the Java SE component in Oracle Java SE Java SE 7u60 and OpenJDK 7 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries, a different vulnerability than CVE-2014-4223. NOTE: the previous information is from the July 2014 CPU. Oracle has not commented on another vendor's claim that the issue is related to improper restriction of the "use of privileged annotations."
Unspecified vulnerability in the Java SE component in Oracle Java SE Java SE 7u60 and OpenJDK 7 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries, a different vulnerability than CVE-2014-4223. NOTE: the previous information is from the July 2014 CPU. Oracle has not commented on another vendor's claim that the issue is related to improper restriction of the "use of privileged annotations."
CVE-2014-2490
Unspecified vulnerability in the Java SE component in Oracle Java SE 7u60 and SE 8u5 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Hotspot.
Unspecified vulnerability in the Java SE component in Oracle Java SE 7u60 and SE 8u5 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Hotspot.
CVE-2014-4209
Unspecified vulnerability in Oracle Java SE 5.0u65, 6u75, 7u60, and 8u5 allows remote attackers to affect confidentiality and integrity via vectors related to JMX.
Unspecified vulnerability in Oracle Java SE 5.0u65, 6u75, 7u60, and 8u5 allows remote attackers to affect confidentiality and integrity via vectors related to JMX.
CVE-2014-4216
Unspecified vulnerability in Oracle Java SE 5.0u65, 6u75, 7u60, and 8u5 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Hotspot.
Unspecified vulnerability in Oracle Java SE 5.0u65, 6u75, 7u60, and 8u5 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Hotspot.
CVE-2014-4218
Unspecified vulnerability in Oracle Java SE 5.0u65, 6u75, 7u60, and 8u5 allows remote attackers to affect integrity via unknown vectors related to Libraries.
Unspecified vulnerability in Oracle Java SE 5.0u65, 6u75, 7u60, and 8u5 allows remote attackers to affect integrity via unknown vectors related to Libraries.
CVE-2014-4219
Unspecified vulnerability in Oracle Java SE 6u75, 7u60, and 8u5 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Hotspot.
Unspecified vulnerability in Oracle Java SE 6u75, 7u60, and 8u5 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Hotspot.
CVE-2014-4221
Unspecified vulnerability in Oracle Java SE 7u60 and 8u5 allows remote attackers to affect confidentiality via unknown vectors related to Libraries.
Unspecified vulnerability in Oracle Java SE 7u60 and 8u5 allows remote attackers to affect confidentiality via unknown vectors related to Libraries.
CVE-2014-4223
Unspecified vulnerability in Oracle Java SE 7u60 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries, a different vulnerability than CVE-2014-2483.
Unspecified vulnerability in Oracle Java SE 7u60 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries, a different vulnerability than CVE-2014-2483.
CVE-2014-4244
Unspecified vulnerability in Oracle Java SE 5.0u65, 6u75, 7u60, and 8u5, and JRockit R27.8.2 and JRockit R28.3.2, allows remote attackers to affect confidentiality and integrity via unknown vectors related to Security.
Unspecified vulnerability in Oracle Java SE 5.0u65, 6u75, 7u60, and 8u5, and JRockit R27.8.2 and JRockit R28.3.2, allows remote attackers to affect confidentiality and integrity via unknown vectors related to Security.
CVE-2014-4252
Unspecified vulnerability in Oracle Java SE 5.0u65, 6u75, 7u60, and 8u5 allows remote attackers to affect confidentiality via unknown vectors related to Security.
Unspecified vulnerability in Oracle Java SE 5.0u65, 6u75, 7u60, and 8u5 allows remote attackers to affect confidentiality via unknown vectors related to Security.
CVE-2014-4262
Unspecified vulnerability in Oracle Java SE 5.0u65, 6u75, 7u60, and 8u5 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries.
Unspecified vulnerability in Oracle Java SE 5.0u65, 6u75, 7u60, and 8u5 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries.
CVE-2014-4263
Unspecified vulnerability in Oracle Java SE 5.0u65, 6u75, 7u60, and 8u5, and JRockit R27.8.2 and R28.3.2, allows remote attackers to affect confidentiality and integrity via unknown vectors related to "Diffie-Hellman key agreement."
Unspecified vulnerability in Oracle Java SE 5.0u65, 6u75, 7u60, and 8u5, and JRockit R27.8.2 and R28.3.2, allows remote attackers to affect confidentiality and integrity via unknown vectors related to "Diffie-Hellman key agreement."
CVE-2014-4266
Unspecified vulnerability in Oracle Java SE 7u60 and 8u5 allows remote attackers to affect integrity via unknown vectors related to Serviceability.
Unspecified vulnerability in Oracle Java SE 7u60 and 8u5 allows remote attackers to affect integrity via unknown vectors related to Serviceability.
Additional Info:
N/A
Download:
SRPMS
- java-1.7.0-openjdk-1.7.0.65-2.5.1.2.AXS4.src.rpm
MD5: 785605eb2a9c626c6b397f418f9a13ae
SHA-256: f3ecd4fa3d1f7f6b60b04148266a5b3259915d455d594e31ec2d18b6425c630e
Size: 38.41 MB
Asianux Server 4 for x86
- java-1.7.0-openjdk-1.7.0.65-2.5.1.2.AXS4.i686.rpm
MD5: ab16020bb308ac6d0614caae4b400425
SHA-256: 0436dc3fc60977eaccbd907daf56355fc97d510d08296e1e4fe17c2794e9e2d0
Size: 27.00 MB - java-1.7.0-openjdk-devel-1.7.0.65-2.5.1.2.AXS4.i686.rpm
MD5: dee71f918fb66b23d21c2da38bf39201
SHA-256: 529de5f03241584d8fdb40a9ec0065ac2b615fac6417173c63dff780b8df72cc
Size: 9.41 MB
Asianux Server 4 for x86_64
- java-1.7.0-openjdk-1.7.0.65-2.5.1.2.AXS4.x86_64.rpm
MD5: b8cdb157238aa3103d74eedd6b157de0
SHA-256: cd46df7c9f6531a6d7f3ed21c681b84369d736275592921bb6c3ab2e366fbb3d
Size: 25.81 MB - java-1.7.0-openjdk-devel-1.7.0.65-2.5.1.2.AXS4.x86_64.rpm
MD5: 67dd73a4d62c6ea1ef2807cd71761e6e
SHA-256: d48fc83c0cc4083ea19af2215d4130b8df0b6d32154b1491aecb706517a2648c
Size: 9.41 MB
日本語