java-1.6.0-openjdk-1.6.0.0-6.1.13.4.AXS4

エラータID: AXSA:2014-460:03

Release date: 
Wednesday, July 23, 2014 - 13:22
Subject: 
java-1.6.0-openjdk-1.6.0.0-6.1.13.4.AXS4
Affected Channels: 
Asianux Server 4 for x86
Asianux Server 4 for x86_64
Severity: 
High
Description: 

Description :
The OpenJDK runtime environment.

Security issues fixed with this release:

CVE-2014-2490
Unspecified vulnerability in the Java SE component in Oracle Java SE 7u60 and SE 8u5 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Hotspot.

CVE-2014-4209
Unspecified vulnerability in Oracle Java SE 5.0u65, 6u75, 7u60, and 8u5 allows remote attackers to affect confidentiality and integrity via vectors related to JMX.

CVE-2014-4216
Unspecified vulnerability in Oracle Java SE 5.0u65, 6u75, 7u60, and 8u5 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Hotspot.

CVE-2014-4218
Unspecified vulnerability in Oracle Java SE 5.0u65, 6u75, 7u60, and 8u5 allows remote attackers to affect integrity via unknown vectors related to Libraries.

CVE-2014-4219
Unspecified vulnerability in Oracle Java SE 6u75, 7u60, and 8u5 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Hotspot.

CVE-2014-4244
Unspecified vulnerability in Oracle Java SE 5.0u65, 6u75, 7u60, and 8u5, and JRockit R27.8.2 and JRockit R28.3.2, allows remote attackers to affect confidentiality and integrity via unknown vectors related to Security.

CVE-2014-4252
Unspecified vulnerability in Oracle Java SE 5.0u65, 6u75, 7u60, and 8u5 allows remote attackers to affect confidentiality via unknown vectors related to Security.

CVE-2014-4262
Unspecified vulnerability in Oracle Java SE 5.0u65, 6u75, 7u60, and 8u5 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries.

CVE-2014-4263
Unspecified vulnerability in Oracle Java SE 5.0u65, 6u75, 7u60, and 8u5, and JRockit R27.8.2 and R28.3.2, allows remote attackers to affect confidentiality and integrity via unknown vectors related to "Diffie-Hellman key agreement."

CVE-2014-4266
Unspecified vulnerability in Oracle Java SE 7u60 and 8u5 allows remote attackers to affect integrity via unknown vectors related to Serviceability.

fixed bugs;
* Previosuly, an application accessing an unsynchronized HashMap
could potentially enter an infinite loop and consume an excessive amount of
CPU resources. With this update, fixed it.

Solution: 

update packages.

CVEs: 
CVE-2014-2490
Unspecified vulnerability in the Java SE component in Oracle Java SE 7u60 and SE 8u5 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Hotspot.
CVE-2014-4209
Unspecified vulnerability in Oracle Java SE 5.0u65, 6u75, 7u60, and 8u5 allows remote attackers to affect confidentiality and integrity via vectors related to JMX.
CVE-2014-4216
Unspecified vulnerability in Oracle Java SE 5.0u65, 6u75, 7u60, and 8u5 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Hotspot.
CVE-2014-4218
Unspecified vulnerability in Oracle Java SE 5.0u65, 6u75, 7u60, and 8u5 allows remote attackers to affect integrity via unknown vectors related to Libraries.
CVE-2014-4219
Unspecified vulnerability in Oracle Java SE 6u75, 7u60, and 8u5 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Hotspot.
CVE-2014-4244
Unspecified vulnerability in Oracle Java SE 5.0u65, 6u75, 7u60, and 8u5, and JRockit R27.8.2 and JRockit R28.3.2, allows remote attackers to affect confidentiality and integrity via unknown vectors related to Security.
CVE-2014-4252
Unspecified vulnerability in Oracle Java SE 5.0u65, 6u75, 7u60, and 8u5 allows remote attackers to affect confidentiality via unknown vectors related to Security.
CVE-2014-4262
Unspecified vulnerability in Oracle Java SE 5.0u65, 6u75, 7u60, and 8u5 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries.
CVE-2014-4263
Unspecified vulnerability in Oracle Java SE 5.0u65, 6u75, 7u60, and 8u5, and JRockit R27.8.2 and R28.3.2, allows remote attackers to affect confidentiality and integrity via unknown vectors related to "Diffie-Hellman key agreement."
CVE-2014-4266
Unspecified vulnerability in Oracle Java SE 7u60 and 8u5 allows remote attackers to affect integrity via unknown vectors related to Serviceability.


Additional Info: 

N/A

Download: 

SRPMS
  1. java-1.6.0-openjdk-1.6.0.0-6.1.13.4.AXS4.src.rpm
    MD5: 06e4e36e2a9efe91b3d9ef6c1f8ae63d
    SHA-256: 9a33f0f4a0e570c05b82b00ddaf6d01c7f9ac27b1031b3a0ab3d705ef2c46036
    Size: 56.56 MB

Asianux Server 4 for x86
  1. java-1.6.0-openjdk-1.6.0.0-6.1.13.4.AXS4.i686.rpm
    MD5: b772ee05ad36ea057bdeaf71a567840d
    SHA-256: 6596862a8795c1892f99ddcd7c5321fbd3fe8134b72608b2c3a441200b08bdf9
    Size: 41.92 MB
  2. java-1.6.0-openjdk-devel-1.6.0.0-6.1.13.4.AXS4.i686.rpm
    MD5: c0f682f740711b47b19562fa36a82f40
    SHA-256: 61a413069aa16e2bea41a1251b335e1d9abf74b5c68f45125f2678b5ad4cb775
    Size: 14.54 MB
  3. java-1.6.0-openjdk-javadoc-1.6.0.0-6.1.13.4.AXS4.i686.rpm
    MD5: d2c4495469de43e0d5fdb18fffaf6116
    SHA-256: 359a6c2e7dca5b6e02c44abdc3e875808da43effe441956ce4f42e900f35537c
    Size: 14.62 MB

Asianux Server 4 for x86_64
  1. java-1.6.0-openjdk-1.6.0.0-6.1.13.4.AXS4.x86_64.rpm
    MD5: 557429f9cb67678740a24d68f658e535
    SHA-256: f23f609d09ef7608f5e8b15fe30d8508f16caaa4b4b98bf6aeed3be6ad3049aa
    Size: 41.09 MB
  2. java-1.6.0-openjdk-devel-1.6.0.0-6.1.13.4.AXS4.x86_64.rpm
    MD5: ef10195d4e3b7ac14cbf4af9c9a55c72
    SHA-256: 85a77d8cf601f6f7f67b5204a381598bb4aa6c9bc5e7b9a2b39f2916ee54259f
    Size: 14.53 MB
  3. java-1.6.0-openjdk-javadoc-1.6.0.0-6.1.13.4.AXS4.x86_64.rpm
    MD5: de340b200386a01673980231b77ef546
    SHA-256: ad75ccbbc1036bdeed86db3a52ffd7cb4f0967cbdac29376fd455d0bebb972e7
    Size: 14.62 MB