java-1.7.0-openjdk-1.7.0.71-2.5.3.1.AXS4

エラータID: AXSA:2014-593:04

Release date: 
Thursday, October 16, 2014 - 18:41
Subject: 
java-1.7.0-openjdk-1.7.0.71-2.5.3.1.AXS4
Affected Channels: 
Asianux Server 4 for x86
Asianux Server 4 for x86_64
Severity: 
High
Description: 

Description :
The OpenJDK runtime environment.

Security issues fixed with this release:
CVE-2014-6457
CVE-2014-6502
CVE-2014-6504
CVE-2014-6506
CVE-2014-6511
CVE-2014-6512
CVE-2014-6517
CVE-2014-6519
CVE-2014-6531
CVE-2014-6558

All of issues are;

** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.

Please see below CVE's link for more information.

Solution: 

update package.

CVEs: 
CVE-2014-6457
Unspecified vulnerability in Oracle Java SE 5.0u71, 6u81, 7u67, and 8u20; Java SE Embedded 7u60; and JRockit R27.8.3, and R28.3.3 allows remote attackers to affect confidentiality and integrity via vectors related to JSSE.
CVE-2014-6502
Unspecified vulnerability in Oracle Java SE 5.0u71, 6u81, 7u67, and 8u20, and Java SE Embedded 7u60, allows remote attackers to affect integrity via unknown vectors related to Libraries.
CVE-2014-6504
Unspecified vulnerability in Oracle Java SE 5.0u71, 6u81, and 7u67, and Java SE Embedded 7u60, allows remote attackers to affect confidentiality via unknown vectors related to Hotspot.
CVE-2014-6506
Unspecified vulnerability in Oracle Java SE 5.0u71, 6u81, 7u67, and 8u20, and Java SE Embedded 7u60, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries.
CVE-2014-6511
Unspecified vulnerability in Oracle Java SE 5.0u71, 6u81, 7u67, and 8u20 allows remote attackers to affect confidentiality via unknown vectors related to 2D.
CVE-2014-6512
Unspecified vulnerability in Oracle Java SE 5.0u71, 6u81, 7u67, and 8u20; Java SE Embedded 7u60; and JRockit R27.8.3 and R28.3.3 allows remote attackers to affect integrity via unknown vectors related to Libraries.
CVE-2014-6517
Unspecified vulnerability in Oracle Java SE 6u81, 7u67, and 8u20; Java SE Embedded 7u60; and Jrockit R27.8.3 and R28.3.3 allows remote attackers to affect confidentiality via vectors related to JAXP.
CVE-2014-6519
Unspecified vulnerability in Oracle Java SE 7u67 and 8u20, and Java SE Embedded 7u60, allows remote attackers to affect integrity via unknown vectors related to Hotspot.
CVE-2014-6531
Unspecified vulnerability in Oracle Java SE 5.0u71, 6u81, 7u67, and 8u20, and Java SE Embedded 7u60, allows remote attackers to affect confidentiality via unknown vectors related to Libraries.
CVE-2014-6558
Unspecified vulnerability in Oracle Java SE 5.0u71, 6u81, 7u67, and 8u20; Java SE Embedded 7u60; and JRockit R27.8.3 and JRockit R28.3.3 allows remote attackers to affect integrity via unknown vectors related to Security.


Additional Info: 

N/A

Download: 

SRPMS
  1. java-1.7.0-openjdk-1.7.0.71-2.5.3.1.AXS4.src.rpm
    MD5: 6daa406a10f62fb39893eadb7cb1f17a
    SHA-256: 15013a1990817b88af66c607c1b557f5bcca23ca5ba78adcb964e09f6cee5653
    Size: 38.27 MB

Asianux Server 4 for x86
  1. java-1.7.0-openjdk-1.7.0.71-2.5.3.1.AXS4.i686.rpm
    MD5: 19208d0e6ab582623baa9400d64adfd0
    SHA-256: 933392a45f33082522621777ef83e365873bf94d62c0907fefb612f43c869819
    Size: 27.02 MB
  2. java-1.7.0-openjdk-devel-1.7.0.71-2.5.3.1.AXS4.i686.rpm
    MD5: c8e869f9f8272e3a02fddad4c4f1cc03
    SHA-256: c13d27f0602baed0c1b7b0f4e28f7e6c0ee6290f26fc72e852547a16b2fa89ec
    Size: 9.41 MB

Asianux Server 4 for x86_64
  1. java-1.7.0-openjdk-1.7.0.71-2.5.3.1.AXS4.x86_64.rpm
    MD5: c361aad0e48996dd661237dcba7b5b75
    SHA-256: 021b524fdf4c71bcf19b13b774770587258db9dfa6cc0ab0af9c268230cf63bc
    Size: 25.83 MB
  2. java-1.7.0-openjdk-devel-1.7.0.71-2.5.3.1.AXS4.x86_64.rpm
    MD5: 385d34139ae4d0a8cf75e857ced2e9cf
    SHA-256: abe0ca69d3be527a1d98c44f848ea2c6b91fc94bf714937457c006d94c4c0f54
    Size: 9.42 MB