java-1.7.0-openjdk-1.7.0.101-2.6.6.1.0.1.el7.AXS7

エラータID: AXSA:2016-216:02

Release date: 
Monday, April 25, 2016 - 16:53
Subject: 
java-1.7.0-openjdk-1.7.0.101-2.6.6.1.0.1.el7.AXS7
Affected Channels: 
Asianux Server 7 for x86_64
Severity: 
High
Description: 

The OpenJDK runtime environment.

Security issues fixed with this release:

CVE-2016-0686
** RESERVED **
This candidate has been reserved by an organization or individual that
will use it when announcing a new security problem. When the
candidate has been publicized, the details for this candidate will be
provided.
CVE-2016-0687
** RESERVED **
This candidate has been reserved by an organization or individual that
will use it when announcing a new security problem. When the
candidate has been publicized, the details for this candidate will be
provided.
CVE-2016-0695
** RESERVED **
This candidate has been reserved by an organization or individual that
will use it when announcing a new security problem. When the
candidate has been publicized, the details for this candidate will be
provided.
CVE-2016-3425
** RESERVED **
This candidate has been reserved by an organization or individual that
will use it when announcing a new security problem. When the
candidate has been publicized, the details for this candidate will be
provided.
CVE-2016-3427
** RESERVED **
This candidate has been reserved by an organization or individual that
will use it when announcing a new security problem. When the
candidate has been publicized, the details for this candidate will be
provided.

Solution: 

Update packages.

CVEs: 
CVE-2016-0686
Unspecified vulnerability in Oracle Java SE 6u113, 7u99, and 8u77 and Java SE Embedded 8u77 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to Serialization.
CVE-2016-0687
Unspecified vulnerability in Oracle Java SE 6u113, 7u99, and 8u77 and Java SE Embedded 8u77 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to the Hotspot sub-component.
CVE-2016-0695
Unspecified vulnerability in Oracle Java SE 6u113, 7u99, and 8u77; Java SE Embedded 8u77; and JRockit R28.3.9 allows remote attackers to affect confidentiality via vectors related to Security.
CVE-2016-3425
Unspecified vulnerability in Oracle Java SE 6u113, 7u99, and 8u77; Java SE Embedded 8u77; and JRockit R28.3.9 allows remote attackers to affect availability via vectors related to JAXP.
CVE-2016-3427
Unspecified vulnerability in Oracle Java SE 6u113, 7u99, and 8u77; Java SE Embedded 8u77; and JRockit R28.3.9 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to JMX.
Additional Info: 

N/A

Download: 

SRPMS
  1. java-1.7.0-openjdk-1.7.0.101-2.6.6.1.0.1.el7.AXS7.src.rpm
    MD5: 39ded91cc7abc678ec08aa3687bb2be8
    SHA-256: 71e181c2e3e83eb35e68938ac34cce94cad1baee28cccf47ab8726d7a2b6f110
    Size: 38.92 MB

Asianux Server 7 for x86_64
  1. java-1.7.0-openjdk-1.7.0.101-2.6.6.1.0.1.el7.AXS7.x86_64.rpm
    MD5: c361c3b2127f0cd000f5dcac70e1de79
    SHA-256: cbfed757f3cb5a4ace237980ec0a7c16db99aa8b5d93b52eb1de2275f7950a46
    Size: 207.93 kB
  2. java-1.7.0-openjdk-devel-1.7.0.101-2.6.6.1.0.1.el7.AXS7.x86_64.rpm
    MD5: 5241f6186d392f7b37c66ea328316b90
    SHA-256: 0ce65ae44ac341439e5a15556ce27183d24f1f123184ec0e211314aec09bab27
    Size: 9.12 MB
  3. java-1.7.0-openjdk-headless-1.7.0.101-2.6.6.1.0.1.el7.AXS7.x86_64.rpm
    MD5: 65fb0f3ec9c235a9476b75413c47eedf
    SHA-256: cbb5b9f0f9a748b28e795124d6b2c80b3b2ddf8f9b4e74e550ab641be9ae1f22
    Size: 25.26 MB