java-1.8.0-openjdk-1.8.0.101-3.b13.el7

エラータID: AXSA:2016-571:05

Release date: 
Wednesday, July 20, 2016 - 20:41
Subject: 
java-1.8.0-openjdk-1.8.0.101-3.b13.el7
Affected Channels: 
Asianux Server 7 for x86_64
Severity: 
High
Description: 

The OpenJDK runtime environment.

Security issues fixed with this release:

CVE-2016-3458
** RESERVED **
This candidate has been reserved by an organization or individual that
will use it when announcing a new security problem. When the
candidate has been publicized, the details for this candidate will be
provided.
CVE-2016-3500
** RESERVED **
This candidate has been reserved by an organization or individual that
will use it when announcing a new security problem. When the
candidate has been publicized, the details for this candidate will be
provided.
CVE-2016-3508
** RESERVED **
This candidate has been reserved by an organization or individual that
will use it when announcing a new security problem. When the
candidate has been publicized, the details for this candidate will be
provided.
CVE-2016-3550
** RESERVED **
This candidate has been reserved by an organization or individual that
will use it when announcing a new security problem. When the
candidate has been publicized, the details for this candidate will be
provided.
CVE-2016-3587
** RESERVED **
This candidate has been reserved by an organization or individual that
will use it when announcing a new security problem. When the
candidate has been publicized, the details for this candidate will be
provided.
CVE-2016-3598
** RESERVED **
This candidate has been reserved by an organization or individual that
will use it when announcing a new security problem. When the
candidate has been publicized, the details for this candidate will be
provided.
CVE-2016-3606
** RESERVED **
This candidate has been reserved by an organization or individual that
will use it when announcing a new security problem. When the
candidate has been publicized, the details for this candidate will be
provided.
CVE-2016-3610
** RESERVED **
This candidate has been reserved by an organization or individual that
will use it when announcing a new security problem. When the
candidate has been publicized, the details for this candidate will be
provided.

Solution: 

Update packages.

CVEs: 
CVE-2016-3458
Unspecified vulnerability in Oracle Java SE 6u115, 7u101, and 8u92; and Java SE Embedded 8u91 allows remote attackers to affect integrity via vectors related to CORBA.
CVE-2016-3500
Unspecified vulnerability in Oracle Java SE 6u115, 7u101, and 8u92; Java SE Embedded 8u91; and JRockit R28.3.10 allows remote attackers to affect availability via vectors related to JAXP, a different vulnerability than CVE-2016-3508.
CVE-2016-3508
Unspecified vulnerability in Oracle Java SE 6u115, 7u101, and 8u92; Java SE Embedded 8u91; and JRockit R28.3.10 allows remote attackers to affect availability via vectors related to JAXP, a different vulnerability than CVE-2016-3500.
CVE-2016-3550
Unspecified vulnerability in Oracle Java SE 6u115, 7u101, and 8u92 and Java SE Embedded 8u91 allows remote attackers to affect confidentiality via vectors related to Hotspot.
CVE-2016-3587
Unspecified vulnerability in Oracle Java SE 8u92 and Java SE Embedded 8u91 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to Hotspot.
CVE-2016-3598
Unspecified vulnerability in Oracle Java SE 8u92 and Java SE Embedded 8u91 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to Libraries, a different vulnerability than CVE-2016-3610.
CVE-2016-3606
Unspecified vulnerability in Oracle Java SE 7u101 and 8u92 and Java SE Embedded 8u91 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to Hotspot.
CVE-2016-3610
Unspecified vulnerability in Oracle Java SE 8u92 and Java SE Embedded 8u91 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to Libraries, a different vulnerability than CVE-2016-3598.
Additional Info: 

N/A

Download: 

SRPMS
  1. java-1.8.0-openjdk-1.8.0.101-3.b13.el7.src.rpm
    MD5: 94c181e8acb15a59a56c54920457eb52
    SHA-256: 08bccb394666ba808ee206f89b8901f2c63bd0f5f7d5f8cc2c52fbd31397de7a
    Size: 52.52 MB

Asianux Server 7 for x86_64
  1. java-1.8.0-openjdk-1.8.0.101-3.b13.el7.x86_64.rpm
    MD5: 1f9d64b97009235793f3fea6b9fe7cc7
    SHA-256: ec032600cd526799dfbde9f2fb532e2a89f8f7b972cee71d0fd022b28189a22c
    Size: 220.00 kB
  2. java-1.8.0-openjdk-debug-1.8.0.101-3.b13.el7.x86_64.rpm
    MD5: f1a6138d5c59f5d55b8e76f638444db7
    SHA-256: 54dd34f3c0de46959723b33335950c00264392c7c8f7c5dc8f7e8f4a6dae4790
    Size: 224.36 kB
  3. java-1.8.0-openjdk-devel-1.8.0.101-3.b13.el7.x86_64.rpm
    MD5: 265b963ec25e702a78164b63c022c515
    SHA-256: 3fd6bead0a7698c29f1b1271c99d58333193b580a905ad49c7ab7d931cf95c96
    Size: 9.65 MB
  4. java-1.8.0-openjdk-headless-1.8.0.101-3.b13.el7.x86_64.rpm
    MD5: ddcb89f1c93b6da0de5b8354c6af8445
    SHA-256: 2486feb4dc3d87db38210c0fdcc496e5e36b37c46a3b34b79ead764e23f4f24c
    Size: 31.28 MB
  5. java-1.8.0-openjdk-headless-debug-1.8.0.101-3.b13.el7.x86_64.rpm
    MD5: dadceb0d5dd692963ed666f6cdbbbb89
    SHA-256: a6a43a9a1bd89cb9e5156b13d5da5fa909010d4d1162ecd016f229fa2d329629
    Size: 32.23 MB