java-1.6.0-openjdk-1.6.0.40-1.13.12.5.0.1.el7.AXS7

エラータID: AXSA:2016-644:03

Release date: 
Tuesday, August 30, 2016 - 15:23
Subject: 
java-1.6.0-openjdk-1.6.0.40-1.13.12.5.0.1.el7.AXS7
Affected Channels: 
Asianux Server 7 for x86_64
Severity: 
High
Description: 

The OpenJDK runtime environment.

Security issues fixed with this release:

CVE-2016-3458
Unspecified vulnerability in Oracle Java SE 6u115, 7u101, and 8u92;
and Java SE Embedded 8u91 allows remote attackers to affect integrity
via vectors related to CORBA.
CVE-2016-3500
Unspecified vulnerability in Oracle Java SE 6u115, 7u101, and 8u92;
Java SE Embedded 8u91; and JRockit R28.3.10 allows remote attackers to
affect availability via vectors related to JAXP, a different
vulnerability than CVE-2016-3508.
CVE-2016-3508
Unspecified vulnerability in Oracle Java SE 6u115, 7u101, and 8u92;
Java SE Embedded 8u91; and JRockit R28.3.10 allows remote attackers to
affect availability via vectors related to JAXP, a different
vulnerability than CVE-2016-3500.
CVE-2016-3550
Unspecified vulnerability in Oracle Java SE 6u115, 7u101, and 8u92 and
Java SE Embedded 8u91 allows remote attackers to affect
confidentiality via vectors related to Hotspot.
CVE-2016-3606
Unspecified vulnerability in Oracle Java SE 7u101 and 8u92 and Java SE
Embedded 8u91 allows remote attackers to affect confidentiality,
integrity, and availability via vectors related to Hotspot.

Solution: 

Update packages.

CVEs: 
CVE-2016-3458
Unspecified vulnerability in Oracle Java SE 6u115, 7u101, and 8u92; and Java SE Embedded 8u91 allows remote attackers to affect integrity via vectors related to CORBA.
CVE-2016-3500
Unspecified vulnerability in Oracle Java SE 6u115, 7u101, and 8u92; Java SE Embedded 8u91; and JRockit R28.3.10 allows remote attackers to affect availability via vectors related to JAXP, a different vulnerability than CVE-2016-3508.
CVE-2016-3508
Unspecified vulnerability in Oracle Java SE 6u115, 7u101, and 8u92; Java SE Embedded 8u91; and JRockit R28.3.10 allows remote attackers to affect availability via vectors related to JAXP, a different vulnerability than CVE-2016-3500.
CVE-2016-3550
Unspecified vulnerability in Oracle Java SE 6u115, 7u101, and 8u92 and Java SE Embedded 8u91 allows remote attackers to affect confidentiality via vectors related to Hotspot.
CVE-2016-3606
Unspecified vulnerability in Oracle Java SE 7u101 and 8u92 and Java SE Embedded 8u91 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to Hotspot.
Additional Info: 

N/A

Download: 

SRPMS
  1. java-1.6.0-openjdk-1.6.0.40-1.13.12.5.0.1.el7.AXS7.src.rpm
    MD5: 30d962e59606d1a01ca4c1e5a36134f6
    SHA-256: c9bf86cd94cd3e639bd14fcabaf7239a315399fc03d17a2ba4347d1496cbd854
    Size: 36.75 MB

Asianux Server 7 for x86_64
  1. java-1.6.0-openjdk-1.6.0.40-1.13.12.5.0.1.el7.AXS7.x86_64.rpm
    MD5: 522b3b4a6b7fa0b9e44be2301cb99aff
    SHA-256: 019d8fd70f146bbea060b8bdc2c614459c2b948808d8f2eaa909d67fe62a0bc4
    Size: 41.85 MB
  2. java-1.6.0-openjdk-devel-1.6.0.40-1.13.12.5.0.1.el7.AXS7.x86_64.rpm
    MD5: 128534b112ee2670f08bd3653fe096ed
    SHA-256: f368aa4267d3968e14bc96cfee0adc67e93a163e7889081e22e5abfebc6399a8
    Size: 14.52 MB