java-1.6.0-openjdk-1.6.0.0-1.48.1.11.3.AXS4

エラータID: AXSA:2012-662:03

リリース日: 
2012/08/14 Tuesday - 19:48
題名: 
java-1.6.0-openjdk-1.6.0.0-1.48.1.11.3.AXS4
影響のあるチャネル: 
Asianux Server 4 for x86_64
Asianux Server 4 for x86
Severity: 
High
Description: 

以下項目について対処しました。

[Security Fix]

- Oracle Java の Java Runtime Environment (JRE) には詳細不明の脆弱性が存在し,リモートの攻撃者が CORBA に関連する機密性,整合性,可用性に影響を与える脆弱性があります。(CVE-2012-1711), (CVE-2012-1719)

- Oracle Java の Java Runtime Environment (JRE) には詳細不明の脆弱性が存在し,2D に関連する要因によって,リモートの攻撃者が機密性,整合性,可用性に影響を与える脆弱性があります。(CVE-2012-1713)

- Oracle Java の Java Runtime Environment (JRE) には詳細不明の脆弱性が存在し,Swing に関連する要因によって,リモートの攻撃者が機密性,整合性,可用性に影響を与える脆弱性があります。(CVE-2012-1716)

- Oracle Java の Java Runtime Environment (JRE) には詳細不明の脆弱性が存在し,Solaris あるいは Linux 上での印刷に関連する要因によって,リモートの攻撃者が機密性,整合性,可用性に影響を与える脆弱性があります。(CVE-2012-1717)

- Oracle Java の Java Runtime Environment (JRE) には詳細不明の脆弱性が存在し,セキュリティに関連する要因によって,リモートの攻撃者が可用性に影響を与える脆弱性があります。(CVE-2012-1718)

- Oracle Java の Java Runtime Environment (JRE) には詳細不明の脆弱性が存在し,Hotspot に関連する要因によって,リモートの攻撃者が機密性,整合性,可用性に影響を与える脆弱性があります。(CVE-2012-1723)

- Oracle Java の Java Runtime Environment (JRE) には詳細不明の脆弱性が存在し,リモートの攻撃者が JAXP に関連する可用性に影響を与える脆弱性があります。(CVE-2012-1724)

- Oracle Java の Java Runtime Environment (JRE) には詳細不明の脆弱性が存在し,Hotspot に関連する要因によって,リモートの攻撃者が機密性,整合性,可用性に影響を与える脆弱性があります。(CVE-2012-1725)

一部CVEの翻訳文はJVNからの引用になります。
http://jvndb.jvn.jp

解決策: 

パッケージをアップデートしてください。

CVE: 
CVE-2012-1711
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 update 4 and earlier, 6 update 32 and earlier, 5 update 35 and earlier, and 1.4.2_37 and earlier allows remote attackers to affect confidentiality, integrity, and availability, related to CORBA.
CVE-2012-1713
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 update 4 and earlier, 6 update 32 and earlier, 5 update 35 and earlier, 1.4.2_37 and earlier, and JavaFX 2.1 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D.
CVE-2012-1716
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 update 4 and earlier, 6 update 32 and earlier, and 5 update 35 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Swing.
CVE-2012-1717
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 update 4 and earlier, 6 update 32 and earlier, 5 update 35 and earlier, and 1.4.2_37 and earlier allows local users to affect confidentiality via unknown vectors related to printing on Solaris or Linux.
CVE-2012-1718
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 update 4 and earlier, 6 update 32 and earlier, 5 update 35 and earlier, and 1.4.2_37 and earlier allows remote attackers to affect availability via unknown vectors related to Security.
CVE-2012-1719
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 update 4 and earlier, 6 update 32 and earlier, 5 update 35 and earlier, and 1.4.2_37 and earlier allows remote attackers to affect integrity, related to CORBA.
CVE-2012-1723
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 update 4 and earlier, 6 update 32 and earlier, 5 update 35 and earlier, and 1.4.2_37 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Hotspot.
CVE-2012-1724
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 update 4 and earlier, and 6 update 32 and earlier, allows remote attackers to affect availability, related to JAXP.
CVE-2012-1725
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 update 4 and earlier, 6 update 32 and earlier, and 5 update 35 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Hotspot.




追加情報: 

N/A

ダウンロード: 

SRPMS
  1. java-1.6.0-openjdk-1.6.0.0-1.48.1.11.3.AXS4.src.rpm
    MD5: 5901d45bfe83a6c1fb6fbea7c75515b2
    SHA-256: 3fdd43474fdb5c432ae45b2fc1dfe7365b45546c7151de8e64636aa9686cd052
    Size: 62.13 MB

Asianux Server 4 for x86
  1. java-1.6.0-openjdk-1.6.0.0-1.48.1.11.3.AXS4.i686.rpm
    MD5: f42c75f091fc2a0f4b1a835a667a5f1c
    SHA-256: 3b13802dde3edb84c486029697fa72a385c73f703527fea06b09121bd40dfe7c
    Size: 26.04 MB
  2. java-1.6.0-openjdk-devel-1.6.0.0-1.48.1.11.3.AXS4.i686.rpm
    MD5: b7d9ba3ec041cdf3e3c62cf05f05aa46
    SHA-256: 4fcb7dd097e8743b0cb0d164fa33de15ef584da0eb4278bd80786c3d4b85dc79
    Size: 8.54 MB
  3. java-1.6.0-openjdk-javadoc-1.6.0.0-1.48.1.11.3.AXS4.i686.rpm
    MD5: bfad115f916ddd715a055d6f928f5bda
    SHA-256: 498c34dfb647cf9ece73175a817f4bfe508cd0cd012391b9c64c34bbdceaf455
    Size: 14.37 MB

Asianux Server 4 for x86_64
  1. java-1.6.0-openjdk-1.6.0.0-1.48.1.11.3.AXS4.x86_64.rpm
    MD5: c1dc303864307c331732e2dac8fed6d3
    SHA-256: af961220245e554914e223a672b6d133465c3e200280423bc81c778d05890e63
    Size: 25.06 MB
  2. java-1.6.0-openjdk-devel-1.6.0.0-1.48.1.11.3.AXS4.x86_64.rpm
    MD5: 592ff8c8a35aa2163e09305b689713ea
    SHA-256: 8265a50e45fea4cadaf60a916d637bc1414a73dd86db734dfea9bcf8e1d7261e
    Size: 8.53 MB
  3. java-1.6.0-openjdk-javadoc-1.6.0.0-1.48.1.11.3.AXS4.x86_64.rpm
    MD5: a9f537843e6ee29fb3f63f0d845a52d9
    SHA-256: f95c386c07768edc35210679b5bcf5a5b14a40136c9ea5039a43d1639e018991
    Size: 14.38 MB