java-1.6.0-openjdk-1.6.0.0-1.50.1.11.5.AXS4
エラータID: AXSA:2012-966:05
以下項目について対処しました。
[Security Fix]
- Oracle Java SE の Java Runtime Environment (JRE) には、ライブラリに関する処理に不備があるため、機密性に影響のある脆弱性が存在します。(CVE-2012-3216)
- Oracle Java SE の Java Runtime Environment (JRE) には、Hotspot に関する処理に不備があるため、機密性および完全性に影響のある脆弱性が存在します。(CVE-2012-4416)
- Oracle Java SE の Java Runtime Environment (JRE) には、ライブラリに関する処理に不備があるため、機密性、完全性、可用性に影響のある脆弱性が存在します。(CVE-2012-5068)
- Oracle Java SE の Java Runtime Environment (JRE) には、Concurrency に関する処理に不備があるため、機密性および完全性に影響のある脆弱性が存在します。(CVE-2012-5069)
- Oracle Java SE の Java Runtime Environment (JRE) には、JMX に関する処理に不備があるため、機密性および完全性に影響のある脆弱性が存在します。(CVE-2012-5071)
- Oracle Java SE の Java Runtime Environment (JRE) には、Security に関する処理に不備があるため、機密性に影響のある脆弱性が存在します。(CVE-2012-5072)
- Oracle Java SE の Java Runtime Environment (JRE) には、ライブラリに関する処理に不備があるため、完全性に影響のある脆弱性が存在します。(CVE-2012-5073)
- Oracle Java SE の Java Runtime Environment (JRE) には、JMX に関する処理に不備があるため、機密性に影響のある脆弱性が存在します。(CVE-2012-5075)
- Oracle Java SE の Java Runtime Environment (JRE) には、Security に関する処理に不備があるため、機密性に影響のある脆弱性が存在します。(CVE-2012-5077)
- Oracle Java SE の Java Runtime Environment (JRE) には、ライブラリに関する処理に不備があるため、完全性に影響のある脆弱性が存在します。(CVE-2012-5079)
- Oracle Java SE の Java Runtime Environment (JRE) には、JSSE に関する処理に不備があるため、可用性に影響のある脆弱性が存在します。(CVE-2012-5081)
- Oracle Java SE の Java Runtime Environment (JRE) には、Swing に関する処理に不備があるため、機密性、完全性、可用性に影響のある脆弱性が存在します。(CVE-2012-5084)
- Oracle Java SE の Java Runtime Environment (JRE) には、Networking に関する処理に不備があるため、不特定の影響を受ける脆弱性が存在します。(CVE-2012-5085)
- Oracle Java SE の Java Runtime Environment (JRE) には、Beans に関する処理に不備があるため、機密性、完全性、可用性に影響のある脆弱性が存在します。(CVE-2012-5086)
- Oracle Java SE の Java Runtime Environment (JRE) には、JMX に関する処理に不備があるため、機密性、完全性、可用性に影響のある脆弱性が存在します。(CVE-2012-5089)
一部 CVE の翻訳文は JVN からの引用になります。
http://jvndb.jvn.jp/
パッケージをアップデートしてください。
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, 6 Update 35 and earlier, 5.0 Update 36 and earlier, and 1.4.2_38 and earlier allows remote attackers to affect confidentiality via unknown vectors related to Libraries.
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, and 6 Update 35 and earlier, allows remote attackers to affect confidentiality and integrity via unknown vectors related to Hotspot.
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, and 6 Update 35 and earlier, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries.
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, 6 Update 35 and earlier, and 5.0 Update 36 and earlier allows remote attackers to affect confidentiality and integrity via unknown vectors related to Concurrency.
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, 6 Update 35 and earlier, and 5.0 Update 36 and earlier allows remote attackers to affect confidentiality and integrity, related to JMX.
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, and 6 Update 35 and earlier, allows remote attackers to affect confidentiality via unknown vectors related to Security.
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, 6 Update 35 and earlier, 5.0 Update 36 and earlier, and 1.4.2_38 and earlier allows remote attackers to affect integrity via unknown vectors related to Libraries, a different vulnerability than CVE-2012-5079.
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, 6 Update 35 and earlier, and 5.0 Update 36 and earlier allows remote attackers to affect confidentiality, related to JMX.
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, 6 Update 35 and earlier, 5.0 Update 36 and earlier, and 1.4.2_38 and earlier allows remote attackers to affect confidentiality via unknown vectors related to Security.
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, 6 Update 35 and earlier, 5.0 Update 36 and earlier, and 1.4.2_38 and earlier allows remote attackers to affect integrity via unknown vectors related to Libraries, a different vulnerability than CVE-2012-5073.
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, 6 Update 35 and earlier, 5.0 Update 36 and earlier, and 1.4.2_38 and earlier allows remote attackers to affect availability, related to JSSE.
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, 6 Update 35 and earlier, 5.0 Update 36 and earlier, and 1.4.2_38 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Swing.
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, 6 Update 35 and earlier, 5.0 Update 36 and earlier, and 1.4.2_38 and earlier allows remote authenticated users to have an unspecified impact via unknown vectors related to Networking. NOTE: the Oracle CPU states that this issue has a 0.0 CVSS score. If so, then this is not a vulnerability and this issue should not be included in CVE.
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, and 6 Update 35 and earlier, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Beans.
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, 6 Update 35 and earlier, and 5.0 Update 36 and earlier allows remote attackers to affect confidentiality, integrity, and availability, related to JMX, a different vulnerability than CVE-2012-3143.
N/A
SRPMS
- java-1.6.0-openjdk-1.6.0.0-1.50.1.11.5.AXS4.src.rpm
MD5: 89bc037a077861e0b35ac0e4e776dbbd
SHA-256: 8ae09501f68af41c724c60cfab111c7dacd9a674205bfd18d3bc3dabe06d7498
Size: 62.13 MB
Asianux Server 4 for x86
- java-1.6.0-openjdk-1.6.0.0-1.50.1.11.5.AXS4.i686.rpm
MD5: ddf68c1ef2c6c0ae67ded32cfd64c977
SHA-256: b7a5572b78d1484ec489a1abaaee4cd6661e452c5e9fc5ce21c96ce1d88b46d1
Size: 26.05 MB - java-1.6.0-openjdk-devel-1.6.0.0-1.50.1.11.5.AXS4.i686.rpm
MD5: ec947e38286ca0686658b7fb5643af3d
SHA-256: 65f078f2ac579bd144a4c0eeec896aaf6e2b27a2f44c4143968a3d11659b2220
Size: 8.55 MB - java-1.6.0-openjdk-javadoc-1.6.0.0-1.50.1.11.5.AXS4.i686.rpm
MD5: 92ea50247cc79d5213819bd42d8a1d6e
SHA-256: c3d7de959ca62b884f8719daba3006a397b9297a787c4f818fbb45bc7458b1a0
Size: 14.37 MB
Asianux Server 4 for x86_64
- java-1.6.0-openjdk-1.6.0.0-1.50.1.11.5.AXS4.x86_64.rpm
MD5: 96392d7e8ccd470f208a16da7185bbce
SHA-256: 5d42acd5ed7f3a50018c9d57ebd1eba55d45f947c1cb507f174a97e2a12341f9
Size: 25.07 MB - java-1.6.0-openjdk-devel-1.6.0.0-1.50.1.11.5.AXS4.x86_64.rpm
MD5: 1370a185b14b0ded6ada7f8cf1265937
SHA-256: d0d9c13c39237de179a02f4580446d63fa18d64e307a0f5a4470c4bddb16b2df
Size: 8.53 MB - java-1.6.0-openjdk-javadoc-1.6.0.0-1.50.1.11.5.AXS4.x86_64.rpm
MD5: f38c450efb4f95bab30a7c4c2abcf02c
SHA-256: ff542c3a6bb7e587e59ebe43de13d1c4584aa993e82d90aced5bf54ddb738bd6
Size: 14.38 MB