java-1.6.0-openjdk-1.6.0.33-1.13.5.0.AXS4
エラータID: AXSA:2014-605:05
リリース日:
2014/10/20 Monday - 15:32
題名:
java-1.6.0-openjdk-1.6.0.33-1.13.5.0.AXS4
影響のあるチャネル:
Asianux Server 4 for x86_64
Asianux Server 4 for x86
Severity:
High
Description:
以下項目について対処しました。
[Security Fix]
- Oracle Java には,JSSE に関連する要因によって,リモートの攻撃者が機密性,整合性に影響を与える詳細不明の脆弱性があります。(CVE-2014-6457)
- Oracle Java には,Libraries に関連する要因によって,リモートの攻撃者が整合性に影響を与える詳細不明の脆弱性があります。(CVE-2014-6502)
- Oracle Java には,HotSpot に関連する要因によって,リモートの攻撃者が機密性に影響を与える詳細不明の脆弱性があります。(CVE-2014-6504)
- Oracle の Java には,Libraries に関連する要因によって,リモートの攻撃者が機密性,整合性,可用性に影響を与える詳細不明の脆弱性があります。 (CVE-2014-6506)
- Oracle Java には,2D に関連する要因によって,リモートの攻撃者が機密性に影響を与える詳細不明の脆弱性が存在します。 (CVE-2014-6511)
- Oracle Java には,JAXP に関連する要因によって,リモートの攻撃者が機密性に影響を与える詳細不明の脆弱性があります。(CVE-2014-6517)
- Oracle Java には,Hotspot に関連する要因によって,リモートの攻撃者が整合性に影響を与える詳細不明の脆弱性があります。(CVE-2014-6519)
- Oracle Java には,Libraries に関連する要因によって,リモートの攻撃者が機密性に影響を与える詳細不明の脆弱性があります。(CVE-2014-6531)
- Oracle Java には,Security に関連する要因によって,リモートの攻撃者が機密性に影響を与える詳細不明の脆弱性があります。 (CVE-2014-6558)
一部CVEの翻訳文はJVNからの引用になります。
http://jvndb.jvn.jp/
解決策:
パッケージをアップデートしてください。
CVE:
CVE-2014-6457
Unspecified vulnerability in Oracle Java SE 5.0u71, 6u81, 7u67, and 8u20; Java SE Embedded 7u60; and JRockit R27.8.3, and R28.3.3 allows remote attackers to affect confidentiality and integrity via vectors related to JSSE.
Unspecified vulnerability in Oracle Java SE 5.0u71, 6u81, 7u67, and 8u20; Java SE Embedded 7u60; and JRockit R27.8.3, and R28.3.3 allows remote attackers to affect confidentiality and integrity via vectors related to JSSE.
CVE-2014-6502
Unspecified vulnerability in Oracle Java SE 5.0u71, 6u81, 7u67, and 8u20, and Java SE Embedded 7u60, allows remote attackers to affect integrity via unknown vectors related to Libraries.
Unspecified vulnerability in Oracle Java SE 5.0u71, 6u81, 7u67, and 8u20, and Java SE Embedded 7u60, allows remote attackers to affect integrity via unknown vectors related to Libraries.
CVE-2014-6504
Unspecified vulnerability in Oracle Java SE 5.0u71, 6u81, and 7u67, and Java SE Embedded 7u60, allows remote attackers to affect confidentiality via unknown vectors related to Hotspot.
Unspecified vulnerability in Oracle Java SE 5.0u71, 6u81, and 7u67, and Java SE Embedded 7u60, allows remote attackers to affect confidentiality via unknown vectors related to Hotspot.
CVE-2014-6506
Unspecified vulnerability in Oracle Java SE 5.0u71, 6u81, 7u67, and 8u20, and Java SE Embedded 7u60, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries.
Unspecified vulnerability in Oracle Java SE 5.0u71, 6u81, 7u67, and 8u20, and Java SE Embedded 7u60, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries.
CVE-2014-6511
Unspecified vulnerability in Oracle Java SE 5.0u71, 6u81, 7u67, and 8u20 allows remote attackers to affect confidentiality via unknown vectors related to 2D.
Unspecified vulnerability in Oracle Java SE 5.0u71, 6u81, 7u67, and 8u20 allows remote attackers to affect confidentiality via unknown vectors related to 2D.
CVE-2014-6512
Unspecified vulnerability in Oracle Java SE 5.0u71, 6u81, 7u67, and 8u20; Java SE Embedded 7u60; and JRockit R27.8.3 and R28.3.3 allows remote attackers to affect integrity via unknown vectors related to Libraries.
Unspecified vulnerability in Oracle Java SE 5.0u71, 6u81, 7u67, and 8u20; Java SE Embedded 7u60; and JRockit R27.8.3 and R28.3.3 allows remote attackers to affect integrity via unknown vectors related to Libraries.
CVE-2014-6517
Unspecified vulnerability in Oracle Java SE 6u81, 7u67, and 8u20; Java SE Embedded 7u60; and Jrockit R27.8.3 and R28.3.3 allows remote attackers to affect confidentiality via vectors related to JAXP.
Unspecified vulnerability in Oracle Java SE 6u81, 7u67, and 8u20; Java SE Embedded 7u60; and Jrockit R27.8.3 and R28.3.3 allows remote attackers to affect confidentiality via vectors related to JAXP.
CVE-2014-6519
Unspecified vulnerability in Oracle Java SE 7u67 and 8u20, and Java SE Embedded 7u60, allows remote attackers to affect integrity via unknown vectors related to Hotspot.
Unspecified vulnerability in Oracle Java SE 7u67 and 8u20, and Java SE Embedded 7u60, allows remote attackers to affect integrity via unknown vectors related to Hotspot.
CVE-2014-6531
Unspecified vulnerability in Oracle Java SE 5.0u71, 6u81, 7u67, and 8u20, and Java SE Embedded 7u60, allows remote attackers to affect confidentiality via unknown vectors related to Libraries.
Unspecified vulnerability in Oracle Java SE 5.0u71, 6u81, 7u67, and 8u20, and Java SE Embedded 7u60, allows remote attackers to affect confidentiality via unknown vectors related to Libraries.
CVE-2014-6558
Unspecified vulnerability in Oracle Java SE 5.0u71, 6u81, 7u67, and 8u20; Java SE Embedded 7u60; and JRockit R27.8.3 and JRockit R28.3.3 allows remote attackers to affect integrity via unknown vectors related to Security.
Unspecified vulnerability in Oracle Java SE 5.0u71, 6u81, 7u67, and 8u20; Java SE Embedded 7u60; and JRockit R27.8.3 and JRockit R28.3.3 allows remote attackers to affect integrity via unknown vectors related to Security.
追加情報:
N/A
ダウンロード:
SRPMS
- java-1.6.0-openjdk-1.6.0.33-1.13.5.0.AXS4.src.rpm
MD5: 26d905990a82e392b4435ed28ab99432
SHA-256: ddafcc4cbf04f26ce18cfd4c5a36471002595bd5dac371e99506ba8dd683d463
Size: 35.95 MB
Asianux Server 4 for x86
- java-1.6.0-openjdk-1.6.0.33-1.13.5.0.AXS4.i686.rpm
MD5: f6268d27e0daa768341c1b179993433e
SHA-256: 511fdc0424cc1f7000e2ed4b4b92b36965fa5261d9ccfca50eb1bccc06cadc28
Size: 41.95 MB - java-1.6.0-openjdk-devel-1.6.0.33-1.13.5.0.AXS4.i686.rpm
MD5: ce526fdd79d678693252f247c342aaa4
SHA-256: 4c5cbaaf1f209e280bafb76e2d2a9bb61109ba52e594adefc30b8c0f2354a55b
Size: 14.54 MB - java-1.6.0-openjdk-javadoc-1.6.0.33-1.13.5.0.AXS4.i686.rpm
MD5: 7456797d58d55eb34f909eedf3ef36ab
SHA-256: 435bf6efa7cd91aec6bc9727b34268100f31e3b3582f22ee29929dd8000f0f5c
Size: 14.62 MB
Asianux Server 4 for x86_64
- java-1.6.0-openjdk-1.6.0.33-1.13.5.0.AXS4.x86_64.rpm
MD5: a73f071d2253564a68c099d57e0e8a14
SHA-256: c010a8c19ca2277decf66b1dbcada75a4f3d0edd0bb10e404f3701d7d322c701
Size: 41.12 MB - java-1.6.0-openjdk-devel-1.6.0.33-1.13.5.0.AXS4.x86_64.rpm
MD5: 93cc3563b79dc1e0a73ada63cb7635c9
SHA-256: 0caa478d05604b745eddd7c7f7f69820ff453e80b05e272d03f0ed45c76622f8
Size: 14.54 MB - java-1.6.0-openjdk-javadoc-1.6.0.33-1.13.5.0.AXS4.x86_64.rpm
MD5: 4ff43d783d876fc25de506f424076835
SHA-256: d48824a0677cd0d83469cc4874076ef4b0ca2dd1d76bd894e9a11b37c2864ea2
Size: 14.62 MB