java-1.8.0-openjdk-1.8.0.91-0.b14.AXS4
エラータID: AXSA:2016-213:03
リリース日:
2016/04/21 Thursday - 09:38
題名:
java-1.8.0-openjdk-1.8.0.91-0.b14.AXS4
影響のあるチャネル:
Asianux Server 4 for x86_64
Asianux Server 4 for x86
Severity:
High
Description:
以下項目について対処しました。
[Security Fix]
- Oracle Java SE には,Serialization に関連する要因によって,リモートの
攻撃者が機密性,完全性,可用性に影響を与える脆弱性があります。(CVE-
2016-0686)
- Oracle Java SE には,Hotspot サブコンポーネントに関連する要因によっ
て,リモートの攻撃者が機密性,完全性,可用性に影響を与える詳細不明な
脆弱性があります。(CVE-2016-0687)
- Oracle Java SE には,Security に関連する要因によって,リモートの攻撃
者が機密性に影響を与える詳細不明な脆弱性があります。(CVE-2016-0695)
- Oracle Java SE には,JAXP に関連する要因によって,リモートの攻撃者が可
用性に影響を与える詳細不明な脆弱性があります。(CVE-2016-3425)
- Oracle Java SE には,JCE に関連する要因によって,リモートの攻撃者が機
密性に影響を与える詳細不明な脆弱性があります。(CVE-2016-3426)
- Oracle Java SE には,JMX に関連する要因によって,リモートの攻撃者が
機密性,完全性,可用性に影響を与える詳細不明な脆弱性があります。(CVE-
2016-3427)
一部CVEの翻訳文はJVNからの引用になります。
http://jvndb.jvn.jp/
解決策:
パッケージをアップデートしてください。
CVE:
CVE-2016-0686
Unspecified vulnerability in Oracle Java SE 6u113, 7u99, and 8u77 and Java SE Embedded 8u77 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to Serialization.
Unspecified vulnerability in Oracle Java SE 6u113, 7u99, and 8u77 and Java SE Embedded 8u77 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to Serialization.
CVE-2016-0687
Unspecified vulnerability in Oracle Java SE 6u113, 7u99, and 8u77 and Java SE Embedded 8u77 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to the Hotspot sub-component.
Unspecified vulnerability in Oracle Java SE 6u113, 7u99, and 8u77 and Java SE Embedded 8u77 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to the Hotspot sub-component.
CVE-2016-0695
Unspecified vulnerability in Oracle Java SE 6u113, 7u99, and 8u77; Java SE Embedded 8u77; and JRockit R28.3.9 allows remote attackers to affect confidentiality via vectors related to Security.
Unspecified vulnerability in Oracle Java SE 6u113, 7u99, and 8u77; Java SE Embedded 8u77; and JRockit R28.3.9 allows remote attackers to affect confidentiality via vectors related to Security.
CVE-2016-3425
Unspecified vulnerability in Oracle Java SE 6u113, 7u99, and 8u77; Java SE Embedded 8u77; and JRockit R28.3.9 allows remote attackers to affect availability via vectors related to JAXP.
Unspecified vulnerability in Oracle Java SE 6u113, 7u99, and 8u77; Java SE Embedded 8u77; and JRockit R28.3.9 allows remote attackers to affect availability via vectors related to JAXP.
CVE-2016-3426
Unspecified vulnerability in Oracle Java SE 8u77 and Java SE Embedded 8u77 allows remote attackers to affect confidentiality via vectors related to JCE.
Unspecified vulnerability in Oracle Java SE 8u77 and Java SE Embedded 8u77 allows remote attackers to affect confidentiality via vectors related to JCE.
CVE-2016-3427
Unspecified vulnerability in Oracle Java SE 6u113, 7u99, and 8u77; Java SE Embedded 8u77; and JRockit R28.3.9 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to JMX.
Unspecified vulnerability in Oracle Java SE 6u113, 7u99, and 8u77; Java SE Embedded 8u77; and JRockit R28.3.9 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to JMX.
追加情報:
N/A
ダウンロード:
SRPMS
- java-1.8.0-openjdk-1.8.0.91-0.b14.AXS4.src.rpm
MD5: adb3dd4f899ff87e2307509a8986f634
SHA-256: faaba5b1807184f1d76b95b44d21d6e3512a3a93c0e0d0f61e5493ad1a416245
Size: 52.46 MB
Asianux Server 4 for x86
- java-1.8.0-openjdk-1.8.0.91-0.b14.AXS4.i686.rpm
MD5: 3aeb96a4124109af3477199011e67583
SHA-256: 8c3f83fe591ea46e97515fccbf9a3867fe00df597f78627bb708e9de6753f377
Size: 176.45 kB - java-1.8.0-openjdk-devel-1.8.0.91-0.b14.AXS4.i686.rpm
MD5: 7e642fd99ca98b14793c30862a631446
SHA-256: a528b5face8f9eac0ff67f2418a0adf69c4003579c5064bbfed2ea263339e1d9
Size: 10.03 MB - java-1.8.0-openjdk-headless-1.8.0.91-0.b14.AXS4.i686.rpm
MD5: 4292b241e505ab8bae13f8d22b32ed36
SHA-256: 73125972190e88e14658ea31c448450b8a4e9977bd1493744df0d8dce1c7600f
Size: 31.07 MB
Asianux Server 4 for x86_64
- java-1.8.0-openjdk-1.8.0.91-0.b14.AXS4.x86_64.rpm
MD5: bdc3db2320586867cf7016bd585685d3
SHA-256: f584bf818b3fe36be0974b965cc5e78846fb32b56a0ed311fd0599042af73966
Size: 190.44 kB - java-1.8.0-openjdk-devel-1.8.0.91-0.b14.AXS4.x86_64.rpm
MD5: 308848d697ce822ec59de82823e1f95e
SHA-256: 611b70954ffd988f9d79ca6bcd068a06a79194498d2a36943258766d0b0d78fb
Size: 10.03 MB - java-1.8.0-openjdk-headless-1.8.0.91-0.b14.AXS4.x86_64.rpm
MD5: 273bd978037cf761c1a4b3057985e569
SHA-256: 369accb9262860d6d3f73ffb21108fc20f7d68c0d90f08da47006255bad12743
Size: 31.72 MB
English