Fedora 12 : java-1.6.0-openjdk-1.6.0.0-40.b18.fc12 (2010-12758)

high Nessus Plugin ID 48330

Language:

Synopsis

The remote Fedora host is missing a security update.

Description

# S6678385, RH551835: Fixes jvm crashes when window is resized. # Produces the 'expected' behavior for full screen applications, when running the Metacity window manager. # PR453, OJ100142: Fix policy evaluation to match the proprietary JDK. # IcedTeaNPPlugin. * RH524387: javax.net.ssl.SSLKeyException: RSA premaster secret error * Set context classloader for all threads in an applet's threadgroup * PR436: Close all applet threads on exit * PR480: NPPlugin with NoScript extension. * PR488: Question mark changing into underscore in URL. * RH592553: Fix bug causing 100% CPU usage. * Don't generate a random pointer from a pthread_t in the debug output. * Add ForbiddenTargetException for legacy support.

- Use variadic macro for plugin debug message printing. * Don't link the plugin with libxul libraries. * Fix race conditions in plugin initialization code that were causing hangs. * RH506730: BankID (Norwegian common online banking authentication system) applet fails to load. * PR491: pass java_{code,codebase,archive} parameters to Java. * Adds javawebstart.version property and give user permission to read that property. # NetX:
* Fix security flaw in NetX that allows arbitrary unsigned apps to set any java property. * Fix a flaw that allows unsigned code to access any file on the machine (accessible to the user) and write to it. * Make path sanitization consistent; use a blacklisting approach. * Make the SingleInstanceServer thread a daemon thread. * Handle JNLP files which use native libraries but do not indicate it * Allow JNLP classloaders to share native libraries * Added encoding support # PulseAudio: * Eliminate spurious exception throwing. # Zero/Shark: * PR483: Fix miscompilation of sun.misc.Unsafe::getByte. * PR324,PR481: Fix Shark VM crash. * Fix Zero build on Hitachi SH. # SystemTap support: * PR476: Enable building SystemTap support on GCC 4.5.

Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

Solution

Update the affected java-1.6.0-openjdk package.

See Also

http://www.nessus.org/u?4ffac2d2

Plugin Details

Severity: High

ID: 48330

File Name: fedora_2010-12758.nasl

Version: 1.10

Type: local

Agent: unix

Published: 8/14/2010

Updated: 1/11/2021

Supported Sensors: Frictionless Assessment Agent, Nessus Agent, Agentless Assessment, Nessus

Vulnerability Information

CPE: p-cpe:/a:fedoraproject:fedora:java-1.6.0-openjdk, cpe:/o:fedoraproject:fedora:12

Required KB Items: Host/local_checks_enabled, Host/RedHat/release, Host/RedHat/rpm-list

Patch Publication Date: 8/13/2010

Reference Information

FEDORA: 2010-12758