Scientific Linux Security Update : java (jdk 1.6.0) on SL4.x, SL5.x i386/x86_64

This script is Copyright (C) 2012 Tenable Network Security, Inc.


Synopsis :

The remote Scientific Linux host is missing one or more security
updates.

Description :

This update fixes several vulnerabilities in the Sun Java 6 Runtime
Environment and the Sun Java 6 Software Development Kit. These
vulnerabilities are summarized on the 'Advance notification of
Security Updates for Java SE' page from Sun Microsystems, listed in
the References section.

All running instances of Sun Java must be restarted for the update to
take effect.

Note: jdk-1.6.0_13-fcs.x86_64.rpm could not be signed. All other rpm's
are signed with the usual signature.

See also :

http://www.nessus.org/u?0403b28c

Solution :

Update the affected java-1.6.0-sun-compat and / or jdk packages.

Risk factor :

Critical / CVSS Base Score : 10.0
(CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C)