Detections
Analytics

Fedora 16 : java-1.6.0-openjdk-1.6.0.0-71.1.11.6.fc16 (2013-2197)

high Nessus Plugin ID 64548

Language:

Synopsis

The remote Fedora host is missing a security update.

Description

This is rebuild of java-1.6.0-openjdk-1.6.0.0-69.1.11.6.fc16 with removed 7201064 and added 8005615 so :

kept rewritten java-1.6.0-openjdk-java-access-bridgesecurity.patch kept icedtea6 1.11.6 Security fixes: S8005615, fix for S6664509 S6563318, CVE-2013-0424: RMI data sanitization S6664509, CVE-2013-0425: Add logging context S6664528, CVE-2013-0426: Find log level matching its name or value given at construction time S6776941:
CVE-2013-0427: Improve thread pool shutdown S7141694, CVE-2013-0429:
Improving CORBA internals S7173145: Improve in-memory representation of splashscreens S7186945: Unpack200 improvement S7186946: Refine unpacker resource usage S7186948: Improve Swing data validation S7186952, CVE-2013-0432: Improve clipboard access S7186954: Improve connection performance S7186957: Improve Pack200 data validation S7192392, CVE-2013-0443: Better validation of client keys S7192393, CVE-2013-0440: Better Checking of order of TLS Messages S7192977, CVE-2013-0442: Issue in toolkit thread S7197546, CVE-2013-0428:
(proxy) Reflect about creating reflective proxies S7200491: Tighten up JTable layout code S7200500: Launcher better input validation S7201066, CVE-2013-0441: Change modifiers on unused fields S7201068, CVE-2013-0435: Better handling of UI elements S7201070: Serialization to conform to protocol S7201071, CVE-2013-0433: InetSocketAddress serialization issue S8000210: Improve JarFile code quality S8000537, CVE-2013-0450: Contextualize RequiredModelMBean class S8000540, CVE-2013-1475: Improve IIOP type reuse management S8000631, CVE-2013-1476: Restrict access to class constructor S8001235, CVE-2013-0434: Improve JAXP HTTP handling S8001242: Improve RMI HTTP conformance S8001307: Modify ACC_SUPER behavior S8001972, CVE-2013-1478: Improve image processing S8002325, CVE-2013-1480:
Improve management of images Backports S7010849: 5/5 Extraneous javac source/target options when building sa-jdi

Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

Solution

Update the affected java-1.6.0-openjdk package.

See Also

http://www.nessus.org/u?84699316

Plugin Details

Severity: High

ID: 64548

File Name: fedora_2013-2197.nasl

Version: 1.7

Type: local

Agent: unix

Published: 2/11/2013

Updated: 1/11/2021

Supported Sensors: Frictionless Assessment Agent, Nessus Agent, Agentless Assessment, Nessus

Vulnerability Information

CPE: p-cpe:/a:fedoraproject:fedora:java-1.6.0-openjdk, cpe:/o:fedoraproject:fedora:16

Required KB Items: Host/local_checks_enabled, Host/RedHat/release, Host/RedHat/rpm-list

Patch Publication Date: 2/9/2013

Reference Information

FEDORA: 2013-2197