Fedora 13 : java-1.6.0-openjdk- (2010-12759)

This script is Copyright (C) 2010-2015 Tenable Network Security, Inc.

Synopsis :

The remote Fedora host is missing a security update.

Description :

# S6678385, RH551835: Fixes jvm crashes when window is resized. #
Produces the 'expected' behavior for full screen applications, when
running the Metacity window manager. # PR453, OJ100142: Fix policy
evaluation to match the proprietary JDK. # IcedTeaNPPlugin. *
RH524387: javax.net.ssl.SSLKeyException: RSA premaster secret error *
Set context classloader for all threads in an applet's threadgroup *
PR436: Close all applet threads on exit * PR480: NPPlugin with
NoScript extension. * PR488: Question mark changing into underscore in
URL. * RH592553: Fix bug causing 100% CPU usage. * Don't generate a
random pointer from a pthread_t in the debug output. * Add
ForbiddenTargetException for legacy support.

- Use variadic macro for plugin debug message printing. *
Don't link the plugin with libxul libraries. * Fix race
conditions in plugin initialization code that were
causing hangs. * RH506730: BankID (Norwegian common
online banking authentication system) applet fails to
load. * PR491: pass java_{code,codebase,archive}
parameters to Java. * Adds javawebstart.version property
and give user permission to read that property. # NetX:
* Fix security flaw in NetX that allows arbitrary
unsigned apps to set any java property. * Fix a flaw
that allows unsigned code to access any file on the
machine (accessible to the user) and write to it. * Make
path sanitization consistent; use a blacklisting
approach. * Make the SingleInstanceServer thread a
daemon thread. * Handle JNLP files which use native
libraries but do not indicate it * Allow JNLP
classloaders to share native libraries * Added encoding
support # PulseAudio: * Eliminate spurious exception
throwing. # Zero/Shark: * PR483: Fix miscompilation of
sun.misc.Unsafe::getByte. * PR324,PR481: Fix Shark VM
crash. * Fix Zero build on Hitachi SH. # SystemTap
support: * PR476: Enable building SystemTap support on
GCC 4.5.

Note that Tenable Network Security has extracted the preceding
description block directly from the Fedora security advisory. Tenable
has attempted to automatically clean and format it as much as possible
without introducing additional issues.

See also :


Solution :

Update the affected java-1.6.0-openjdk package.

Risk factor :


Family: Fedora Local Security Checks

Nessus Plugin ID: 48331 (fedora_2010-12759.nasl)

Bugtraq ID:


Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now