Fedora 16 : java-1.6.0-openjdk-1.6.0.0-71.1.11.6.fc16 (2013-2197)

This script is Copyright (C) 2013-2015 Tenable Network Security, Inc.


Synopsis :

The remote Fedora host is missing a security update.

Description :

This is rebuild of java-1.6.0-openjdk-1.6.0.0-69.1.11.6.fc16 with
removed 7201064 and added 8005615 so :

kept rewritten java-1.6.0-openjdk-java-access-bridgesecurity.patch
kept icedtea6 1.11.6 Security fixes: S8005615, fix for S6664509
S6563318, CVE-2013-0424: RMI data sanitization S6664509,
CVE-2013-0425: Add logging context S6664528, CVE-2013-0426: Find log
level matching its name or value given at construction time S6776941:
CVE-2013-0427: Improve thread pool shutdown S7141694, CVE-2013-0429:
Improving CORBA internals S7173145: Improve in-memory representation
of splashscreens S7186945: Unpack200 improvement S7186946: Refine
unpacker resource usage S7186948: Improve Swing data validation
S7186952, CVE-2013-0432: Improve clipboard access S7186954: Improve
connection performance S7186957: Improve Pack200 data validation
S7192392, CVE-2013-0443: Better validation of client keys S7192393,
CVE-2013-0440: Better Checking of order of TLS Messages S7192977,
CVE-2013-0442: Issue in toolkit thread S7197546, CVE-2013-0428:
(proxy) Reflect about creating reflective proxies S7200491: Tighten up
JTable layout code S7200500: Launcher better input validation
S7201066, CVE-2013-0441: Change modifiers on unused fields S7201068,
CVE-2013-0435: Better handling of UI elements S7201070: Serialization
to conform to protocol S7201071, CVE-2013-0433: InetSocketAddress
serialization issue S8000210: Improve JarFile code quality S8000537,
CVE-2013-0450: Contextualize RequiredModelMBean class S8000540,
CVE-2013-1475: Improve IIOP type reuse management S8000631,
CVE-2013-1476: Restrict access to class constructor S8001235,
CVE-2013-0434: Improve JAXP HTTP handling S8001242: Improve RMI HTTP
conformance S8001307: Modify ACC_SUPER behavior S8001972,
CVE-2013-1478: Improve image processing S8002325, CVE-2013-1480:
Improve management of images Backports S7010849: 5/5 Extraneous javac
source/target options when building sa-jdi

Note that Tenable Network Security has extracted the preceding
description block directly from the Fedora security advisory. Tenable
has attempted to automatically clean and format it as much as possible
without introducing additional issues.

See also :

http://www.nessus.org/u?84699316

Solution :

Update the affected java-1.6.0-openjdk package.

Risk factor :

High

Family: Fedora Local Security Checks

Nessus Plugin ID: 64548 ()

Bugtraq ID:

CVE ID:

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now