Fedora 13 : java-1.6.0-openjdk- (2010-12759)

High Nessus Plugin ID 48331


The remote Fedora host is missing a security update.


# S6678385, RH551835: Fixes jvm crashes when window is resized. # Produces the 'expected' behavior for full screen applications, when running the Metacity window manager. # PR453, OJ100142: Fix policy evaluation to match the proprietary JDK. # IcedTeaNPPlugin. * RH524387: javax.net.ssl.SSLKeyException: RSA premaster secret error * Set context classloader for all threads in an applet's threadgroup * PR436: Close all applet threads on exit * PR480: NPPlugin with NoScript extension. * PR488: Question mark changing into underscore in URL. * RH592553: Fix bug causing 100% CPU usage. * Don't generate a random pointer from a pthread_t in the debug output. * Add ForbiddenTargetException for legacy support.

- Use variadic macro for plugin debug message printing. * Don't link the plugin with libxul libraries. * Fix race conditions in plugin initialization code that were causing hangs. * RH506730: BankID (Norwegian common online banking authentication system) applet fails to load. * PR491: pass java_{code,codebase,archive} parameters to Java. * Adds javawebstart.version property and give user permission to read that property. # NetX:
* Fix security flaw in NetX that allows arbitrary unsigned apps to set any java property. * Fix a flaw that allows unsigned code to access any file on the machine (accessible to the user) and write to it. * Make path sanitization consistent; use a blacklisting approach. * Make the SingleInstanceServer thread a daemon thread. * Handle JNLP files which use native libraries but do not indicate it * Allow JNLP classloaders to share native libraries * Added encoding support # PulseAudio: * Eliminate spurious exception throwing. # Zero/Shark: * PR483: Fix miscompilation of sun.misc.Unsafe::getByte. * PR324,PR481: Fix Shark VM crash. * Fix Zero build on Hitachi SH. # SystemTap support: * PR476: Enable building SystemTap support on GCC 4.5.

Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.


Update the affected java-1.6.0-openjdk package.

See Also


Plugin Details

Severity: High

ID: 48331

File Name: fedora_2010-12759.nasl

Version: $Revision: 1.7 $

Type: local

Agent: unix

Published: 2010/08/14

Modified: 2015/10/20

Dependencies: 12634

Risk Information

Risk Factor: High

Vulnerability Information

CPE: p-cpe:/a:fedoraproject:fedora:java-1.6.0-openjdk, cpe:/o:fedoraproject:fedora:13

Required KB Items: Host/local_checks_enabled, Host/RedHat/release, Host/RedHat/rpm-list

Patch Publication Date: 2010/08/13

Reference Information

OSVDB: 75193, 75194

FEDORA: 2010-12759