Mandriva Linux Security Advisory : java-1.6.0-openjdk (MDVSA-2012:021)
Critical Nessus Plugin ID 58026
SynopsisThe remote Mandriva Linux host is missing one or more security updates.
DescriptionMultiple security issues were identified and fixed in OpenJDK (icedtea6) :
Fix issues in java sound (CVE-2011-3563).
Fix in AtomicReferenceArray (CVE-2011-3571).
Add property to limit number of request headers to the HTTP Server (CVE-2011-5035).
Incorect checking for graphics rendering object (CVE-2012-0497).
Multiple unspecified vulnerabilities allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors (CVE-2012-0498. CVE-2012-0499, CVE-2012-0500).
Better input parameter checking in zip file processing (CVE-2012-0501).
Issues with some KeyboardFocusManager method (CVE-2012-0502).
Issues with TimeZone class (CVE-2012-0503).
Enhance exception throwing mechanism in ObjectStreamClass (CVE-2012-0505).
Issues with some method in corba (CVE-2012-0506).
The updated packages provides icedtea6-1.10.6 which is not vulnerable to these issues.
SolutionUpdate the affected packages.