CentOS 6 : java-1.7.0-openjdk (CESA-2016:0511)
High Nessus Plugin ID 90156
SynopsisThe remote CentOS host is missing one or more security updates.
DescriptionAn update for java-1.7.0-openjdk is now available for Red Hat Enterprise Linux 6.
Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
The java-1.7.0-openjdk packages provide the OpenJDK 7 Java Runtime Environment and the OpenJDK 7 Java Software Development Kit for compiling and executing Java programs.
Security Fix(es) :
* An improper type safety check was discovered in the Hotspot component. An untrusted Java application or applet could use this flaw to bypass Java Sandbox restrictions. (CVE-2016-0636)
SolutionUpdate the affected java-1.7.0-openjdk packages.