Oracle Linux 6 : java-1.7.0-openjdk (ELSA-2016-0511)
High Nessus Plugin ID 90174
SynopsisThe remote Oracle Linux host is missing one or more security updates.
DescriptionFrom Red Hat Security Advisory 2016:0511 :
An update for java-1.7.0-openjdk is now available for Red Hat Enterprise Linux 6.
Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
The java-1.7.0-openjdk packages provide the OpenJDK 7 Java Runtime Environment and the OpenJDK 7 Java Software Development Kit for compiling and executing Java programs.
Security Fix(es) :
* An improper type safety check was discovered in the Hotspot component. An untrusted Java application or applet could use this flaw to bypass Java Sandbox restrictions. (CVE-2016-0636)
SolutionUpdate the affected java-1.7.0-openjdk packages.