Security packages for Java posted for testing (SL 4 and SL5)

Mon, 24 Oct 2011 11:21:25 -0700 

Security packages for Java posted for testing at

ftp://ftp.scientificlinux.org/linux/scientific/40rolling/testing/i386/RPMS/
ftp://ftp.scientificlinux.org/linux/scientific/40rolling/testing/x86_64/RPMS/
ftp://ftp.scientificlinux.org/linux/scientific/5rolling/testing/i386/
ftp://ftp.scientificlinux.org/linux/scientific/5rolling/testing/x86_64/
Next week these packages will be officially released. This delay is to allow you time to test and verify your production applications will run as expected once this security update is applied.
If you do not want this security update please consult your site's local security policy to determine how you should proceed. Scientific Linux will automatically feature this update next week. 




The update advisory is posted below:

Synopsis:    Critical: java-1.6.0-sun security update
Issue Date:  2011-10-19
CVE Numbers: CVE-2011-3389
             CVE-2011-3560
             CVE-2011-3547
             CVE-2011-3551
             CVE-2011-3552
             CVE-2011-3544
             CVE-2011-3521
             CVE-2011-3554
             CVE-2011-3556
             CVE-2011-3557
             CVE-2011-3548
             CVE-2011-3553
             CVE-2011-3558
             CVE-2011-3545
             CVE-2011-3549
             CVE-2011-3550
             CVE-2011-3516
             CVE-2011-3546
             CVE-2011-3555
             CVE-2011-3561


The Sun 1.6.0 Java release includes the Sun Java 6 Runtime Environment and
the Sun Java 6 Software Development Kit.

This update fixes several vulnerabilities in the Sun Java 6 Runtime
Environment and the Sun Java 6 Software Development Kit. Further
information about these flaws can be found on the Oracle Java SE Critical
Patch page, listed in the References section. (CVE-2011-3389,
CVE-2011-3516, CVE-2011-3521, CVE-2011-3544, CVE-2011-3545, CVE-2011-3546,
CVE-2011-3547, CVE-2011-3548, CVE-2011-3549, CVE-2011-3550, CVE-2011-3551,
CVE-2011-3552, CVE-2011-3553, CVE-2011-3554, CVE-2011-3555, CVE-2011-3556,
CVE-2011-3557, CVE-2011-3558, CVE-2011-3560, CVE-2011-3561)

All users of java-1.6.0-sun are advised to upgrade to these updated
packages, which provide JDK and JRE 6 Update 29 and resolve these issues.
All running instances of Sun Java must be restarted for the update to take
effect.

--
Pat Riehecky
Scientific Linux Developer

Reply via email to