Posted for testing: security packages for Java (SL5)

Tue, 23 Oct 2012 08:18:41 -0700 

Security packages for Java posted for testing at

ftp://ftp.scientificlinux.org/linux/scientific/5rolling/testing/i386/
ftp://ftp.scientificlinux.org/linux/scientific/5rolling/testing/x86_64/

Next week these packages will be officially released.  This delay is to
allow you time to test and verify your production applications will run
as expected once this security update is applied.

If you do not want this security update please consult your site's
local security policy to determine how you should proceed.  Scientific
Linux will automatically feature this update next week.

As a reminder, the openjdk Java environment is available in Scientific
Linux 5.  Updates for openjdk are released in a similar manner to other
security updates.  Additionally, Scientific Linux 6 does not bundle the
closed source Java environment.  So if you are planning to move to
Scientific Linux 6 in the future, you may wish to begin the java
migration to openjdk at this time.




The update advisory is posted below:

Synopsis:          Critical: java-1.6.0-sun security update
Issue Date:        2012-10-18
CVE Numbers:       CVE-2012-0547
                   CVE-2012-4416
                   CVE-2012-3216
                   CVE-2012-5068
                   CVE-2012-5077
                   CVE-2012-5073
                   CVE-2012-5075
                   CVE-2012-5072
                   CVE-2012-5081
                   CVE-2012-5086
                   CVE-2012-5084
                   CVE-2012-5089
                   CVE-2012-5071
                   CVE-2012-5069
                   CVE-2012-5085
                   CVE-2012-5079
                   CVE-2012-1531
                   CVE-2012-1532
                   CVE-2012-1533
                   CVE-2012-3143
                   CVE-2012-3159
                   CVE-2012-5083
--

Oracle Java SE version 6 includes the Oracle Java Runtime Environment
and the Oracle Java Software Development Kit.

This update fixes several vulnerabilities in the Oracle Java Runtime
Environment and the Oracle Java Software Development Kit. Further
information about these flaws can be found on the Oracle Java SE Critical
Patch Update Advisory and Oracle Security Alert pages. (CVE-2012-0547,
CVE-2012-1531, CVE-2012-1532, CVE-2012-1533, CVE-2012-3143, CVE-2012-3159,
CVE-2012-3216, CVE-2012-4416, CVE-2012-5068, CVE-2012-5069, CVE-2012-5071,
CVE-2012-5072, CVE-2012-5073, CVE-2012-5075, CVE-2012-5077, CVE-2012-5079,
CVE-2012-5081, CVE-2012-5083, CVE-2012-5084, CVE-2012-5085, CVE-2012-5086,
CVE-2012-5089)

All running instances of Oracle/Sun Java must be restarted for the
update to take effect.
--

SL5
  x86_64
    java-1.6.0-sun-compat-1.6.0.37-3.sl5.jpp.i586.rpm
    java-1.6.0-sun-compat-1.6.0.37-3.sl5.jpp.x86_64.rpm
    jdk-1.6.0_37-fcs.i586.rpm
    jdk-1.6.0_37-fcs.x86_64.rpm
  i386
    java-1.6.0-sun-compat-1.6.0.37-3.sl5.jpp.i586.rpm
    jdk-1.6.0_37-fcs.i586.rpm

Reply via email to