Security packages for Java posted for testing at ftp://ftp.scientificlinux.org/linux/scientific/5rolling/testing/i386/ ftp://ftp.scientificlinux.org/linux/scientific/5rolling/testing/x86_64/
Next week these packages will be officially released. This delay is to allow you time to test and verify your production applications will run as expected once this security update is applied. If you do not want this security update please consult your site's local security policy to determine how you should proceed. Scientific Linux will automatically feature this update next week. As a reminder, the closed source Java6 packages are not present in Scientific Linux 5.9. Public updates to the closed source package are being discontinued by upstream. Scientific Linux 6 has never included the closed source Java packages. http://www.oracle.com/technetwork/java/eol-135779.html The update advisory is posted below: Synopsis: Critical: jdk-1.6.0 security update Issue Date: 2013-02-01 CVE Numbers: CVE-2012-1541 CVE-2012-3213 CVE-2012-3342 CVE-2013-0351 CVE-2013-0409 CVE-2013-0419 CVE-2013-0423 CVE-2013-0424 CVE-2013-0425 CVE-2013-0426 CVE-2013-0427 CVE-2013-0428 CVE-2013-0429 CVE-2013-0430 CVE-2013-0432 CVE-2013-0433 CVE-2013-0434 CVE-2013-0435 CVE-2013-0438 CVE-2013-0440 CVE-2013-0441 CVE-2013-0442 CVE-2013-0443 CVE-2013-0445 CVE-2013-0446 CVE-2013-0450 CVE-2013-1473 CVE-2013-1475 CVE-2013-1476 CVE-2013-1478 CVE-2013-1480 CVE-2013-1481 This update fixes several vulnerabilities in the Oracle Java Runtime Environment and the Oracle Java Software Development Kit. Further information about these flaws can be found on the Oracle Java SE Critical Patch Update Advisory page
