Unfortunately, I do not know.
Pat
On 02/05/2013 11:13 AM, Robert Blair wrote:
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Are the open source versions subject to similar issues? I see the
openjdk.org site has recent security updates but there don't seem to be
corresponding updates to TUV rpm's.
Thanks,
Bob Blair
On 02/05/2013 11:07 AM, Pat Riehecky wrote:
Security packages for Java posted for testing at
ftp://ftp.scientificlinux.org/linux/scientific/5rolling/testing/i386/
ftp://ftp.scientificlinux.org/linux/scientific/5rolling/testing/x86_64/
Next week these packages will be officially released. This delay is to
allow you time to test and verify your production applications will run
as expected once this security update is applied.
If you do not want this security update please consult your site's
local security policy to determine how you should proceed. Scientific
Linux will automatically feature this update next week.
As a reminder, the closed source Java6 packages are not present in
Scientific Linux 5.9. Public updates to the closed source package
are being discontinued by upstream. Scientific Linux 6 has never
included the closed source Java packages.
http://www.oracle.com/technetwork/java/eol-135779.html
The update advisory is posted below:
Synopsis: Critical: jdk-1.6.0 security update
Issue Date: 2013-02-01
CVE Numbers: CVE-2012-1541 CVE-2012-3213 CVE-2012-3342
CVE-2013-0351 CVE-2013-0409 CVE-2013-0419
CVE-2013-0423 CVE-2013-0424 CVE-2013-0425
CVE-2013-0426 CVE-2013-0427 CVE-2013-0428
CVE-2013-0429 CVE-2013-0430 CVE-2013-0432
CVE-2013-0433 CVE-2013-0434 CVE-2013-0435
CVE-2013-0438 CVE-2013-0440 CVE-2013-0441
CVE-2013-0442 CVE-2013-0443 CVE-2013-0445
CVE-2013-0446 CVE-2013-0450 CVE-2013-1473
CVE-2013-1475 CVE-2013-1476 CVE-2013-1478
CVE-2013-1480 CVE-2013-1481
This update fixes several vulnerabilities in the Oracle Java Runtime
Environment and the Oracle Java Software Development Kit. Further
information about these flaws can be found on the Oracle Java SE
Critical Patch Update Advisory page
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.14 (GNU/Linux)
iQEcBAEBAgAGBQJRET2mAAoJEPQM1KNWz8QashMIAK6s9yqG/tSzvcIAUj21SVQp
BWLW3Bqtc503H6W6uXz+BBgr2b/ov3UOxWnSkCAUcHoKUKG+r4Z8K+PA2m5dl9z+
ghD88CR5+qxPPoskYkm04mBNSCc9NHastz5AzfDPpzRLUT5TCC3PvCB9Ha8za9In
Jb6csORr7yZEhMKstTDld3m0S9GKkFksyyMIzDnn6EpDrVyQlYjZmylE2r4Nouen
g9AWOoj82rPUHvh9LTBi/LSm1PUxgVHnOJ5a/rh/GdqXFu6iXD0XkkFgyxPTaRnO
hjetVaWGlpqaciZKI18W3uPVLTTGeNWo+0dAMwLG3lnrCAKdyW3j4fKLuoRzbXU=
=Hd71
-----END PGP SIGNATURE-----
--
Pat Riehecky
Scientific Linux Developer
