Synopsis:	Moderate: java-1.6.0-openjdk security update
Issue date:	2011-02-10
CVE Names:	CVE-2010-4476

A denial of service flaw was found in the way certain strings were
converted to Double objects. A remote attacker could use this flaw to 
cause Java-based applications to hang, for instance if they parse Double 
values in a specially-crafted HTTP request. (CVE-2010-4476)

All running instances of OpenJDK Java must be restarted for the update 
to take effect.

SL 6.x

      SRPMS:
java-1.6.0-openjdk-1.6.0.0-1.36.b17.el6_0.src.rpm
      i386:
java-1.6.0-openjdk-1.6.0.0-1.36.b17.el6_0.i686.rpm
java-1.6.0-openjdk-demo-1.6.0.0-1.36.b17.el6_0.i686.rpm
java-1.6.0-openjdk-devel-1.6.0.0-1.36.b17.el6_0.i686.rpm
java-1.6.0-openjdk-javadoc-1.6.0.0-1.36.b17.el6_0.i686.rpm
java-1.6.0-openjdk-src-1.6.0.0-1.36.b17.el6_0.i686.rpm
      x86_64:
java-1.6.0-openjdk-1.6.0.0-1.36.b17.el6_0.x86_64.rpm
java-1.6.0-openjdk-demo-1.6.0.0-1.36.b17.el6_0.x86_64.rpm
java-1.6.0-openjdk-devel-1.6.0.0-1.36.b17.el6_0.x86_64.rpm
java-1.6.0-openjdk-javadoc-1.6.0.0-1.36.b17.el6_0.x86_64.rpm
java-1.6.0-openjdk-src-1.6.0.0-1.36.b17.el6_0.x86_64.rpm

-Connie Sieh
-Troy Dawson