Security packages for Java posted for testing at
ftp://ftp.scientificlinux.org/linux/scientific/40rolling/testing/i386/RPMS/
ftp://ftp.scientificlinux.org/linux/scientific/40rolling/testing/x86_64/RPMS/
ftp://ftp.scientificlinux.org/linux/scientific/5rolling/testing/i386/
ftp://ftp.scientificlinux.org/linux/scientific/5rolling/testing/x86_64/
Next week these packages will be officially released. This delay is to
allow you time to test and verify your production applications will run
as expected once this security update is applied.
If you do not want this security update please consult your site's local
security policy to determine how you should proceed. Scientific Linux
will automatically feature this update next week.
The update advisory is posted below:
Synopsis: Critical: java-1.6.0-sun security update
Issue Date: 2011-10-19
CVE Numbers: CVE-2011-3389
CVE-2011-3560
CVE-2011-3547
CVE-2011-3551
CVE-2011-3552
CVE-2011-3544
CVE-2011-3521
CVE-2011-3554
CVE-2011-3556
CVE-2011-3557
CVE-2011-3548
CVE-2011-3553
CVE-2011-3558
CVE-2011-3545
CVE-2011-3549
CVE-2011-3550
CVE-2011-3516
CVE-2011-3546
CVE-2011-3555
CVE-2011-3561
The Sun 1.6.0 Java release includes the Sun Java 6 Runtime Environment and
the Sun Java 6 Software Development Kit.
This update fixes several vulnerabilities in the Sun Java 6 Runtime
Environment and the Sun Java 6 Software Development Kit. Further
information about these flaws can be found on the Oracle Java SE Critical
Patch page, listed in the References section. (CVE-2011-3389,
CVE-2011-3516, CVE-2011-3521, CVE-2011-3544, CVE-2011-3545, CVE-2011-3546,
CVE-2011-3547, CVE-2011-3548, CVE-2011-3549, CVE-2011-3550, CVE-2011-3551,
CVE-2011-3552, CVE-2011-3553, CVE-2011-3554, CVE-2011-3555, CVE-2011-3556,
CVE-2011-3557, CVE-2011-3558, CVE-2011-3560, CVE-2011-3561)
All users of java-1.6.0-sun are advised to upgrade to these updated
packages, which provide JDK and JRE 6 Update 29 and resolve these issues.
All running instances of Sun Java must be restarted for the update to take
effect.
--
Pat Riehecky
Scientific Linux Developer
|