LISTSERV - SCIENTIFIC-LINUX-USERS Archives

SCIENTIFIC-LINUX-USERS Archives

October 2011

SCIENTIFIC-LINUX-USERS@LISTSERV.FNAL.GOV

	LISTSERV Archives
	SCIENTIFIC-LINUX-USERS Home
	SCIENTIFIC-LINUX-USERS October 2011

	Log In
	Register

	Subscribe or Unsubscribe

	Search Archives

Options:	Use Monospaced Font Show Text Part by Default Show All Mail Headers
Message:	[<< First] [< Prev] [Next >] [Last >>]
Topic:	[<< First] [< Prev] [Next >] [Last >>]
Author:	[<< First] [< Prev] [Next >] [Last >>]

Subject:	Security packages for Java posted for testing (SL 4 and SL5)
From:	Pat Riehecky <[log in to unmask]>
Reply To:	Pat Riehecky <[log in to unmask]>
Date:	Mon, 24 Oct 2011 13:18:06 -0500
Content-Type:	text/plain
Parts/Attachments:	text/plain (65 lines)

Security packages for Java posted for testing at

ftp://ftp.scientificlinux.org/linux/scientific/40rolling/testing/i386/RPMS/
ftp://ftp.scientificlinux.org/linux/scientific/40rolling/testing/x86_64/RPMS/
ftp://ftp.scientificlinux.org/linux/scientific/5rolling/testing/i386/
ftp://ftp.scientificlinux.org/linux/scientific/5rolling/testing/x86_64/

Next week these packages will be officially released.  This delay is to 
allow you time to test and verify your production applications will run 
as expected once this security update is applied.

If you do not want this security update please consult your site's local 
security policy to determine how you should proceed.  Scientific Linux 
will automatically feature this update next week.




The update advisory is posted below:

Synopsis:    Critical: java-1.6.0-sun security update
Issue Date:  2011-10-19
CVE Numbers: CVE-2011-3389
              CVE-2011-3560
              CVE-2011-3547
              CVE-2011-3551
              CVE-2011-3552
              CVE-2011-3544
              CVE-2011-3521
              CVE-2011-3554
              CVE-2011-3556
              CVE-2011-3557
              CVE-2011-3548
              CVE-2011-3553
              CVE-2011-3558
              CVE-2011-3545
              CVE-2011-3549
              CVE-2011-3550
              CVE-2011-3516
              CVE-2011-3546
              CVE-2011-3555
              CVE-2011-3561


The Sun 1.6.0 Java release includes the Sun Java 6 Runtime Environment and
the Sun Java 6 Software Development Kit.

This update fixes several vulnerabilities in the Sun Java 6 Runtime
Environment and the Sun Java 6 Software Development Kit. Further
information about these flaws can be found on the Oracle Java SE Critical
Patch page, listed in the References section. (CVE-2011-3389,
CVE-2011-3516, CVE-2011-3521, CVE-2011-3544, CVE-2011-3545, CVE-2011-3546,
CVE-2011-3547, CVE-2011-3548, CVE-2011-3549, CVE-2011-3550, CVE-2011-3551,
CVE-2011-3552, CVE-2011-3553, CVE-2011-3554, CVE-2011-3555, CVE-2011-3556,
CVE-2011-3557, CVE-2011-3558, CVE-2011-3560, CVE-2011-3561)

All users of java-1.6.0-sun are advised to upgrade to these updated
packages, which provide JDK and JRE 6 Update 29 and resolve these issues.
All running instances of Sun Java must be restarted for the update to take
effect.

-- 
Pat Riehecky
Scientific Linux Developer

ATOM RSS1 RSS2

LISTSERV.FNAL.GOV