Synopsis: Medium: java (jdk 1.6.0) security update
Issue date: 2009-01-17
CVE Names: CVE-2008-2086
A vulnerability was found in in Java Web Start. If a user visits a
malicious website, an attacker could misuse this flaw to execute
arbitrary code. (CVE-2008-2086)
Additionally, these packages fix several other critical vulnerabilities.
These are summarized in the "Advance notification of Security Updates
for Java SE" from Sun Microsystems.
SL 4.x
SRPMS:
java-1.6.0-sun-compat-1.6.0.12-1.sl4.jpp.src.rpm
i386:
java-1.6.0-sun-compat-1.6.0.12-1.sl4.jpp.i586.rpm
jdk-1.6.0_12-fcs.i586.rpm
x86_64:
java-1.6.0-sun-compat-1.6.0.12-1.sl4.jpp.i586.rpm
jdk-1.6.0_12-fcs.i586.rpm
SL 5.x
SRPMS:
java-1.6.0-sun-compat-1.6.0.12-1.sl5.jpp.src.rpm
i386:
java-1.6.0-sun-compat-1.6.0.12-1.sl5.jpp.i586.rpm
jdk-1.6.0_12-fcs.i586.rpm
x86_64:
java-1.6.0-sun-compat-1.6.0.12-1.sl5.jpp.i586.rpm
java-1.6.0-sun-compat-1.6.0.12-1.sl5.jpp.x86_64.rpm
jdk-1.6.0_12-fcs.i586.rpm
jdk-1.6.0_12-fcs.x86_64.rpm
-Connie Sieh
-Troy Dawson