Synopsis:	Moderate: java-1.6.0-openjdk security update
Issue date:	2011-02-10
CVE Names:	CVE-2010-4476


A denial of service flaw was found in the way certain strings were
converted to Double objects. A remote attacker could use this flaw to 
cause Java-based applications to hang, for instance if they parse Double 
values in a specially-crafted HTTP request. (CVE-2010-4476)

All running instances of OpenJDK Java must be restarted for the update 
to take effect.

SL 5.x

     SRPMS:
java-1.6.0-openjdk-1.6.0.0-1.18.b17.el5.src.rpm
     i386:
java-1.6.0-openjdk-1.6.0.0-1.18.b17.el5.i386.rpm
java-1.6.0-openjdk-demo-1.6.0.0-1.18.b17.el5.i386.rpm
java-1.6.0-openjdk-devel-1.6.0.0-1.18.b17.el5.i386.rpm
java-1.6.0-openjdk-javadoc-1.6.0.0-1.18.b17.el5.i386.rpm
java-1.6.0-openjdk-src-1.6.0.0-1.18.b17.el5.i386.rpm
     x86_64:
java-1.6.0-openjdk-1.6.0.0-1.18.b17.el5.x86_64.rpm
java-1.6.0-openjdk-demo-1.6.0.0-1.18.b17.el5.x86_64.rpm
java-1.6.0-openjdk-devel-1.6.0.0-1.18.b17.el5.x86_64.rpm
java-1.6.0-openjdk-javadoc-1.6.0.0-1.18.b17.el5.x86_64.rpm
java-1.6.0-openjdk-src-1.6.0.0-1.18.b17.el5.x86_64.rpm

-Connie Sieh
-Troy Dawson