LISTSERV - SCIENTIFIC-LINUX-USERS Archives

SCIENTIFIC-LINUX-USERS Archives

June 2012

SCIENTIFIC-LINUX-USERS@LISTSERV.FNAL.GOV

	LISTSERV Archives
	SCIENTIFIC-LINUX-USERS Home
	SCIENTIFIC-LINUX-USERS June 2012

	Log In
	Register

	Subscribe or Unsubscribe

	Search Archives

Options:	Use Monospaced Font Show Text Part by Default Show All Mail Headers
Message:	[<< First] [< Prev] [Next >] [Last >>]
Topic:	[<< First] [< Prev] [Next >] [Last >>]
Author:	[<< First] [< Prev] [Next >] [Last >>]

Subject:	Security packages for Java posted for testing (SL5)
From:	Pat Riehecky <[log in to unmask]>
Reply To:	Pat Riehecky <[log in to unmask]>
Date:	Wed, 13 Jun 2012 16:04:57 -0500
Content-Type:	text/plain
Parts/Attachments:	text/plain (53 lines)

Security packages for Java posted for testing at

ftp://ftp.scientificlinux.org/linux/scientific/5rolling/testing/i386/
ftp://ftp.scientificlinux.org/linux/scientific/5rolling/testing/x86_64/

Next week these packages will be officially released.  This delay is to
allow you time to test and verify your production applications will run
as expected once this security update is applied.

If you do not want this security update please consult your site's
local security policy to determine how you should proceed.  Scientific
Linux will automatically feature this update next week.

As a reminder, the openjdk Java environment is available in Scientific
Linux 5.  Updates for it are released in a similar manner to other
security updates.  Additionally, Scientific Linux 6 uses it for the
Java environment.  So if you are planning to move to that platform
you can begin that migration on Scientific Linux 5.




The update advisory is posted below:

Synopsis: Critical: java-1.6.0-sun security update
Issue Date: 2012-06-13
CVE Numbers:CVE-2012-0551 CVE-2012-1711 CVE-2012-1713
                    CVE-2012-1716 CVE-2012-1717 CVE-2012-1718
                    CVE-2012-1719 CVE-2012-1721 CVE-2012-1722
                    CVE-2012-1723 CVE-2012-1724 CVE-2012-1725

The Sun 1.6.0 Java release includes the Sun Java 6 Runtime Environment
and the Sun Java 6 Software Development Kit.

This update fixes several vulnerabilities in the Sun Java 6 Runtime
Environment and the Sun Java 6 Software Development Kit. Further
information about these flaws can be found on the Oracle Java SE
Critical Patch page, listed in the References section. (CVE-2012-0551,
CVE-2012-1711, CVE-2012-1713, CVE-2012-1716, CVE-2012-1717,
CVE-2012-1718, CVE-2012-1719, CVE-2012-1721, CVE-2012-1722,
CVE-2012-1723, CVE-2012-1724, CVE-2012-1725)

All users of java-1.6.0-sun are advised to upgrade to these updated
packages, which provide JDK and JRE 6 Update 33 and resolve these
issues.

All running instances of Sun Java must be restarted for the update to
take effect.

-- 
Pat Riehecky
Scientific Linux Developer

ATOM RSS1 RSS2

LISTSERV.FNAL.GOV