On the errata list Tue, 4 Sep 2012, Pat Riehecky wrote:

> Synopsis:          Critical: java-1.6.0-openjdk security update
> Issue Date:        2012-09-03
> CVE Numbers:       CVE-2012-1682
>                   CVE-2012-0547

> SL6
>  x86_64
>    java-1.6.0-openjdk-1.6.0.0-1.49.1.11.4.el6_3.x86_64.rpm
>    java-1.6.0-openjdk-demo-1.6.0.0-1.49.1.11.4.el6_3.x86_64.rpm
>    java-1.6.0-openjdk-devel-1.6.0.0-1.49.1.11.4.el6_3.x86_64.rpm
>    java-1.6.0-openjdk-javadoc-1.6.0.0-1.49.1.11.4.el6_3.x86_64.rpm
>    java-1.6.0-openjdk-src-1.6.0.0-1.49.1.11.4.el6_3.x86_64.rpm
>  i386
>    java-1.6.0-openjdk-1.6.0.0-1.49.1.11.4.el6_3.i686.rpm
>    java-1.6.0-openjdk-demo-1.6.0.0-1.49.1.11.4.el6_3.i686.rpm
>    java-1.6.0-openjdk-devel-1.6.0.0-1.49.1.11.4.el6_3.i686.rpm
>    java-1.6.0-openjdk-javadoc-1.6.0.0-1.49.1.11.4.el6_3.i686.rpm
>    java-1.6.0-openjdk-src-1.6.0.0-1.49.1.11.4.el6_3.i686.rpm

I've come across some 64bit SL6 machines with 32 bit 
firefox and java-1.6.0-openjdk installed.
On these machines yum wont update the x86_64 since that
would create a multilib conflict:
Error: Protected multilib versions: 
1:java-1.6.0-openjdk-1.6.0.0-1.49.1.11.4.el6_3.x86_64 != 
1:java-1.6.0-openjdk-1.6.0.0-1.48.1.11.3.el6_2.i686

Should the SL6 x86_64 repo not also include the i686 java
(probably both java-1.6.0-openjdk* *and* java-1.7.0-openjdk*)?

-- 
Dr. Andrew C. Aitchison		Computer Officer, DPMMS, Cambridge
[log in to unmask]	http://www.dpmms.cam.ac.uk/~werdna