Security packages for Java posted for testing at
ftp://ftp.scientificlinux.org/linux/scientific/5rolling/testing/i386/
ftp://ftp.scientificlinux.org/linux/scientific/5rolling/testing/x86_64/
Next week these packages will be officially released. This delay is to
allow you time to test and verify your production applications will run
as expected once this security update is applied.
If you do not want this security update please consult your site's
local security policy to determine how you should proceed. Scientific
Linux will automatically feature this update next week.
As a reminder, the openjdk Java environment is available in Scientific
Linux 5. Updates for openjdk are released in a similar manner to other
security updates. Additionally, Scientific Linux 6 does not bundle the
closed source Java environment. So if you are planning to move to
Scientific Linux 6 in the future, you may wish to begin the java
migration to openjdk at this time.
The update advisory is posted below:
Synopsis: Critical: java-1.6.0-sun security update
Issue Date: 2012-10-18
CVE Numbers: CVE-2012-0547
CVE-2012-4416
CVE-2012-3216
CVE-2012-5068
CVE-2012-5077
CVE-2012-5073
CVE-2012-5075
CVE-2012-5072
CVE-2012-5081
CVE-2012-5086
CVE-2012-5084
CVE-2012-5089
CVE-2012-5071
CVE-2012-5069
CVE-2012-5085
CVE-2012-5079
CVE-2012-1531
CVE-2012-1532
CVE-2012-1533
CVE-2012-3143
CVE-2012-3159
CVE-2012-5083
--
Oracle Java SE version 6 includes the Oracle Java Runtime Environment
and the Oracle Java Software Development Kit.
This update fixes several vulnerabilities in the Oracle Java Runtime
Environment and the Oracle Java Software Development Kit. Further
information about these flaws can be found on the Oracle Java SE Critical
Patch Update Advisory and Oracle Security Alert pages. (CVE-2012-0547,
CVE-2012-1531, CVE-2012-1532, CVE-2012-1533, CVE-2012-3143, CVE-2012-3159,
CVE-2012-3216, CVE-2012-4416, CVE-2012-5068, CVE-2012-5069, CVE-2012-5071,
CVE-2012-5072, CVE-2012-5073, CVE-2012-5075, CVE-2012-5077, CVE-2012-5079,
CVE-2012-5081, CVE-2012-5083, CVE-2012-5084, CVE-2012-5085, CVE-2012-5086,
CVE-2012-5089)
All running instances of Oracle/Sun Java must be restarted for the
update to take effect.
--
SL5
x86_64
java-1.6.0-sun-compat-1.6.0.37-3.sl5.jpp.i586.rpm
java-1.6.0-sun-compat-1.6.0.37-3.sl5.jpp.x86_64.rpm
jdk-1.6.0_37-fcs.i586.rpm
jdk-1.6.0_37-fcs.x86_64.rpm
i386
java-1.6.0-sun-compat-1.6.0.37-3.sl5.jpp.i586.rpm
jdk-1.6.0_37-fcs.i586.rpm
|