SCIENTIFIC-LINUX-USERS Archives

February 2013

SCIENTIFIC-LINUX-USERS@LISTSERV.FNAL.GOV
Options: Use Monospaced Font
Show Text Part by Default
Show All Mail Headers

Message: [<< First] [< Prev] [Next >] [Last >>]
Topic: [<< First] [< Prev] [Next >] [Last >>]
Author: [<< First] [< Prev] [Next >] [Last >>]

Print Reply
Subject:
Posted for testing: security packages for Java (SL5.0 - 5.8)
From:
Pat Riehecky <[log in to unmask]>
Reply To:
Pat Riehecky <[log in to unmask]>
Date:
Thu, 21 Feb 2013 08:22:18 -0600
Content-Type:
text/plain
Parts/Attachments:
text/plain (32 lines) 
Security packages for Java posted for testing at

ftp://ftp.scientificlinux.org/linux/scientific/5rolling/testing/i386/
ftp://ftp.scientificlinux.org/linux/scientific/5rolling/testing/x86_64/

Next week these packages will be officially released.  This delay is to
allow you time to test and verify your production applications will run
as expected once this security update is applied.

If you do not want this security update please consult your site's
local security policy to determine how you should proceed.  Scientific
Linux will automatically feature this update next week.

As a reminder, the closed source Java6 packages are not present in
Scientific Linux 5.9.  Public updates to the closed source package
are being discontinued by upstream.  Scientific Linux 6 has never
included the closed source Java packages.

http://www.oracle.com/technetwork/java/eol-135779.html


The update advisory is posted below:

Synopsis: Critical: jdk-1.6.0 security update
Issue Date: 2013-02-20
CVE Numbers:  CVE-2013-0169 CVE-2013-1486 CVE-2013-1487

This update fixes several vulnerabilities in the Oracle Java Runtime
Environment and the Oracle Java Software Development Kit. Further
information about these flaws can be found on the Oracle Java SE
Critical Patch Update Advisory page

ATOM RSS1 RSS2