Synopsis: Medium: java (jdk 1.6.0) security update Issue date: 2009-01-17 CVE Names: CVE-2008-2086 A vulnerability was found in in Java Web Start. If a user visits a malicious website, an attacker could misuse this flaw to execute arbitrary code. (CVE-2008-2086) Additionally, these packages fix several other critical vulnerabilities. These are summarized in the "Advance notification of Security Updates for Java SE" from Sun Microsystems. SL 4.x SRPMS: java-1.6.0-sun-compat-1.6.0.12-1.sl4.jpp.src.rpm i386: java-1.6.0-sun-compat-1.6.0.12-1.sl4.jpp.i586.rpm jdk-1.6.0_12-fcs.i586.rpm x86_64: java-1.6.0-sun-compat-1.6.0.12-1.sl4.jpp.i586.rpm jdk-1.6.0_12-fcs.i586.rpm SL 5.x SRPMS: java-1.6.0-sun-compat-1.6.0.12-1.sl5.jpp.src.rpm i386: java-1.6.0-sun-compat-1.6.0.12-1.sl5.jpp.i586.rpm jdk-1.6.0_12-fcs.i586.rpm x86_64: java-1.6.0-sun-compat-1.6.0.12-1.sl5.jpp.i586.rpm java-1.6.0-sun-compat-1.6.0.12-1.sl5.jpp.x86_64.rpm jdk-1.6.0_12-fcs.i586.rpm jdk-1.6.0_12-fcs.x86_64.rpm -Connie Sieh -Troy Dawson