Note: jdk-1.6.0_16-fcs.x86_64.rpm could not be signed. All other rpm's are signed with the usual signature. We are sorry for the inconvenience that this causes. Troy Dawson Troy J Dawson wrote: > Synopsis: Critical: java (jdk 1.6.0) security update > Issue date: 2009-08-24 > CVE Names: CVE-2009-0217 CVE-2009-2475 CVE-2009-2476 > CVE-2009-2625 CVE-2009-2670 CVE-2009-2671 > CVE-2009-2672 CVE-2009-2673 CVE-2009-2674 > CVE-2009-2675 CVE-2009-2676 CVE-2009-2690 > > CVE-2009-0217 xmlsec1, mono, xml-security-c, > xml-security-1.3.0-1jpp.ep1.*: XMLDsig HMAC-based signatures spoofing > and authentication bypass > CVE-2009-2670 OpenJDK Untrusted applet System properties access (6738524) > CVE-2009-2671 CVE-2009-2672 OpenJDK Proxy mechanism information leaks > (6801071) > CVE-2009-2673 OpenJDK proxy mechanism allows non-authorized socket > connections (6801497) > CVE-2009-2674 Java Web Start Buffer JPEG processing integer overflow > (6823373) > CVE-2009-2675 Java Web Start Buffer unpack200 processing integer > overflow (6830335) > CVE-2009-2625 OpenJDK XML parsing Denial-Of-Service (6845701) > CVE-2009-2475 OpenJDK information leaks in mutable variables > (6588003,6656586,6656610,6656625,6657133,6657619,6657625,6657695,6660049,6660539,6813167) > CVE-2009-2476 OpenJDK OpenType checks can be bypassed (6736293) > CVE-2009-2690 OpenJDK private variable information disclosure (6777487) > CVE-2009-2676 JRE applet launcher vulnerability > > All running instances of Sun Java must be restarted for the update to > take effect. > > > SL 4.x > > SRPMS: > java-1.6.0-sun-compat-1.6.0.16-1.sl4.jpp.src.rpm > i386: > java-1.6.0-sun-compat-1.6.0.16-1.sl4.jpp.i586.rpm > jdk-1.6.0_16-fcs.i586.rpm > x86_64: > java-1.6.0-sun-compat-1.6.0.16-1.sl4.jpp.i586.rpm > jdk-1.6.0_16-fcs.i586.rpm > > SL 5.x > > SRPMS: > java-1.6.0-sun-compat-1.6.0.16-1.sl5.jpp.src.rpm > i386: > java-1.6.0-sun-compat-1.6.0.16-1.sl5.jpp.i586.rpm > jdk-1.6.0_16-fcs.i586.rpm > x86_64: > java-1.6.0-sun-compat-1.6.0.16-1.sl5.jpp.i586.rpm > java-1.6.0-sun-compat-1.6.0.16-1.sl5.jpp.x86_64.rpm > jdk-1.6.0_16-fcs.i586.rpm > jdk-1.6.0_16-fcs.x86_64.rpm > > -Connie Sieh > -Troy Dawson > > > > -- __________________________________________________ Troy Dawson [log in to unmask] (630)840-6468 Fermilab ComputingDivision/LCSI/CSI LMSS Group __________________________________________________