Synopsis: Moderate: java-1.6.0-openjdk security update Issue date: 2011-02-10 CVE Names: CVE-2010-4476 A denial of service flaw was found in the way certain strings were converted to Double objects. A remote attacker could use this flaw to cause Java-based applications to hang, for instance if they parse Double values in a specially-crafted HTTP request. (CVE-2010-4476) All running instances of OpenJDK Java must be restarted for the update to take effect. SL 6.x SRPMS: java-1.6.0-openjdk-1.6.0.0-1.36.b17.el6_0.src.rpm i386: java-1.6.0-openjdk-1.6.0.0-1.36.b17.el6_0.i686.rpm java-1.6.0-openjdk-demo-1.6.0.0-1.36.b17.el6_0.i686.rpm java-1.6.0-openjdk-devel-1.6.0.0-1.36.b17.el6_0.i686.rpm java-1.6.0-openjdk-javadoc-1.6.0.0-1.36.b17.el6_0.i686.rpm java-1.6.0-openjdk-src-1.6.0.0-1.36.b17.el6_0.i686.rpm x86_64: java-1.6.0-openjdk-1.6.0.0-1.36.b17.el6_0.x86_64.rpm java-1.6.0-openjdk-demo-1.6.0.0-1.36.b17.el6_0.x86_64.rpm java-1.6.0-openjdk-devel-1.6.0.0-1.36.b17.el6_0.x86_64.rpm java-1.6.0-openjdk-javadoc-1.6.0.0-1.36.b17.el6_0.x86_64.rpm java-1.6.0-openjdk-src-1.6.0.0-1.36.b17.el6_0.x86_64.rpm -Connie Sieh -Troy Dawson