Synopsis: Important: java-1.7.0-openjdk security update Issue Date: 2013-01-16 CVE Numbers: CVE-2013-0422 CVE-2012-3174 -- Two improper permission check issues were discovered in the reflection API in OpenJDK. An untrusted Java application or applet could use these flaws to bypass Java sandbox restrictions. (CVE-2012-3174, CVE-2013-0422) This erratum also upgrades the OpenJDK package to IcedTea7 2.3.4. All running instances of OpenJDK Java must be restarted for the update to take effect. -- SL5 x86_64 java-1.7.0-openjdk-1.7.0.9-2.3.4.el5_9.1.x86_64.rpm java-1.7.0-openjdk-debuginfo-1.7.0.9-2.3.4.el5_9.1.x86_64.rpm java-1.7.0-openjdk-demo-1.7.0.9-2.3.4.el5_9.1.x86_64.rpm java-1.7.0-openjdk-devel-1.7.0.9-2.3.4.el5_9.1.x86_64.rpm java-1.7.0-openjdk-javadoc-1.7.0.9-2.3.4.el5_9.1.x86_64.rpm java-1.7.0-openjdk-src-1.7.0.9-2.3.4.el5_9.1.x86_64.rpm i386 java-1.7.0-openjdk-1.7.0.9-2.3.4.el5_9.1.i386.rpm java-1.7.0-openjdk-debuginfo-1.7.0.9-2.3.4.el5_9.1.i386.rpm java-1.7.0-openjdk-demo-1.7.0.9-2.3.4.el5_9.1.i386.rpm java-1.7.0-openjdk-devel-1.7.0.9-2.3.4.el5_9.1.i386.rpm java-1.7.0-openjdk-javadoc-1.7.0.9-2.3.4.el5_9.1.i386.rpm java-1.7.0-openjdk-src-1.7.0.9-2.3.4.el5_9.1.i386.rpm SL6 x86_64 java-1.7.0-openjdk-1.7.0.9-2.3.4.1.el6_3.x86_64.rpm java-1.7.0-openjdk-debuginfo-1.7.0.9-2.3.4.1.el6_3.x86_64.rpm java-1.7.0-openjdk-demo-1.7.0.9-2.3.4.1.el6_3.x86_64.rpm java-1.7.0-openjdk-devel-1.7.0.9-2.3.4.1.el6_3.x86_64.rpm java-1.7.0-openjdk-src-1.7.0.9-2.3.4.1.el6_3.x86_64.rpm i386 java-1.7.0-openjdk-1.7.0.9-2.3.4.1.el6_3.i686.rpm java-1.7.0-openjdk-debuginfo-1.7.0.9-2.3.4.1.el6_3.i686.rpm java-1.7.0-openjdk-demo-1.7.0.9-2.3.4.1.el6_3.i686.rpm java-1.7.0-openjdk-devel-1.7.0.9-2.3.4.1.el6_3.i686.rpm java-1.7.0-openjdk-src-1.7.0.9-2.3.4.1.el6_3.i686.rpm noarch java-1.7.0-openjdk-javadoc-1.7.0.9-2.3.4.1.el6_3.noarch.rpm - Scientific Linux Development Team