1 |
claire |
74 |
type: security |
2 |
|
|
subject: Updated java-1.7.0-openjdk packages fix multiple security vulnerabilities |
3 |
|
|
CVE: |
4 |
|
|
- CVE-2013-1500 |
5 |
|
|
- CVE-2013-1571 |
6 |
|
|
- CVE-2013-2407 |
7 |
|
|
- CVE-2013-2412 |
8 |
|
|
- CVE-2013-2443 |
9 |
|
|
- CVE-2013-2444 |
10 |
|
|
- CVE-2013-2445 |
11 |
|
|
- CVE-2013-2446 |
12 |
|
|
- CVE-2013-2447 |
13 |
|
|
- CVE-2013-2448 |
14 |
|
|
- CVE-2013-2449 |
15 |
|
|
- CVE-2013-2450 |
16 |
|
|
- CVE-2013-2452 |
17 |
|
|
- CVE-2013-2453 |
18 |
|
|
- CVE-2013-2454 |
19 |
|
|
- CVE-2013-2455 |
20 |
|
|
- CVE-2013-2456 |
21 |
|
|
- CVE-2013-2457 |
22 |
|
|
- CVE-2013-2458 |
23 |
|
|
- CVE-2013-2459 |
24 |
|
|
- CVE-2013-2460 |
25 |
|
|
- CVE-2013-2461 |
26 |
|
|
- CVE-2013-2463 |
27 |
|
|
- CVE-2013-2465 |
28 |
|
|
- CVE-2013-2469 |
29 |
|
|
- CVE-2013-2470 |
30 |
|
|
- CVE-2013-2471 |
31 |
|
|
- CVE-2013-2472 |
32 |
|
|
- CVE-2013-2473 |
33 |
|
|
src: |
34 |
|
|
2: |
35 |
|
|
core: |
36 |
|
|
- java-1.7.0-openjdk-1.7.0.25-2.3.10.1.mga2 |
37 |
|
|
3: |
38 |
|
|
core: |
39 |
|
|
- java-1.7.0-openjdk-1.7.0.25-2.3.10.1.mga3 |
40 |
|
|
- icedtea-web-1.3.2-1.1.mga3 |
41 |
|
|
description: | |
42 |
|
|
Multiple flaws were discovered in the ImagingLib and the image attribute, |
43 |
|
|
channel, layout and raster processing in the 2D component. An untrusted |
44 |
|
|
Java application or applet could possibly use these flaws to trigger Java |
45 |
|
|
Virtual Machine memory corruption (CVE-2013-2470, CVE-2013-2471, |
46 |
|
|
CVE-2013-2472, CVE-2013-2473, CVE-2013-2463, CVE-2013-2465, CVE-2013-2469). |
47 |
|
|
|
48 |
|
|
Integer overflow flaws were found in the way AWT processed certain input. |
49 |
|
|
An attacker could use these flaws to execute arbitrary code with the |
50 |
|
|
privileges of the user running an untrusted Java applet or application |
51 |
|
|
(CVE-2013-2459). |
52 |
|
|
|
53 |
|
|
Multiple improper permission check issues were discovered in the Sound, |
54 |
|
|
JDBC, Libraries, JMX, and Serviceability components in OpenJDK. An |
55 |
|
|
untrusted Java application or applet could use these flaws to bypass Java |
56 |
|
|
sandbox restrictions (CVE-2013-2448, CVE-2013-2454, CVE-2013-2458, |
57 |
|
|
CVE-2013-2457, CVE-2013-2453, CVE-2013-2460). |
58 |
|
|
|
59 |
|
|
Multiple flaws in the Serialization, Networking, Libraries and CORBA |
60 |
|
|
components can be exploited by an untrusted Java application or applet to |
61 |
|
|
gain access to potentially sensitive information (CVE-2013-2456, |
62 |
|
|
CVE-2013-2447, CVE-2013-2455, CVE-2013-2452, CVE-2013-2443, CVE-2013-2446). |
63 |
|
|
|
64 |
|
|
It was discovered that the Hotspot component did not properly handle |
65 |
|
|
out-of-memory errors. An untrusted Java application or applet could |
66 |
|
|
possibly use these flaws to terminate the Java Virtual Machine |
67 |
|
|
(CVE-2013-2445). |
68 |
|
|
|
69 |
|
|
It was discovered that the AWT component did not properly manage certain |
70 |
|
|
resources and that the ObjectStreamClass of the Serialization component |
71 |
|
|
did not properly handle circular references. An untrusted Java application |
72 |
|
|
or applet could possibly use these flaws to cause a denial of service |
73 |
|
|
(CVE-2013-2444, CVE-2013-2450). |
74 |
|
|
|
75 |
|
|
It was discovered that the Libraries component contained certain errors |
76 |
|
|
related to XML security and the class loader. A remote attacker could |
77 |
|
|
possibly exploit these flaws to bypass intended security mechanisms or |
78 |
|
|
disclose potentially sensitive information and cause a denial of service |
79 |
|
|
(CVE-2013-2407, CVE-2013-2461). |
80 |
|
|
|
81 |
|
|
It was discovered that JConsole did not properly inform the user when |
82 |
|
|
establishing an SSL connection failed. An attacker could exploit this flaw |
83 |
|
|
to gain access to potentially sensitive information (CVE-2013-2412). |
84 |
|
|
|
85 |
|
|
It was discovered that GnomeFileTypeDetector did not check for read |
86 |
|
|
permissions when accessing files. An untrusted Java application or applet |
87 |
|
|
could possibly use this flaw to disclose potentially sensitive information |
88 |
|
|
(CVE-2013-2449). |
89 |
|
|
|
90 |
|
|
It was found that documentation generated by Javadoc was vulnerable to a |
91 |
|
|
frame injection attack. If such documentation was accessible over a |
92 |
|
|
network, and a remote attacker could trick a user into visiting a |
93 |
|
|
specially-crafted URL, it would lead to arbitrary web content being |
94 |
|
|
displayed next to the documentation. This could be used to perform a |
95 |
|
|
phishing attack by providing frame content that spoofed a login form on |
96 |
|
|
the site hosting the vulnerable documentation (CVE-2013-1571). |
97 |
|
|
|
98 |
|
|
It was discovered that the 2D component created shared memory segments with |
99 |
|
|
insecure permissions. A local attacker could use this flaw to read or write |
100 |
|
|
to the shared memory segment (CVE-2013-1500). |
101 |
|
|
|
102 |
|
|
Additionally, this OpenJDK update causes icedtea-web, the Java browser |
103 |
|
|
plugin, to crash, so icedtea-web has been patched to fix this on Mageia 3. |
104 |
|
|
|
105 |
|
|
Note that on Mageia 2, icedtea-web uses java-1.6.0-openjdk, which has not |
106 |
|
|
yet been updated to fix these security issues. An ETA for that update is |
107 |
|
|
not known at this time. |
108 |
|
|
references: |
109 |
|
|
- http://www.oracle.com/technetwork/topics/security/javacpujun2013-1899847.html |
110 |
|
|
- https://rhn.redhat.com/errata/RHSA-2013-0957.html |
111 |
|
|
- https://rhn.redhat.com/errata/RHBA-2013-0959.html |
112 |
|
|
- https://bugs.mageia.org/show_bug.cgi?id=10564 |
113 |
boklm |
97 |
ID: MGASA-2013-0185 |