1 |
type: security |
2 |
subject: Updated java-1.7.0-openjdk packages fix multiple security vulnerabilities |
3 |
CVE: |
4 |
- CVE-2013-1500 |
5 |
- CVE-2013-1571 |
6 |
- CVE-2013-2407 |
7 |
- CVE-2013-2412 |
8 |
- CVE-2013-2443 |
9 |
- CVE-2013-2444 |
10 |
- CVE-2013-2445 |
11 |
- CVE-2013-2446 |
12 |
- CVE-2013-2447 |
13 |
- CVE-2013-2448 |
14 |
- CVE-2013-2449 |
15 |
- CVE-2013-2450 |
16 |
- CVE-2013-2452 |
17 |
- CVE-2013-2453 |
18 |
- CVE-2013-2454 |
19 |
- CVE-2013-2455 |
20 |
- CVE-2013-2456 |
21 |
- CVE-2013-2457 |
22 |
- CVE-2013-2458 |
23 |
- CVE-2013-2459 |
24 |
- CVE-2013-2460 |
25 |
- CVE-2013-2461 |
26 |
- CVE-2013-2463 |
27 |
- CVE-2013-2465 |
28 |
- CVE-2013-2469 |
29 |
- CVE-2013-2470 |
30 |
- CVE-2013-2471 |
31 |
- CVE-2013-2472 |
32 |
- CVE-2013-2473 |
33 |
src: |
34 |
2: |
35 |
core: |
36 |
- java-1.7.0-openjdk-1.7.0.25-2.3.10.1.mga2 |
37 |
3: |
38 |
core: |
39 |
- java-1.7.0-openjdk-1.7.0.25-2.3.10.1.mga3 |
40 |
- icedtea-web-1.3.2-1.1.mga3 |
41 |
description: | |
42 |
Multiple flaws were discovered in the ImagingLib and the image attribute, |
43 |
channel, layout and raster processing in the 2D component. An untrusted |
44 |
Java application or applet could possibly use these flaws to trigger Java |
45 |
Virtual Machine memory corruption (CVE-2013-2470, CVE-2013-2471, |
46 |
CVE-2013-2472, CVE-2013-2473, CVE-2013-2463, CVE-2013-2465, CVE-2013-2469). |
47 |
|
48 |
Integer overflow flaws were found in the way AWT processed certain input. |
49 |
An attacker could use these flaws to execute arbitrary code with the |
50 |
privileges of the user running an untrusted Java applet or application |
51 |
(CVE-2013-2459). |
52 |
|
53 |
Multiple improper permission check issues were discovered in the Sound, |
54 |
JDBC, Libraries, JMX, and Serviceability components in OpenJDK. An |
55 |
untrusted Java application or applet could use these flaws to bypass Java |
56 |
sandbox restrictions (CVE-2013-2448, CVE-2013-2454, CVE-2013-2458, |
57 |
CVE-2013-2457, CVE-2013-2453, CVE-2013-2460). |
58 |
|
59 |
Multiple flaws in the Serialization, Networking, Libraries and CORBA |
60 |
components can be exploited by an untrusted Java application or applet to |
61 |
gain access to potentially sensitive information (CVE-2013-2456, |
62 |
CVE-2013-2447, CVE-2013-2455, CVE-2013-2452, CVE-2013-2443, CVE-2013-2446). |
63 |
|
64 |
It was discovered that the Hotspot component did not properly handle |
65 |
out-of-memory errors. An untrusted Java application or applet could |
66 |
possibly use these flaws to terminate the Java Virtual Machine |
67 |
(CVE-2013-2445). |
68 |
|
69 |
It was discovered that the AWT component did not properly manage certain |
70 |
resources and that the ObjectStreamClass of the Serialization component |
71 |
did not properly handle circular references. An untrusted Java application |
72 |
or applet could possibly use these flaws to cause a denial of service |
73 |
(CVE-2013-2444, CVE-2013-2450). |
74 |
|
75 |
It was discovered that the Libraries component contained certain errors |
76 |
related to XML security and the class loader. A remote attacker could |
77 |
possibly exploit these flaws to bypass intended security mechanisms or |
78 |
disclose potentially sensitive information and cause a denial of service |
79 |
(CVE-2013-2407, CVE-2013-2461). |
80 |
|
81 |
It was discovered that JConsole did not properly inform the user when |
82 |
establishing an SSL connection failed. An attacker could exploit this flaw |
83 |
to gain access to potentially sensitive information (CVE-2013-2412). |
84 |
|
85 |
It was discovered that GnomeFileTypeDetector did not check for read |
86 |
permissions when accessing files. An untrusted Java application or applet |
87 |
could possibly use this flaw to disclose potentially sensitive information |
88 |
(CVE-2013-2449). |
89 |
|
90 |
It was found that documentation generated by Javadoc was vulnerable to a |
91 |
frame injection attack. If such documentation was accessible over a |
92 |
network, and a remote attacker could trick a user into visiting a |
93 |
specially-crafted URL, it would lead to arbitrary web content being |
94 |
displayed next to the documentation. This could be used to perform a |
95 |
phishing attack by providing frame content that spoofed a login form on |
96 |
the site hosting the vulnerable documentation (CVE-2013-1571). |
97 |
|
98 |
It was discovered that the 2D component created shared memory segments with |
99 |
insecure permissions. A local attacker could use this flaw to read or write |
100 |
to the shared memory segment (CVE-2013-1500). |
101 |
|
102 |
Additionally, this OpenJDK update causes icedtea-web, the Java browser |
103 |
plugin, to crash, so icedtea-web has been patched to fix this on Mageia 3. |
104 |
|
105 |
Note that on Mageia 2, icedtea-web uses java-1.6.0-openjdk, which has not |
106 |
yet been updated to fix these security issues. An ETA for that update is |
107 |
not known at this time. |
108 |
references: |
109 |
- http://www.oracle.com/technetwork/topics/security/javacpujun2013-1899847.html |
110 |
- https://rhn.redhat.com/errata/RHSA-2013-0957.html |
111 |
- https://rhn.redhat.com/errata/RHBA-2013-0959.html |
112 |
- https://bugs.mageia.org/show_bug.cgi?id=10564 |