[USN-1079-3] OpenJDK 6 vulnerabilities

Steve Beattie sbeattie at ubuntu.com
Thu Mar 17 19:39:18 UTC 2011


===========================================================
Ubuntu Security Notice USN-1079-3            March 17, 2011
openjdk-6b18 vulnerabilities
CVE-2010-4448, CVE-2010-4450, CVE-2010-4465, CVE-2010-4469,
CVE-2010-4470, CVE-2010-4471, CVE-2010-4472, CVE-2010-4476,
CVE-2011-0706
===========================================================

A security issue affects the following Ubuntu releases:

Ubuntu 10.10

This advisory also applies to the corresponding versions of
Kubuntu, Edubuntu, and Xubuntu.

The problem can be corrected by upgrading your system to the
following package versions:

Ubuntu 10.10:
  icedtea6-plugin                 6b18-1.8.7-0ubuntu2.1
  openjdk-6-jre                   6b18-1.8.7-0ubuntu2.1
  openjdk-6-jre-headless          6b18-1.8.7-0ubuntu2.1

After a standard system update you need to restart any Java services,
applications or applets to make all the necessary changes.

Details follow:

USN-1079-2 fixed vulnerabilities in OpenJDK 6 for armel (ARM)
architectures in Ubuntu 9.10 and Ubuntu 10.04 LTS. This update fixes
vulnerabilities in OpenJDK 6 for armel (ARM) architectures for Ubuntu
10.10.

Original advisory details:

 It was discovered that untrusted Java applets could create domain
 name resolution cache entries, allowing an attacker to manipulate
 name resolution within the JVM. (CVE-2010-4448)
 
 It was discovered that the Java launcher did not did not properly
 setup the LD_LIBRARY_PATH environment variable. A local attacker
 could exploit this to execute arbitrary code as the user invoking
 the program. (CVE-2010-4450)
 
 It was discovered that within the Swing library, forged timer events
 could allow bypass of SecurityManager checks. This could allow an
 attacker to access restricted resources. (CVE-2010-4465)
 
 It was discovered that certain bytecode combinations confused memory
 management within the HotSpot JVM. This could allow an attacker to
 cause a denial of service through an application crash or possibly
 inject code. (CVE-2010-4469)
 
 It was discovered that the way JAXP components were handled
 allowed them to be manipulated by untrusted applets. An attacker
 could use this to bypass XML processing restrictions and elevate
 privileges. (CVE-2010-4470)
 
 It was discovered that the Java2D subcomponent, when processing broken
 CFF fonts could leak system properties. (CVE-2010-4471)
 
 It was discovered that a flaw in the XML Digital Signature
 component could allow an attacker to cause untrusted code to
 replace the XML Digital Signature Transform or C14N algorithm
 implementations. (CVE-2010-4472)
 
 Konstantin Preißer and others discovered that specific double literals
 were improperly handled, allowing a remote attacker to cause a denial
 of service. (CVE-2010-4476)
 
 It was discovered that the JNLPClassLoader class when handling multiple
 signatures allowed remote attackers to gain privileges due to the
 assignment of an inappropriate security descriptor. (CVE-2011-0706)


Updated packages for Ubuntu 10.10:

  Source archives:

    http://security.ubuntu.com/ubuntu/pool/main/o/openjdk-6b18/openjdk-6b18_6b18-1.8.7-0ubuntu2.1.diff.gz
      Size/MD5:   149561 b35ae7a82db49282379d36e7ece58484
    http://security.ubuntu.com/ubuntu/pool/main/o/openjdk-6b18/openjdk-6b18_6b18-1.8.7-0ubuntu2.1.dsc
      Size/MD5:     3015 04cb459aeaab6c228e722caf07a44de9
    http://security.ubuntu.com/ubuntu/pool/main/o/openjdk-6b18/openjdk-6b18_6b18-1.8.7.orig.tar.gz
      Size/MD5: 71430490 b2811b2e53cd9abaad6959d33fe10d19

  armel architecture (ARM Architecture):

    http://ports.ubuntu.com/pool/main/o/openjdk-6b18/icedtea-6-jre-cacao_6b18-1.8.7-0ubuntu2.1_armel.deb
      Size/MD5:   377802 d4439da20492eafbccb33e2fe979e8c9
    http://ports.ubuntu.com/pool/main/o/openjdk-6b18/icedtea6-plugin_6b18-1.8.7-0ubuntu2.1_armel.deb
      Size/MD5:    78338 7bdf93e00fd81dc82fd0d9a8b4e905c7
    http://ports.ubuntu.com/pool/main/o/openjdk-6b18/openjdk-6-dbg_6b18-1.8.7-0ubuntu2.1_armel.deb
      Size/MD5: 85497146 1512e0d6563dd5120729cf5b993c618c
    http://ports.ubuntu.com/pool/main/o/openjdk-6b18/openjdk-6-demo_6b18-1.8.7-0ubuntu2.1_armel.deb
      Size/MD5:  1545620 544c54891d44bdac534c81318a7f2bcb
    http://ports.ubuntu.com/pool/main/o/openjdk-6b18/openjdk-6-jdk_6b18-1.8.7-0ubuntu2.1_armel.deb
      Size/MD5:  9140042 0a2d6ed937081800baeb6fc55326a754
    http://ports.ubuntu.com/pool/main/o/openjdk-6b18/openjdk-6-jre-headless_6b18-1.8.7-0ubuntu2.1_armel.deb
      Size/MD5: 30092886 4cc5ad7c54638278e55ee7d2acaab413
    http://ports.ubuntu.com/pool/main/o/openjdk-6b18/openjdk-6-jre_6b18-1.8.7-0ubuntu2.1_armel.deb
      Size/MD5:   266102 4278c2c06387cf883325356efda3c4d4
    http://ports.ubuntu.com/pool/universe/o/openjdk-6b18/openjdk-6-jre-zero_6b18-1.8.7-0ubuntu2.1_armel.deb
      Size/MD5:  1959296 6becfb4d5a2ecbe7aee622b84df57f12


-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 836 bytes
Desc: Digital signature
URL: <https://lists.ubuntu.com/archives/ubuntu-security-announce/attachments/20110317/fab229ff/attachment.sig>


More information about the ubuntu-security-announce mailing list