lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [day] [month] [year] [list]
Message-Id: <E1UPrro-0001d8-SP@titan.mandriva.com>
Date: Wed, 10 Apr 2013 12:03:00 +0200
From: security@...driva.com
To: full-disclosure@...ts.grok.org.uk
Subject: [ MDVSA-2013:095 ] java-1.7.0-openjdk

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

 _______________________________________________________________________

 Mandriva Linux Security Advisory                         MDVSA-2013:095
 http://www.mandriva.com/en/support/security/
 _______________________________________________________________________

 Package : java-1.7.0-openjdk
 Date    : April 10, 2013
 Affected: Business Server 1.0
 _______________________________________________________________________

 Problem Description:

 Updated java-1.7.0-openjdk packages fix security vulnerabilities:
 
 Two improper permission check issues were discovered in the reflection
 API in OpenJDK. An untrusted Java application or applet could use
 these flaws to bypass Java sandbox restrictions (CVE-2012-3174,
 CVE-2013-0422).
 
 Multiple improper permission check issues were discovered in the AWT,
 CORBA, JMX, Libraries, and Beans components in OpenJDK. An untrusted
 Java application or applet could use these flaws to bypass Java
 sandbox restrictions (CVE-2013-0442, CVE-2013-0445, CVE-2013-0441,
 CVE-2013-1475, CVE-2013-1476, CVE-2013-0429, CVE-2013-0450,
 CVE-2013-0425, CVE-2013-0426, CVE-2013-0428, CVE-2013-0444).
 
 Multiple flaws were found in the way image parsers in the 2D and AWT
 components handled image raster parameters. A specially-crafted image
 could cause Java Virtual Machine memory corruption and, possibly,
 lead to arbitrary code execution with the virtual machine privileges
 (CVE-2013-1478, CVE-2013-1480).
 
 A flaw was found in the AWT component&#039;s clipboard handling code. An
 untrusted Java application or applet could use this flaw to access
 clipboard data, bypassing Java sandbox restrictions (CVE-2013-0432).
 
 The default Java security properties configuration did not restrict
 access to certain com.sun.xml.internal packages. An untrusted Java
 application or applet could use this flaw to access information,
 bypassing certain Java sandbox restrictions. This update lists the
 whole package as restricted (CVE-2013-0435).
 
 Multiple improper permission check issues were discovered in the
 JMX, Libraries, Networking, and JAXP components. An untrusted Java
 application or applet could use these flaws to bypass certain Java
 sandbox restrictions (CVE-2013-0431, CVE-2013-0427, CVE-2013-0433,
 CVE-2013-0434).
 
 It was discovered that the RMI component&#039;s CGIHandler class used
 user inputs in error messages without any sanitization. An attacker
 could use this flaw to perform a cross-site scripting (XSS) attack
 (CVE-2013-0424).
 
 It was discovered that the SSL/TLS implementation in the JSSE component
 did not properly enforce handshake message ordering, allowing an
 unlimited number of handshake restarts. A remote attacker could use
 this flaw to make an SSL/TLS server using JSSE consume an excessive
 amount of CPU by continuously restarting the handshake (CVE-2013-0440).
 
 It was discovered that the JSSE component did not properly validate
 Diffie-Hellman public keys. An SSL/TLS client could possibly use this
 flaw to perform a small subgroup attack (CVE-2013-0443).
 
 Multiple improper permission check issues were discovered in the JMX
 and Libraries components in OpenJDK. An untrusted Java application
 or applet could use these flaws to bypass Java sandbox restrictions
 (CVE-2013-1486, CVE-2013-1484).
 
 An improper permission check issue was discovered in the Libraries
 component in OpenJDK. An untrusted Java application or applet could use
 this flaw to bypass certain Java sandbox restrictions (CVE-2013-1485).
 
 It was discovered that OpenJDK leaked timing information when
 decrypting TLS/SSL protocol encrypted records when CBC-mode cipher
 suites were used. A remote attacker could possibly use this flaw to
 retrieve plain text from the encrypted packets by using a TLS/SSL
 server as a padding oracle (CVE-2013-0169).
 
 An integer overflow flaw was found in the way the 2D component
 handled certain sample model instances. A specially-crafted sample
 model instance could cause Java Virtual Machine memory corruption
 and, possibly, lead to arbitrary code execution with virtual machine
 privileges (CVE-2013-0809).
 
 It was discovered that the 2D component did not properly reject certain
 malformed images. Specially-crafted raster parameters could cause Java
 Virtual Machine memory corruption and, possibly, lead to arbitrary
 code execution with virtual machine privileges (CVE-2013-1493).
 _______________________________________________________________________

 References:

 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3174
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0169
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0422
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0424
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0425
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0426
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0427
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0428
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0429
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0431
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0432
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0433
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0434
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0435
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0440
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0441
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0442
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0443
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0444
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0445
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0450
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0809
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1475
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1476
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1478
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1480
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1484
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1485
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1486
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1493
 https://wiki.mageia.org/en/Support/Advisories/MGASA-2013-0018
 https://wiki.mageia.org/en/Support/Advisories/MGASA-2013-0056
 https://wiki.mageia.org/en/Support/Advisories/MGASA-2013-0084
 https://wiki.mageia.org/en/Support/Advisories/MGASA-2013-0088
 _______________________________________________________________________

 Updated Packages:

 Mandriva Business Server 1/X86_64:
 b951d387ee818e0b204cb1a239ac2ae1  mbs1/x86_64/java-1.7.0-openjdk-1.7.0.6-2.3.8.1.1.mbs1.x86_64.rpm
 00676ff0eefe12d69e0b93ee4f9ac8c4  mbs1/x86_64/java-1.7.0-openjdk-demo-1.7.0.6-2.3.8.1.1.mbs1.x86_64.rpm
 3733ddb46d4ba9fe639d90271c1113c3  mbs1/x86_64/java-1.7.0-openjdk-devel-1.7.0.6-2.3.8.1.1.mbs1.x86_64.rpm
 1d47fd14d7fe3a20d81c5cf808e75fe6  mbs1/x86_64/java-1.7.0-openjdk-javadoc-1.7.0.6-2.3.8.1.1.mbs1.noarch.rpm
 baab88a94f04c3c3f0fc322fe2562c9b  mbs1/x86_64/java-1.7.0-openjdk-src-1.7.0.6-2.3.8.1.1.mbs1.x86_64.rpm 
 d019dda16506ffb609ae8ce66a7cda7c  mbs1/SRPMS/java-1.7.0-openjdk-1.7.0.6-2.3.8.1.1.mbs1.src.rpm
 _______________________________________________________________________

 To upgrade automatically use MandrivaUpdate or urpmi.  The verification
 of md5 checksums and GPG signatures is performed automatically for you.

 All packages are signed by Mandriva for security.  You can obtain the
 GPG public key of the Mandriva Security Team by executing:

  gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

 You can view other update advisories for Mandriva Linux at:

  http://www.mandriva.com/en/support/security/advisories/

 If you want to report vulnerabilities, please contact

  security_(at)_mandriva.com
 _______________________________________________________________________

 Type Bits/KeyID     Date       User ID
 pub  1024D/22458A98 2000-07-10 Mandriva Security Team
  <security*mandriva.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)

iD8DBQFRZQ6mmqjQ0CJFipgRArrgAKCPZMbOA1UtXaG4tQd9CKEggT1x/gCfYfXv
8XJUrvALufbbaHuyChk9zik=
=TGuI
-----END PGP SIGNATURE-----

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ