ID de Prueba:	1.3.6.1.4.1.25623.1.0.123269
Categoría:	Oracle Linux Local Security Checks
Título:	Oracle: Security Advisory (ELSA-2014-1636)
Resumen:	The remote host is missing an update for the 'java-1.8.0-openjdk' package(s) announced via the ELSA-2014-1636 advisory.
Descripción:	Summary: The remote host is missing an update for the 'java-1.8.0-openjdk' package(s) announced via the ELSA-2014-1636 advisory. Vulnerability Insight: [1:1.8.0.25-1.b17] - Update to October CPU patch update. - Resolves: RHBZ#1148896 [1:1.8.0.20-3.b26] - fixed headless (policytool moved to normal) - jre/bin/policytool added to not headless exclude list - updated aarch694 source - ppc64le synced from fedora - Resolves: rhbz#1081073 [1:1.8.0.20-2.b26] - forcing build by itself (jdk8 by jdk8) - Resolves: rhbz#1081073 [1:1.8.0.20-1.b26] - updated to u20-b26 - adapted patch9999 enableArm64.patch - adapted patch100 s390-java-opts.patch - adapted patch102 size_t.patch - removed upstreamed patch 0001-PPC64LE-arch-support-in-openjdk-1.8.patch - adapted system-lcms.patch - removed patch8 set-active-window.patch - removed patch9 javadoc-error-jdk-8029145.patch - removed patch10 javadoc-error-jdk-8037484.patch - removed patch99 applet-hole.patch - itw 1.5.1 is able to ive without it - Resolves: rhbz#1081073 [1:1.8.0.11-19.b12] - fixed desktop icons - Icon set to java-1.8.0 - Development removed from policy tool - Resolves: rhbz#1081073 [1:1.8.0.11-18.b12] - fixed jstack - Resolves: rhbz#1081073 [1:1.8.0.11-15.b12] - fixed provides/obsolates - Resolves: rhbz#1081073 [1:1.8.0.11-14.b12] - mayor rework of specfile - sync with f21 - accessibility kept removed - lua script kept unsync - priority and epoch kept on 0 - not included disable-doclint patch - kept bundled lcms - unused OrderWithRequires - used with-stdcpplib instead of with-stdc++lib - Resolves: rhbz#1081073 [1:1.8.0.11-4.b13] - Added security patches - Resolves: rhbz#1081073 [1:1.8.0.5-6.b13] - Removed accessibility package - removed patch3 java-atk-wrapper-security.patch - removed its files and declaration - removed creation of libatk-wrapper.so and java-atk-wrapper.jar symlinks - removed generation of accessibility.properties - Resolves: rhbz#1113078 [1:1.8.0.5-5.b13] - priority lowered to 00000 - Resolves: rhbz#1081073 [1:1.8.0.5-4.b13] - Initial import from fedora - Used bundled lcms2 - added java-1.8.0-openjdk-disable-system-lcms.patch - --with-lcms changed to bundled - removed build requirement - excluded removal of lcms from remove-intree-libraries.sh - removed --with-extra-cflags='-fno-devirtualize' and --with-extra-cxxflags='-fn o-devirtualize'--- - added patch998, rhel6-built.patch to - fool autotools - replace all ++ chars in autoconfig files by pp - --with-stdc++lib=dynamic replaced by --with-stdcpplib=dynamic - Bumped release - Set epoch to 0 - removed patch6, disable-doclint-by-default.patch - Resolves: rhbz#1081073 Affected Software/OS: 'java-1.8.0-openjdk' package(s) on Oracle Linux 6. Solution: Please install the updated package(s). CVSS Score: 9.3 CVSS Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2014-6457 BugTraq ID: 70538 http://www.securityfocus.com/bid/70538 Debian Security Information: DSA-3077 (Google Search) http://www.debian.org/security/2014/dsa-3077 Debian Security Information: DSA-3080 (Google Search) http://www.debian.org/security/2014/dsa-3080 http://security.gentoo.org/glsa/glsa-201502-12.xml HPdes Security Advisory: HPSBUX03218 http://marc.info/?l=bugtraq&m=141775382904016&w=2 HPdes Security Advisory: SSRT101770 RedHat Security Advisories: RHSA-2014:1620 http://rhn.redhat.com/errata/RHSA-2014-1620.html RedHat Security Advisories: RHSA-2014:1633 http://rhn.redhat.com/errata/RHSA-2014-1633.html RedHat Security Advisories: RHSA-2014:1634 http://rhn.redhat.com/errata/RHSA-2014-1634.html RedHat Security Advisories: RHSA-2014:1636 http://rhn.redhat.com/errata/RHSA-2014-1636.html RedHat Security Advisories: RHSA-2014:1657 http://rhn.redhat.com/errata/RHSA-2014-1657.html RedHat Security Advisories: RHSA-2014:1658 http://rhn.redhat.com/errata/RHSA-2014-1658.html RedHat Security Advisories: RHSA-2014:1876 http://rhn.redhat.com/errata/RHSA-2014-1876.html RedHat Security Advisories: RHSA-2014:1877 http://rhn.redhat.com/errata/RHSA-2014-1877.html RedHat Security Advisories: RHSA-2014:1880 http://rhn.redhat.com/errata/RHSA-2014-1880.html RedHat Security Advisories: RHSA-2014:1881 http://rhn.redhat.com/errata/RHSA-2014-1881.html RedHat Security Advisories: RHSA-2014:1882 http://rhn.redhat.com/errata/RHSA-2014-1882.html RedHat Security Advisories: RHSA-2015:0264 http://rhn.redhat.com/errata/RHSA-2015-0264.html http://secunia.com/advisories/60414 http://secunia.com/advisories/60416 http://secunia.com/advisories/60417 http://secunia.com/advisories/61018 http://secunia.com/advisories/61020 http://secunia.com/advisories/61143 http://secunia.com/advisories/61163 http://secunia.com/advisories/61164 http://secunia.com/advisories/61346 http://secunia.com/advisories/61609 http://secunia.com/advisories/61629 http://secunia.com/advisories/61631 http://secunia.com/advisories/61635 http://secunia.com/advisories/61928 SuSE Security Announcement: SUSE-SU-2014:1422 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2014-11/msg00013.html SuSE Security Announcement: SUSE-SU-2014:1526 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2014-11/msg00021.html SuSE Security Announcement: SUSE-SU-2014:1549 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2014-12/msg00002.html SuSE Security Announcement: SUSE-SU-2015:0344 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00026.html SuSE Security Announcement: SUSE-SU-2015:0345 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00027.html SuSE Security Announcement: SUSE-SU-2015:0376 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00033.html SuSE Security Announcement: SUSE-SU-2015:0392 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00036.html http://www.ubuntu.com/usn/USN-2386-1 http://www.ubuntu.com/usn/USN-2388-1 http://www.ubuntu.com/usn/USN-2388-2 Common Vulnerability Exposure (CVE) ID: CVE-2014-6468 BugTraq ID: 70488 http://www.securityfocus.com/bid/70488 Common Vulnerability Exposure (CVE) ID: CVE-2014-6502 BugTraq ID: 70533 http://www.securityfocus.com/bid/70533 Common Vulnerability Exposure (CVE) ID: CVE-2014-6504 BugTraq ID: 70564 http://www.securityfocus.com/bid/70564 Common Vulnerability Exposure (CVE) ID: CVE-2014-6506 BugTraq ID: 70556 http://www.securityfocus.com/bid/70556 Common Vulnerability Exposure (CVE) ID: CVE-2014-6511 BugTraq ID: 70548 http://www.securityfocus.com/bid/70548 Common Vulnerability Exposure (CVE) ID: CVE-2014-6512 BugTraq ID: 70567 http://www.securityfocus.com/bid/70567 Common Vulnerability Exposure (CVE) ID: CVE-2014-6517 BugTraq ID: 70552 http://www.securityfocus.com/bid/70552 Common Vulnerability Exposure (CVE) ID: CVE-2014-6519 BugTraq ID: 70570 http://www.securityfocus.com/bid/70570 Common Vulnerability Exposure (CVE) ID: CVE-2014-6531 BugTraq ID: 70572 http://www.securityfocus.com/bid/70572 Common Vulnerability Exposure (CVE) ID: CVE-2014-6558 BugTraq ID: 70544 http://www.securityfocus.com/bid/70544 Common Vulnerability Exposure (CVE) ID: CVE-2014-6562 BugTraq ID: 70523 http://www.securityfocus.com/bid/70523
Copyright	Copyright (C) 2015 Greenbone AG

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.