USN-1079-2: OpenJDK 6 vulnerabilities

15 March 2011

OpenJDK 6 Vulnerabilities (armel packages only)




USN-1079-1 fixed vulnerabilities in OpenJDK 6 for non-armel (ARM)
architectures. This update provides the corresponding updates for
OpenJDK 6 for use with the armel (ARM) architectures.

In order to build the armel (ARM) OpenJDK 6 update for Ubuntu 10.04
LTS, it was necessary to rebuild binutils and gcj-4.4 from Ubuntu
10.04 LTS updates.

Original advisory details:

It was discovered that untrusted Java applets could create domain
name resolution cache entries, allowing an attacker to manipulate
name resolution within the JVM. (CVE-2010-4448)

It was discovered that the Java launcher did not did not properly
setup the LD_LIBRARY_PATH environment variable. A local attacker
could exploit this to execute arbitrary code as the user invoking
the program. (CVE-2010-4450)

It was discovered that within the Swing library, forged timer events
could allow bypass of SecurityManager checks. This could allow an
attacker to access restricted resources. (CVE-2010-4465)

It was discovered that certain bytecode combinations confused memory
management within the HotSpot JVM. This could allow an attacker to
cause a denial of service through an application crash or possibly
inject code. (CVE-2010-4469)

It was discovered that the way JAXP components were handled
allowed them to be manipulated by untrusted applets. An attacker
could use this to bypass XML processing restrictions and elevate
privileges. (CVE-2010-4470)

It was discovered that the Java2D subcomponent, when processing broken
CFF fonts could leak system properties. (CVE-2010-4471)

It was discovered that a flaw in the XML Digital Signature
component could allow an attacker to cause untrusted code to
replace the XML Digital Signature Transform or C14N algorithm
implementations. (CVE-2010-4472)

Konstantin Preisser and others discovered that specific double literals
were improperly handled, allowing a remote attacker to cause a denial
of service. (CVE-2010-4476)

It was discovered that the JNLPClassLoader class when handling multiple
signatures allowed remote attackers to gain privileges due to the
assignment of an inappropriate security descriptor. (CVE-2011-0706)

Update instructions

The problem can be corrected by updating your system to the following package versions:

Ubuntu 9.10
Ubuntu 10.04

After a standard system update you need to restart any Java services,
applications or applets to make all the necessary changes.

Related notices

  • USN-1079-3: icedtea6-plugin, openjdk-6-jre, openjdk-6-jre-headless, openjdk-6b18
  • USN-1079-1: openjdk-6-jre-lib, openjdk-6, openjdk-6-jre, icedtea6-plugin, openjdk-6-jre-headless