Your submission was sent successfully! Close

You have successfully unsubscribed! Close

USN-1553-1: OpenJDK 6 vulnerabilities

3 September 2012

Two security issues were fixed in OpenJDK 6.

Reduce your security exposure

Ubuntu Pro provides ten-year security coverage to 25,000+ packages in Main and Universe repositories, and it is free for up to five machines.

Learn more about Ubuntu Pro

Releases

Packages

  • openjdk-6 - Open Source Java implementation

Details

It was discovered that the Beans component in OpenJDK 6 did not
properly prevent access to restricted classes. A remote attacker could
use this to create an untrusted Java applet or application that would
bypass Java sandbox restrictions. (CVE-2012-1682)

It was discovered that functionality in the AWT component in OpenJDK 6
made it easier for a remote attacker, in conjunction with other
vulnerabilities, to bypass Java sandbox restrictions. (CVE-2012-0547)

Reduce your security exposure

Ubuntu Pro provides ten-year security coverage to 25,000+ packages in Main and Universe repositories, and it is free for up to five machines.

Learn more about Ubuntu Pro