drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Denial of Service in java-1.7.0-openjdk
Name: |
Denial of Service in java-1.7.0-openjdk |
|
ID: |
FEDORA-2014-8183 |
|
Distribution: |
Fedora |
|
Plattformen: |
Fedora 20 |
|
Datum: |
Sa, 26. Juli 2014, 08:58 |
|
Referenzen: |
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3970 |
|
Applikationen: |
OpenJDK |
|
Originalnachricht |
Name : java-1.7.0-openjdk Product : Fedora 20 Version : 1.7.0.65 Release : 2.5.1.3.fc20 URL : http://openjdk.java.net/ Summary : OpenJDK Runtime Environment Description : The OpenJDK runtime environment.
------------------------------------------------------------------------------- - Update Information:
Rebase current post-4.0 snapshot to 5.0 release, see also:
http://www.freedesktop.org/wiki/Software/PulseAudio/Notes/5.0/
This update restores compatibility with pulseaudio upstream ABI, and includes rebuilds of affected fedora packages. ------------------------------------------------------------------------------- - ChangeLog:
* Thu Jul 17 2014 Rex Dieter <rdieter@fedoraproject.org> - 1.7.0.65-2.5.1.3 - rebuild (for pulseaudio, bug #1117683) * Mon Jul 14 2014 Jiri Vanek <jvanek@redhat.com> - 1.7.0.65-2.5.1.2 - added and applied fix for samrtcard io patch405, pr1864_smartcardIO.patch * Mon Jul 7 2014 Jiri Vanek <jvanek@redhat.com> - 1.7.0.65-2.5.1.1 - updated to security patched icedtea7-forest-2.5.1 * Wed Jul 2 2014 Jiri Vanek <jvanek@redhat.com> - 1.7.0.60-2.5.0.3 - Added arrch64 support * Tue Jul 1 2014 Andrew Hughes <gnu.andrew@redhat.com> - 1.7.0.60-2.5.0.2 - Add nss-softokn dependency for SunEC provider - Add support for ppc64le - Enable SunEC provider with system NSS support. - Ensure java-1.7.0-openjdk is used to build, not 8 - Set INSTALL_LOCATION so it can be used in the rpath. * Thu Jun 19 2014 Jiri Vanek <jvanek@redhat.com> - 1.7.0.60-2.5.0.1.f20 - added and applied as reverted patch404 gtk3ToBeReverted.patch - reverting controversial fix of show_bug.cgi?id=729 * Wed Jun 18 2014 Jiri Vanek <jvanek@redhat.com> - 1.7.0.60-2.5.0.f20 - updated to icedtea7-forest 2.5.0 - removed icedtea_version_presuffix - removed hardcoded 60 - removed upstreamed patch412 add-final-location-rpaths.patch - removed upstreamed patch413 rh1064383-prelink_fix.patch * Thu May 22 2014 Andrew Hughes <gnu.andrew@redhat.com - 1.7.0.51-2.4.7.4.fc20 - Fix jinfo behaviour when prelink cache is present - Resolves: rhbz#1064383 * Thu May 22 2014 Jiri Vanek <jvanek@redhat.com> - 1.7.0.51-2.4.7.3.fc20 - debug turned off (0) - python added to line /builddir/build/SOURCES/remove-origin-from-rpaths $files to preven access denied - added build requires for python * Thu May 22 2014 Jiri Vanek <jvanek@redhat.com> - 1.7.0.51-2.4.7.2.fc20 - bumped release - changed buildoutputdir to contains "-debug" in case of debug on - rewritten (long unmaintained) java-1.7.0-openjdk-debugdocs.patch and java-1.7.0-openjdk-debuginfo.patch - debug turned on (1) * Tue Apr 22 2014 Jiri Vanek <jvanek@redhat.com> - 1.7.0.55-2.4.7.1.fc20 - Added Omair's fix for RH1059925 - added and used Source14, remove-origin-from-rpaths - added and applied patch412 add-final-location-rpaths.patch - added build requires chrpath - adde INSTALL_LOCATION=_jvmdir/sdkdir to make swithces - added missing OrderWithRequires (sync with master) - removed rhino requires (sync with master) - added libattr-devel build requires (sync with master) - added conditional chmod on sa-jdi.jar (sync with master) - added comment to fiels about lua (sync with master) - added few more owned dirs (sync with master) * Mon Apr 7 2014 Jiri Vanek <jvanek@redhat.com> - 1.7.0.55-2.4.7.0.fc20 - Added check to lua according to already exisitng same jvm - bumped to future icedtea-forest 2.4.7 - updatever set to 55, buildver se to 13, release reset to 0 - removed upstreamed patch402 gstackbounds.patch - included config(norepalce) lua script * Wed Mar 26 2014 Omair Majid <omajid@redhat.com> - 1.7.0.60-2.4.5.2.fc20 - Switch to a new tapset tarball without trailing space in file name * Thu Jan 30 2014 Jiri Vanek <jvanek@redhat.com> - 1.7.0.51-2.4.5.1.f20 - removed or cleaning alternatives remove in posts * Thu Jan 30 2014 Jiri Vanek <jvanek@redhat.com> - 1.7.0.51-2.4.5.0.f20 - removed buildRequires: pulseaudio >= 0.9.11, as not neccessary - but kept libs-devel - updated to icedtea 2.4.5 - http://blog.fuseyism.com/index.php/2014/01/29/icedtea-2-4-5-released/ - removed upstreamed or unwonted patches (thanx to gnu_andrew to pointing them out) - patch410 1015432.patch (upstreamed) - patch411 1029588.patch - patch412 zero-x32.diff - patch104 java-1.7.0-ppc-zero-jdk.patch - patch105 java-1.7.0-ppc-zero-hotspot.patch - patch402 gstackbounds.patch and patch403 PStack-808293.patch applied always (again thanx to gnu_andrew) - merged other gnu_andrew's changes - FT2_CFLAGS and FT2_LIBS hardoced values replaced by correct pkg-config calls - buildver bumbed to 31 - added build requires nss-devel - removed build requires mercurial - added JRE_RELEASE_VERSION and ALT_PARALLEL_COMPILE_JOBS into make call * Fri Jan 17 2014 Jiri Vanek <jvanek@redhat.com> - 1.7.0.51-2.4.4.1.f20 - removed 2.3 tarball due to security issues - this causes zero arm32 jit to not exists eny more (aprox 30% slowdown) - removed declarations: - global icedtea_version_arm32 2.3.13 - source100 openjdk-icedtea-%{icedtea_version_arm32}.tar.xz - removed: - patch30 java-1.7.0-openjdk-java-access-bridge-security-2.3.patch - patch1000 rhino-2.3.patch - patch4020 gstackbounds-2.3.patch - patch4110 1029588-2.3.patch - patch302 systemtap.patch - patch401 657854-openjdk7.patch - with all follwing ifarch arm calls - patch410 and TestCryptoLevel are now used always - US_export_policy.jar and local_policy.jar are now listed always - make: - always used DISABLE_INTREE_EC, UNLIMITED_CRYPTO - removed arm32 specific DISTRO_PACKAGE_VERSION JDK_UPDATE_VERSION JDK_BUILD_NUMBER - added patch412 zero-x32.diff to try to fix zero builds build * Fri Jan 10 2014 Jiri Vanek <jvanek@redhat.com> - 1.7.0.51-2.4.4.0.f20 - updated to security icedtea 2.4.4 - and arm tarball updated to security icedtea 2.3.13 - icedtea_version set to 2.4.4 - updatever bumped to 51 - release reset to 0 * Mon Jan 6 2014 Jiri Vanek <jvanek@redhat.com> - 1.7.0.40-2.4.3.4.f19 - added and applied patch411 1029588.patch (for 2.4) - added and applied patch4110 1029588-2.3.patch (for 2.3) - resolves rhbz#1029588 * Mon Jan 6 2014 Jiri Vanek <jvanek@redhat.com> - 1.7.0.40-2.4.3.3.f19 - added and applied for icedtea 2.4 patch410, 1015432.patch - resolves rhbz#1015432 * Mon Jan 6 2014 Jiri Vanek <jvanek@redhat.com> - 1.7.0.40-2.4.3.2.f20 - changed Provides: jre-headless = 1.7.0 to Provides: jre-headless = 1:1.7.0 - resolves rhbz#1046050 * Fri Oct 18 2013 Jiri Vanek <jvanek@redhat.com> - 1.7.0.40-2.4.3.1.f20 - arm tarball updated to new CPU sources 2.3.13 - removed upstreamed patch 501 callerclass-01.patch - removed upstreamed patch 502 callerclass-02.patch - removed upstreamed patch 503 callerclass-02.patch - removed upstreamed patch 504 callerclass-02.patch ------------------------------------------------------------------------------- - References:
[ 1 ] Bug #1104835 - CVE-2014-3970 pulseaudio: denial of service in module-rtp-recv https://bugzilla.redhat.com/show_bug.cgi?id=1104835 ------------------------------------------------------------------------------- -
This update can be installed with the "yum" update program. Use su -c 'yum update java-1.7.0-openjdk' at the command line. For more information, refer to "Managing Software with yum", available at http://docs.fedoraproject.org/yum/.
All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys ------------------------------------------------------------------------------- - _______________________________________________ package-announce mailing list package-announce@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/package-announce
|
|
|
|