[SECURITY] Fedora 17 Update: java-1.7.0-openjdk-

updates at fedoraproject.org updates at fedoraproject.org
Mon Sep 3 22:53:20 UTC 2012

Fedora Update Notification
2012-09-01 23:47:21

Name        : java-1.7.0-openjdk
Product     : Fedora 17
Version     :
Release     : 2.3.1.fc17.2
URL         : http://openjdk.java.net/
Summary     : OpenJDK Runtime Environment
Description :
The OpenJDK runtime environment.

Update Information:

This update is fixing recent important security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE.

It was discovered that the Beans component in OpenJDK did not perform permission checks properly. An untrusted Java application or applet could use this flaw to use classes from restricted packages, allowing it to bypass Java sandbox restrictions. (CVE-2012-4681)


* Thu Aug 30 2012 jiri Vanek <jvanek at redhat.com> -
- Sync with rawhide
- Updated to IcedTea-Forest 2.3.1
- Resolves rhbz#RH852051, CVE-2012-4681: Reintroduce PackageAccessible checks 
  removed in 6788531.
- Commented out Patch500, java-1.7.0-openjdk-removing_jvisualvm_man.patch as
  as already included in this Iced-Tea.
- Will be nice to verify after next upstream sync if it is still upstreamed
- Add symlink to Fedora's default soundfont rhbz#541466
* Wed Aug 22 2012 Jiri Vanek <jvanek at redhat.com> -
* Mon Aug 20 2012 jiri Vanek <jvanek at redhat.com> -
- Updated to latest IcedTea7-forest-2.3
- Current build is u6
- Added Patch500, java-1.7.0-openjdk-removing_jvisualvm_man.patch to remove 
  jvisualvm manpages from processing
* Mon Jul  9 2012 Deepak Bhole <dbhole at redhat.com> -
- Added support to build older (2.1.1/u3/hs22) version on non-jit (secondary)
* Wed Jun 13 2012 jiri Vanek <jvanek at redhat.com> -
- Fixed broken provides sections
* Mon Jun 11 2012 jiri Vanek <jvanek at redhat.com> -
- Used newly prepared tarball with security fixes
- Bump to icedtea7-forest-2.2.1
- _mandir/man1/jcmd-name.1 added to alternatives
- Updated rhino.patch
- Modified partially upstreamed patch302 - systemtap.patch
- Temporarly disabled patch102 - java-1.7.0-openjdk-size_t.patch
- Removed already upstreamed patches 104,107,108,301
  - java-1.7.0-openjdk-arm-ftbfs.patch
  - java-1.7.0-openjdk-system-zlib.patch
  - java-1.7.0-openjdk-remove-mimpure-opt.patch
  - systemtap-alloc-size-workaround.patch
- patch 105 (java-1.7.0-openjdk-ppc-zero-jdk.patch) have become 104
- patch 106 (java-1.7.0-openjdk-ppc-zero-hotspot.patch) have become 105
- Added build requires zip, which was untill now  dependence  of dependence
- Access gnome brridge jar forced to be 644
* Fri May 25 2012 Deepak Bhole <dbhole at redhat.com> -
- Miscellaneous fixes brought in from RHEL branch
- Resolves: rhbz#825255: Added ALT_STRIP_POLICY so that debug info is not stripped

This update can be installed with the "yum" update program.  Use 
su -c 'yum update java-1.7.0-openjdk' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora Project GPG key.  More details on the
GPG keys used by the Fedora Project can be found at

More information about the package-announce mailing list