New Search

ELSA-2014-0675 -- java-1.7.0-openjdk security update (critical)

oval:org.mitre.oval:def:27331

[1.7.0.55-2.4.7.2.0.1.el7_0] - Update DISTRO_NAME in specfile [1.7.0.55-2.4.7.2] - Remove NSS patches. Issues with PKCS11 provider mean it shouldn't be enabled. - Always setup nss.cfg and depend on nss-devel at build-time to do so. - This allows users who wish to use PKCS11+NSS to just add it to java.security. - Patches to PKCS11 provider will be included upstream in 2.4.8 (ETA July 2014) - Resolves: rhbz#1099565 [1.7.0.55-2.4.7.0.el7] - bumped to future icedtea-forest 2.4.7 - updatever set to 55 buildver se to 13 release reset to 0 - removed upstreamed patch402 gstackbounds.patch - removed Requires: rhino BuildRequires is enough - ppc64 repalced by power64 macro - patch111 applied as dry-run (6.6 forward port) - nss enabled but notused as default (6.6 forward port) - Resolves: rhbz#1099565

Family:
unix
Status:
ACCEPTED
Platform(s):
  • Oracle Linux 7
Class:
patch
Reference(s):
  • ELSA-2014-0675
  • CVE-2014-0454
  • CVE-2014-0455
  • CVE-2014-0456
  • CVE-2014-0457
  • CVE-2014-0458
  • CVE-2014-0459
  • CVE-2014-0460
  • CVE-2014-0461
  • CVE-2014-1876
  • CVE-2014-2397
  • CVE-2014-2398
  • CVE-2014-2402
  • CVE-2014-2403
  • CVE-2014-2412
  • CVE-2014-2413
  • CVE-2014-2414
  • CVE-2014-2421
  • CVE-2014-2423
  • CVE-2014-2427
  • CVE-2014-0429
  • CVE-2014-0446
  • CVE-2014-0451
  • CVE-2014-0452
  • CVE-2014-0453
Product(s):
  • java-1.7.0-openjdk