Bug 1151517 (CVE-2014-6511)
Summary: | CVE-2014-6511 ICU: Layout Engine ContextualSubstitution missing boundary checks (JDK 2D, 8041540) | ||
---|---|---|---|
Product: | [Other] Security Response | Reporter: | Tomas Hoger <thoger> |
Component: | vulnerability | Assignee: | Red Hat Product Security <security-response-team> |
Status: | CLOSED ERRATA | QA Contact: | |
Severity: | medium | Docs Contact: | |
Priority: | medium | ||
Version: | unspecified | CC: | caolanm, dbhole, denis.arnaud_fedora, erack, jvanek, omajid, sbaiduzh, security-response-team |
Target Milestone: | --- | Keywords: | Security |
Target Release: | --- | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | |||
Fixed In Version: | Doc Type: | Bug Fix | |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 2015-01-21 16:17:02 UTC | Type: | --- |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: | |||
Bug Depends On: | |||
Bug Blocks: | 957599, 1148726 |
Description
Tomas Hoger
2014-10-10 15:15:09 UTC
Public now via Oracle Critical Patch Update - October 2014. Fixed in Oracle Java SE 5.0u75, 6u85, 7u71, and 8u25. External References: http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html#AppendixJAVA This issue has been addressed in the following products: Red Hat Enterprise Linux 5 Via RHSA-2014:1633 https://rhn.redhat.com/errata/RHSA-2014-1633.html This issue has been addressed in the following products: Red Hat Enterprise Linux 6 Red Hat Enterprise Linux 7 Via RHSA-2014:1620 https://rhn.redhat.com/errata/RHSA-2014-1620.html This issue has been addressed in the following products: Red Hat Enterprise Linux 6 Red Hat Enterprise Linux 7 Red Hat Enterprise Linux 5 Via RHSA-2014:1634 https://rhn.redhat.com/errata/RHSA-2014-1634.html This issue has been addressed in the following products: Red Hat Enterprise Linux 6 Via RHSA-2014:1636 https://rhn.redhat.com/errata/RHSA-2014-1636.html This issue was fixed in IcedTea6 1.13.5 and IcedTea7 2.5.3: http://mail.openjdk.java.net/pipermail/distro-pkg-dev/2014-October/029884.html http://mail.openjdk.java.net/pipermail/distro-pkg-dev/2014-October/029889.html Upstream OpenJDK commit: http://hg.openjdk.java.net/jdk8u/jdk8u/jdk/rev/0dbdb47a2658 This issue has been addressed in the following products: Oracle Java for Red Hat Enterprise Linux 7 Oracle Java for Red Hat Enterprise Linux 6 Oracle Java for Red Hat Enterprise Linux 5 Via RHSA-2014:1658 https://rhn.redhat.com/errata/RHSA-2014-1658.html This issue has been addressed in the following products: Oracle Java for Red Hat Enterprise Linux 7 Oracle Java for Red Hat Enterprise Linux 6 Oracle Java for Red Hat Enterprise Linux 5 Via RHSA-2014:1657 https://rhn.redhat.com/errata/RHSA-2014-1657.html This issue has been addressed in the following products: Supplementary for Red Hat Enterprise Linux 5 Supplementary for Red Hat Enterprise Linux 6 Via RHSA-2014:1877 https://rhn.redhat.com/errata/RHSA-2014-1877.html This issue has been addressed in the following products: Supplementary for Red Hat Enterprise Linux 5 Via RHSA-2014:1876 https://rhn.redhat.com/errata/RHSA-2014-1876.html This issue has been addressed in the following products: Supplementary for Red Hat Enterprise Linux 6 Via RHSA-2014:1882 https://rhn.redhat.com/errata/RHSA-2014-1882.html This issue has been addressed in the following products: Supplementary for Red Hat Enterprise Linux 6 Supplementary for Red Hat Enterprise Linux 7 Via RHSA-2014:1880 https://rhn.redhat.com/errata/RHSA-2014-1880.html This issue has been addressed in the following products: Supplementary for Red Hat Enterprise Linux 5 Supplementary for Red Hat Enterprise Linux 6 Via RHSA-2014:1881 https://rhn.redhat.com/errata/RHSA-2014-1881.html This issue has been addressed in the following products: Red Hat Satellite Server v 5.6 Via RHSA-2015:0264 https://rhn.redhat.com/errata/RHSA-2015-0264.html |