Bug 829358 (CVE-2012-1717)

Summary: CVE-2012-1717 OpenJDK: insecure temporary file permissions (JRE, 7143606)
Product: [Other] Security Response Reporter: Stefan Cornelius <scorneli>
Component: vulnerabilityAssignee: Red Hat Product Security <security-response-team>
Status: CLOSED ERRATA QA Contact:
Severity: low Docs Contact:
Priority: low    
Version: unspecifiedCC: ahughes, aph, dbhole, jrusnack, jvanek, security-response-team
Target Milestone: ---Keywords: Security
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2012-10-03 15:39:36 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On: 828749, 828750, 828751, 828752, 828753, 828754, 828755, 828756, 828757, 828758, 828759, 828760, 854269, 854270, 854274, 854276, 854279, 854280, 854284, 854285, 854290, 854291, 854297, 854299, 854300, 854301, 856471, 856472, 856473    
Bug Blocks: 824458    

Description Stefan Cornelius 2012-06-06 14:37:07 UTC 
Various classes in the Java Runtime standard library created temporary files with insecure permissions.  Depending on the current umask setting, temporary files could have been created with permissions allowing access by other group members or all system users.  Local attackers could use this flaw to gain access to possibly sensitive content of the temporary files.
Comment 1 Tomas Hoger 2012-06-12 20:23:22 UTC 
Public now via:
http://www.oracle.com/technetwork/topics/security/javacpujun2012-1515912.html

Fixed in Oracle Java 7 Update 5 and 6 Update 33.
Comment 2 Tomas Hoger 2012-06-13 08:50:29 UTC 
The fix for this issue is or will be included in the following IcedTea versions:

* IcedTea6 1.10.8 
* IcedTea6 1.11.3
* IcedTea7 2.1.1
* IcedTea7 2.2.1

IcedTea6 releases announcement:

http://mail.openjdk.java.net/pipermail/distro-pkg-dev/2012-June/019076.html
http://blog.fuseyism.com/index.php/2012/06/12/security-icedtea6-1-10-8-1-11-3-released/

Patch:
http://icedtea.classpath.org/hg/release/icedtea6-1.11/file/6e6d7783aabb/patches/security/20120612/7143606.patch
http://icedtea.classpath.org/hg/release/icedtea7-forest-2.1/jdk/rev/98a24555076b
Comment 3 errata-xmlrpc 2012-06-13 13:10:03 UTC 
This issue has been addressed in following products:

  Red Hat Enterprise Linux 5

Via RHSA-2012:0730 https://rhn.redhat.com/errata/RHSA-2012-0730.html
Comment 4 errata-xmlrpc 2012-06-13 13:10:28 UTC 
This issue has been addressed in following products:

  Red Hat Enterprise Linux 6

Via RHSA-2012:0729 https://rhn.redhat.com/errata/RHSA-2012-0729.html
Comment 5 errata-xmlrpc 2012-06-13 20:02:26 UTC 
This issue has been addressed in following products:

  Supplementary for Red Hat Enterprise Linux 6
  Supplementary for Red Hat Enterprise Linux 5

Via RHSA-2012:0734 https://rhn.redhat.com/errata/RHSA-2012-0734.html
Comment 6 Tomas Hoger 2012-06-14 08:02:07 UTC 
According to Secunia SA49472, this is the issue for which Andrei Costin is credited in Oracle CPU:

  http://secunia.com/advisories/49472

  14) An error in the printing functionality due to creating temporary spool
  files with insecure permissions can be exploited to disclose the contents
  of printed documents owned by other users.

  ...

  Provided and/or discovered by
  14) Andrei Costin via Secunia.
Comment 7 Tomas Hoger 2012-06-15 12:01:32 UTC 
IcedTea7 releases announcement:

http://mail.openjdk.java.net/pipermail/distro-pkg-dev/2012-June/019094.html
http://blog.fuseyism.com/index.php/2012/06/13/security-icedtea-2-1-1-2-2-1-released/
Comment 8 errata-xmlrpc 2012-06-20 15:15:07 UTC 
This issue has been addressed in following products:

  Supplementary for Red Hat Enterprise Linux 6

Via RHSA-2012:1019 https://rhn.redhat.com/errata/RHSA-2012-1019.html
Comment 9 errata-xmlrpc 2012-06-20 15:15:48 UTC 
This issue has been addressed in following products:

  Red Hat Enterprise Linux 6

Via RHSA-2012:1009 https://rhn.redhat.com/errata/RHSA-2012-1009.html
Comment 16 errata-xmlrpc 2012-09-06 16:15:06 UTC 
This issue has been addressed in following products:

  Supplementary for Red Hat Enterprise Linux 5
  Supplementary for Red Hat Enterprise Linux 6

Via RHSA-2012:1238 https://rhn.redhat.com/errata/RHSA-2012-1238.html
Comment 17 errata-xmlrpc 2012-09-07 12:50:16 UTC 
This issue has been addressed in following products:

  Supplementary for Red Hat Enterprise Linux 5

Via RHSA-2012:1243 https://rhn.redhat.com/errata/RHSA-2012-1243.html
Comment 18 errata-xmlrpc 2012-09-07 13:00:39 UTC 
This issue has been addressed in following products:

  Supplementary for Red Hat Enterprise Linux 6
  Supplementary for Red Hat Enterprise Linux 5

Via RHSA-2012:1245 https://rhn.redhat.com/errata/RHSA-2012-1245.html
Comment 19 errata-xmlrpc 2012-09-18 22:52:48 UTC 
This issue has been addressed in following products:

  Supplementary for Red Hat Enterprise Linux 6

Via RHSA-2012:1289 https://rhn.redhat.com/errata/RHSA-2012-1289.html
Comment 20 errata-xmlrpc 2012-10-03 15:20:29 UTC 
This issue has been addressed in following products:

  RHEL 5 for SAP
  RHEL 6 for SAP

Via RHSA-2012:1332 https://rhn.redhat.com/errata/RHSA-2012-1332.html
Comment 21 errata-xmlrpc 2013-10-23 16:30:49 UTC 
This issue has been addressed in following products:

  Red Hat Network Satellite Server v 5.5

Via RHSA-2013:1456 https://rhn.redhat.com/errata/RHSA-2013-1456.html
Comment 22 errata-xmlrpc 2013-10-23 17:04:54 UTC 
This issue has been addressed in following products:

  Red Hat Network Satellite Server v 5.4

Via RHSA-2013:1455 https://rhn.redhat.com/errata/RHSA-2013-1455.html