Bug 767959 - latest update break rmi
Summary: latest update break rmi
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: Red Hat Enterprise Linux 6
Classification: Red Hat
Component: java-1.6.0-openjdk
Version: 6.1
Hardware: Unspecified
OS: Unspecified
high
high
Target Milestone: rc
: ---
Assignee: jiri vanek
QA Contact: BaseOS QE - Apps
URL:
Whiteboard:
Depends On: 751203
Blocks:
TreeView+ depends on / blocked
 
Reported: 2011-12-15 11:25 UTC by RHEL Program Management
Modified: 2012-01-09 14:15 UTC (History)
11 users (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Previously, a remote RMI client could execute code on the RMI server with unrestricted privileges. This security issue in the Java Remote Method Invocation (RMI) registry implementation was fixed by the RHSA-2011-1380 security advisory. However, the security restrictions applied by the advisory were too strict and caused the RMI registry to stop working correctly. This update adjusts the RMI registry so it now works as expected.
Clone Of:
Environment:
Last Closed: 2011-12-21 12:36:12 UTC
Target Upstream Version:

Attachments (Terms of Use)
Add an attachment (proposed patch, testcase, etc.)


Links
System ID Private Priority Status Summary Last Updated
Red Hat Product Errata RHBA-2011:1847 0 normal SHIPPED_LIVE java-1.6.0-openjdk bug fix update 2011-12-21 17:34:57 UTC

Description RHEL Program Management 2011-12-15 11:25:31 UTC 
This bug has been copied from bug #751203 and has been proposed
to be backported to 6.2 z-stream (EUS).
Comment 5 jiri vanek 2011-12-19 09:46:00 UTC 
https://brewweb.devel.redhat.com/buildinfo?buildID=193158
Comment 7 Levente Farkas 2011-12-19 11:36:54 UTC 
as i'm the reporter and debugger of the problem, may i access to this build?
Comment 9 Omair Majid 2011-12-19 16:49:15 UTC 
Hi Levente,

(In reply to comment #7)
> as i'm the reporter and debugger of the problem, may i access to this build?

I have copied the rpms from 
https://brewweb.devel.redhat.com/buildinfo?buildID=193158
to the publicly available location at:
http://omajid.fedorapeople.org/java-1.6.0-openjdk/rmi-fix-rhn/
Comment 10 Levente Farkas 2011-12-19 17:01:19 UTC 
wget http://omajid.fedorapeople.org/java-1.6.0-openjdk/rmi-fix-rhn/java-1.6.0-openjdk-1.6.0.0-1.42.1.10.4.el6_2.x86_64.rpm
--2011-12-19 18:00:39--  http://omajid.fedorapeople.org/java-1.6.0-openjdk/rmi-fix-rhn/java-1.6.0-openjdk-1.6.0.0-1.42.1.10.4.el6_2.x86_64.rpm
Resolving omajid.fedorapeople.org... 85.236.55.7
Connecting to omajid.fedorapeople.org|85.236.55.7|:80... connected.
HTTP request sent, awaiting response... 403 Forbidden
2011-12-19 18:00:39 ERROR 403: Forbidden.
Comment 11 Omair Majid 2011-12-19 17:33:51 UTC 
It was a problem with permissions. It should work now. Sorry about that.
Comment 12 Miroslav Svoboda 2011-12-21 10:23:40 UTC 
    Technical note added. If any revisions are required, please edit the "Technical Notes" field
    accordingly. All revisions will be proofread by the Engineering Content Services team.
    
    New Contents:
Previously, a remote RMI client could execute code on the RMI server with unrestricted privileges. This security issue in the Java Remote Method Invocation (RMI) registry implementation was fixed by the RHSA-2011-1380 security advisory. However, the security restrictions applied by the advisory were too strict and caused the RMI registry to stop working correctly. This update adjusts the RMI registry so it now works as expected.
Comment 17 errata-xmlrpc 2011-12-21 12:36:12 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

http://rhn.redhat.com/errata/RHBA-2011-1847.html
Note You need to log in before you can comment on or make changes to this bug.