It was discovered that the SecureRandom class did not properly protect against the creation of multiple seeders. An untrusted Java application or applet could possibly use this flaw to disclose sensitive information.
Fixed now in Oracle JDK 7u9 and 6u37. External Reference: http://www.oracle.com/technetwork/topics/security/javacpuoct2012-1515924.html
Fix included in IcedTea6 versions 1.10.10 and 1.11.5: http://mail.openjdk.java.net/pipermail/distro-pkg-dev/2012-October/020556.html http://icedtea.classpath.org/hg/release/icedtea6-1.11/file/d9564350faa6/patches/security/20121016/7167656.patch
This issue has been addressed in following products: Red Hat Enterprise Linux 6 Via RHSA-2012:1386 https://rhn.redhat.com/errata/RHSA-2012-1386.html
This issue has been addressed in following products: Red Hat Enterprise Linux 5 Via RHSA-2012:1385 https://rhn.redhat.com/errata/RHSA-2012-1385.html
This issue has been addressed in following products: Red Hat Enterprise Linux 6 Via RHSA-2012:1384 https://rhn.redhat.com/errata/RHSA-2012-1384.html
Fix included in IcedTea7 versions 2.1.3, 2.2.3 and 2.3.3: http://mail.openjdk.java.net/pipermail/distro-pkg-dev/2012-October/020571.html http://icedtea.classpath.org/hg/release/icedtea7-forest-2.3/jdk/rev/ec46ad0afaa2
This issue has been addressed in following products: Supplementary for Red Hat Enterprise Linux 6 Via RHSA-2012:1391 https://rhn.redhat.com/errata/RHSA-2012-1391.html
This issue has been addressed in following products: Supplementary for Red Hat Enterprise Linux 5 Supplementary for Red Hat Enterprise Linux 6 Via RHSA-2012:1392 https://rhn.redhat.com/errata/RHSA-2012-1392.html
This issue has been addressed in following products: Supplementary for Red Hat Enterprise Linux 6 Via RHSA-2012:1467 https://rhn.redhat.com/errata/RHSA-2012-1467.html