Package: openjdk-6 Version: 6_6b17~pre3-1 Severity: serious Tags: security Hi, the following CVE (Common Vulnerabilities & Exposures) ids were published for openjdk-6. It is very likely that they are all fixed; however, this needs to be manually verified. Please check and reply in-line with the fixed package version for each issue. Thank you.
CVE-2009-1093[0]: | LdapCtx in the LDAP service in Java SE Development Kit (JDK) and Java | Runtime Environment (JRE) 5.0 Update 17 and earlier; 6 Update 12 and | earlier; SDK and JRE 1.3.1_24 and earlier; and 1.4.2_19 and earlier | does not close the connection when initialization fails, which allows | remote attackers to cause a denial of service (LDAP service hang). CVE-2009-1094[1]: | Unspecified vulnerability in the LDAP implementation in Java SE | Development Kit (JDK) and Java Runtime Environment (JRE) 5.0 Update 17 | and earlier; 6 Update 12 and earlier; SDK and JRE 1.3.1_24 and | earlier; and 1.4.2_19 and earlier allows remote LDAP servers to | execute arbitrary code via unknown vectors related to serialized data. CVE-2009-1095[2]: | Integer overflow in unpack200 in Java SE Development Kit (JDK) and | Java Runtime Environment (JRE) 5.0 Update 17 and earlier, and 6 Update | 12 and earlier, allows remote attackers to access files or execute | arbitrary code via a JAR file with crafted Pack200 headers. CVE-2009-1096[3]: | Buffer overflow in unpack200 in Java SE Development Kit (JDK) and Java | Runtime Environment (JRE) 5.0 Update 17 and earlier, and 6 Update 12 | and earlier, allows remote attackers to access files or execute | arbitrary code via a JAR file with crafted Pack200 headers. CVE-2009-1097[4]: | Multiple buffer overflows in Java SE Development Kit (JDK) and Java | Runtime Environment (JRE) 6 Update 12 and earlier allow remote | attackers to access files or execute arbitrary code via (1) a crafted | PNG image that triggers an integer overflow during memory allocation | for display on the splash screen, aka CR 6804996; and (2) a crafted | GIF image from which unspecified values are used in calculation of | offsets, leading to object-pointer corruption, aka CR 6804997. CVE-2009-1098[5]: | Buffer overflow in Java SE Development Kit (JDK) and Java Runtime | Environment (JRE) 5.0 Update 17 and earlier; 6 Update 12 and earlier; | 1.4.2_19 and earlier; and 1.3.1_24 and earlier allows remote attackers | to access files or execute arbitrary code via a crafted GIF image, aka | CR 6804998. CVE-2009-1099[6]: | Integer signedness error in Java SE Development Kit (JDK) and Java | Runtime Environment (JRE) 5.0 Update 17 and earlier, and 6 Update 12 | and earlier, allows remote attackers to access files or execute | arbitrary code via crafted glyph descriptions in a Type1 font, which | bypasses a signed comparison and triggers a buffer overflow. CVE-2009-1101[7]: | Unspecified vulnerability in the lightweight HTTP server | implementation in Java SE Development Kit (JDK) and Java Runtime | Environment (JRE) 6 Update 12 and earlier allows remote attackers to | cause a denial of service (probably resource consumption) for a JAX-WS | service endpoint via a connection without any data, which triggers a | file descriptor "leak." CVE-2009-1102[8]: | Unspecified vulnerability in the Virtual Machine in Java SE | Development Kit (JDK) and Java Runtime Environment (JRE) 6 Update 12 | and earlier allows remote attackers to access files and execute | arbitrary code via unknown vectors related to "code generation." CVE-2009-1103[9]: | Unspecified vulnerability in the Java Plug-in in Java SE Development | Kit (JDK) and Java Runtime Environment (JRE) 5.0 Update 17 and | earlier; 6 Update 12 and earlier; 1.4.2_19 and earlier; and 1.3.1_24 | and earlier allows remote attackers to access files and execute | arbitrary code via unknown vectors related to "deserializing applets," | aka CR 6646860. CVE-2009-1104[10]: | The Java Plug-in in Java SE Development Kit (JDK) and Java Runtime | Environment (JRE) 5.0 Update 17 and earlier; 6 Update 12 and earlier; | and 1.4.2_19 and earlier does not prevent Javascript that is loaded | from the localhost from connecting to other ports on the system, which | allows user-assisted attackers to bypass intended access restrictions | via LiveConnect, aka CR 6724331. NOTE: this vulnerability can be | leveraged with separate cross-site scripting (XSS) vulnerabilities for | remote attack vectors. CVE-2009-1105[11]: | The Java Plug-in in Java SE Development Kit (JDK) and Java Runtime | Environment (JRE) 6 Update 12, 11, and 10 allows user-assisted remote | attackers to cause a trusted applet to run in an older JRE version, | which can be used to exploit vulnerabilities in that older version, | aka CR 6706490. CVE-2009-1106[12]: | The Java Plug-in in Java SE Development Kit (JDK) and Java Runtime | Environment (JRE) 6 Update 12, 11, and 10 does not properly parse | crossdomain.xml files, which allows remote attackers to bypass | intended access restrictions and connect to arbitrary sites via | unknown vectors, aka CR 6798948. CVE-2009-1107[13]: | The Java Plug-in in Java SE Development Kit (JDK) and Java Runtime | Environment (JRE) 6 Update 12 and earlier, and 5.0 Update 17 and | earlier, allows remote attackers to trick a user into trusting a | signed applet via unknown vectors that misrepresent the security | warning dialog, related to a "Swing JLabel HTML parsing | vulnerability," aka CR 6782871. CVE-2009-2675[14]: | Integer overflow in the unpack200 utility in Sun Java Runtime | Environment (JRE) in JDK and JRE 6 before Update 15, and JDK and JRE | 5.0 before Update 20, allows context-dependent attackers to gain | privileges via unspecified length fields in the header of a | Pack200-compressed JAR file, which leads to a heap-based buffer | overflow during decompression. CVE-2009-2676[15]: | Unspecified vulnerability in JNLPAppletlauncher in Sun Java SE, and SE | for Business, in JDK and JRE 6 Update 14 and earlier and JDK and JRE | 5.0 Update 19 and earlier; and Java SE for Business in SDK and JRE | 1.4.2_21 and earlier; allows remote attackers to create or modify | arbitrary files via vectors involving an untrusted Java applet that | accesses an old version of JNLPAppletLauncher. CVE-2009-2788[16]: | Multiple SQL injection vulnerabilities in Mobilelib GOLD 3 allow | remote attackers to execute arbitrary SQL commands via the (1) | adminName parameter to cp/auth.php, (2) cid parameter to artcat.php, | and (3) catid parameter to show.php. CVE-2009-2789[17]: | SQL injection vulnerability in the Permis (com_groups) component 1.0 | for Joomla! allows remote attackers to execute arbitrary SQL commands | via the id parameter in a list action to index.php. NOTE: the | provenance of this information is unknown; the details are obtained | solely from third party information. If you fix the vulnerabilities please also make sure to include the CVE ids in your changelog entry. For further information see: [0] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1093 http://security-tracker.debian.org/tracker/CVE-2009-1093 [1] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1094 http://security-tracker.debian.org/tracker/CVE-2009-1094 [2] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1095 http://security-tracker.debian.org/tracker/CVE-2009-1095 [3] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1096 http://security-tracker.debian.org/tracker/CVE-2009-1096 [4] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1097 http://security-tracker.debian.org/tracker/CVE-2009-1097 [5] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1098 http://security-tracker.debian.org/tracker/CVE-2009-1098 [6] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1099 http://security-tracker.debian.org/tracker/CVE-2009-1099 [7] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1101 http://security-tracker.debian.org/tracker/CVE-2009-1101 [8] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1102 http://security-tracker.debian.org/tracker/CVE-2009-1102 [9] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1103 http://security-tracker.debian.org/tracker/CVE-2009-1103 [10] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1104 http://security-tracker.debian.org/tracker/CVE-2009-1104 [11] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1105 http://security-tracker.debian.org/tracker/CVE-2009-1105 [12] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1106 http://security-tracker.debian.org/tracker/CVE-2009-1106 [13] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1107 http://security-tracker.debian.org/tracker/CVE-2009-1107 [14] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2675 http://security-tracker.debian.org/tracker/CVE-2009-2675 [15] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2676 http://security-tracker.debian.org/tracker/CVE-2009-2676 [16] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2788 http://security-tracker.debian.org/tracker/CVE-2009-2788 [17] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2789 http://security-tracker.debian.org/tracker/CVE-2009-2789 -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
