USN-1505-1: OpenJDK 6 vulnerabilities

Ubuntu Security Notice USN-1505-1

12th July, 2012

icedtea-web, openjdk-6 vulnerabilities

A security issue affects these releases of Ubuntu and its derivatives:

  • Ubuntu 12.04 LTS
  • Ubuntu 11.10
  • Ubuntu 11.04
  • Ubuntu 10.04 LTS

Summary

Several security issues were fixed in OpenJDK 6.

Software description

  • icedtea-web - A web browser plugin to execute Java applets
  • openjdk-6 - Open Source Java implementation

Details

It was discovered that multiple flaws existed in the CORBA (Common
Object Request Broker Architecture) implementation in OpenJDK. An
attacker could create a Java application or applet that used these
flaws to bypass Java sandbox restrictions or modify immutable object
data. (CVE-2012-1711, CVE-2012-1719)

It was discovered that multiple flaws existed in the OpenJDK font
manager's layout lookup implementation. A attacker could specially
craft a font file that could cause a denial of service through
crashing the JVM (Java Virtual Machine) or possibly execute arbitrary
code. (CVE-2012-1713)

It was discovered that the SynthLookAndFeel class from Swing in
OpenJDK did not properly prevent access to certain UI elements
from outside the current application context. An attacker could
create a Java application or applet that used this flaw to cause a
denial of service through crashing the JVM or bypass Java sandbox
restrictions. (CVE-2012-1716)

It was discovered that OpenJDK runtime library classes could create
temporary files with insecure permissions. A local attacker could
use this to gain access to sensitive information. (CVE-2012-1717)

It was discovered that OpenJDK did not handle CRLs (Certificate
Revocation Lists) properly. A remote attacker could use this to gain
access to sensitive information. (CVE-2012-1718)

It was discovered that the OpenJDK HotSpot Virtual Machine did not
properly verify the bytecode of the class to be executed. A remote
attacker could create a Java application or applet that used this
to cause a denial of service through crashing the JVM or bypass Java
sandbox restrictions. (CVE-2012-1723, CVE-2012-1725)

It was discovered that the OpenJDK XML (Extensible Markup Language)
parser did not properly handle some XML documents. An attacker could
create an XML document that caused a denial of service in a Java
application or applet parsing the document. (CVE-2012-1724)

As part of this update, the IcedTea web browser applet plugin was
updated for Ubuntu 10.04 LTS, Ubuntu 11.04, and Ubuntu 11.10.

Update instructions

The problem can be corrected by updating your system to the following package version:

Ubuntu 12.04 LTS:
openjdk-6-jre 6b24-1.11.3-1ubuntu0.12.04.1
Ubuntu 11.10:
icedtea-6-plugin 1.2-2ubuntu0.11.10.1
openjdk-6-jre 6b24-1.11.3-1ubuntu0.11.10.1
Ubuntu 11.04:
icedtea-6-plugin 1.2-2ubuntu0.11.04.1
openjdk-6-jre 6b24-1.11.3-1ubuntu0.11.04.1
Ubuntu 10.04 LTS:
icedtea-6-plugin 1.2-2ubuntu0.10.04.1
openjdk-6-jre 6b24-1.11.3-1ubuntu0.10.04.1

To update your system, please follow these instructions: https://wiki.ubuntu.com/Security/Upgrades.

This update uses a new upstream release, which includes additional
bug fixes. After a standard system update you need to restart any
Java applications or applets to make all the necessary changes.

References

CVE-2012-1711, CVE-2012-1713, CVE-2012-1716, CVE-2012-1717, CVE-2012-1718, CVE-2012-1719, CVE-2012-1723, CVE-2012-1724, CVE-2012-1725