Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
===========================================================================
AUSCERT External Security Bulletin Redistribution
ESB-2013.0413
Low: Oracle Java SE 6 - notification of end of public updates
21 March 2013
===========================================================================
AusCERT Security Bulletin Summary
---------------------------------
Product: Oracle Java SE 6
Publisher: Red Hat
Operating System: Red Hat Enterprise Linux Server 6
Red Hat Enterprise Linux WS/Desktop 6
Red Hat Enterprise Linux Server 5
Red Hat Enterprise Linux WS/Desktop 5
Impact/Access: Reduced Security -- Unknown/Unspecified
Resolution: Patch/Upgrade
Original Bulletin:
https://rhn.redhat.com/errata/RHSA-2013-0666.html
- --------------------------BEGIN INCLUDED TEXT--------------------
- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
=====================================================================
Red Hat Security Advisory
Synopsis: Low: Oracle Java SE 6 - notification of end of public updates
Advisory ID: RHSA-2013:0666-01
Product: Red Hat Enterprise Linux Supplementary
Advisory URL: https://rhn.redhat.com/errata/RHSA-2013-0666.html
Issue date: 2013-03-20
=====================================================================
1. Summary:
Updates to the java-1.6.0-sun packages that disable the Java Web Browser
Plug-in and Web Start included in these packages. As a result, customers
who rely on Java-based browser applets may need to re-configure their
browser to use one of the Java implementations listed in the Solution
section below.
2. Relevant releases/architectures:
Red Hat Enterprise Linux Desktop Supplementary (v. 5) - i386, x86_64
Red Hat Enterprise Linux Desktop Supplementary (v. 6) - i386, x86_64
Red Hat Enterprise Linux HPC Node Supplementary (v. 6) - x86_64
Red Hat Enterprise Linux Server Supplementary (v. 5) - i386, x86_64
Red Hat Enterprise Linux Server Supplementary (v. 6) - i386, x86_64
Red Hat Enterprise Linux Workstation Supplementary (v. 6) - i386, x86_64
3. Description:
Oracle Java SE version 6 includes the Oracle Java Runtime Environment and
the Oracle Java Software Development Kit.
Oracle Java SE 6 will not receive updates after February 28, 2013. The
Oracle Java SE 6 packages on the Red Hat Enterprise Linux 5 and 6
Supplementary media and in Red Hat Network (RHN) channels will continue to
be available.
Red Hat will continue to provide these packages only as a courtesy to
customers. Red Hat will not provide updates to these packages after this
date.
Once customers update their system by installing the packages associated
with this advisory, the Oracle Java Web Plug-in will be disabled. As a
result, customers who rely on Java-based browser applets may need to
re-configure their browser to use one of the Java implementations listed
in the Solution section below.
All users of java-1.6.0-sun are advised to upgrade to these updated
packages.
4. Solution:
Red Hat recommends that customers using Oracle Java SE 6 choose one of the
following alternative Java implementations:
* OpenJDK 6, which is available and supported in Red Hat Enterprise
Linux 5 and 6.
* IBM's Java SE 6, which is available on the Red Hat Enterprise Linux 5
and 6 Supplementary media and Supplementary RHN channels through
September 2017.
* OpenJDK 7, which is available and supported in Red Hat Enterprise
Linux 5 and 6.
* IBM's Java SE 7, which is available on the Red Hat Enterprise Linux 5
and 6 Supplementary media and Supplementary RHN channels.
* Oracle Java SE 7, which is available today on the Red Hat Enterprise
Linux 5 and 6 Supplementary media and Supplementary RHN channels.
Please refer to Red Hat Knowledge solution 314713 for information on how
to install and configure any of these Java implementations. This solution
also describes how customers who rely on Java-based browser applets can
re-configure their Java Web Plug-in.
Before applying this update, make sure all previously-released errata
relevant to your system have been applied.
This update is available via the Red Hat Network. Details on how to
use the Red Hat Network to apply this update are available at
https://access.redhat.com/knowledge/articles/11258
5. Package List:
Red Hat Enterprise Linux Desktop Supplementary (v. 5):
i386:
java-1.6.0-sun-1.6.0.43-1jpp.3.el5_9.i586.rpm
java-1.6.0-sun-demo-1.6.0.43-1jpp.3.el5_9.i586.rpm
java-1.6.0-sun-devel-1.6.0.43-1jpp.3.el5_9.i586.rpm
java-1.6.0-sun-jdbc-1.6.0.43-1jpp.3.el5_9.i586.rpm
java-1.6.0-sun-plugin-1.6.0.43-1jpp.3.el5_9.i586.rpm
java-1.6.0-sun-src-1.6.0.43-1jpp.3.el5_9.i586.rpm
x86_64:
java-1.6.0-sun-1.6.0.43-1jpp.3.el5_9.i586.rpm
java-1.6.0-sun-1.6.0.43-1jpp.3.el5_9.x86_64.rpm
java-1.6.0-sun-demo-1.6.0.43-1jpp.3.el5_9.i586.rpm
java-1.6.0-sun-demo-1.6.0.43-1jpp.3.el5_9.x86_64.rpm
java-1.6.0-sun-devel-1.6.0.43-1jpp.3.el5_9.i586.rpm
java-1.6.0-sun-devel-1.6.0.43-1jpp.3.el5_9.x86_64.rpm
java-1.6.0-sun-jdbc-1.6.0.43-1jpp.3.el5_9.i586.rpm
java-1.6.0-sun-jdbc-1.6.0.43-1jpp.3.el5_9.x86_64.rpm
java-1.6.0-sun-plugin-1.6.0.43-1jpp.3.el5_9.i586.rpm
java-1.6.0-sun-plugin-1.6.0.43-1jpp.3.el5_9.x86_64.rpm
java-1.6.0-sun-src-1.6.0.43-1jpp.3.el5_9.i586.rpm
java-1.6.0-sun-src-1.6.0.43-1jpp.3.el5_9.x86_64.rpm
Red Hat Enterprise Linux Server Supplementary (v. 5):
i386:
java-1.6.0-sun-1.6.0.43-1jpp.3.el5_9.i586.rpm
java-1.6.0-sun-demo-1.6.0.43-1jpp.3.el5_9.i586.rpm
java-1.6.0-sun-devel-1.6.0.43-1jpp.3.el5_9.i586.rpm
java-1.6.0-sun-jdbc-1.6.0.43-1jpp.3.el5_9.i586.rpm
java-1.6.0-sun-plugin-1.6.0.43-1jpp.3.el5_9.i586.rpm
java-1.6.0-sun-src-1.6.0.43-1jpp.3.el5_9.i586.rpm
x86_64:
java-1.6.0-sun-1.6.0.43-1jpp.3.el5_9.i586.rpm
java-1.6.0-sun-1.6.0.43-1jpp.3.el5_9.x86_64.rpm
java-1.6.0-sun-demo-1.6.0.43-1jpp.3.el5_9.i586.rpm
java-1.6.0-sun-demo-1.6.0.43-1jpp.3.el5_9.x86_64.rpm
java-1.6.0-sun-devel-1.6.0.43-1jpp.3.el5_9.i586.rpm
java-1.6.0-sun-devel-1.6.0.43-1jpp.3.el5_9.x86_64.rpm
java-1.6.0-sun-jdbc-1.6.0.43-1jpp.3.el5_9.i586.rpm
java-1.6.0-sun-jdbc-1.6.0.43-1jpp.3.el5_9.x86_64.rpm
java-1.6.0-sun-plugin-1.6.0.43-1jpp.3.el5_9.i586.rpm
java-1.6.0-sun-plugin-1.6.0.43-1jpp.3.el5_9.x86_64.rpm
java-1.6.0-sun-src-1.6.0.43-1jpp.3.el5_9.i586.rpm
java-1.6.0-sun-src-1.6.0.43-1jpp.3.el5_9.x86_64.rpm
Red Hat Enterprise Linux Desktop Supplementary (v. 6):
i386:
java-1.6.0-sun-1.6.0.43-1jpp.4.el6_4.i686.rpm
java-1.6.0-sun-demo-1.6.0.43-1jpp.4.el6_4.i686.rpm
java-1.6.0-sun-devel-1.6.0.43-1jpp.4.el6_4.i686.rpm
java-1.6.0-sun-jdbc-1.6.0.43-1jpp.4.el6_4.i686.rpm
java-1.6.0-sun-plugin-1.6.0.43-1jpp.4.el6_4.i686.rpm
java-1.6.0-sun-src-1.6.0.43-1jpp.4.el6_4.i686.rpm
x86_64:
java-1.6.0-sun-1.6.0.43-1jpp.4.el6_4.i686.rpm
java-1.6.0-sun-1.6.0.43-1jpp.4.el6_4.x86_64.rpm
java-1.6.0-sun-demo-1.6.0.43-1jpp.4.el6_4.x86_64.rpm
java-1.6.0-sun-devel-1.6.0.43-1jpp.4.el6_4.i686.rpm
java-1.6.0-sun-devel-1.6.0.43-1jpp.4.el6_4.x86_64.rpm
java-1.6.0-sun-jdbc-1.6.0.43-1jpp.4.el6_4.x86_64.rpm
java-1.6.0-sun-plugin-1.6.0.43-1jpp.4.el6_4.x86_64.rpm
java-1.6.0-sun-src-1.6.0.43-1jpp.4.el6_4.x86_64.rpm
Red Hat Enterprise Linux HPC Node Supplementary (v. 6):
x86_64:
java-1.6.0-sun-1.6.0.43-1jpp.4.el6_4.i686.rpm
java-1.6.0-sun-1.6.0.43-1jpp.4.el6_4.x86_64.rpm
java-1.6.0-sun-demo-1.6.0.43-1jpp.4.el6_4.x86_64.rpm
java-1.6.0-sun-devel-1.6.0.43-1jpp.4.el6_4.i686.rpm
java-1.6.0-sun-devel-1.6.0.43-1jpp.4.el6_4.x86_64.rpm
java-1.6.0-sun-src-1.6.0.43-1jpp.4.el6_4.x86_64.rpm
Red Hat Enterprise Linux Server Supplementary (v. 6):
i386:
java-1.6.0-sun-1.6.0.43-1jpp.4.el6_4.i686.rpm
java-1.6.0-sun-demo-1.6.0.43-1jpp.4.el6_4.i686.rpm
java-1.6.0-sun-devel-1.6.0.43-1jpp.4.el6_4.i686.rpm
java-1.6.0-sun-jdbc-1.6.0.43-1jpp.4.el6_4.i686.rpm
java-1.6.0-sun-plugin-1.6.0.43-1jpp.4.el6_4.i686.rpm
java-1.6.0-sun-src-1.6.0.43-1jpp.4.el6_4.i686.rpm
x86_64:
java-1.6.0-sun-1.6.0.43-1jpp.4.el6_4.i686.rpm
java-1.6.0-sun-1.6.0.43-1jpp.4.el6_4.x86_64.rpm
java-1.6.0-sun-demo-1.6.0.43-1jpp.4.el6_4.x86_64.rpm
java-1.6.0-sun-devel-1.6.0.43-1jpp.4.el6_4.i686.rpm
java-1.6.0-sun-devel-1.6.0.43-1jpp.4.el6_4.x86_64.rpm
java-1.6.0-sun-jdbc-1.6.0.43-1jpp.4.el6_4.x86_64.rpm
java-1.6.0-sun-plugin-1.6.0.43-1jpp.4.el6_4.x86_64.rpm
java-1.6.0-sun-src-1.6.0.43-1jpp.4.el6_4.x86_64.rpm
Red Hat Enterprise Linux Workstation Supplementary (v. 6):
i386:
java-1.6.0-sun-1.6.0.43-1jpp.4.el6_4.i686.rpm
java-1.6.0-sun-demo-1.6.0.43-1jpp.4.el6_4.i686.rpm
java-1.6.0-sun-devel-1.6.0.43-1jpp.4.el6_4.i686.rpm
java-1.6.0-sun-jdbc-1.6.0.43-1jpp.4.el6_4.i686.rpm
java-1.6.0-sun-plugin-1.6.0.43-1jpp.4.el6_4.i686.rpm
java-1.6.0-sun-src-1.6.0.43-1jpp.4.el6_4.i686.rpm
x86_64:
java-1.6.0-sun-1.6.0.43-1jpp.4.el6_4.i686.rpm
java-1.6.0-sun-1.6.0.43-1jpp.4.el6_4.x86_64.rpm
java-1.6.0-sun-demo-1.6.0.43-1jpp.4.el6_4.x86_64.rpm
java-1.6.0-sun-devel-1.6.0.43-1jpp.4.el6_4.i686.rpm
java-1.6.0-sun-devel-1.6.0.43-1jpp.4.el6_4.x86_64.rpm
java-1.6.0-sun-jdbc-1.6.0.43-1jpp.4.el6_4.x86_64.rpm
java-1.6.0-sun-plugin-1.6.0.43-1jpp.4.el6_4.x86_64.rpm
java-1.6.0-sun-src-1.6.0.43-1jpp.4.el6_4.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/#package
6. References:
https://access.redhat.com/security/updates/classification/#low
http://www.ibm.com/developerworks/java/jdk/lifecycle/index.html
https://access.redhat.com/knowledge/solutions/314713
7. Contact:
The Red Hat security contact is <secalert@redhat.com>. More contact
details at https://access.redhat.com/security/team/contact/
Copyright 2013 Red Hat, Inc.
- -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.4 (GNU/Linux)
iD8DBQFRSd59XlSAg2UNWIIRAq8CAJ0XrgtmV8UgLvjJSsTJi/ZlhT9yqQCgoKDU
es9FDe+AoZlufJcpmMlthLw=
=D0KK
- -----END PGP SIGNATURE-----
- --------------------------END INCLUDED TEXT--------------------
You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.
NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members. As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.
NOTE: This is only the original release of the security bulletin. It may
not be updated when updates to the original are made. If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.
Contact information for the authors of the original document is included
in the Security Bulletin above. If you have any questions or need further
information, please contact them directly.
Previous advisories and external security bulletins can be retrieved from:
http://www.auscert.org.au/render.html?cid=1980
===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072
Internet Email: auscert@auscert.org.au
Facsimile: (07) 3365 7031
Telephone: (07) 3365 4417 (International: +61 7 3365 4417)
AusCERT personnel answer during Queensland business hours
which are GMT+10:00 (AEST).
On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967
iQIVAwUBUUp/ju4yVqjM2NGpAQJFQA//TNOkC4MS4BVH4qKj4Q2PEbRZa4vYuJvL
/rk/73ZmorVJh9jXJCmFI62hLCvh13owfJaew/KVekSg2qo9o1Xk67g9offfvR07
CXbeImMF/T8vjhkful1usBDpRiPvyEi48BLU8KWkSK4xPwz7YrNsCZpZCG++3ii/
Dsbp5i477G/AI4/PowAr7ssRksYdl7oR50oYh/1DpgvP9p7gWEbibZOppbx8LBPF
rkNwmcaksZmOn5zD5avtAf2zBbjSIOqHvwBqoaaHV2FSlcFBa4IIWM+kmkCjkkxF
0aOx+ZB/df9xzQdlV52u5w5lU6vJCrl9Ak5ciXoiNFv5JsxAGJ99F8RpwOAT5gAo
ztwQMLXilE4ILT4OKKWbgKEhqVF60RkECaOQ6/qBdCyTQ13AhkGtj0x6JeDFz9f+
/affHfPG0LNvkDKrAsoUiWqURVoDmQkaK9IHsEKYlkCEIDu/TN9ZGWytP6SZSa0k
z4MP0oN8bd4TP1fLOGZu+nqEIHkG7uI4yC4U3x3riNdehqAvAAgFc/oarqlZd/H2
k57+0BabOk5LSWFZJyN4eC/d9y9amNE1AlmbgfMVpBH55GEunXSOY0Xx1ytw/yRg
IeOskZeOXU0XLsWHtgqKmt1eiL2OpHx7CkUuz5orCC1WwzlplRyf4Duagdq1GH9P
b3wn5Auss5w=
=ctlf
-----END PGP SIGNATURE-----