Test ID:	1.3.6.1.4.1.25623.1.0.123269
Category:	Oracle Linux Local Security Checks
Title:	Oracle: Security Advisory (ELSA-2014-1636)
Summary:	The remote host is missing an update for the 'java-1.8.0-openjdk' package(s) announced via the ELSA-2014-1636 advisory.
Description:	Summary: The remote host is missing an update for the 'java-1.8.0-openjdk' package(s) announced via the ELSA-2014-1636 advisory. Vulnerability Insight: [1:1.8.0.25-1.b17] - Update to October CPU patch update. - Resolves: RHBZ#1148896 [1:1.8.0.20-3.b26] - fixed headless (policytool moved to normal) - jre/bin/policytool added to not headless exclude list - updated aarch694 source - ppc64le synced from fedora - Resolves: rhbz#1081073 [1:1.8.0.20-2.b26] - forcing build by itself (jdk8 by jdk8) - Resolves: rhbz#1081073 [1:1.8.0.20-1.b26] - updated to u20-b26 - adapted patch9999 enableArm64.patch - adapted patch100 s390-java-opts.patch - adapted patch102 size_t.patch - removed upstreamed patch 0001-PPC64LE-arch-support-in-openjdk-1.8.patch - adapted system-lcms.patch - removed patch8 set-active-window.patch - removed patch9 javadoc-error-jdk-8029145.patch - removed patch10 javadoc-error-jdk-8037484.patch - removed patch99 applet-hole.patch - itw 1.5.1 is able to ive without it - Resolves: rhbz#1081073 [1:1.8.0.11-19.b12] - fixed desktop icons - Icon set to java-1.8.0 - Development removed from policy tool - Resolves: rhbz#1081073 [1:1.8.0.11-18.b12] - fixed jstack - Resolves: rhbz#1081073 [1:1.8.0.11-15.b12] - fixed provides/obsolates - Resolves: rhbz#1081073 [1:1.8.0.11-14.b12] - mayor rework of specfile - sync with f21 - accessibility kept removed - lua script kept unsync - priority and epoch kept on 0 - not included disable-doclint patch - kept bundled lcms - unused OrderWithRequires - used with-stdcpplib instead of with-stdc++lib - Resolves: rhbz#1081073 [1:1.8.0.11-4.b13] - Added security patches - Resolves: rhbz#1081073 [1:1.8.0.5-6.b13] - Removed accessibility package - removed patch3 java-atk-wrapper-security.patch - removed its files and declaration - removed creation of libatk-wrapper.so and java-atk-wrapper.jar symlinks - removed generation of accessibility.properties - Resolves: rhbz#1113078 [1:1.8.0.5-5.b13] - priority lowered to 00000 - Resolves: rhbz#1081073 [1:1.8.0.5-4.b13] - Initial import from fedora - Used bundled lcms2 - added java-1.8.0-openjdk-disable-system-lcms.patch - --with-lcms changed to bundled - removed build requirement - excluded removal of lcms from remove-intree-libraries.sh - removed --with-extra-cflags='-fno-devirtualize' and --with-extra-cxxflags='-fn o-devirtualize'--- - added patch998, rhel6-built.patch to - fool autotools - replace all ++ chars in autoconfig files by pp - --with-stdc++lib=dynamic replaced by --with-stdcpplib=dynamic - Bumped release - Set epoch to 0 - removed patch6, disable-doclint-by-default.patch - Resolves: rhbz#1081073 Affected Software/OS: 'java-1.8.0-openjdk' package(s) on Oracle Linux 6. Solution: Please install the updated package(s). CVSS Score: 9.3 CVSS Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2014-6457 BugTraq ID: 70538 http://www.securityfocus.com/bid/70538 Debian Security Information: DSA-3077 (Google Search) http://www.debian.org/security/2014/dsa-3077 Debian Security Information: DSA-3080 (Google Search) http://www.debian.org/security/2014/dsa-3080 http://security.gentoo.org/glsa/glsa-201502-12.xml HPdes Security Advisory: HPSBUX03218 http://marc.info/?l=bugtraq&m=141775382904016&w=2 HPdes Security Advisory: SSRT101770 RedHat Security Advisories: RHSA-2014:1620 http://rhn.redhat.com/errata/RHSA-2014-1620.html RedHat Security Advisories: RHSA-2014:1633 http://rhn.redhat.com/errata/RHSA-2014-1633.html RedHat Security Advisories: RHSA-2014:1634 http://rhn.redhat.com/errata/RHSA-2014-1634.html RedHat Security Advisories: RHSA-2014:1636 http://rhn.redhat.com/errata/RHSA-2014-1636.html RedHat Security Advisories: RHSA-2014:1657 http://rhn.redhat.com/errata/RHSA-2014-1657.html RedHat Security Advisories: RHSA-2014:1658 http://rhn.redhat.com/errata/RHSA-2014-1658.html RedHat Security Advisories: RHSA-2014:1876 http://rhn.redhat.com/errata/RHSA-2014-1876.html RedHat Security Advisories: RHSA-2014:1877 http://rhn.redhat.com/errata/RHSA-2014-1877.html RedHat Security Advisories: RHSA-2014:1880 http://rhn.redhat.com/errata/RHSA-2014-1880.html RedHat Security Advisories: RHSA-2014:1881 http://rhn.redhat.com/errata/RHSA-2014-1881.html RedHat Security Advisories: RHSA-2014:1882 http://rhn.redhat.com/errata/RHSA-2014-1882.html RedHat Security Advisories: RHSA-2015:0264 http://rhn.redhat.com/errata/RHSA-2015-0264.html http://secunia.com/advisories/60414 http://secunia.com/advisories/60416 http://secunia.com/advisories/60417 http://secunia.com/advisories/61018 http://secunia.com/advisories/61020 http://secunia.com/advisories/61143 http://secunia.com/advisories/61163 http://secunia.com/advisories/61164 http://secunia.com/advisories/61346 http://secunia.com/advisories/61609 http://secunia.com/advisories/61629 http://secunia.com/advisories/61631 http://secunia.com/advisories/61635 http://secunia.com/advisories/61928 SuSE Security Announcement: SUSE-SU-2014:1422 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2014-11/msg00013.html SuSE Security Announcement: SUSE-SU-2014:1526 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2014-11/msg00021.html SuSE Security Announcement: SUSE-SU-2014:1549 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2014-12/msg00002.html SuSE Security Announcement: SUSE-SU-2015:0344 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00026.html SuSE Security Announcement: SUSE-SU-2015:0345 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00027.html SuSE Security Announcement: SUSE-SU-2015:0376 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00033.html SuSE Security Announcement: SUSE-SU-2015:0392 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00036.html http://www.ubuntu.com/usn/USN-2386-1 http://www.ubuntu.com/usn/USN-2388-1 http://www.ubuntu.com/usn/USN-2388-2 Common Vulnerability Exposure (CVE) ID: CVE-2014-6468 BugTraq ID: 70488 http://www.securityfocus.com/bid/70488 Common Vulnerability Exposure (CVE) ID: CVE-2014-6502 BugTraq ID: 70533 http://www.securityfocus.com/bid/70533 Common Vulnerability Exposure (CVE) ID: CVE-2014-6504 BugTraq ID: 70564 http://www.securityfocus.com/bid/70564 Common Vulnerability Exposure (CVE) ID: CVE-2014-6506 BugTraq ID: 70556 http://www.securityfocus.com/bid/70556 Common Vulnerability Exposure (CVE) ID: CVE-2014-6511 BugTraq ID: 70548 http://www.securityfocus.com/bid/70548 Common Vulnerability Exposure (CVE) ID: CVE-2014-6512 BugTraq ID: 70567 http://www.securityfocus.com/bid/70567 Common Vulnerability Exposure (CVE) ID: CVE-2014-6517 BugTraq ID: 70552 http://www.securityfocus.com/bid/70552 Common Vulnerability Exposure (CVE) ID: CVE-2014-6519 BugTraq ID: 70570 http://www.securityfocus.com/bid/70570 Common Vulnerability Exposure (CVE) ID: CVE-2014-6531 BugTraq ID: 70572 http://www.securityfocus.com/bid/70572 Common Vulnerability Exposure (CVE) ID: CVE-2014-6558 BugTraq ID: 70544 http://www.securityfocus.com/bid/70544 Common Vulnerability Exposure (CVE) ID: CVE-2014-6562 BugTraq ID: 70523 http://www.securityfocus.com/bid/70523
Copyright	Copyright (C) 2015 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.