Moritz Muehlenhoff
2009-Nov-26 21:09 UTC
[Secure-testing-team] Bug#558173: Update 17 fixes several security issues
Package: sun-java6
Severity: grave
Tags: security
Update 17 fixes a lot of security issues:
[58]CVE-2009-3728 Directory traversal vulnerability in the
ICC_Profile.getInstance ...
[59]CVE-2009-3729 Unspecified vulnerability in the TrueType font parsing
functionality ...
[60]CVE-2009-3865 The launch method in the Deployment Toolkit plugin in Java
Runtime ...
[61]CVE-2009-3866 The Java Web Start Installer in Sun Java SE in JDK and JRE
6 before ...
[62]CVE-2009-3867 Stack-based buffer overflow in the HsbParser.getSoundBank
function in ...
[63]CVE-2009-3868 Sun Java SE in JDK and JRE 5.0 before Update 22, JDK and
JRE 6 before ...
[64]CVE-2009-3869 Stack-based buffer overflow in the setDiffICM function in
the Abstract ...
[65]CVE-2009-3871 Heap-based buffer overflow in the setBytePixels function in
the ...
[66]CVE-2009-3872 Unspecified vulnerability in the JPEG JFIF Decoder in Sun
Java SE in ...
[67]CVE-2009-3873 The JPEG Image Writer in Sun Java SE in JDK and JRE 5.0
before Update ...
[68]CVE-2009-3874 Integer overflow in the JPEGImageReader implementation in
the ImageI/O ...
[69]CVE-2009-3875 The MessageDigest.isEqual function in Java Runtime
Environment (JRE) ...
[70]CVE-2009-3876 Unspecified vulnerability in Sun Java SE in JDK and JRE 5.0
before ...
[71]CVE-2009-3879 Multiple unspecified vulnerabilities in the (1) X11 and (2)
...
[72]CVE-2009-3880 The Abstract Window Toolkit (AWT) in Java Runtime
Environment (JRE) in ...
[73]CVE-2009-3881 Sun Java SE 5.0 before Update 22 and 6 before Update 17,
and OpenJDK, ...
[74]CVE-2009-3882 Multiple unspecified vulnerabilities in the Swing
implementation in ...
[75]CVE-2009-3884 The TimeZone.getTimeZone method in Sun Java SE 5.0 before
Update 22 ...
[76]CVE-2009-3886 The Java Web Start implementation in Sun Java SE 6 before
Update 17 ...
Details can be found in the Debian Security Tracker.
Cheers,
Moritz
-- System Information:
Debian Release: squeeze/sid
APT prefers unstable
APT policy: (500, ''unstable'')
Architecture: i386 (i686)
Kernel: Linux 2.6.31-1-686 (SMP w/1 CPU core)
Locale: LANG=C, LC_CTYPE=de_DE.ISO-8859-15 at euro (charmap=ISO-8859-15)
Shell: /bin/sh linked to /bin/bash