- Vulnerability/
- RHSA-2010:0770
RHSA-2010:0770: Critical: java-1.6.0-sun security update
First published: Thu Oct 14 2010(Updated: )
The Sun 1.6.0 Java release includes the Sun Java 6 Runtime Environment and<br>the Sun Java 6 Software Development Kit.<br>This update fixes several vulnerabilities in the Sun Java 6 Runtime<br>Environment and the Sun Java 6 Software Development Kit. Further<br>information about these flaws can be found on the "Oracle Java SE and Java<br>for Business Critical Patch Update Advisory" page, listed in the References<br>section. (CVE-2010-1321, CVE-2010-3541, CVE-2010-3548, CVE-2010-3549,<br>CVE-2010-3550, CVE-2010-3551, CVE-2010-3552, CVE-2010-3553, CVE-2010-3554,<br>CVE-2010-3555, CVE-2010-3556, CVE-2010-3557, CVE-2010-3558, CVE-2010-3559,<br>CVE-2010-3560, CVE-2010-3561, CVE-2010-3562, CVE-2010-3563, CVE-2010-3565,<br>CVE-2010-3566, CVE-2010-3567, CVE-2010-3568, CVE-2010-3569, CVE-2010-3570,<br>CVE-2010-3571, CVE-2010-3572, CVE-2010-3573, CVE-2010-3574)<br>The RHSA-2010:0337 update mitigated a man-in-the-middle attack in the way<br>the TLS/SSL (Transport Layer Security/Secure Sockets Layer) protocols<br>handle session renegotiation by disabling renegotiation. This update<br>implements the TLS Renegotiation Indication Extension as defined in RFC<br>5746, allowing secure renegotiation between updated clients and servers.<br>(CVE-2009-3555)<br>Users of java-1.6.0-sun should upgrade to these updated packages, which<br>correct these issues. All running instances of Sun Java must be restarted<br>for the update to take effect.<br>
| Affected Software | Affected Version | How to fix |
|---|
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=533125
- https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=582466
- https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=639876
- https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=639880
- https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=639897
- https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=639904
- https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=639909
- https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=639920
- https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=639922
- https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=639925
- https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=642167
- https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=642180
- https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=642187
- https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=642197
- https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=642202
- https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=642215
- https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=642558
- https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=642559
- https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=642561
- https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=642573
- https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=642576
- https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=642585
- https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=642589
- https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=642593
- https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=642600
- https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=642606
- https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=642611
- http://www.redhat.com/security/updates/classification/#critical
- http://www.oracle.com/technetwork/topics/security/javacpuoct2010-176258.html
- https://access.redhat.com/kb/docs/DOC-20491
- https://access.redhat.com/errata/RHSA-2010:0770 (Advisory)
- collector/redhat-errata
- source/Red Hat
- anchor-id/RHSA-2010:0770
- agent/description
- agent/event
- agent/first-publish-date
- agent/last-modified-date
- agent/references
- agent/remedy
- agent/severity
- agent/softwarecombine
- agent/tags
- agent/title
- agent/type