OpenJDK 6 Vulnerabilities Fixed in Ubuntu 12.04 LTS

Ubuntu 11.10 and Ubuntu 10.04 LTS Linux distributions were also affected by this issue

By on March 6th, 2013 14:34 GMT

On March 6, Canonical published details about OpenJDK 6 vulnerabilities, in a security notice, for its Ubuntu 12.04 LTS, Ubuntu 11.10, and Ubuntu 10.04 LTS operating systems.

According to Canonical, OpenJDK could be made to crash or run programs as you login if it opened a specially crafted file.

For example, it was discovered that OpenJDK did not properly validate certain types of images. A remote attacker could exploit this to cause OpenJDK to crash.

Users can simply fix the security flaws by upgrading the operating systems to the icedtea-6-jre-cacao, icedtea-6-jre-jamvm, openjdk-6-jre, openjdk-6-jre-headless, openjdk-6-jre-zero, and openjdk-6-jre-lib specific to each distribution.

A normal system update, executed with the Update Manager, will implement all the necessary changes. After a standard system update, you need to restart any applications using OpenJDK, such as your browser.

Comments