Users of Red Hat Enterprise Linux Extras please be advised of a Critical java-1.4.2-ibm security update that has been identified.
To view this vulnerability, possible remedies, and others please check out the Security Advisories at Critical Watch (http://criticalwatch.com/support/security-advisories.aspx)
Amplify’d from www.criticalwatch.com
RHSA-2010:0786-01: [RHSA-2010:0786-01] Critical: java-1.4.2-ibm security update
Product: Red Hat Enterprise Linux Extras
Description:
The IBM 1.4.2 SR13-FP6 Java release includes the IBM Java 2 Runtime
Environment and the IBM Java 2 Software Development Kit.
This update fixes several vulnerabilities in the IBM Java 2 Runtime
Environment and the IBM Java 2 Software Development Kit. These
vulnerabilities are summarized on the IBM "Security alerts" page listed in
the References section.
The RHSA-2010:0155 update mitigated a man-in-the-middle attack in the way
the TLS/SSL (Transport Layer Security/Secure Sockets Layer) protocols
handle session renegotiation by disabling renegotiation. This update
implements the TLS Renegotiation Indication Extension as defined in RFC
5746, allowing secure renegotiation between updated clients and servers.
Read more at www.criticalwatch.com
See this Amp at http://amplify.com/u/drg1
No comments:
Post a Comment