Red Hat Enterprise Linux Extras: Critical java-1.4.2-ibm security update

Users of Red Hat Enterprise Linux Extras please be advised of a Critical java-1.4.2-ibm security update that has been identified.
To view this vulnerability, possible remedies, and others please check out the Security Advisories at Critical Watch (http://criticalwatch.com/support/security-advisories.aspx)

RHSA-2010:0786-01: [RHSA-2010:0786-01] Critical: java-1.4.2-ibm security update
Product: Red Hat Enterprise Linux Extras
Description:

The IBM 1.4.2 SR13-FP6 Java release includes the IBM Java 2 Runtime

Environment and the IBM Java 2 Software Development Kit.

This update fixes several vulnerabilities in the IBM Java 2 Runtime

Environment and the IBM Java 2 Software Development Kit. These

vulnerabilities are summarized on the IBM “Security alerts” page listed in

the References section.

The RHSA-2010:0155 update mitigated a man-in-the-middle attack in the way

the TLS/SSL (Transport Layer Security/Secure Sockets Layer) protocols

handle session renegotiation by disabling renegotiation. This update

implements the TLS Renegotiation Indication Extension as defined in RFC

5746, allowing secure renegotiation between updated clients and servers.





Read more at http://www.criticalwatch.com

 

Advertisements