RHSA-2013:0666 - Security Advisory

Topic

Updates to the java-1.6.0-sun packages that disable the Java Web Browser
Plug-in and Web Start included in these packages. As a result, customers
who rely on Java-based browser applets may need to re-configure their
browser to use one of the Java implementations listed in the Solution
section below.

Description

Oracle Java SE version 6 includes the Oracle Java Runtime Environment and
the Oracle Java Software Development Kit.

Oracle Java SE 6 will not receive updates after February 28, 2013. The
Oracle Java SE 6 packages on the Red Hat Enterprise Linux 5 and 6
Supplementary media and in Red Hat Network (RHN) channels will continue to
be available.

Red Hat will continue to provide these packages only as a courtesy to
customers. Red Hat will not provide updates to these packages after this
date.

Once customers update their system by installing the packages associated
with this advisory, the Oracle Java Web Plug-in will be disabled. As a
result, customers who rely on Java-based browser applets may need to
re-configure their browser to use one of the Java implementations listed
in the Solution section below.

All users of java-1.6.0-sun are advised to upgrade to these updated
packages.

Solution

Red Hat recommends that customers using Oracle Java SE 6 choose one of the
following alternative Java implementations:

• OpenJDK 6, which is available and supported in Red Hat Enterprise

Linux 5 and 6.

• IBM's Java SE 6, which is available on the Red Hat Enterprise Linux 5

and 6 Supplementary media and Supplementary RHN channels through
September 2017.

• OpenJDK 7, which is available and supported in Red Hat Enterprise

Linux 5 and 6.

• IBM's Java SE 7, which is available on the Red Hat Enterprise Linux 5

and 6 Supplementary media and Supplementary RHN channels.

• Oracle Java SE 7, which is available today on the Red Hat Enterprise

Linux 5 and 6 Supplementary media and Supplementary RHN channels.

Please refer to Red Hat Knowledge solution 314713 for information on how
to install and configure any of these Java implementations. This solution
also describes how customers who rely on Java-based browser applets can
re-configure their Java Web Plug-in.

Before applying this update, make sure all previously-released errata
relevant to your system have been applied.

This update is available via the Red Hat Network. Details on how to
use the Red Hat Network to apply this update are available at
https://access.redhat.com/knowledge/articles/11258

Affected Products

• Red Hat Enterprise Linux Server 6 x86_64
• Red Hat Enterprise Linux Server 6 i386
• Red Hat Enterprise Linux for x86_64 - Extended Update Support 6.4 x86_64
• Red Hat Enterprise Linux for x86_64 - Extended Update Support 6.4 i386
• Red Hat Enterprise Linux for x86_64 - Extended Update Support 5.9 x86_64
• Red Hat Enterprise Linux for x86_64 - Extended Update Support 5.9 i386
• Red Hat Enterprise Linux Workstation 6 x86_64
• Red Hat Enterprise Linux Workstation 6 i386
• Red Hat Enterprise Linux Desktop 6 x86_64
• Red Hat Enterprise Linux Desktop 6 i386
• Red Hat Enterprise Linux for Scientific Computing 6 x86_64
• Red Hat Enterprise Linux Server from RHUI 6 x86_64
• Red Hat Enterprise Linux Server from RHUI 6 i386
• Red Hat Enterprise Linux Server - AUS 6.4 x86_64
• Red Hat Enterprise Linux Server - AUS 5.9 x86_64
• Red Hat Enterprise Linux Server - AUS 5.9 i386
• Red Hat Enterprise Linux Server - Extended Update Support from RHUI 6.4 x86_64
• Red Hat Enterprise Linux Server - Extended Update Support from RHUI 6.4 i386
• Red Hat Enterprise Linux Server - Extended Update Support from RHUI 5.9 x86_64
• Red Hat Enterprise Linux Server - Extended Update Support from RHUI 5.9 i386

Fixes

CVEs

(none)

References

• https://access.redhat.com/security/updates/classification/#low
• http://www.ibm.com/developerworks/java/jdk/lifecycle/index.html
• https://access.redhat.com/knowledge/solutions/314713