JAVA update (does this apply to Linux)?

[rokytnji]

************************************************** *****

QUOTE
TITLE:
Sun Java JDK / JRE Multiple Vulnerabilities

SECUNIA ADVISORY ID:
SA31010

VERIFY ADVISORY:
Sun Java JDK / JRE Multiple Vulnerabilities - Advisories - Secunia

CRITICAL:
Highly critical

IMPACT:
Security Bypass, Exposure of system information, Exposure of
sensitive information, DoS, System access

WHERE:
>From remote

SOFTWARE:
Sun Java JRE 1.6.x / 6.x
Sun Java JRE 1.6.x / 6.x - Vulnerability Report - Secunia
Sun Java JDK 1.6.x
Sun Java JDK 1.6.x - Vulnerability Report - Secunia
Sun Java SDK 1.4.x
Sun Java SDK 1.4.x - Vulnerability Report - Secunia
Sun Java JRE 1.4.x
Sun Java JRE 1.4.x - Vulnerability Report - Secunia
Sun Java JRE 1.5.x / 5.x
Sun Java JRE 1.5.x / 5.x - Vulnerability Report - Secunia
Sun Java JRE 1.3.x
Sun Java JRE 1.3.x - Vulnerability Report - Secunia
Sun Java SDK 1.3.x
Sun Java SDK 1.3.x - Vulnerability Report - Secunia
Sun Java JDK 1.5.x
Sun Java JDK 1.5.x - Vulnerability Report - Secunia
Java Web Start 1.x
Java Web Start 1.x - Vulnerability Report - Secunia
Java Web Start 5.x
Java Web Start 5.x - Vulnerability Report - Secunia
Java Web Start 6.x
Java Web Start 6.x - Vulnerability Report - Secunia

DESCRIPTION:
Some vulnerabilities have been reported in Sun Java, which can be
exploited by malicious people to bypass certain security
restrictions, disclose system information or potentially sensitive
information, cause a DoS (Denial of Service), or compromise a
vulnerable system.

1) An error in the Java Runtime Environment Virtual Machine can be
exploited by a malicious, untrusted applet to read and write local
files and execute local applications.

2) An error in the Java Management Extensions (JMX) management agent
can be exploited by a JMX client to perform certain unauthorized
operations on a system running JMX with local monitoring enabled.

3) Two errors within the scripting language support in the Java
Runtime Environment can be exploited by malicious, untrusted applets
to access information from another applet, read and write local
files, and execute local applications.

4) Boundary errors in Java Web Start can be exploited by an untrusted
Java Web Start applications to cause buffer overflows.

5) Three errors in Java Web Start can be exploited by an untrusted
Java Web Start applications to create or delete arbitrary files with
the privileges of the user running the untrusted Java Web Start
application, or to determine the location of the Java Web Start
cache.

6) An error in the implementation of Secure Static Versioning allows
applets to run on an older release of JRE.

7) Errors in the Java Runtime Environment can be exploited by an
untrusted applet to bypass the same origin policy and establish
socket connections to certain services running on the local host.

An error in the Java Runtime Environment when processing certain
XML data can be exploited to allow unauthorized access to certain URL
resources or cause a DoS.

Successful exploitation requires the JAX-WS client or service in a
trusted application to process the malicious XML data.

9) An error in the Java Runtime Environment when processing certain
XML data can be exploited by an untrusted applet or application to
gain unauthorized access to certain URL resources.

10) A boundary error when processing fonts in the Java Runtime
Environment can be exploited to cause a buffer overflow.

Please see the vendor advisories for details on affected products and
versions.

SOLUTION:
Update to the fixed version.

JDK and JRE 6 Update 7:
Java SE Downloads

JDK and JRE 5.0 Update 16:
Java SE Downloads - Previous Release - JDK 5

SDK and JRE 1.4.2_18:
Download Java 2 Platform, Standard Edition, v 1.4.2 (J2SE)

SDK and JRE 1.3.1_23 (for customers with Solaris 8 and Vintage
Support Offering support contracts):
Java 2 SDK, Standard Edition, v 1.3.1_23 (J2SE)


--------------------