Description: | The Oracle Java 7 release includes the Oracle Java 7 Runtime Environment and the Oracle Java 7 Software Development Kit.
This update fixes several vulnerabilities in the Oracle Java 7 Runtime Environment and the Oracle Java 7 Software Development Kit. Further information about these flaws can be found on the Oracle Java SE Security Alert page, listed in the References section. (CVE-2012-4681, CVE-2012-1682, CVE-2012-3136, CVE-2012-0547)
Red Hat is aware that a public exploit for CVE-2012-4681 is available that executes code without user interaction when a user visits a malicious web page using a browser with the Oracle Java 7 web browser plug-in enabled.
All users of java-1.7.0-oracle are advised to upgrade to these updated packages, which provide Oracle Java 7 Update 7 and resolve these issues. All running instances of Oracle Java must be restarted for the update to take effect.
|