6 C
London
Wednesday, November 22, 2017
Home Tags HTTP Proxy

Tag: HTTP Proxy

Researchers say Necurs malware has been updated with a module that adds SOCKS/HTTP proxy and DDOS capabilities to this malware.
An update for java-1.6.0-openjdk is now available for Red Hat Enterprise Linux5, Red Hat Enterprise Linux 6, and Red Hat Enterprise Linux 7.Red Hat Product Security has rated this update as having a security impact ofImportant.

A Common Vulnerability Scoring System (CVSS) base score, which givesa detailed severity rating, is available for each vulnerability from the CVElink(s) in the References section. The java-1.6.0-openjdk packages provide the OpenJDK 6 Java Runtime Environmentand the OpenJDK 6 Java Software Development Kit.Security Fix(es):* It was discovered that the Hotspot component of OpenJDK did not properly checkarguments of the System.arraycopy() function in certain cases.

An untrusted Javaapplication or applet could use this flaw to corrupt virtual machine's memoryand completely bypass Java sandbox restrictions. (CVE-2016-5582)* It was discovered that the Hotspot component of OpenJDK did not properly checkreceived Java Debug Wire Protocol (JDWP) packets.

An attacker could possibly usethis flaw to send debugging commands to a Java program running with debuggingenabled if they could make victim's browser send HTTP requests to the JDWP portof the debugged application. (CVE-2016-5573)* It was discovered that the Libraries component of OpenJDK did not restrict theset of algorithms used for Jar integrity verification.

This flaw could allow anattacker to modify content of the Jar file that used weak signing key or hashalgorithm. (CVE-2016-5542)Note: After this update, MD2 hash algorithm and RSA keys with less than 1024bits are no longer allowed to be used for Jar integrity verification by default.MD5 hash algorithm is expected to be disabled by default in the future updates.A newly introduced security property jdk.jar.disabledAlgorithms can be used tocontrol the set of disabled algorithms.* A flaw was found in the way the JMX component of OpenJDK handled classloaders.An untrusted Java application or applet could use this flaw to bypass certainJava sandbox restrictions. (CVE-2016-5554)* A flaw was found in the way the Networking component of OpenJDK handled HTTPproxy authentication.

A Java application could possibly expose HTTPS serverauthentication credentials via a plain text network connection to an HTTP proxyif proxy asked for authentication. (CVE-2016-5597)Note: After this update, Basic HTTP proxy authentication can no longer be usedwhen tunneling HTTPS connection through an HTTP proxy. Newly introduced systemproperties jdk.http.auth.proxying.disabledSchemes andjdk.http.auth.tunneling.disabledSchemes can be used to control whichauthentication schemes can be requested by an HTTP proxy when proxying HTTP andHTTPS connections respectively. Red Hat Enterprise Linux (v. 5 server) SRPMS: java-1.6.0-openjdk-1.6.0.41-1.13.13.1.el5_11.src.rpm     MD5: 62b8da09e0380dbf693d1fa5b0d89e99SHA-256: ff98f4755038905f34b6fc78fc26c5ac6af11b42b341822d138e8852cdff4a93   IA-32: java-1.6.0-openjdk-1.6.0.41-1.13.13.1.el5_11.i386.rpm     MD5: 15eda9126b5acaa82324eddf7d9e10b6SHA-256: cbce9713450abece01723411e82770ddb5c56eb57fd6ca130fa2a8360f717804 java-1.6.0-openjdk-debuginfo-1.6.0.41-1.13.13.1.el5_11.i386.rpm     MD5: 6934010f17f03bee857bb53ffb7e0e50SHA-256: 29d0bea089a74b928a1e0ada85b581d40524708c6f89e6a92017c75fe8be1d2d java-1.6.0-openjdk-demo-1.6.0.41-1.13.13.1.el5_11.i386.rpm     MD5: 709323256fc17a526b99d482411b0eb5SHA-256: 310aee115201ed002da01f85ebb874e0918bccef9689bf4b5031f6087853da2b java-1.6.0-openjdk-devel-1.6.0.41-1.13.13.1.el5_11.i386.rpm     MD5: ced0f2bb8978fef2a5c52cf4c129cf48SHA-256: a91d375cbcaf7dc67a5af4f89017ef4fa4059f0906af15fe2a7286db22a065ec java-1.6.0-openjdk-javadoc-1.6.0.41-1.13.13.1.el5_11.i386.rpm     MD5: abfb6cf49e3d540a8fecbc0329532f3aSHA-256: 02d6365ef87d32ecdbee341177a6c1777edbeb0adbd67043fc22400efa67a556 java-1.6.0-openjdk-src-1.6.0.41-1.13.13.1.el5_11.i386.rpm     MD5: 78f93e3cb8cb58bb34ce54d1b752cd5dSHA-256: c76656d8ade38f6326693a64f4f08b4e815e444de9468572c9b7e0e214624172   x86_64: java-1.6.0-openjdk-1.6.0.41-1.13.13.1.el5_11.x86_64.rpm     MD5: b7037d5268e6cc57e015427c3f8f471fSHA-256: 3ddf81b6384c4ba97c13a8a4ac62c607b56b78abff5299ab0abff15dd2ce5e7a java-1.6.0-openjdk-debuginfo-1.6.0.41-1.13.13.1.el5_11.x86_64.rpm     MD5: 79c27da140914b62d833c29d3acb549fSHA-256: 795e8e8fb2638cc3b4124d60bb0ecc73311d703b4e0b950b2481f4852fd18f7c java-1.6.0-openjdk-demo-1.6.0.41-1.13.13.1.el5_11.x86_64.rpm     MD5: a893795244cd5acbbc63770a75a791efSHA-256: 733d0b48b8b17deb92757e59bf1873b45e24b48f3b7333071e0676ba8177c257 java-1.6.0-openjdk-devel-1.6.0.41-1.13.13.1.el5_11.x86_64.rpm     MD5: f7f4ff5bf63db28da25940c550b0bc73SHA-256: ab3a4e7a020f45adb159a9ebda9d6a060053e2abb88eeb583fc4fd73822571ac java-1.6.0-openjdk-javadoc-1.6.0.41-1.13.13.1.el5_11.x86_64.rpm     MD5: c0dc09e999a9b7a4e0bdbd4c45b19cf2SHA-256: 4353fe6b065adebb44171001b668da9a4c4152536d0bb769b440b7527f3799f5 java-1.6.0-openjdk-src-1.6.0.41-1.13.13.1.el5_11.x86_64.rpm     MD5: 4194283d0f676fea5e5c2ad718592f15SHA-256: 5483c081a6056f7be73bff2bd1502fc047a93c6aa938dc0a22a4c1f4272230ce   Red Hat Enterprise Linux Desktop (v. 5 client) SRPMS: java-1.6.0-openjdk-1.6.0.41-1.13.13.1.el5_11.src.rpm     MD5: 62b8da09e0380dbf693d1fa5b0d89e99SHA-256: ff98f4755038905f34b6fc78fc26c5ac6af11b42b341822d138e8852cdff4a93   IA-32: java-1.6.0-openjdk-1.6.0.41-1.13.13.1.el5_11.i386.rpm     MD5: 15eda9126b5acaa82324eddf7d9e10b6SHA-256: cbce9713450abece01723411e82770ddb5c56eb57fd6ca130fa2a8360f717804 java-1.6.0-openjdk-debuginfo-1.6.0.41-1.13.13.1.el5_11.i386.rpm     MD5: 6934010f17f03bee857bb53ffb7e0e50SHA-256: 29d0bea089a74b928a1e0ada85b581d40524708c6f89e6a92017c75fe8be1d2d java-1.6.0-openjdk-demo-1.6.0.41-1.13.13.1.el5_11.i386.rpm     MD5: 709323256fc17a526b99d482411b0eb5SHA-256: 310aee115201ed002da01f85ebb874e0918bccef9689bf4b5031f6087853da2b java-1.6.0-openjdk-devel-1.6.0.41-1.13.13.1.el5_11.i386.rpm     MD5: ced0f2bb8978fef2a5c52cf4c129cf48SHA-256: a91d375cbcaf7dc67a5af4f89017ef4fa4059f0906af15fe2a7286db22a065ec java-1.6.0-openjdk-javadoc-1.6.0.41-1.13.13.1.el5_11.i386.rpm     MD5: abfb6cf49e3d540a8fecbc0329532f3aSHA-256: 02d6365ef87d32ecdbee341177a6c1777edbeb0adbd67043fc22400efa67a556 java-1.6.0-openjdk-src-1.6.0.41-1.13.13.1.el5_11.i386.rpm     MD5: 78f93e3cb8cb58bb34ce54d1b752cd5dSHA-256: c76656d8ade38f6326693a64f4f08b4e815e444de9468572c9b7e0e214624172   x86_64: java-1.6.0-openjdk-1.6.0.41-1.13.13.1.el5_11.x86_64.rpm     MD5: b7037d5268e6cc57e015427c3f8f471fSHA-256: 3ddf81b6384c4ba97c13a8a4ac62c607b56b78abff5299ab0abff15dd2ce5e7a java-1.6.0-openjdk-debuginfo-1.6.0.41-1.13.13.1.el5_11.x86_64.rpm     MD5: 79c27da140914b62d833c29d3acb549fSHA-256: 795e8e8fb2638cc3b4124d60bb0ecc73311d703b4e0b950b2481f4852fd18f7c java-1.6.0-openjdk-demo-1.6.0.41-1.13.13.1.el5_11.x86_64.rpm     MD5: a893795244cd5acbbc63770a75a791efSHA-256: 733d0b48b8b17deb92757e59bf1873b45e24b48f3b7333071e0676ba8177c257 java-1.6.0-openjdk-devel-1.6.0.41-1.13.13.1.el5_11.x86_64.rpm     MD5: f7f4ff5bf63db28da25940c550b0bc73SHA-256: ab3a4e7a020f45adb159a9ebda9d6a060053e2abb88eeb583fc4fd73822571ac java-1.6.0-openjdk-javadoc-1.6.0.41-1.13.13.1.el5_11.x86_64.rpm     MD5: c0dc09e999a9b7a4e0bdbd4c45b19cf2SHA-256: 4353fe6b065adebb44171001b668da9a4c4152536d0bb769b440b7527f3799f5 java-1.6.0-openjdk-src-1.6.0.41-1.13.13.1.el5_11.x86_64.rpm     MD5: 4194283d0f676fea5e5c2ad718592f15SHA-256: 5483c081a6056f7be73bff2bd1502fc047a93c6aa938dc0a22a4c1f4272230ce   Red Hat Enterprise Linux Desktop (v. 6) SRPMS: java-1.6.0-openjdk-1.6.0.41-1.13.13.1.el6_8.src.rpm     MD5: 41d0d17080a35fc8dd695acd0353517fSHA-256: f6cc610e3a388527667d6b38fd05c595816692b68391df374de0cd0527ed19e6   IA-32: java-1.6.0-openjdk-1.6.0.41-1.13.13.1.el6_8.i686.rpm     MD5: 148dd92c388bc30f7f4146d3fffdc762SHA-256: d0ded59db734b4b812259b239a5b420807910d361ef66f7921a1a54db6630bca java-1.6.0-openjdk-debuginfo-1.6.0.41-1.13.13.1.el6_8.i686.rpm     MD5: df4a83794169233a6985ab83fc1c658bSHA-256: a0ba65917c1f5027126a30a9e25e353d277af721e48fd5cd6da1f2e95ed71706 java-1.6.0-openjdk-demo-1.6.0.41-1.13.13.1.el6_8.i686.rpm     MD5: 3828a1f1590c0a42bb697099f0c50deaSHA-256: a584b6fbb85f207f13d4fcad972ad4e6c2ff157a3ad6afdb28f0de050c2430de java-1.6.0-openjdk-devel-1.6.0.41-1.13.13.1.el6_8.i686.rpm     MD5: 13aec09a400c8c607481fec57b2101c1SHA-256: afd56586bc7f554cb48e033fb652d497872ff68d3fd8e855047e67637adc01e5 java-1.6.0-openjdk-javadoc-1.6.0.41-1.13.13.1.el6_8.i686.rpm     MD5: 7860ca55e896ad5797627594fb832675SHA-256: 4bfab57b30a007033ff0aeb466a3612db0e86e345d833b412ceadba30dc8a959 java-1.6.0-openjdk-src-1.6.0.41-1.13.13.1.el6_8.i686.rpm     MD5: ac9a1e126b68e35fabda0def19971d6cSHA-256: 78a29079ddecff31f675062cf725b72dc1770754bd0f48221d0d2c5204bc67d0   x86_64: java-1.6.0-openjdk-1.6.0.41-1.13.13.1.el6_8.x86_64.rpm     MD5: b770890f63756adca744c93b10b74024SHA-256: 9e6192d96c036365fa9a36ad252e1ed5e032d9eadff11b682b3c528d2cc154df java-1.6.0-openjdk-debuginfo-1.6.0.41-1.13.13.1.el6_8.x86_64.rpm     MD5: d590c54a7c4bd068fc1672421cfbf834SHA-256: ace6e2bfdd386a9d802e422a09f044858c2bc93d5697e2570c93ffda0636300c java-1.6.0-openjdk-demo-1.6.0.41-1.13.13.1.el6_8.x86_64.rpm     MD5: 9fae0a467a584fac72e7a8cd1f035ce7SHA-256: 98776ca2310a1bcafed2d34f60130506b98674329da2d79753e6ee76a97af8c9 java-1.6.0-openjdk-devel-1.6.0.41-1.13.13.1.el6_8.x86_64.rpm     MD5: 214a2471cde0280d894fc9230401da97SHA-256: 9c0cc086ed1b8f666e5dbdc44a7f2bc6cbecc95d8ba5a0f7728da8234a6f1f85 java-1.6.0-openjdk-javadoc-1.6.0.41-1.13.13.1.el6_8.x86_64.rpm     MD5: 56bcd6516ea415a12414b86e0d641d35SHA-256: e243ee580e782f06ba761f42d3a786d211893d49f204d90262abfbf31fbc52c0 java-1.6.0-openjdk-src-1.6.0.41-1.13.13.1.el6_8.x86_64.rpm     MD5: 7839c88b5e7c11241adedae9ab0b7010SHA-256: 68ec16118724f19526903cde0140c58247dc955412e42fc6d9ace4af7b93df10   Red Hat Enterprise Linux Desktop (v. 7) SRPMS: java-1.6.0-openjdk-1.6.0.41-1.13.13.1.el7_3.src.rpm     MD5: 977f0de972ef6cee2fc31033498f1809SHA-256: e0ad4861f4323a0f0b60f171289daf79b27e64328d2a82b976d5393fce777a3a   x86_64: java-1.6.0-openjdk-1.6.0.41-1.13.13.1.el7_3.x86_64.rpm     MD5: f8bc12b78d49b68ec53755c3cdb5b25eSHA-256: 941663708bc285be58825e24584b4643907e3f52046016a3192a673ab2c949e9 java-1.6.0-openjdk-debuginfo-1.6.0.41-1.13.13.1.el7_3.x86_64.rpm     MD5: 8667d7a3b8cdd8d129904c16daf1a223SHA-256: acda3dbc68c3a5130bbd101b354f65ca4963a3e30e15fbe3cdbbf6213011cfd4 java-1.6.0-openjdk-demo-1.6.0.41-1.13.13.1.el7_3.x86_64.rpm     MD5: eb3118360b8d1fd3a36cd591ab246c64SHA-256: 3e622c7f365647c8e765a5fafa43f0d018f5fdfb738eadaa33ada103f3c36b79 java-1.6.0-openjdk-devel-1.6.0.41-1.13.13.1.el7_3.x86_64.rpm     MD5: 80b3e8839d006edd2c6c9a869e3defa4SHA-256: c64e1acfc669b74dc450603c04bfec50ad624632f0d9d6dfb95b45723e4c6cb6 java-1.6.0-openjdk-javadoc-1.6.0.41-1.13.13.1.el7_3.x86_64.rpm     MD5: 52ce2e0d69df5cecf6715552c9705c44SHA-256: f4c025ce84fd5d55f385de25775cc66999a75c5c8f1f8d886e80bd1e4a391845 java-1.6.0-openjdk-src-1.6.0.41-1.13.13.1.el7_3.x86_64.rpm     MD5: 843114e9509c450dea97fb0e62d5e6cfSHA-256: f5056591ec127fc0f1263b193cdefd88e7d84e9a69258b3fa36a98ff454e46cb   Red Hat Enterprise Linux HPC Node (v. 6) SRPMS: java-1.6.0-openjdk-1.6.0.41-1.13.13.1.el6_8.src.rpm     MD5: 41d0d17080a35fc8dd695acd0353517fSHA-256: f6cc610e3a388527667d6b38fd05c595816692b68391df374de0cd0527ed19e6   x86_64: java-1.6.0-openjdk-1.6.0.41-1.13.13.1.el6_8.x86_64.rpm     MD5: b770890f63756adca744c93b10b74024SHA-256: 9e6192d96c036365fa9a36ad252e1ed5e032d9eadff11b682b3c528d2cc154df java-1.6.0-openjdk-debuginfo-1.6.0.41-1.13.13.1.el6_8.x86_64.rpm     MD5: d590c54a7c4bd068fc1672421cfbf834SHA-256: ace6e2bfdd386a9d802e422a09f044858c2bc93d5697e2570c93ffda0636300c java-1.6.0-openjdk-demo-1.6.0.41-1.13.13.1.el6_8.x86_64.rpm     MD5: 9fae0a467a584fac72e7a8cd1f035ce7SHA-256: 98776ca2310a1bcafed2d34f60130506b98674329da2d79753e6ee76a97af8c9 java-1.6.0-openjdk-devel-1.6.0.41-1.13.13.1.el6_8.x86_64.rpm     MD5: 214a2471cde0280d894fc9230401da97SHA-256: 9c0cc086ed1b8f666e5dbdc44a7f2bc6cbecc95d8ba5a0f7728da8234a6f1f85 java-1.6.0-openjdk-javadoc-1.6.0.41-1.13.13.1.el6_8.x86_64.rpm     MD5: 56bcd6516ea415a12414b86e0d641d35SHA-256: e243ee580e782f06ba761f42d3a786d211893d49f204d90262abfbf31fbc52c0 java-1.6.0-openjdk-src-1.6.0.41-1.13.13.1.el6_8.x86_64.rpm     MD5: 7839c88b5e7c11241adedae9ab0b7010SHA-256: 68ec16118724f19526903cde0140c58247dc955412e42fc6d9ace4af7b93df10   Red Hat Enterprise Linux HPC Node (v. 7) SRPMS: java-1.6.0-openjdk-1.6.0.41-1.13.13.1.el7_3.src.rpm     MD5: 977f0de972ef6cee2fc31033498f1809SHA-256: e0ad4861f4323a0f0b60f171289daf79b27e64328d2a82b976d5393fce777a3a   x86_64: java-1.6.0-openjdk-1.6.0.41-1.13.13.1.el7_3.x86_64.rpm     MD5: f8bc12b78d49b68ec53755c3cdb5b25eSHA-256: 941663708bc285be58825e24584b4643907e3f52046016a3192a673ab2c949e9 java-1.6.0-openjdk-debuginfo-1.6.0.41-1.13.13.1.el7_3.x86_64.rpm     MD5: 8667d7a3b8cdd8d129904c16daf1a223SHA-256: acda3dbc68c3a5130bbd101b354f65ca4963a3e30e15fbe3cdbbf6213011cfd4 java-1.6.0-openjdk-demo-1.6.0.41-1.13.13.1.el7_3.x86_64.rpm     MD5: eb3118360b8d1fd3a36cd591ab246c64SHA-256: 3e622c7f365647c8e765a5fafa43f0d018f5fdfb738eadaa33ada103f3c36b79 java-1.6.0-openjdk-devel-1.6.0.41-1.13.13.1.el7_3.x86_64.rpm     MD5: 80b3e8839d006edd2c6c9a869e3defa4SHA-256: c64e1acfc669b74dc450603c04bfec50ad624632f0d9d6dfb95b45723e4c6cb6 java-1.6.0-openjdk-javadoc-1.6.0.41-1.13.13.1.el7_3.x86_64.rpm     MD5: 52ce2e0d69df5cecf6715552c9705c44SHA-256: f4c025ce84fd5d55f385de25775cc66999a75c5c8f1f8d886e80bd1e4a391845 java-1.6.0-openjdk-src-1.6.0.41-1.13.13.1.el7_3.x86_64.rpm     MD5: 843114e9509c450dea97fb0e62d5e6cfSHA-256: f5056591ec127fc0f1263b193cdefd88e7d84e9a69258b3fa36a98ff454e46cb   Red Hat Enterprise Linux Server (v. 6) SRPMS: java-1.6.0-openjdk-1.6.0.41-1.13.13.1.el6_8.src.rpm     MD5: 41d0d17080a35fc8dd695acd0353517fSHA-256: f6cc610e3a388527667d6b38fd05c595816692b68391df374de0cd0527ed19e6   IA-32: java-1.6.0-openjdk-1.6.0.41-1.13.13.1.el6_8.i686.rpm     MD5: 148dd92c388bc30f7f4146d3fffdc762SHA-256: d0ded59db734b4b812259b239a5b420807910d361ef66f7921a1a54db6630bca java-1.6.0-openjdk-debuginfo-1.6.0.41-1.13.13.1.el6_8.i686.rpm     MD5: df4a83794169233a6985ab83fc1c658bSHA-256: a0ba65917c1f5027126a30a9e25e353d277af721e48fd5cd6da1f2e95ed71706 java-1.6.0-openjdk-demo-1.6.0.41-1.13.13.1.el6_8.i686.rpm     MD5: 3828a1f1590c0a42bb697099f0c50deaSHA-256: a584b6fbb85f207f13d4fcad972ad4e6c2ff157a3ad6afdb28f0de050c2430de java-1.6.0-openjdk-devel-1.6.0.41-1.13.13.1.el6_8.i686.rpm     MD5: 13aec09a400c8c607481fec57b2101c1SHA-256: afd56586bc7f554cb48e033fb652d497872ff68d3fd8e855047e67637adc01e5 java-1.6.0-openjdk-javadoc-1.6.0.41-1.13.13.1.el6_8.i686.rpm     MD5: 7860ca55e896ad5797627594fb832675SHA-256: 4bfab57b30a007033ff0aeb466a3612db0e86e345d833b412ceadba30dc8a959 java-1.6.0-openjdk-src-1.6.0.41-1.13.13.1.el6_8.i686.rpm     MD5: ac9a1e126b68e35fabda0def19971d6cSHA-256: 78a29079ddecff31f675062cf725b72dc1770754bd0f48221d0d2c5204bc67d0   x86_64: java-1.6.0-openjdk-1.6.0.41-1.13.13.1.el6_8.x86_64.rpm     MD5: b770890f63756adca744c93b10b74024SHA-256: 9e6192d96c036365fa9a36ad252e1ed5e032d9eadff11b682b3c528d2cc154df java-1.6.0-openjdk-debuginfo-1.6.0.41-1.13.13.1.el6_8.x86_64.rpm     MD5: d590c54a7c4bd068fc1672421cfbf834SHA-256: ace6e2bfdd386a9d802e422a09f044858c2bc93d5697e2570c93ffda0636300c java-1.6.0-openjdk-demo-1.6.0.41-1.13.13.1.el6_8.x86_64.rpm     MD5: 9fae0a467a584fac72e7a8cd1f035ce7SHA-256: 98776ca2310a1bcafed2d34f60130506b98674329da2d79753e6ee76a97af8c9 java-1.6.0-openjdk-devel-1.6.0.41-1.13.13.1.el6_8.x86_64.rpm     MD5: 214a2471cde0280d894fc9230401da97SHA-256: 9c0cc086ed1b8f666e5dbdc44a7f2bc6cbecc95d8ba5a0f7728da8234a6f1f85 java-1.6.0-openjdk-javadoc-1.6.0.41-1.13.13.1.el6_8.x86_64.rpm     MD5: 56bcd6516ea415a12414b86e0d641d35SHA-256: e243ee580e782f06ba761f42d3a786d211893d49f204d90262abfbf31fbc52c0 java-1.6.0-openjdk-src-1.6.0.41-1.13.13.1.el6_8.x86_64.rpm     MD5: 7839c88b5e7c11241adedae9ab0b7010SHA-256: 68ec16118724f19526903cde0140c58247dc955412e42fc6d9ace4af7b93df10   Red Hat Enterprise Linux Server (v. 7) SRPMS: java-1.6.0-openjdk-1.6.0.41-1.13.13.1.el7_3.src.rpm     MD5: 977f0de972ef6cee2fc31033498f1809SHA-256: e0ad4861f4323a0f0b60f171289daf79b27e64328d2a82b976d5393fce777a3a   PPC: java-1.6.0-openjdk-1.6.0.41-1.13.13.1.el7_3.ppc64.rpm     MD5: c35195d0593a2e591ccb1572fdd940e4SHA-256: 845e7dcc75de51c4d1d030ae747e77d36273fb3ef97f337e2118c4be09d08be8 java-1.6.0-openjdk-debuginfo-1.6.0.41-1.13.13.1.el7_3.ppc64.rpm     MD5: a982de974e960c74552a60863ffb4360SHA-256: b5ea1aca60a978c250494ae551c1d956b0243d13eeefff21c7bf12962bc7998c java-1.6.0-openjdk-demo-1.6.0.41-1.13.13.1.el7_3.ppc64.rpm     MD5: beaee6c6c11d2a20e62cbdddf92d88c7SHA-256: 8e4a49042487d001f28b94ab59c1e7c25c3f477afccd58d8a17951e491d86da1 java-1.6.0-openjdk-devel-1.6.0.41-1.13.13.1.el7_3.ppc64.rpm     MD5: 396b1cfc3c5b17e321552a5abe9a54e4SHA-256: 9ac6c9481d76c7c5bbf1ab2cfb72e78ddadec244a2bdf689cf8f0a00bb36c108 java-1.6.0-openjdk-javadoc-1.6.0.41-1.13.13.1.el7_3.ppc64.rpm     MD5: 4936c495c76541dc0057b4799150be88SHA-256: 923a517df2b9b0b78e4262945bdce5d3400cecae8e2aef1dc2ffce03503c2d0f java-1.6.0-openjdk-src-1.6.0.41-1.13.13.1.el7_3.ppc64.rpm     MD5: e3fb0108bdfffa48e0725519787ad174SHA-256: 5e9c8d924dd37c0e86b3e4186d47aaa9dd7a2d7e0ee7a706cd3531f7f92cae2b   s390x: java-1.6.0-openjdk-1.6.0.41-1.13.13.1.el7_3.s390x.rpm     MD5: daca04d82b9840499a56dad46101abf9SHA-256: 6c3a75fc57cdcacb9167c64d47ff40af9e7bc6a07bf105ceeb3ec28466868bfc java-1.6.0-openjdk-debuginfo-1.6.0.41-1.13.13.1.el7_3.s390x.rpm     MD5: 0a13558f4cc5f44fc1038125343ca238SHA-256: 6b74bda56b96bffe3c321e1a251acd08d7277ca13446e9a8444d4fc1cc02479f java-1.6.0-openjdk-demo-1.6.0.41-1.13.13.1.el7_3.s390x.rpm     MD5: c7f58384a64bcd256979b53881003cf2SHA-256: 90af02f0fa8fb98da2b39980117618db8fe57b0eac3d125396c33ca60ece9956 java-1.6.0-openjdk-devel-1.6.0.41-1.13.13.1.el7_3.s390x.rpm     MD5: c3048e901c961709159a6a62ad9b955fSHA-256: 1085cc26bab49a0b7a8fe310b5bd20ba056ca11eb53ee90d9fa8c8ddb6499df7 java-1.6.0-openjdk-javadoc-1.6.0.41-1.13.13.1.el7_3.s390x.rpm     MD5: ededde72778d03d235767f7440f2efceSHA-256: 28414652ae5f469b4c2b458de06eae090fc7d723860cd0adf180ce89e2c0b68c java-1.6.0-openjdk-src-1.6.0.41-1.13.13.1.el7_3.s390x.rpm     MD5: 6ecf08322d052f58f463442af821b6b9SHA-256: 8184a37e3c824468ca19a551f1b1e68000041adfbe14631de6744d21507bfbd9   x86_64: java-1.6.0-openjdk-1.6.0.41-1.13.13.1.el7_3.x86_64.rpm     MD5: f8bc12b78d49b68ec53755c3cdb5b25eSHA-256: 941663708bc285be58825e24584b4643907e3f52046016a3192a673ab2c949e9 java-1.6.0-openjdk-debuginfo-1.6.0.41-1.13.13.1.el7_3.x86_64.rpm     MD5: 8667d7a3b8cdd8d129904c16daf1a223SHA-256: acda3dbc68c3a5130bbd101b354f65ca4963a3e30e15fbe3cdbbf6213011cfd4 java-1.6.0-openjdk-demo-1.6.0.41-1.13.13.1.el7_3.x86_64.rpm     MD5: eb3118360b8d1fd3a36cd591ab246c64SHA-256: 3e622c7f365647c8e765a5fafa43f0d018f5fdfb738eadaa33ada103f3c36b79 java-1.6.0-openjdk-devel-1.6.0.41-1.13.13.1.el7_3.x86_64.rpm     MD5: 80b3e8839d006edd2c6c9a869e3defa4SHA-256: c64e1acfc669b74dc450603c04bfec50ad624632f0d9d6dfb95b45723e4c6cb6 java-1.6.0-openjdk-javadoc-1.6.0.41-1.13.13.1.el7_3.x86_64.rpm     MD5: 52ce2e0d69df5cecf6715552c9705c44SHA-256: f4c025ce84fd5d55f385de25775cc66999a75c5c8f1f8d886e80bd1e4a391845 java-1.6.0-openjdk-src-1.6.0.41-1.13.13.1.el7_3.x86_64.rpm     MD5: 843114e9509c450dea97fb0e62d5e6cfSHA-256: f5056591ec127fc0f1263b193cdefd88e7d84e9a69258b3fa36a98ff454e46cb   Red Hat Enterprise Linux Server TUS (v. 7.3) SRPMS: java-1.6.0-openjdk-1.6.0.41-1.13.13.1.el7_3.src.rpm     MD5: 977f0de972ef6cee2fc31033498f1809SHA-256: e0ad4861f4323a0f0b60f171289daf79b27e64328d2a82b976d5393fce777a3a   x86_64: java-1.6.0-openjdk-1.6.0.41-1.13.13.1.el7_3.x86_64.rpm     MD5: f8bc12b78d49b68ec53755c3cdb5b25eSHA-256: 941663708bc285be58825e24584b4643907e3f52046016a3192a673ab2c949e9 java-1.6.0-openjdk-debuginfo-1.6.0.41-1.13.13.1.el7_3.x86_64.rpm     MD5: 8667d7a3b8cdd8d129904c16daf1a223SHA-256: acda3dbc68c3a5130bbd101b354f65ca4963a3e30e15fbe3cdbbf6213011cfd4 java-1.6.0-openjdk-demo-1.6.0.41-1.13.13.1.el7_3.x86_64.rpm     MD5: eb3118360b8d1fd3a36cd591ab246c64SHA-256: 3e622c7f365647c8e765a5fafa43f0d018f5fdfb738eadaa33ada103f3c36b79 java-1.6.0-openjdk-devel-1.6.0.41-1.13.13.1.el7_3.x86_64.rpm     MD5: 80b3e8839d006edd2c6c9a869e3defa4SHA-256: c64e1acfc669b74dc450603c04bfec50ad624632f0d9d6dfb95b45723e4c6cb6 java-1.6.0-openjdk-javadoc-1.6.0.41-1.13.13.1.el7_3.x86_64.rpm     MD5: 52ce2e0d69df5cecf6715552c9705c44SHA-256: f4c025ce84fd5d55f385de25775cc66999a75c5c8f1f8d886e80bd1e4a391845 java-1.6.0-openjdk-src-1.6.0.41-1.13.13.1.el7_3.x86_64.rpm     MD5: 843114e9509c450dea97fb0e62d5e6cfSHA-256: f5056591ec127fc0f1263b193cdefd88e7d84e9a69258b3fa36a98ff454e46cb   Red Hat Enterprise Linux Workstation (v. 6) SRPMS: java-1.6.0-openjdk-1.6.0.41-1.13.13.1.el6_8.src.rpm     MD5: 41d0d17080a35fc8dd695acd0353517fSHA-256: f6cc610e3a388527667d6b38fd05c595816692b68391df374de0cd0527ed19e6   IA-32: java-1.6.0-openjdk-1.6.0.41-1.13.13.1.el6_8.i686.rpm     MD5: 148dd92c388bc30f7f4146d3fffdc762SHA-256: d0ded59db734b4b812259b239a5b420807910d361ef66f7921a1a54db6630bca java-1.6.0-openjdk-debuginfo-1.6.0.41-1.13.13.1.el6_8.i686.rpm     MD5: df4a83794169233a6985ab83fc1c658bSHA-256: a0ba65917c1f5027126a30a9e25e353d277af721e48fd5cd6da1f2e95ed71706 java-1.6.0-openjdk-demo-1.6.0.41-1.13.13.1.el6_8.i686.rpm     MD5: 3828a1f1590c0a42bb697099f0c50deaSHA-256: a584b6fbb85f207f13d4fcad972ad4e6c2ff157a3ad6afdb28f0de050c2430de java-1.6.0-openjdk-devel-1.6.0.41-1.13.13.1.el6_8.i686.rpm     MD5: 13aec09a400c8c607481fec57b2101c1SHA-256: afd56586bc7f554cb48e033fb652d497872ff68d3fd8e855047e67637adc01e5 java-1.6.0-openjdk-javadoc-1.6.0.41-1.13.13.1.el6_8.i686.rpm     MD5: 7860ca55e896ad5797627594fb832675SHA-256: 4bfab57b30a007033ff0aeb466a3612db0e86e345d833b412ceadba30dc8a959 java-1.6.0-openjdk-src-1.6.0.41-1.13.13.1.el6_8.i686.rpm     MD5: ac9a1e126b68e35fabda0def19971d6cSHA-256: 78a29079ddecff31f675062cf725b72dc1770754bd0f48221d0d2c5204bc67d0   x86_64: java-1.6.0-openjdk-1.6.0.41-1.13.13.1.el6_8.x86_64.rpm     MD5: b770890f63756adca744c93b10b74024SHA-256: 9e6192d96c036365fa9a36ad252e1ed5e032d9eadff11b682b3c528d2cc154df java-1.6.0-openjdk-debuginfo-1.6.0.41-1.13.13.1.el6_8.x86_64.rpm     MD5: d590c54a7c4bd068fc1672421cfbf834SHA-256: ace6e2bfdd386a9d802e422a09f044858c2bc93d5697e2570c93ffda0636300c java-1.6.0-openjdk-demo-1.6.0.41-1.13.13.1.el6_8.x86_64.rpm     MD5: 9fae0a467a584fac72e7a8cd1f035ce7SHA-256: 98776ca2310a1bcafed2d34f60130506b98674329da2d79753e6ee76a97af8c9 java-1.6.0-openjdk-devel-1.6.0.41-1.13.13.1.el6_8.x86_64.rpm     MD5: 214a2471cde0280d894fc9230401da97SHA-256: 9c0cc086ed1b8f666e5dbdc44a7f2bc6cbecc95d8ba5a0f7728da8234a6f1f85 java-1.6.0-openjdk-javadoc-1.6.0.41-1.13.13.1.el6_8.x86_64.rpm     MD5: 56bcd6516ea415a12414b86e0d641d35SHA-256: e243ee580e782f06ba761f42d3a786d211893d49f204d90262abfbf31fbc52c0 java-1.6.0-openjdk-src-1.6.0.41-1.13.13.1.el6_8.x86_64.rpm     MD5: 7839c88b5e7c11241adedae9ab0b7010SHA-256: 68ec16118724f19526903cde0140c58247dc955412e42fc6d9ace4af7b93df10   Red Hat Enterprise Linux Workstation (v. 7) SRPMS: java-1.6.0-openjdk-1.6.0.41-1.13.13.1.el7_3.src.rpm     MD5: 977f0de972ef6cee2fc31033498f1809SHA-256: e0ad4861f4323a0f0b60f171289daf79b27e64328d2a82b976d5393fce777a3a   x86_64: java-1.6.0-openjdk-1.6.0.41-1.13.13.1.el7_3.x86_64.rpm     MD5: f8bc12b78d49b68ec53755c3cdb5b25eSHA-256: 941663708bc285be58825e24584b4643907e3f52046016a3192a673ab2c949e9 java-1.6.0-openjdk-debuginfo-1.6.0.41-1.13.13.1.el7_3.x86_64.rpm     MD5: 8667d7a3b8cdd8d129904c16daf1a223SHA-256: acda3dbc68c3a5130bbd101b354f65ca4963a3e30e15fbe3cdbbf6213011cfd4 java-1.6.0-openjdk-demo-1.6.0.41-1.13.13.1.el7_3.x86_64.rpm     MD5: eb3118360b8d1fd3a36cd591ab246c64SHA-256: 3e622c7f365647c8e765a5fafa43f0d018f5fdfb738eadaa33ada103f3c36b79 java-1.6.0-openjdk-devel-1.6.0.41-1.13.13.1.el7_3.x86_64.rpm     MD5: 80b3e8839d006edd2c6c9a869e3defa4SHA-256: c64e1acfc669b74dc450603c04bfec50ad624632f0d9d6dfb95b45723e4c6cb6 java-1.6.0-openjdk-javadoc-1.6.0.41-1.13.13.1.el7_3.x86_64.rpm     MD5: 52ce2e0d69df5cecf6715552c9705c44SHA-256: f4c025ce84fd5d55f385de25775cc66999a75c5c8f1f8d886e80bd1e4a391845 java-1.6.0-openjdk-src-1.6.0.41-1.13.13.1.el7_3.x86_64.rpm     MD5: 843114e9509c450dea97fb0e62d5e6cfSHA-256: f5056591ec127fc0f1263b193cdefd88e7d84e9a69258b3fa36a98ff454e46cb   (The unlinked packages above are only available from the Red Hat Network) These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from:
An update for java-1.7.0-openjdk is now available for Red Hat Enterprise Linux5, Red Hat Enterprise Linux 6, and Red Hat Enterprise Linux 7.Red Hat Product Security has rated this update as having a security impact ofImportant.

A Common Vulnerability Scoring System (CVSS) base score, which givesa detailed severity rating, is available for each vulnerability from the CVElink(s) in the References section. The java-1.7.0-openjdk packages provide the OpenJDK 7 Java Runtime Environmentand the OpenJDK 7 Java Software Development Kit.Security Fix(es):* It was discovered that the Hotspot component of OpenJDK did not properly checkarguments of the System.arraycopy() function in certain cases.

An untrusted Javaapplication or applet could use this flaw to corrupt virtual machine's memoryand completely bypass Java sandbox restrictions. (CVE-2016-5582)* It was discovered that the Hotspot component of OpenJDK did not properly checkreceived Java Debug Wire Protocol (JDWP) packets.

An attacker could possibly usethis flaw to send debugging commands to a Java program running with debuggingenabled if they could make victim's browser send HTTP requests to the JDWP portof the debugged application. (CVE-2016-5573)* It was discovered that the Libraries component of OpenJDK did not restrict theset of algorithms used for Jar integrity verification.

This flaw could allow anattacker to modify content of the Jar file that used weak signing key or hashalgorithm. (CVE-2016-5542)Note: After this update, MD2 hash algorithm and RSA keys with less than 1024bits are no longer allowed to be used for Jar integrity verification by default.MD5 hash algorithm is expected to be disabled by default in the future updates.A newly introduced security property jdk.jar.disabledAlgorithms can be used tocontrol the set of disabled algorithms.* A flaw was found in the way the JMX component of OpenJDK handled classloaders.An untrusted Java application or applet could use this flaw to bypass certainJava sandbox restrictions. (CVE-2016-5554)* A flaw was found in the way the Networking component of OpenJDK handled HTTPproxy authentication.

A Java application could possibly expose HTTPS serverauthentication credentials via a plain text network connection to an HTTP proxyif proxy asked for authentication. (CVE-2016-5597)Note: After this update, Basic HTTP proxy authentication can no longer be usedwhen tunneling HTTPS connection through an HTTP proxy. Newly introduced systemproperties jdk.http.auth.proxying.disabledSchemes andjdk.http.auth.tunneling.disabledSchemes can be used to control whichauthentication schemes can be requested by an HTTP proxy when proxying HTTP andHTTPS connections respectively. Red Hat Enterprise Linux (v. 5 server) SRPMS: java-1.7.0-openjdk-1.7.0.121-2.6.8.1.el5_11.src.rpm     MD5: 5e1108a3f737fdbfbec5021d596985c8SHA-256: 154073e34307bf8792a1bc672647c608cd90bc8dce034c588f775e4ac6e26dc2   IA-32: java-1.7.0-openjdk-1.7.0.121-2.6.8.1.el5_11.i386.rpm     MD5: 4048df5f4ced459f03f9d037d71b68f3SHA-256: 0b82c7278d70e0f6cbbee298b2a3733f2e2b7738ef48e63c28bbf56c71916f18 java-1.7.0-openjdk-debuginfo-1.7.0.121-2.6.8.1.el5_11.i386.rpm     MD5: 8dbe2886e20dd62033c3375e476c25caSHA-256: f820b53c4e56e67909b951ce296db5bba2e32c8a8bacc0fe380d5bf4b3ab50d1 java-1.7.0-openjdk-demo-1.7.0.121-2.6.8.1.el5_11.i386.rpm     MD5: 4a95f693b1f9f532dbf5bbecb16224efSHA-256: a7f52a7d19ac88b5af348fe6cc6793a5d94938661aebd234a3ea3a142998dd19 java-1.7.0-openjdk-devel-1.7.0.121-2.6.8.1.el5_11.i386.rpm     MD5: 3837e674a491325cb52d871c279795d8SHA-256: 2dd2737d4cb665b3d841144d37d3cac6a476a7e300e5cf4272634597e989001a java-1.7.0-openjdk-javadoc-1.7.0.121-2.6.8.1.el5_11.i386.rpm     MD5: 0ac7b318f5b9fe0a522e473be999fa60SHA-256: f19b0682e0584c3e38829739ca7841d97ec01d3728aad057440bb11426e8f591 java-1.7.0-openjdk-src-1.7.0.121-2.6.8.1.el5_11.i386.rpm     MD5: dc708169e2f0504219eaa66ea4c6a7d9SHA-256: 691588665d6a5a6db769a9df0f7e6fc25fd268343f18a869fe5ea3191fead3a0   x86_64: java-1.7.0-openjdk-1.7.0.121-2.6.8.1.el5_11.x86_64.rpm     MD5: 6ac323703461c146b778d183929f539bSHA-256: f678395669cf61867ef8d70c2511a3f1842d4828df909626953ee5521e6006bc java-1.7.0-openjdk-debuginfo-1.7.0.121-2.6.8.1.el5_11.x86_64.rpm     MD5: e0b686942890681f3bd856963fdb858cSHA-256: 82ba9c423386684859b69ea71fb7a7e31f39f8152b24e1642360a8b2cca6aaf4 java-1.7.0-openjdk-demo-1.7.0.121-2.6.8.1.el5_11.x86_64.rpm     MD5: 54d439db6309642b7a864a89a16af08eSHA-256: 84db6315f36243fb89c51fdfd7280f24c54cbc1b1c3e12b1b6a65349bfa93450 java-1.7.0-openjdk-devel-1.7.0.121-2.6.8.1.el5_11.x86_64.rpm     MD5: 59a8cc5b55ee3c4ed1e2bd41469cc335SHA-256: c9511d678f343d4378745a08165fd7a47962a0b45790220402cc58d80791d731 java-1.7.0-openjdk-javadoc-1.7.0.121-2.6.8.1.el5_11.x86_64.rpm     MD5: b4f84c926902d7edbd7b163a240d7d3eSHA-256: c955ba72d015de84c2155c12945fc92378ee11254325b144b248eb60554cc4b3 java-1.7.0-openjdk-src-1.7.0.121-2.6.8.1.el5_11.x86_64.rpm     MD5: c2b6ce74b572c4929252b2bf5a519055SHA-256: 59b274169f56dcb220a32b36cf3d74a793b568ef5ec61569453b45d85f997e5a   Red Hat Enterprise Linux Desktop (v. 5 client) SRPMS: java-1.7.0-openjdk-1.7.0.121-2.6.8.1.el5_11.src.rpm     MD5: 5e1108a3f737fdbfbec5021d596985c8SHA-256: 154073e34307bf8792a1bc672647c608cd90bc8dce034c588f775e4ac6e26dc2   IA-32: java-1.7.0-openjdk-1.7.0.121-2.6.8.1.el5_11.i386.rpm     MD5: 4048df5f4ced459f03f9d037d71b68f3SHA-256: 0b82c7278d70e0f6cbbee298b2a3733f2e2b7738ef48e63c28bbf56c71916f18 java-1.7.0-openjdk-debuginfo-1.7.0.121-2.6.8.1.el5_11.i386.rpm     MD5: 8dbe2886e20dd62033c3375e476c25caSHA-256: f820b53c4e56e67909b951ce296db5bba2e32c8a8bacc0fe380d5bf4b3ab50d1 java-1.7.0-openjdk-demo-1.7.0.121-2.6.8.1.el5_11.i386.rpm     MD5: 4a95f693b1f9f532dbf5bbecb16224efSHA-256: a7f52a7d19ac88b5af348fe6cc6793a5d94938661aebd234a3ea3a142998dd19 java-1.7.0-openjdk-devel-1.7.0.121-2.6.8.1.el5_11.i386.rpm     MD5: 3837e674a491325cb52d871c279795d8SHA-256: 2dd2737d4cb665b3d841144d37d3cac6a476a7e300e5cf4272634597e989001a java-1.7.0-openjdk-javadoc-1.7.0.121-2.6.8.1.el5_11.i386.rpm     MD5: 0ac7b318f5b9fe0a522e473be999fa60SHA-256: f19b0682e0584c3e38829739ca7841d97ec01d3728aad057440bb11426e8f591 java-1.7.0-openjdk-src-1.7.0.121-2.6.8.1.el5_11.i386.rpm     MD5: dc708169e2f0504219eaa66ea4c6a7d9SHA-256: 691588665d6a5a6db769a9df0f7e6fc25fd268343f18a869fe5ea3191fead3a0   x86_64: java-1.7.0-openjdk-1.7.0.121-2.6.8.1.el5_11.x86_64.rpm     MD5: 6ac323703461c146b778d183929f539bSHA-256: f678395669cf61867ef8d70c2511a3f1842d4828df909626953ee5521e6006bc java-1.7.0-openjdk-debuginfo-1.7.0.121-2.6.8.1.el5_11.x86_64.rpm     MD5: e0b686942890681f3bd856963fdb858cSHA-256: 82ba9c423386684859b69ea71fb7a7e31f39f8152b24e1642360a8b2cca6aaf4 java-1.7.0-openjdk-demo-1.7.0.121-2.6.8.1.el5_11.x86_64.rpm     MD5: 54d439db6309642b7a864a89a16af08eSHA-256: 84db6315f36243fb89c51fdfd7280f24c54cbc1b1c3e12b1b6a65349bfa93450 java-1.7.0-openjdk-devel-1.7.0.121-2.6.8.1.el5_11.x86_64.rpm     MD5: 59a8cc5b55ee3c4ed1e2bd41469cc335SHA-256: c9511d678f343d4378745a08165fd7a47962a0b45790220402cc58d80791d731 java-1.7.0-openjdk-javadoc-1.7.0.121-2.6.8.1.el5_11.x86_64.rpm     MD5: b4f84c926902d7edbd7b163a240d7d3eSHA-256: c955ba72d015de84c2155c12945fc92378ee11254325b144b248eb60554cc4b3 java-1.7.0-openjdk-src-1.7.0.121-2.6.8.1.el5_11.x86_64.rpm     MD5: c2b6ce74b572c4929252b2bf5a519055SHA-256: 59b274169f56dcb220a32b36cf3d74a793b568ef5ec61569453b45d85f997e5a   Red Hat Enterprise Linux Desktop (v. 6) SRPMS: java-1.7.0-openjdk-1.7.0.121-2.6.8.1.el6_8.src.rpm     MD5: d0fdbfd48fbf121596b6ef6a22ae9400SHA-256: 5f6d47f282025217fdda9bafa7f84bdac6cfb4ec8be55060dc145ba463850566   IA-32: java-1.7.0-openjdk-1.7.0.121-2.6.8.1.el6_8.i686.rpm     MD5: d58d79c046ede24636ab309df6df8ec4SHA-256: 74620c6a2d87b8491c84566679e110bf0e5c69ea24a502ccf4db315d2e1add9f java-1.7.0-openjdk-debuginfo-1.7.0.121-2.6.8.1.el6_8.i686.rpm     MD5: 6c6af9aa5877e3ce922de5c279b0b8c4SHA-256: 708dded09de8923d01380cda21d49cc0fbccb7bdfa918337a1686179e43df562 java-1.7.0-openjdk-demo-1.7.0.121-2.6.8.1.el6_8.i686.rpm     MD5: bd1be4307c70d981409584b04ab54adaSHA-256: 5d5b0be07677a59ca0ea0eb04607d67a7b103deba1f33d8c6b816e3383baaff2 java-1.7.0-openjdk-devel-1.7.0.121-2.6.8.1.el6_8.i686.rpm     MD5: e13c85a1c48c5ada10858d2d456aac5eSHA-256: 4cb449d2b8e3e2398b9ed26a6162d9f5a60ab182a675aae4f596f0f91b5a6c7c java-1.7.0-openjdk-javadoc-1.7.0.121-2.6.8.1.el6_8.noarch.rpm     MD5: 7ba635224ff44d380c8c14d7c10ed1c2SHA-256: b439d86f48a29b564f12d74bb37c43a61252d54707b0359f1a5963a0ec47ee70 java-1.7.0-openjdk-src-1.7.0.121-2.6.8.1.el6_8.i686.rpm     MD5: ac98dd553f94db98d03b554979e862c3SHA-256: 1ae19c58d5ab37e0811cff91046428dc123d244ce84a69a51d1b44317f71d952   x86_64: java-1.7.0-openjdk-1.7.0.121-2.6.8.1.el6_8.x86_64.rpm     MD5: 694f7bd0503e44f34f0bce6bd7198f78SHA-256: c250ef96deff445120f9c22fcae38bb0db523a97c497eba342292bee40e12397 java-1.7.0-openjdk-debuginfo-1.7.0.121-2.6.8.1.el6_8.x86_64.rpm     MD5: 2281af1a401449e1d75945ebc89ca956SHA-256: da111fc164feaacd41757c5ebaeed2e1ff074c06746f0f1018d2d4eafff781d6 java-1.7.0-openjdk-demo-1.7.0.121-2.6.8.1.el6_8.x86_64.rpm     MD5: c24e6d69bc037ce64a9e531a4c2848aeSHA-256: 4b4b5cb015c9e4500ec51e8cdfd640afee44e630ed033f376639647e107ff660 java-1.7.0-openjdk-devel-1.7.0.121-2.6.8.1.el6_8.x86_64.rpm     MD5: 0ea4af218a1817ca920617a8aa9ed9d3SHA-256: 599b6234281fb58c1fcd6c06f9ec0410387bbe06d2d23d5fc35e389b066a2615 java-1.7.0-openjdk-javadoc-1.7.0.121-2.6.8.1.el6_8.noarch.rpm     MD5: 7ba635224ff44d380c8c14d7c10ed1c2SHA-256: b439d86f48a29b564f12d74bb37c43a61252d54707b0359f1a5963a0ec47ee70 java-1.7.0-openjdk-src-1.7.0.121-2.6.8.1.el6_8.x86_64.rpm     MD5: 41e994dd3409d753cad6b876357e7433SHA-256: cf8c709a96b1197ef8c0c93f16e9ee11ae431fc8e7cb8203094256c3cb2588ff   Red Hat Enterprise Linux Desktop (v. 7) SRPMS: java-1.7.0-openjdk-1.7.0.121-2.6.8.0.el7_3.src.rpm     MD5: 7736ff7259e7da6f81bdccbe49cdcf0fSHA-256: b475f8306b260436450097c6f8b6a6511527ac6e3e9f5bc4c9a9dcbf89991e04   x86_64: java-1.7.0-openjdk-1.7.0.121-2.6.8.0.el7_3.x86_64.rpm     MD5: f10e02124f8226950317c2cea13621ceSHA-256: ca90a1f1694843777e16c9d540eab63061b95f3aca080ffedda7e4b51b6bd760 java-1.7.0-openjdk-accessibility-1.7.0.121-2.6.8.0.el7_3.x86_64.rpm     MD5: 431292bd8d1632d3162657852b637450SHA-256: 464a8c9a70c208335cc40abdb37562f5e0ab590d04a487176d574064b483260a java-1.7.0-openjdk-debuginfo-1.7.0.121-2.6.8.0.el7_3.x86_64.rpm     MD5: 9db43c9923a49970c506d3ddaf3a2ebdSHA-256: 0fd57dd1e08fbf374acc455dc73eebd9c5d6cdb6cb094caba5e2636e932b3358 java-1.7.0-openjdk-demo-1.7.0.121-2.6.8.0.el7_3.x86_64.rpm     MD5: 78dcde4c97d65feec57137871a0f34c2SHA-256: 3c8dc12d68406fa012e5c3b65f06784b9a4a7411048149421d6093f6162aedbe java-1.7.0-openjdk-devel-1.7.0.121-2.6.8.0.el7_3.x86_64.rpm     MD5: 75c60c9aaba5d8d3489c43dbab52558cSHA-256: cae2f47ad8e3f9c6fa7be68931b2d81bfe8190b4dbc99c020258acb0da7231bd java-1.7.0-openjdk-headless-1.7.0.121-2.6.8.0.el7_3.x86_64.rpm     MD5: 2274dbb2721c5ab836d2be6f09abc28bSHA-256: 17da10c8913ee9bedbcc230e852f150eb1069120bfa82d4e730a06e1a1f235b4 java-1.7.0-openjdk-javadoc-1.7.0.121-2.6.8.0.el7_3.noarch.rpm     MD5: fb0357196450bf2dd212c3b5844cbb8bSHA-256: 627236db6d1158a1775817331733e677b10b93358a669bcbfed3410595e8a199 java-1.7.0-openjdk-src-1.7.0.121-2.6.8.0.el7_3.x86_64.rpm     MD5: d9e5610983e2f7beba9c4ad279ce7bb0SHA-256: 80c3107f9ceb64a2666b9c61da3c65ae954a6f3ecbeeb1ba3498ae95ed9f19e6   Red Hat Enterprise Linux HPC Node (v. 6) SRPMS: java-1.7.0-openjdk-1.7.0.121-2.6.8.1.el6_8.src.rpm     MD5: d0fdbfd48fbf121596b6ef6a22ae9400SHA-256: 5f6d47f282025217fdda9bafa7f84bdac6cfb4ec8be55060dc145ba463850566   x86_64: java-1.7.0-openjdk-1.7.0.121-2.6.8.1.el6_8.x86_64.rpm     MD5: 694f7bd0503e44f34f0bce6bd7198f78SHA-256: c250ef96deff445120f9c22fcae38bb0db523a97c497eba342292bee40e12397 java-1.7.0-openjdk-debuginfo-1.7.0.121-2.6.8.1.el6_8.x86_64.rpm     MD5: 2281af1a401449e1d75945ebc89ca956SHA-256: da111fc164feaacd41757c5ebaeed2e1ff074c06746f0f1018d2d4eafff781d6 java-1.7.0-openjdk-demo-1.7.0.121-2.6.8.1.el6_8.x86_64.rpm     MD5: c24e6d69bc037ce64a9e531a4c2848aeSHA-256: 4b4b5cb015c9e4500ec51e8cdfd640afee44e630ed033f376639647e107ff660 java-1.7.0-openjdk-devel-1.7.0.121-2.6.8.1.el6_8.x86_64.rpm     MD5: 0ea4af218a1817ca920617a8aa9ed9d3SHA-256: 599b6234281fb58c1fcd6c06f9ec0410387bbe06d2d23d5fc35e389b066a2615 java-1.7.0-openjdk-javadoc-1.7.0.121-2.6.8.1.el6_8.noarch.rpm     MD5: 7ba635224ff44d380c8c14d7c10ed1c2SHA-256: b439d86f48a29b564f12d74bb37c43a61252d54707b0359f1a5963a0ec47ee70 java-1.7.0-openjdk-src-1.7.0.121-2.6.8.1.el6_8.x86_64.rpm     MD5: 41e994dd3409d753cad6b876357e7433SHA-256: cf8c709a96b1197ef8c0c93f16e9ee11ae431fc8e7cb8203094256c3cb2588ff   Red Hat Enterprise Linux HPC Node (v. 7) SRPMS: java-1.7.0-openjdk-1.7.0.121-2.6.8.0.el7_3.src.rpm     MD5: 7736ff7259e7da6f81bdccbe49cdcf0fSHA-256: b475f8306b260436450097c6f8b6a6511527ac6e3e9f5bc4c9a9dcbf89991e04   x86_64: java-1.7.0-openjdk-1.7.0.121-2.6.8.0.el7_3.x86_64.rpm     MD5: f10e02124f8226950317c2cea13621ceSHA-256: ca90a1f1694843777e16c9d540eab63061b95f3aca080ffedda7e4b51b6bd760 java-1.7.0-openjdk-accessibility-1.7.0.121-2.6.8.0.el7_3.x86_64.rpm     MD5: 431292bd8d1632d3162657852b637450SHA-256: 464a8c9a70c208335cc40abdb37562f5e0ab590d04a487176d574064b483260a java-1.7.0-openjdk-debuginfo-1.7.0.121-2.6.8.0.el7_3.x86_64.rpm     MD5: 9db43c9923a49970c506d3ddaf3a2ebdSHA-256: 0fd57dd1e08fbf374acc455dc73eebd9c5d6cdb6cb094caba5e2636e932b3358 java-1.7.0-openjdk-demo-1.7.0.121-2.6.8.0.el7_3.x86_64.rpm     MD5: 78dcde4c97d65feec57137871a0f34c2SHA-256: 3c8dc12d68406fa012e5c3b65f06784b9a4a7411048149421d6093f6162aedbe java-1.7.0-openjdk-devel-1.7.0.121-2.6.8.0.el7_3.x86_64.rpm     MD5: 75c60c9aaba5d8d3489c43dbab52558cSHA-256: cae2f47ad8e3f9c6fa7be68931b2d81bfe8190b4dbc99c020258acb0da7231bd java-1.7.0-openjdk-headless-1.7.0.121-2.6.8.0.el7_3.x86_64.rpm     MD5: 2274dbb2721c5ab836d2be6f09abc28bSHA-256: 17da10c8913ee9bedbcc230e852f150eb1069120bfa82d4e730a06e1a1f235b4 java-1.7.0-openjdk-javadoc-1.7.0.121-2.6.8.0.el7_3.noarch.rpm     MD5: fb0357196450bf2dd212c3b5844cbb8bSHA-256: 627236db6d1158a1775817331733e677b10b93358a669bcbfed3410595e8a199 java-1.7.0-openjdk-src-1.7.0.121-2.6.8.0.el7_3.x86_64.rpm     MD5: d9e5610983e2f7beba9c4ad279ce7bb0SHA-256: 80c3107f9ceb64a2666b9c61da3c65ae954a6f3ecbeeb1ba3498ae95ed9f19e6   Red Hat Enterprise Linux Server (v. 6) SRPMS: java-1.7.0-openjdk-1.7.0.121-2.6.8.1.el6_8.src.rpm     MD5: d0fdbfd48fbf121596b6ef6a22ae9400SHA-256: 5f6d47f282025217fdda9bafa7f84bdac6cfb4ec8be55060dc145ba463850566   IA-32: java-1.7.0-openjdk-1.7.0.121-2.6.8.1.el6_8.i686.rpm     MD5: d58d79c046ede24636ab309df6df8ec4SHA-256: 74620c6a2d87b8491c84566679e110bf0e5c69ea24a502ccf4db315d2e1add9f java-1.7.0-openjdk-debuginfo-1.7.0.121-2.6.8.1.el6_8.i686.rpm     MD5: 6c6af9aa5877e3ce922de5c279b0b8c4SHA-256: 708dded09de8923d01380cda21d49cc0fbccb7bdfa918337a1686179e43df562 java-1.7.0-openjdk-demo-1.7.0.121-2.6.8.1.el6_8.i686.rpm     MD5: bd1be4307c70d981409584b04ab54adaSHA-256: 5d5b0be07677a59ca0ea0eb04607d67a7b103deba1f33d8c6b816e3383baaff2 java-1.7.0-openjdk-devel-1.7.0.121-2.6.8.1.el6_8.i686.rpm     MD5: e13c85a1c48c5ada10858d2d456aac5eSHA-256: 4cb449d2b8e3e2398b9ed26a6162d9f5a60ab182a675aae4f596f0f91b5a6c7c java-1.7.0-openjdk-javadoc-1.7.0.121-2.6.8.1.el6_8.noarch.rpm     MD5: 7ba635224ff44d380c8c14d7c10ed1c2SHA-256: b439d86f48a29b564f12d74bb37c43a61252d54707b0359f1a5963a0ec47ee70 java-1.7.0-openjdk-src-1.7.0.121-2.6.8.1.el6_8.i686.rpm     MD5: ac98dd553f94db98d03b554979e862c3SHA-256: 1ae19c58d5ab37e0811cff91046428dc123d244ce84a69a51d1b44317f71d952   x86_64: java-1.7.0-openjdk-1.7.0.121-2.6.8.1.el6_8.x86_64.rpm     MD5: 694f7bd0503e44f34f0bce6bd7198f78SHA-256: c250ef96deff445120f9c22fcae38bb0db523a97c497eba342292bee40e12397 java-1.7.0-openjdk-debuginfo-1.7.0.121-2.6.8.1.el6_8.x86_64.rpm     MD5: 2281af1a401449e1d75945ebc89ca956SHA-256: da111fc164feaacd41757c5ebaeed2e1ff074c06746f0f1018d2d4eafff781d6 java-1.7.0-openjdk-demo-1.7.0.121-2.6.8.1.el6_8.x86_64.rpm     MD5: c24e6d69bc037ce64a9e531a4c2848aeSHA-256: 4b4b5cb015c9e4500ec51e8cdfd640afee44e630ed033f376639647e107ff660 java-1.7.0-openjdk-devel-1.7.0.121-2.6.8.1.el6_8.x86_64.rpm     MD5: 0ea4af218a1817ca920617a8aa9ed9d3SHA-256: 599b6234281fb58c1fcd6c06f9ec0410387bbe06d2d23d5fc35e389b066a2615 java-1.7.0-openjdk-javadoc-1.7.0.121-2.6.8.1.el6_8.noarch.rpm     MD5: 7ba635224ff44d380c8c14d7c10ed1c2SHA-256: b439d86f48a29b564f12d74bb37c43a61252d54707b0359f1a5963a0ec47ee70 java-1.7.0-openjdk-src-1.7.0.121-2.6.8.1.el6_8.x86_64.rpm     MD5: 41e994dd3409d753cad6b876357e7433SHA-256: cf8c709a96b1197ef8c0c93f16e9ee11ae431fc8e7cb8203094256c3cb2588ff   Red Hat Enterprise Linux Server (v. 7) SRPMS: java-1.7.0-openjdk-1.7.0.121-2.6.8.0.el7_3.src.rpm     MD5: 7736ff7259e7da6f81bdccbe49cdcf0fSHA-256: b475f8306b260436450097c6f8b6a6511527ac6e3e9f5bc4c9a9dcbf89991e04   PPC: java-1.7.0-openjdk-1.7.0.121-2.6.8.0.el7_3.ppc64.rpm     MD5: d86a637c3da1ba42c62d3c9e0f15117cSHA-256: 70c436fbce1dca62e89e8be60717918386b15eb9247c2d6070b6c89e2e617388 java-1.7.0-openjdk-accessibility-1.7.0.121-2.6.8.0.el7_3.ppc64.rpm     MD5: 352420ef0ba214c358cf63e032104668SHA-256: 035e28eb288e6aff5cd9de5e0d896267673915df3e8c2280e084f38517588566 java-1.7.0-openjdk-debuginfo-1.7.0.121-2.6.8.0.el7_3.ppc64.rpm     MD5: cb9b9f8ba9d7f3373959f00907abcdf1SHA-256: 918748ecdb4ea261401a5fbf4bc0d3b4eecf2bc108aeda389d31e09652dc91b5 java-1.7.0-openjdk-demo-1.7.0.121-2.6.8.0.el7_3.ppc64.rpm     MD5: 2059ff8b8ad462870b32e13459cf111cSHA-256: cf982327d07e88a5d4abfc530d08824966c2392f0cebaa2dde6eae47bc7540b2 java-1.7.0-openjdk-devel-1.7.0.121-2.6.8.0.el7_3.ppc64.rpm     MD5: 0cf15e95bbab57d363a2582fde0c14e6SHA-256: 6c54cc99ee7edb930a65309d2cd9b8480072f50a788d3cf62373f061d0f3c140 java-1.7.0-openjdk-headless-1.7.0.121-2.6.8.0.el7_3.ppc64.rpm     MD5: 3bdc8d714dc22d8b095fd08a885489edSHA-256: f4fbb528aa86ac0f6f02c3123c9a3b049894616a29b3bd0312c50fb32b963da5 java-1.7.0-openjdk-javadoc-1.7.0.121-2.6.8.0.el7_3.noarch.rpm     MD5: fb0357196450bf2dd212c3b5844cbb8bSHA-256: 627236db6d1158a1775817331733e677b10b93358a669bcbfed3410595e8a199 java-1.7.0-openjdk-src-1.7.0.121-2.6.8.0.el7_3.ppc64.rpm     MD5: 05f297229b39caffc9a55d180ef0039fSHA-256: 9331ebbb0c484e56dae890470a61bc3d0da7ce5d061775fd78c6bb3bea1e136c   PPC64LE: java-1.7.0-openjdk-1.7.0.121-2.6.8.0.el7_3.ppc64le.rpm     MD5: 7b260f4dac8c3a5713591f6b4ee386afSHA-256: d368e17a7dea53e7a21f4c720902829336505a74a957f6ff1236bd45b0dab0fd java-1.7.0-openjdk-accessibility-1.7.0.121-2.6.8.0.el7_3.ppc64le.rpm     MD5: 4bd1c8d3b45654eb571eeb881b9708faSHA-256: 634dae2c24ea848f723e59ebb16eea84b416362f5f236e7f0b13c4413817e798 java-1.7.0-openjdk-debuginfo-1.7.0.121-2.6.8.0.el7_3.ppc64le.rpm     MD5: 5695b25154e85b2e3af2b96ab38ac177SHA-256: a704b59153d3f4c0f6d7cddccac74ae5c36dd747c54997793480d4a0a6f3951f java-1.7.0-openjdk-demo-1.7.0.121-2.6.8.0.el7_3.ppc64le.rpm     MD5: 6a1d338755015e1dde7661735b7d343eSHA-256: b2da8895336199328434b404a642f4009023feebfd55d06f2fe3f66e19d951a7 java-1.7.0-openjdk-devel-1.7.0.121-2.6.8.0.el7_3.ppc64le.rpm     MD5: f3f562519c473e180a74f05fd2d46b47SHA-256: b1aca2779fe093cbbd5df5186cfeb630861c00bda9ee75515100d556ef19ec43 java-1.7.0-openjdk-headless-1.7.0.121-2.6.8.0.el7_3.ppc64le.rpm     MD5: 1ad8fd33a63452537068464fc50d613aSHA-256: bf03fa586676332181053904e9cc3da86a49c72152cf0cdcfe7932a8c3aa61e1 java-1.7.0-openjdk-javadoc-1.7.0.121-2.6.8.0.el7_3.noarch.rpm     MD5: fb0357196450bf2dd212c3b5844cbb8bSHA-256: 627236db6d1158a1775817331733e677b10b93358a669bcbfed3410595e8a199 java-1.7.0-openjdk-src-1.7.0.121-2.6.8.0.el7_3.ppc64le.rpm     MD5: 49c37645d7aafbfd8239f9efc2b82aa5SHA-256: 86bd23b3102dd44ac2f37c7e6e1c41748b855a913fdaace96c0f338cff591f3c   s390x: java-1.7.0-openjdk-1.7.0.121-2.6.8.0.el7_3.s390x.rpm     MD5: 8180fe7e01e58f3c8d2515b3d9d981a3SHA-256: 09e3a59591fd31bd51f3007ae76830eadb88fbba045dd7631381f536b8492410 java-1.7.0-openjdk-accessibility-1.7.0.121-2.6.8.0.el7_3.s390x.rpm     MD5: 3b7f73a415e373c42b433e4811882d74SHA-256: ab596d029932586bd9aec93ab8dbb323146e99ca68188fbe69a1b27235f63755 java-1.7.0-openjdk-debuginfo-1.7.0.121-2.6.8.0.el7_3.s390x.rpm     MD5: 0d99bb0e65e04fde28cf77f83c0ccc55SHA-256: 78af91778f3236f42205204566b3edd7d2292a647dfcdd2036877b4cc005ddc5 java-1.7.0-openjdk-demo-1.7.0.121-2.6.8.0.el7_3.s390x.rpm     MD5: 631c042d0c83caf3af7859f6d0c4d7b9SHA-256: 521da50f9f5524f085f08457645d6f3556b7a60faec7846b40d220b8bdcbcbef java-1.7.0-openjdk-devel-1.7.0.121-2.6.8.0.el7_3.s390x.rpm     MD5: fdbf44bf111beeda184334110b165eacSHA-256: 0c8f7ff2ecae945a687f9a39c74e70f66d8de12ff664f9c55967b02dc44dcd20 java-1.7.0-openjdk-headless-1.7.0.121-2.6.8.0.el7_3.s390x.rpm     MD5: 53ca002734c85ed200670084045bb20cSHA-256: 722aa6d08532efda10134b6e22af8206ebd8ebbc7a834735d4194d6631905a11 java-1.7.0-openjdk-javadoc-1.7.0.121-2.6.8.0.el7_3.noarch.rpm     MD5: fb0357196450bf2dd212c3b5844cbb8bSHA-256: 627236db6d1158a1775817331733e677b10b93358a669bcbfed3410595e8a199 java-1.7.0-openjdk-src-1.7.0.121-2.6.8.0.el7_3.s390x.rpm     MD5: 1b82fc9672aed5c5d56bb93fd894ac67SHA-256: c969172a5f45436fb8b7a72d19829c7104f66fabda2f28555b773dbfcffc2c5b   x86_64: java-1.7.0-openjdk-1.7.0.121-2.6.8.0.el7_3.x86_64.rpm     MD5: f10e02124f8226950317c2cea13621ceSHA-256: ca90a1f1694843777e16c9d540eab63061b95f3aca080ffedda7e4b51b6bd760 java-1.7.0-openjdk-accessibility-1.7.0.121-2.6.8.0.el7_3.x86_64.rpm     MD5: 431292bd8d1632d3162657852b637450SHA-256: 464a8c9a70c208335cc40abdb37562f5e0ab590d04a487176d574064b483260a java-1.7.0-openjdk-debuginfo-1.7.0.121-2.6.8.0.el7_3.x86_64.rpm     MD5: 9db43c9923a49970c506d3ddaf3a2ebdSHA-256: 0fd57dd1e08fbf374acc455dc73eebd9c5d6cdb6cb094caba5e2636e932b3358 java-1.7.0-openjdk-demo-1.7.0.121-2.6.8.0.el7_3.x86_64.rpm     MD5: 78dcde4c97d65feec57137871a0f34c2SHA-256: 3c8dc12d68406fa012e5c3b65f06784b9a4a7411048149421d6093f6162aedbe java-1.7.0-openjdk-devel-1.7.0.121-2.6.8.0.el7_3.x86_64.rpm     MD5: 75c60c9aaba5d8d3489c43dbab52558cSHA-256: cae2f47ad8e3f9c6fa7be68931b2d81bfe8190b4dbc99c020258acb0da7231bd java-1.7.0-openjdk-headless-1.7.0.121-2.6.8.0.el7_3.x86_64.rpm     MD5: 2274dbb2721c5ab836d2be6f09abc28bSHA-256: 17da10c8913ee9bedbcc230e852f150eb1069120bfa82d4e730a06e1a1f235b4 java-1.7.0-openjdk-javadoc-1.7.0.121-2.6.8.0.el7_3.noarch.rpm     MD5: fb0357196450bf2dd212c3b5844cbb8bSHA-256: 627236db6d1158a1775817331733e677b10b93358a669bcbfed3410595e8a199 java-1.7.0-openjdk-src-1.7.0.121-2.6.8.0.el7_3.x86_64.rpm     MD5: d9e5610983e2f7beba9c4ad279ce7bb0SHA-256: 80c3107f9ceb64a2666b9c61da3c65ae954a6f3ecbeeb1ba3498ae95ed9f19e6   Red Hat Enterprise Linux Server TUS (v. 7.3) SRPMS: java-1.7.0-openjdk-1.7.0.121-2.6.8.0.el7_3.src.rpm     MD5: 7736ff7259e7da6f81bdccbe49cdcf0fSHA-256: b475f8306b260436450097c6f8b6a6511527ac6e3e9f5bc4c9a9dcbf89991e04   x86_64: java-1.7.0-openjdk-1.7.0.121-2.6.8.0.el7_3.x86_64.rpm     MD5: f10e02124f8226950317c2cea13621ceSHA-256: ca90a1f1694843777e16c9d540eab63061b95f3aca080ffedda7e4b51b6bd760 java-1.7.0-openjdk-accessibility-1.7.0.121-2.6.8.0.el7_3.x86_64.rpm     MD5: 431292bd8d1632d3162657852b637450SHA-256: 464a8c9a70c208335cc40abdb37562f5e0ab590d04a487176d574064b483260a java-1.7.0-openjdk-debuginfo-1.7.0.121-2.6.8.0.el7_3.x86_64.rpm     MD5: 9db43c9923a49970c506d3ddaf3a2ebdSHA-256: 0fd57dd1e08fbf374acc455dc73eebd9c5d6cdb6cb094caba5e2636e932b3358 java-1.7.0-openjdk-demo-1.7.0.121-2.6.8.0.el7_3.x86_64.rpm     MD5: 78dcde4c97d65feec57137871a0f34c2SHA-256: 3c8dc12d68406fa012e5c3b65f06784b9a4a7411048149421d6093f6162aedbe java-1.7.0-openjdk-devel-1.7.0.121-2.6.8.0.el7_3.x86_64.rpm     MD5: 75c60c9aaba5d8d3489c43dbab52558cSHA-256: cae2f47ad8e3f9c6fa7be68931b2d81bfe8190b4dbc99c020258acb0da7231bd java-1.7.0-openjdk-headless-1.7.0.121-2.6.8.0.el7_3.x86_64.rpm     MD5: 2274dbb2721c5ab836d2be6f09abc28bSHA-256: 17da10c8913ee9bedbcc230e852f150eb1069120bfa82d4e730a06e1a1f235b4 java-1.7.0-openjdk-javadoc-1.7.0.121-2.6.8.0.el7_3.noarch.rpm     MD5: fb0357196450bf2dd212c3b5844cbb8bSHA-256: 627236db6d1158a1775817331733e677b10b93358a669bcbfed3410595e8a199 java-1.7.0-openjdk-src-1.7.0.121-2.6.8.0.el7_3.x86_64.rpm     MD5: d9e5610983e2f7beba9c4ad279ce7bb0SHA-256: 80c3107f9ceb64a2666b9c61da3c65ae954a6f3ecbeeb1ba3498ae95ed9f19e6   Red Hat Enterprise Linux Workstation (v. 6) SRPMS: java-1.7.0-openjdk-1.7.0.121-2.6.8.1.el6_8.src.rpm     MD5: d0fdbfd48fbf121596b6ef6a22ae9400SHA-256: 5f6d47f282025217fdda9bafa7f84bdac6cfb4ec8be55060dc145ba463850566   IA-32: java-1.7.0-openjdk-1.7.0.121-2.6.8.1.el6_8.i686.rpm     MD5: d58d79c046ede24636ab309df6df8ec4SHA-256: 74620c6a2d87b8491c84566679e110bf0e5c69ea24a502ccf4db315d2e1add9f java-1.7.0-openjdk-debuginfo-1.7.0.121-2.6.8.1.el6_8.i686.rpm     MD5: 6c6af9aa5877e3ce922de5c279b0b8c4SHA-256: 708dded09de8923d01380cda21d49cc0fbccb7bdfa918337a1686179e43df562 java-1.7.0-openjdk-demo-1.7.0.121-2.6.8.1.el6_8.i686.rpm     MD5: bd1be4307c70d981409584b04ab54adaSHA-256: 5d5b0be07677a59ca0ea0eb04607d67a7b103deba1f33d8c6b816e3383baaff2 java-1.7.0-openjdk-devel-1.7.0.121-2.6.8.1.el6_8.i686.rpm     MD5: e13c85a1c48c5ada10858d2d456aac5eSHA-256: 4cb449d2b8e3e2398b9ed26a6162d9f5a60ab182a675aae4f596f0f91b5a6c7c java-1.7.0-openjdk-javadoc-1.7.0.121-2.6.8.1.el6_8.noarch.rpm     MD5: 7ba635224ff44d380c8c14d7c10ed1c2SHA-256: b439d86f48a29b564f12d74bb37c43a61252d54707b0359f1a5963a0ec47ee70 java-1.7.0-openjdk-src-1.7.0.121-2.6.8.1.el6_8.i686.rpm     MD5: ac98dd553f94db98d03b554979e862c3SHA-256: 1ae19c58d5ab37e0811cff91046428dc123d244ce84a69a51d1b44317f71d952   x86_64: java-1.7.0-openjdk-1.7.0.121-2.6.8.1.el6_8.x86_64.rpm     MD5: 694f7bd0503e44f34f0bce6bd7198f78SHA-256: c250ef96deff445120f9c22fcae38bb0db523a97c497eba342292bee40e12397 java-1.7.0-openjdk-debuginfo-1.7.0.121-2.6.8.1.el6_8.x86_64.rpm     MD5: 2281af1a401449e1d75945ebc89ca956SHA-256: da111fc164feaacd41757c5ebaeed2e1ff074c06746f0f1018d2d4eafff781d6 java-1.7.0-openjdk-demo-1.7.0.121-2.6.8.1.el6_8.x86_64.rpm     MD5: c24e6d69bc037ce64a9e531a4c2848aeSHA-256: 4b4b5cb015c9e4500ec51e8cdfd640afee44e630ed033f376639647e107ff660 java-1.7.0-openjdk-devel-1.7.0.121-2.6.8.1.el6_8.x86_64.rpm     MD5: 0ea4af218a1817ca920617a8aa9ed9d3SHA-256: 599b6234281fb58c1fcd6c06f9ec0410387bbe06d2d23d5fc35e389b066a2615 java-1.7.0-openjdk-javadoc-1.7.0.121-2.6.8.1.el6_8.noarch.rpm     MD5: 7ba635224ff44d380c8c14d7c10ed1c2SHA-256: b439d86f48a29b564f12d74bb37c43a61252d54707b0359f1a5963a0ec47ee70 java-1.7.0-openjdk-src-1.7.0.121-2.6.8.1.el6_8.x86_64.rpm     MD5: 41e994dd3409d753cad6b876357e7433SHA-256: cf8c709a96b1197ef8c0c93f16e9ee11ae431fc8e7cb8203094256c3cb2588ff   Red Hat Enterprise Linux Workstation (v. 7) SRPMS: java-1.7.0-openjdk-1.7.0.121-2.6.8.0.el7_3.src.rpm     MD5: 7736ff7259e7da6f81bdccbe49cdcf0fSHA-256: b475f8306b260436450097c6f8b6a6511527ac6e3e9f5bc4c9a9dcbf89991e04   x86_64: java-1.7.0-openjdk-1.7.0.121-2.6.8.0.el7_3.x86_64.rpm     MD5: f10e02124f8226950317c2cea13621ceSHA-256: ca90a1f1694843777e16c9d540eab63061b95f3aca080ffedda7e4b51b6bd760 java-1.7.0-openjdk-accessibility-1.7.0.121-2.6.8.0.el7_3.x86_64.rpm     MD5: 431292bd8d1632d3162657852b637450SHA-256: 464a8c9a70c208335cc40abdb37562f5e0ab590d04a487176d574064b483260a java-1.7.0-openjdk-debuginfo-1.7.0.121-2.6.8.0.el7_3.x86_64.rpm     MD5: 9db43c9923a49970c506d3ddaf3a2ebdSHA-256: 0fd57dd1e08fbf374acc455dc73eebd9c5d6cdb6cb094caba5e2636e932b3358 java-1.7.0-openjdk-demo-1.7.0.121-2.6.8.0.el7_3.x86_64.rpm     MD5: 78dcde4c97d65feec57137871a0f34c2SHA-256: 3c8dc12d68406fa012e5c3b65f06784b9a4a7411048149421d6093f6162aedbe java-1.7.0-openjdk-devel-1.7.0.121-2.6.8.0.el7_3.x86_64.rpm     MD5: 75c60c9aaba5d8d3489c43dbab52558cSHA-256: cae2f47ad8e3f9c6fa7be68931b2d81bfe8190b4dbc99c020258acb0da7231bd java-1.7.0-openjdk-headless-1.7.0.121-2.6.8.0.el7_3.x86_64.rpm     MD5: 2274dbb2721c5ab836d2be6f09abc28bSHA-256: 17da10c8913ee9bedbcc230e852f150eb1069120bfa82d4e730a06e1a1f235b4 java-1.7.0-openjdk-javadoc-1.7.0.121-2.6.8.0.el7_3.noarch.rpm     MD5: fb0357196450bf2dd212c3b5844cbb8bSHA-256: 627236db6d1158a1775817331733e677b10b93358a669bcbfed3410595e8a199 java-1.7.0-openjdk-src-1.7.0.121-2.6.8.0.el7_3.x86_64.rpm     MD5: d9e5610983e2f7beba9c4ad279ce7bb0SHA-256: 80c3107f9ceb64a2666b9c61da3c65ae954a6f3ecbeeb1ba3498ae95ed9f19e6   (The unlinked packages above are only available from the Red Hat Network) These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from:
Enlarge / Go ahead and click it. You know you want to.reader comments 23 Share this story Clickers gonna click.

Despite mandatory corporate training, general security awareness, and constant harping about the risks of clicking on unverified links in e-mails and other documents, people have been, are now, and forever will click links where exploit kits and malware lurk.
It's simply too easy with the slightest amount of targeted work to convince users to click. Eric Rand and Nik Labele believe they have an answer to this problem—an answer that could potentially derail not just phishing attacks but other manner of malware as well.
Instead of relying on the intelligence of users, Rand and Labele have been working on software that takes humans completely out of the loop in phishing defense by giving clicks on previously unseen domains a time out, "greylisting" them for 24 hours by default.

The software, a project called Foghorn, does this by intercepting requests made to the Domain Name Service (DNS). Greylisting has been used in spam filtering for e-mails, where it deliberately delays e-mails delivered from previously unseen sources and sends temporary errors back to the sender for a few minutes or hours.
Spam greylisting operates under the assumption that a real mail server will re-attempt delivery, while spambots likely will not. Foghorn applies the same approach to unseen domain names, but it does so for a different reason: many of the domains behind phishing attacks are active for less than 24 hours before they're rotated to another domain, according to an Anti-Phishing Working Group survey.

As Rand said in his presentation about Foghorn at DefCon, "Lots of people are very invested in taking [phishing domains] down quickly, so phishers have to keep moving." By delaying the availability of previously unseen domains, the likelihood of users getting phished could be significantly reduced. Plus, known good domains can always be whitelisted.

Additionally, greylisting domains can cut off the command and control for botnet malware that may have already infected systems on the network, since many botnets use random domain generation algorithms to evade detection and change the domains they access frequently—sometimes in as little as hours or minutes. Foghorn is a proof-of-concept prototype DNS greylisting system.

Built with Python and the Twisted event-driven networking engine, Foghorn acts as a DNS proxy, filtering outbound DNS requests from devices on a local network.

Before being activated, it can be set in "baselining" mode to collect a list of domains typically visited by users on the systems to be protected—these can be "whitelisted" to ensure that they're always reachable. According to Rand's whitepaper describing the project, after Foghorn is activated, "when a workstation attempts to fetch a DNS record not previously seen on the network, the greylister will initially resolve that domain to some locally-controlled asset rather than allowing the request to complete; after some timeout period, the request will then resolve as normal." If a domain isn't requested again within a certain amount of time—by default, seven days—Foghorn resets it for greylisting again.

This is intended to protect against phishes from previously safe domains that might get hijacked when they expire. The sites that get greylisted also get recorded in logs by Foghorn, and those logs can be used by a security information and event management (SIEM) system or other security tools to alert administrators to potential attacks (while also identifying which users clicked on them). Foghorn is still very much a work in progress.
It currently only handles requests for "A" records—records in the DNS listing for a domain that specify the Internet Protocol address associated with a particular name.
It also doesn't catch requests to specific IP addresses instead of domain names, so links that use an IP address instead of a hostname will slip past unless an HTTP proxy blocks them.

The approach may not be a good fit for some people, too.

But given the cost (and futility) of phishing training, Foghorn may be a great idea for smaller businesses—and you may want to set it up on your parents' home network while you're at it.
Updated rh-nodejs4 packages that fix one bug are now available for Red HatSoftware Collections. Node.js is a software development platform for building fast and scalablenetwork applications in the JavaScript programming language.This update fixes the following bug:* The rh-nodejs4 Software Collection previously contained an outdated packagerh-nodejs4-nodejs-tunnel-agent.

Consequently, users were unable to use thisSoftware Collection or its associated S2I image from behind an HTTP proxy.

Therh-nodejs4-nodejs-tunnel-agent package has been updated to the latest version,and the rh-nodejs4 Software Collection and the associated S2I image are nowfully usable. (BZ#1366491)Users of rh-nodejs4 are advised to upgrade to these updated packages, which fixthis bug. Before applying this update, make sure all previously released erratarelevant to your system have been applied.For details on how to apply this update, refer to:https://access.redhat.com/articles/11258Red Hat Software Collections 1 for RHEL 6 SRPMS: rh-nodejs4-nodejs-tunnel-agent-0.4.3-1.el6.src.rpm     MD5: 71af3bcc05e8ade385fc475c28bae278SHA-256: 7e82fb1b3af4f7c5c1774e3a8a872184c0c0986bdaa9d26f42bb938e8348c343   x86_64: rh-nodejs4-nodejs-tunnel-agent-0.4.3-1.el6.noarch.rpm     MD5: e84571d06b0dc4b634ef12e993254c3cSHA-256: 58767d7b527374f822abeb1267cff32f194c1e5b92d39b046f208d32aad165c4   Red Hat Software Collections 1 for RHEL 7 SRPMS: rh-nodejs4-nodejs-tunnel-agent-0.4.3-1.el7.src.rpm     MD5: 8eeb0873708b892c20e1ff7441debe8eSHA-256: 6803dd4ea789fb0bb62a26b2f19a0099f0b803b75ce3f8e70c39c1f9bd0353ea   x86_64: rh-nodejs4-nodejs-tunnel-agent-0.4.3-1.el7.noarch.rpm     MD5: 197be71110c7b76fb0fe28a9540dbb11SHA-256: f697b81ae9d3bf8dcfed38340bf0f488b1ef0fdea8c64ea8398f06f6f3f1f42d   (The unlinked packages above are only available from the Red Hat Network) 1366491 - nodejs-4-rhel7 image cannot work behind http proxy These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from:
After lying dormant for years, flaws in the HTTP Proxy header used in programming languages and applications, such as PHP, Go and Python, have now been fixed. Some flaws take longer—a lot longer—than others to get fixed.

The newly named HTTpoxy vulnerability was first discovered back in March 2001 and fixed in the open-source Perl programming language, but it has sat dormant in multiple other languages and applications until July 18.The HTTPoxy flaw is a misconfiguration vulnerability in the HTTP_PROXY variable that is commonly used by Common Gateway Interface (CGI) environment scripts.

The HTTPoxy flaw could potentially enable a remotely exploitable vulnerability on servers, enabling an attacker to run code or redirect traffic.

The flaw at its core is a name space conflict between two different uses for a server variable known as HTTP Proxy."There is a common system environment variable called "HTTP_PROXY," which can be used to communicate the HTTP (and sometimes HTTPS) proxy settings for an outgoing HTTP proxy to an application," Red Hat explains in its advisory on HTTpoxy. "This variable has a completely different purpose and context to that of the HTTP server-script variable."Red Hat's advisory notes that applications, language libraries and scripting modules use the HTTP server script environment variable to help configure a proxy for subsequent outgoing HTTP traffic. The risk is that since the two variables can be confused, an attacker could potentially redirect a server's outgoing connection to an arbitrary location.

The HTTpoxy flaw has a widespread impact, with the open-source PHP, Go, Python and HVVM languages at risk as well as the Apache HTTP and Tomcat servers.

As myriad applications rely on those languages and servers, there are multiple updates from application projects as well, including the popular Drupal open-source content-management system, which powers many U.S. government Websites, including Whitehouse.gov. Christopher Robinson, manager, Red Hat product security program management, explained that the HTTpoxy issue was first identified and fixed in 2001 in a Perl library. Perl is a popular open-source programming language. "The world of security was quite a bit different back in 2001.
It wasn't common to look at issues as having wide-reaching consequences," Robinson told eWEEK. "Today, there are a large number of security researchers investigating issues like never before."Robinson added that Web apps were also quite different in 2001, and tended to be more monolithic.

The idea of doing server-side HTTP requests while fulfilling a client-side request was also not very common.

Today, it is a different world with distributed applications and microservices."In a worst-case scenario for this issue, an attacker could possibly redirect outgoing HTTP traffic from a CGI script to other servers," Robinson said. "This could lead to the disclosure of sensitive information contained within both request and response sent between the CGI script and HTTP server."That said, Robinson emphasized that on Linux, the majority of Web applications no longer run as CGI scripts, meaning they are not vulnerable to this type of attack.Greg Knaddison, director of engineering at Card.com and Drupal Security Team member, noted that for most Drupal sites, HTTpoxy is probably only a "corner case" risk."The members of Drupal Security Team who worked on this issue were able to think of a few scenarios that would allow a determined attacker to completely take over a site," Knaddison told eWEEK. "Most of them involved stringing together the HTTPoxy vulnerability in the Guzzle library to achieve a defacement or a Cross-site scripting attack."Guzzle is a popular PHP HTTP client that can be used in a Drupal deployment stack. Knaddison added that Drupal core does not use the vulnerable HTTP proxy variable directly; however, Drupal 8 core and several Drupal 7 contributed modules used a version of the Guzzle library that was vulnerable.

The Drupal project has now issued an update and guidance on how to further mitigate the limited risk of HTTpoxy.For users of the popular Apache HTTP Web server, the Apache Software Foundation has issued guidance to help mitigate the risk.Sean Michael Kerner is a senior editor at eWEEK and InternetNews.com.

Follow him on Twitter @TechJournalist.
So you know it's really scary A dangerous easy-to-exploit vulnerability discovered 15 years ago has reared its head again, leaving server-side website software potentially open to hijackers. The Apache Software Foundation, Red Hat, Ngnix and others have rushed to warn programmers of the so-called httpoxy flaw, specifically: CVE-2016-5385 in PHP; CVE-2016-5386 in Go; CVE-2016-5387 in Apache HTTP server; CVE-2016-5388 in Apache TomCat; CVE-2016-1000109 in PHP-engine HHVM; and CVE-2016-1000110 in Python. This security hole can be exploited to seize control of vulnerable web apps.

Basically, you abuse the Proxy HTTP header in a request to the application to set a common environment variable called HTTP_PROXY.

The app then, unwisely, uses the proxy server defined by that variable for any of its outgoing connections. So, if you point HTTP_PROXY at a malicious server, you can intercept the web app's connections to other systems and, depending on how the code is designed, potentially gain remote code execution.
It hinges on whether or not the app makes outgoing connections as part of its operation, and if these can be usefully exploited. "If you're running PHP or CGI, you should block the Proxy header now," said Vend infrastructure engineer Dominic Scheirlinck, who coordinated the disclosure of the security holes with software makers. The Register had an early look at the details prior to today's public announcement. There are advisories available now from Apache, Red Hat, US CERT, Nginx, and Drupal with more details. "httpoxy is extremely easy to exploit in basic form, and we expect security researchers to be able to scan for it quickly.
If you're not deploying code, you don't need to worry," added Scheirlinck. Code that makes outgoing HTTP connections to look up information or perform some other task while running in a server-side CGI context is potentially open to easy attack, he said.
It may be possible to siphon off sensitive internal records, or feed dodgy data into apps, by injecting a proxy server into the mix. "For example, if you are using a Drupal plugin that uses Guzzle 6 and it makes an outgoing HTTP request (for example, to check a weather API), you are vulnerable to the request that plugin makes being 'httpoxied'," Scheirlinck explained. The New Zealander says attackers can direct vulnerable servers to open connections to an evil machine's IP address, and waste server resources by running traffic through malicious proxies. Scheirlinck said the vulnerability is down to a basic namespace conflict: RFC 3875 (CGI) puts the HTTP proxy header from a request into the environment variables as HTTP_PROXY. HTTP_PROXY is a popular environment variable used to configure an outgoing proxy. Exploitation is possible if just one vulnerable library is used, such as Guzzle or Artax, while processing incoming HTTP requests. "Probably many, many libraries" are affected, Scheirlinck said. Here's how he described the flaw in a PHP script: PHP has a method called getenv(). There is a common vulnerability in many PHP libraries and applications, introduced by confusing getenv for a method that only returns environment variables.
In fact, getenv() is closer to the $_SERVER superglobal: it contains both environment variables and user-controlled data. Specifically, when PHP is running under a CGI-like server, the HTTP request headers (data supplied by the client) are merged into the $_SERVER superglobal under keys beginning with HTTP_.

This is the same information that getenv reads from. When a user sends a request with a proxy header, the header appears to the PHP application as getenv('HTTP_PROXY').
Some common PHP libraries have been trusting this value, even when run in a CGI/SAPI environment. Reading and trusting $_SERVER['HTTP_PROXY'] is exactly the same vulnerability, but tends to happen much less often (perhaps because of getenv's name, perhaps because the semantics of the $_SERVER superglobal are better understood among the community). Quick and easy mitigations are available, with the best being to block Proxy request headers before they hit applications. A longer-term fix is to not trust HTTP_PROXY under CGI.

Developers of software that is insecure and in need of patching should obtain a Distributed Weakness Filing Project number or apply for a CVE number from MITRE. "We suspect there may be more CVEs coming for httpoxy, as less common software is checked over," said Scheirlinck. The Proxy / HTTP_PROXY confusion was first spotted in March 2001 in libwww-perl, and was fixed at the time.

This month, researchers at Vend found libraries and tools still making the same namespace screw up, leaving them open to hijacking. ® Sponsored: Global DDoS threat landscape report