On March 6, Canonical published details about OpenJDK 6 vulnerabilities, in a security notice, for its Ubuntu 12.04 LTS, Ubuntu 11.10, and Ubuntu 10.04 LTS operating systems.
According to Canonical
, OpenJDK could be made to crash or run programs as you login if it opened a specially crafted file.
For example, it was discovered that OpenJDK did not properly validate certain types of images. A remote attacker could exploit this to cause OpenJDK to crash.
Users can simply fix the security flaws by upgrading the operating systems to the icedtea-6-jre-cacao, icedtea-6-jre-jamvm, openjdk-6-jre, openjdk-6-jre-headless, openjdk-6-jre-zero, and openjdk-6-jre-lib specific to each distribution.
A normal system update, executed with the Update Manager, will implement all the necessary changes. After a standard system update, you need to restart any applications using OpenJDK, such as your browser.