The remote host is missing updates announced in advisory GLSA 200911-02.

All Sun JRE 1.5.x users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose '>=dev-java/sun-jre-bin-1.5.0.22' All Sun JRE 1.6.x users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose '>=dev-java/sun-jre-bin-1.6.0.17' All Sun JDK 1.5.x users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose '>=dev-java/sun-jdk-1.5.0.22' All Sun JDK 1.6.x users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose '>=dev-java/sun-jdk-1.6.0.17' All users of the precompiled 32bit Sun JRE 1.5.x should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose '>=app-emulation/emul-linux-x86-java-1.5.0.22' All users of the precompiled 32bit Sun JRE 1.6.x should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose '>=app-emulation/emul-linux-x86-java-1.6.0.17' All Sun JRE 1.4.x, Sun JDK 1.4.x, Blackdown JRE, Blackdown JDK and precompiled 32bit Sun JRE 1.4.x users are strongly advised to unmerge Java 1.4: # emerge --unmerge =app-emulation/emul-linux-x86-java-1.4* # emerge --unmerge =dev-java/sun-jre-bin-1.4* # emerge --unmerge =dev-java/sun-jdk-1.4* # emerge --unmerge dev-java/blackdown-jdk # emerge --unmerge dev-java/blackdown-jre Gentoo is ceasing support for the 1.4 generation of the Sun Java Platform in accordance with upstream. All 1.4 JRE and JDK versions are masked and will be removed shortly. http://www.securityspace.com/smysecure/catid.html?in=GLSA%20200911-02 http://bugs.gentoo.org/show_bug.cgi?id=182824 http://bugs.gentoo.org/show_bug.cgi?id=231337 http://bugs.gentoo.org/show_bug.cgi?id=250012 http://bugs.gentoo.org/show_bug.cgi?id=263810 http://bugs.gentoo.org/show_bug.cgi?id=280409 http://bugs.gentoo.org/show_bug.cgi?id=291817

Multiple vulnerabilites in the Sun JDK and JRE allow for several attacks, including the remote execution of arbitrary code.