SUSE: 2011:0863-2 Important: JRE Security Issues Resolved
suse
August 5, 2011
An update that contains security fixes can now be installed
Summary
Warning: Undefined array key "advisoryid" in /var/www/www.linuxsecurity.com-443/html/tmp/regularlabs/custom_php/3787005_1edcd913e2b52798c5b9126b8927230e on line 19
SUSE Security Update: Security update for IBM Java5 JRE and SDK
______________________________________________________________________________
Announcement ID: SUSE-SU-2011:0863-2
Rating: important
References: #707244
Affected Products:
SUSE CORE 9
Open Enterprise Server
Novell Linux POS 9
______________________________________________________________________________
An update that contains security fixes can now be installed.
Description:
IBM Java 1.5.0 SR12 FP5 has been released fixing bugs and
security issues.
Following security issues were fixed:
*
CVE-2011-0865: Unspecified vulnerability in the Java
Runtime Environment (JRE) component in Oracle Java SE 6
Update 25 and earlier, 5.0 Update 29 and earlier, and
1.4.2_31 and earlier allows remote untrusted Java Web Start
applications and untrusted Java applets to affect integrity
via unknown vectors related to Deserialization.
*
CVE-2011-0866: Unspecified vulnerability in the Java
Runtime Environment (JRE) component in Oracle Java SE 6
Update 25 and earlier, 5.0 Update 29 and earlier, and
1.4.2_31 and earlier, when running on Windows, allows
remote untrusted Java Web Start applications and untrusted
Java applets to affect confidentiality, integrity, and
availability via unknown vectors related to Java Runtime
Environment.
*
CVE-2011-0802: Unspecified vulnerability in the Java
Runtime Environment (JRE) component in Oracle Java SE 6
Update 25 and earlier, when running on Windows, allows
remote untrusted Java Web Start applications and untrusted
Java applets to affect confidentiality, integrity, and
availability via unknown vectors related to Deployment, a
different vulnerability than CVE-2011-0786.
*
CVE-2011-0814: Unspecified vulnerability in the Java
Runtime Environment (JRE) component in Oracle Java SE 6
Update 25 and earlier, 5.0 Update 29 and earlier, and
1.4.2_31 and earlier allows remote attackers to affect
confidentiality, integrity, and availability via unknown
vectors related to Sound, a different vulnerability than
CVE-2011-0802.
*
CVE-2011-0815: Unspecified vulnerability in the Java
Runtime Environment (JRE) component in Oracle Java SE 6
Update 25 and earlier, 5.0 Update 29 and earlier, and
1.4.2_31 and earlier allows remote untrusted Java Web Start
applications and untrusted Java applets to affect
confidentiality, integrity, and availability via unknown
vectors related to AWT.
*
CVE-2011-0862: Multiple unspecified vulnerabilities
in the Java Runtime Environment (JRE) component in Oracle
Java SE 6 Update 25 and earlier, 5.0 Update 29 and earlier,
and 1.4.2_31 and earlier allow remote attackers to affect
confidentiality, integrity, and availability via unknown
vectors related to 2D.
*
CVE-2011-0867: Unspecified vulnerability in the Java
Runtime Environment (JRE) component in Oracle Java SE 6
Update 25 and earlier, 5.0 Update 29 and earlier, and
1.4.2_31 and earlier allows remote untrusted Java Web Start
applications and untrusted Java applets to affect
confidentiality via unknown vectors related to Networking.
*
CVE-2011-0871: Unspecified vulnerability in the Java
Runtime Environment (JRE) component in Oracle Java SE 6
Update 25 and earlier, 5.0 Update 29 and earlier, and
1.4.2_31 and earlier allows remote untrusted Java Web Start
applications and untrusted Java applets to affect
confidentiality, integrity, and availability via unknown
vectors related to Swing.
*
CVE-2011-0872: Unspecified vulnerability in the Java
Runtime Environment (JRE) component in Oracle Java SE 6
Update 25 and earlier allows remote attackers to affect
availability via unknown vectors related to NIO.
*
CVE-2011-0873: Unspecified vulnerability in the Java
Runtime Environment (JRE) component in Oracle Java SE 6
Update 25 and earlier, and 5.0 Update 29 and earlier,
allows remote attackers to affect confidentiality,
integrity, and availability via unknown vectors related to
2D.
Indications:
Please install this update.
Package List:
- SUSE CORE 9 (i586 ppc ppc64 s390 s390x x86_64):
IBMJava5-JRE-1.5.0_sr12.5-0.6
IBMJava5-SDK-1.5.0_sr12.5-0.6
- Open Enterprise Server (i586):
IBMJava5-JRE-1.5.0_sr12.5-0.6
IBMJava5-SDK-1.5.0_sr12.5-0.6
- Novell Linux POS 9 (i586):
IBMJava5-JRE-1.5.0_sr12.5-0.6
IBMJava5-SDK-1.5.0_sr12.5-0.6
References:
References
PREVIOUS
NEXT
Severity
important
Lowest
Low
Medium
High
Critical
Warning: Undefined array key "block1" in /var/www/www.linuxsecurity.com-443/html/tmp/regularlabs/custom_php/3787005_c1d2d4f425d79c8c327f2b8603847ec6 on line 11
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Related News
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!