Alerts This Week
Warning Icon 1 637
Alerts This Week
Warning Icon 1 637

Stay Secure with the Latest Linux Advisories

Debianlts Large Esm H800
Debian LTS

Debian Dovecot High Severity Service Disruption Info Leak Flaw DLA-4617-1

Calendar White Jun 05, 2026
Important
Debianlts Large Esm H900
Debian LTS

Debian 11 gsasl Critical DoS Threat Advisory DLA-4618-1 CVE-2026-48829

Calendar White Jun 05, 2026
Critical
Suse Large Esm H900
SuSE

SUSE MozillaThunderbird Important Memory Safety Fix Advisory 2026-2271-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H800
SuSE

SUSE Linux Micro 6.0 Ignition Key HTTP Transport Loop Patch 2026-21987-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro 6.0 Important Libzypp Libsolv Security Update 2026-21988-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Google-Guest-Agent Important Security Update 2026-21989-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H800
SuSE

SUSE Linux Micro Important Salt Multi-Linux Manager Vuln 2026-21990-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro Critical Ignition Patch CVE-2026-33814

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro 6.1 Security Update for libzypp libsolv Key 2026-21992-1

Calendar White Jun 05, 2026
Important
Filter Icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":545,"type":"x","order":1,"pct":78.42,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.32,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.89,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.37,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found 0 articles for you...
202
Ls Advisories Opensuse Esm H240
Price Tag 1security advisorysecurity issuesoftware update

openSUSE Tumbleweed: 2025:15080-1 moderate: java-21-openj9 fixes

An update that solves 2 vulnerabilities can now be installed.. # java-21-openj9-21.0.7.0-1.1 on GA media Announcement ID: openSUSE-SU-2025:15080-1 Rating: moderate Cross-References: * CVE-2025-21587 * CVE-2025-30698 CVSS scores: * CVE-2025-21587 ( SUSE ): 7.4 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N * CVE-2025-21587 ( SUSE ): 9.1 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N * CVE-2025-30698 ( SUSE ): 5.6 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L * CVE-2025-30698 ( SUSE ): 6.3 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N Affected Products: * openSUSE Tumbleweed An update that solves 2 vulnerabilities can now be installed. ## Description: These are all security issues fixed in the java-21-openj9-21.0.7.0-1.1 package on the GA media of openSUSE Tumbleweed. ## Package List: * openSUSE Tumbleweed: * java-21-openj9 21.0.7.0-1.1 * java-21-openj9-demo 21.0.7.0-1.1 * java-21-openj9-devel 21.0.7.0-1.1 * java-21-openj9-headless 21.0.7.0-1.1 * java-21-openj9-javadoc 21.0.7.0-1.1 * java-21-openj9-jmods 21.0.7.0-1.1 * java-21-openj9-src 21.0.7.0-1.1 ## References: * https://www.suse.com/security/cve/CVE-2025-21587.html * https://www.suse.com/security/cve/CVE-2025-30698.html . An update for openSUSE addresses multiple issues in the java-21-openj9 package with moderate severity ratings.. openSUSE Security Update, Java Package Issues, Security Advisory openSUSE, Software Vulnerability Management. . LinuxSecurity.com Team

Calendar 2 May 13, 2025 OpenSUSE
199
Ls Advisories Centos Esm H240
Price Tag 1security advisorysecurity issuecritical

CentOS: CESA-2022-5698 Critical: Java Package Update Issues

Upstream details at : https://access.redhat.com/errata/RHSA-2022:5698. CentOS Errata and Security Advisory 2022:5698 Important Upstream details at : https://access.redhat.com/errata/RHSA-2022:5698 The following updated files have been uploaded and are currently syncing to the mirrors: ( sha256sum Filename ) x86_64: bbc54477e470a694a3032e391624ba33b9753f81d283b60a19dca7c1c52b35c4 java-1.8.0-openjdk-1.8.0.342.b07-1.el7_9.i686.rpm 9c883d2d32a12c3f672b6e40119adf476d62ae4bacb40ce0a88634b864d19701 java-1.8.0-openjdk-1.8.0.342.b07-1.el7_9.x86_64.rpm 086c33b98ecb7adbc59297b29fb3fc219e4beda421611ef17471f6cc8e0a9b6f java-1.8.0-openjdk-accessibility-1.8.0.342.b07-1.el7_9.i686.rpm 89218a788c99c93aaa563b09b3f7b71ed061025bda32116e0f5ad78d034e5d94 java-1.8.0-openjdk-accessibility-1.8.0.342.b07-1.el7_9.x86_64.rpm 96d0ea79b3da11f9b3d85598dae3187e501c54728cd8509492569f9dc2c1670f java-1.8.0-openjdk-demo-1.8.0.342.b07-1.el7_9.i686.rpm f0c9b7b923d47df8b92aa0c427d4754da9c2d22e9eb87e436c06305406998a3c java-1.8.0-openjdk-demo-1.8.0.342.b07-1.el7_9.x86_64.rpm e1e1b8adc5317dafcd61f9374708c3ef7388ecd2591a47bb2dfdedc0eee9d389 java-1.8.0-openjdk-devel-1.8.0.342.b07-1.el7_9.i686.rpm 5435c138b53b3d77c61b682fd1142b6ebad9946a7aafbb1f722f6f9a4896a265 java-1.8.0-openjdk-devel-1.8.0.342.b07-1.el7_9.x86_64.rpm c204a4ffd212c3a27c0afea8e7c43b386fac6da8dfb78049b8fff2cea01ea128 java-1.8.0-openjdk-headless-1.8.0.342.b07-1.el7_9.i686.rpm 5941cfa3708aa1d7eae457e8f0abc55a55d5a84eadb56473770f0a82215aa495 java-1.8.0-openjdk-headless-1.8.0.342.b07-1.el7_9.x86_64.rpm 1724001fdb91ff6c4e1fcf64bccf981017dfd7ab649f21c1333810e6cbd8e9c6 java-1.8.0-openjdk-javadoc-1.8.0.342.b07-1.el7_9.noarch.rpm 707c34f7fa9d4787f56722da43ebdb1458d9855c217691d5688c6bde0306a2b7 java-1.8.0-openjdk-javadoc-zip-1.8.0.342.b07-1.el7_9.noarch.rpm 42a032cda37e42e63ccb183ecdaa7710140521828aa8549a8f19dd0bc7fbea36 java-1.8.0-openjdk-src-1.8.0.342.b07-1.el7_9.i686.rpm cd7ecade58c83774da56075ecbc93181d0299693efa4a31b09f39a234ea8c0d8 java-1.8.0-openjdk-src-1.8.0.342.b07-1.el7_9.x86_64.rpm Source: 4a69a3523f64a58f0321f1012cf9cdf8b8b5a25f55ad5dca977a6567cd2bb19a java-1.8.0-openjdk-1.8.0.342.b07-1.el7_9.src.rpm -- Johnny Hughes CentOS Project { https://www.centos.org/ } irc: hughesjr, #This email address is being protected from spambots. You need JavaScript enabled to view it. Twitter: @JohnnyCentOS _______________________________________________ CentOS-announce mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. . Debian Security Advisory 2023:0456 covers essential fixes for Python modules, including upstream changelogs for reference.. Java Security Update, CentOS Errata, Package Security, Critical Issues. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Aug 02, 2022 Critical CentOS
Banner 4 1028x280 1708121825 1771600306
217
Ls Advisories Oracle Esm H240
Price Tag 1security advisorysecurity issuecritical threat

Oracle Linux 7 ELSA-2021-3892 Important Java Security Update

The following updated rpms for Oracle Linux 7 have been uploaded to the Unbreakable Linux Network: . Oracle Linux Security Advisory ELSA-2021-3892 https://linux.oracle.com/errata/ELSA-2021-3892.html The following updated rpms for Oracle Linux 7 have been uploaded to the Unbreakable Linux Network: aarch64: java-11-openjdk-11.0.13.0.8-1.0.1.el7_9.aarch64.rpm java-11-openjdk-devel-11.0.13.0.8-1.0.1.el7_9.aarch64.rpm java-11-openjdk-headless-11.0.13.0.8-1.0.1.el7_9.aarch64.rpm java-11-openjdk-demo-11.0.13.0.8-1.0.1.el7_9.aarch64.rpm java-11-openjdk-javadoc-11.0.13.0.8-1.0.1.el7_9.aarch64.rpm java-11-openjdk-javadoc-zip-11.0.13.0.8-1.0.1.el7_9.aarch64.rpm java-11-openjdk-jmods-11.0.13.0.8-1.0.1.el7_9.aarch64.rpm java-11-openjdk-src-11.0.13.0.8-1.0.1.el7_9.aarch64.rpm SRPMS: https://oss.oracle.com:443/ol7/SRPMS-updates/java-11-openjdk-11.0.13.0.8-1.0.1.el7_9.src.rpm Related CVEs: CVE-2021-35550 CVE-2021-35556 CVE-2021-35559 CVE-2021-35561 CVE-2021-35564 CVE-2021-35565 CVE-2021-35567 CVE-2021-35578 CVE-2021-35586 CVE-2021-35603 Description of changes: [1:11.0.13.0.8-1.0.1] - link atomic for ix86 build [1:11.0.13.0.8-1] - Revert addition of libharfbuzz.so after its removal by JDK-8255790 - Resolves: rhbz#2012332 [1:11.0.13.0.8-1] - Update to jdk-11.0.12.0+8 - Update release notes to 11.0.12.0+8 - Switch to GA mode for final release. - This tarball is embargoed until 2021-10-19 @ 1pm PT. - Resolves: rhbz#2012332 [1:11.0.13.0.7-0.1.ea] - Update to jdk-11.0.13.0+7 - Update release notes to 11.0.13.0+7 - Resolves: rhbz#1999936 [1:11.0.13.0.1-0.1.ea] - Update to jdk-11.0.13.0+1 - Update release notes to 11.0.13.0+1 - Update tarball generation script to use git following OpenJDK 11u's move to github - Switch to EA mode for 11.0.13 pre-release builds. - Remove non-Free test from source tarball. - Related: rhbz#1999936 [1:11.0.12.0.7-4] - Reduce disk footprint by removing build artifacts by default. - Related: rhbz#1999936 [1:11.0.12.0.7-3] - Restructure the build so a minimal initial build is then used forthe final build (with docs) - This reduces pressure on the system JDK and ensures the JDK being built can do a full build - Related: rhbz#1999936 [1:11.0.12.0.7-2] - Don't package lib/client and lib/client/classes.jsa which don't exist. - Resolves: rhbz#1698873 [1:11.0.12.0.7-1] - Minor cosmetic improvements to make spec more comparable between variants - Related: rhbz#1999936 _______________________________________________ El-errata mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. https://oss.oracle.com/mailman/listinfo/el-errata . The Oracle Linux Security Advisory ELSA-2021-3889 provides essential patches for Apache HTTP Server to mitigate several vulnerabilities.. Oracle Linux 7, Java Security Update, ELSA-2021-3892. . Severity: Important. LinuxSecurity.com Team

Calendar 2 Oct 21, 2021 Important Oracle
98
Ls Advisories Redhat Esm H240
Price Tag 1security advisoryred hatsoftware update

Red Hat Enterprise Linux: RHSA-2015-1928-01 Important Oracle Java Security

Updated java-1.6.0-sun packages that fix several security issues are now available for Oracle Java for Red Hat Enterprise Linux 5, 6, and 7. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ==================================================================== Red Hat Security Advisory Synopsis: Important: java-1.6.0-sun security update Advisory ID: RHSA-2015:1928-01 Product: Oracle Java for Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2015:1928.html Issue date: 2015-10-22 CVE Names: CVE-2015-4734 CVE-2015-4803 CVE-2015-4805 CVE-2015-4806 CVE-2015-4835 CVE-2015-4842 CVE-2015-4843 CVE-2015-4844 CVE-2015-4860 CVE-2015-4872 CVE-2015-4881 CVE-2015-4882 CVE-2015-4883 CVE-2015-4893 CVE-2015-4902 CVE-2015-4903 CVE-2015-4911 ==================================================================== 1. Summary: Updated java-1.6.0-sun packages that fix several security issues are now available for Oracle Java for Red Hat Enterprise Linux 5, 6, and 7. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. 2. Relevant releases/architectures: Oracle Java for Red Hat Enterprise Linux Client (v. 7) - x86_64 Oracle Java for Red Hat Enterprise Linux Client 5 - i386, x86_64 Oracle Java for Red Hat Enterprise Linux Compute Node (v. 7) - x86_64 Oracle Java for Red Hat Enterprise Linux Desktop 6 - i386, x86_64 Oracle Java for Red Hat Enterprise Linux HPC Node 6 - i386, x86_64 Oracle Java for Red Hat Enterprise Linux Server (v. 7) - x86_64 Oracle Java for Red Hat Enterprise Linux Server 5 -i386, x86_64 Oracle Java for Red Hat Enterprise Linux Server 6 - i386, x86_64 Oracle Java for Red Hat Enterprise Linux Workstation - i386, x86_64 Oracle Java for Red Hat Enterprise Linux Workstation (v. 7) - x86_64 3. Description: Oracle Java SE version 6 includes the Oracle Java Runtime Environment and the Oracle Java Software Development Kit. This update fixes several vulnerabilities in the Oracle Java Runtime Environment and the Oracle Java Software Development Kit. Further information about these flaws can be found on the Oracle Java SE Critical Patch Update Advisory page, listed in the References section. (CVE-2015-4734, CVE-2015-4803, CVE-2015-4805, CVE-2015-4806, CVE-2015-4835, CVE-2015-4842, CVE-2015-4843, CVE-2015-4844, CVE-2015-4860, CVE-2015-4872, CVE-2015-4881, CVE-2015-4882, CVE-2015-4883, CVE-2015-4893, CVE-2015-4902, CVE-2015-4903, CVE-2015-4911) Red Hat would like to thank Andrea Palazzo of Truel IT for reporting the CVE-2015-4806 issue. All users of java-1.6.0-sun are advised to upgrade to these updated packages, which provide Oracle Java 6 Update 105 and resolve these issues. All running instances of Oracle Java must be restarted for the update to take effect. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 1233687 - CVE-2015-4806 OpenJDK: HttpURLConnection header restriction bypass (Libraries, 8130193) 1273022 - CVE-2015-4835 OpenJDK: insufficient permission checks in StubGenerator (CORBA, 8076383) 1273027 - CVE-2015-4881 OpenJDK: missing type checks in IIOPInputStream (CORBA, 8076392) 1273053 - CVE-2015-4843 OpenJDK: java.nio Buffers integer overflow issues (Libraries, 8130891) 1273304 - CVE-2015-4883 OpenJDK: incorrect access control context used in DGCClient (RMI, 8076413) 1273308 - CVE-2015-4860 OpenJDK: incorrect access control context used in DGCImpl (RMI,8080688) 1273311 - CVE-2015-4805 OpenJDK: missing checks for proper initialization in ObjectStreamClass (Serialization, 8103671) 1273318 - CVE-2015-4844 ICU: missing boundary checks in layout engine (OpenJDK 2D, 8132042) 1273414 - CVE-2015-4882 OpenJDK: incorrect String object deserialization in IIOPInputStream (CORBA, 8076387) 1273425 - CVE-2015-4842 OpenJDK: leak of user.dir location (JAXP, 8078427) 1273430 - CVE-2015-4734 OpenJDK: kerberos realm name leak (JGSS, 8048030) 1273496 - CVE-2015-4903 OpenJDK: insufficient proxy class checks in RemoteObjectInvocationHandler (RMI, 8076339) 1273637 - CVE-2015-4803 OpenJDK: inefficient use of hash tables and lists during XML parsing (JAXP, 8068842) 1273638 - CVE-2015-4893 OpenJDK: incomplete MaxXMLNameLimit enforcement (JAXP, 8086733) 1273645 - CVE-2015-4911 OpenJDK: incomplete supportDTD enforcement (JAXP, 8130078) 1273734 - CVE-2015-4872 OpenJDK: incomplete constraints enforcement by AlgorithmChecker (Security, 8131291) 1273860 - CVE-2015-4902 Oracle JDK: unspecified vulnerability fixed in 6u105, 7u91 and 8u65 (Deployment) 6. Package List: Oracle Java for Red Hat Enterprise Linux Client5: i386: java-1.6.0-sun-1.6.0.105-1jpp.2.el5_11.i586.rpm java-1.6.0-sun-demo-1.6.0.105-1jpp.2.el5_11.i586.rpm java-1.6.0-sun-devel-1.6.0.105-1jpp.2.el5_11.i586.rpm java-1.6.0-sun-jdbc-1.6.0.105-1jpp.2.el5_11.i586.rpm java-1.6.0-sun-plugin-1.6.0.105-1jpp.2.el5_11.i586.rpm java-1.6.0-sun-src-1.6.0.105-1jpp.2.el5_11.i586.rpm x86_64: java-1.6.0-sun-1.6.0.105-1jpp.2.el5_11.i586.rpm java-1.6.0-sun-1.6.0.105-1jpp.2.el5_11.x86_64.rpm java-1.6.0-sun-demo-1.6.0.105-1jpp.2.el5_11.i586.rpm java-1.6.0-sun-demo-1.6.0.105-1jpp.2.el5_11.x86_64.rpm java-1.6.0-sun-devel-1.6.0.105-1jpp.2.el5_11.i586.rpm java-1.6.0-sun-devel-1.6.0.105-1jpp.2.el5_11.x86_64.rpm java-1.6.0-sun-jdbc-1.6.0.105-1jpp.2.el5_11.i586.rpm java-1.6.0-sun-jdbc-1.6.0.105-1jpp.2.el5_11.x86_64.rpm java-1.6.0-sun-plugin-1.6.0.105-1jpp.2.el5_11.i586.rpm java-1.6.0-sun-plugin-1.6.0.105-1jpp.2.el5_11.x86_64.rpm java-1.6.0-sun-src-1.6.0.105-1jpp.2.el5_11.i586.rpm java-1.6.0-sun-src-1.6.0.105-1jpp.2.el5_11.x86_64.rpm Oracle Java for Red Hat Enterprise Linux Server 5: i386: java-1.6.0-sun-1.6.0.105-1jpp.2.el5_11.i586.rpm java-1.6.0-sun-demo-1.6.0.105-1jpp.2.el5_11.i586.rpm java-1.6.0-sun-devel-1.6.0.105-1jpp.2.el5_11.i586.rpm java-1.6.0-sun-jdbc-1.6.0.105-1jpp.2.el5_11.i586.rpm java-1.6.0-sun-plugin-1.6.0.105-1jpp.2.el5_11.i586.rpm java-1.6.0-sun-src-1.6.0.105-1jpp.2.el5_11.i586.rpm x86_64: java-1.6.0-sun-1.6.0.105-1jpp.2.el5_11.i586.rpm java-1.6.0-sun-1.6.0.105-1jpp.2.el5_11.x86_64.rpm java-1.6.0-sun-demo-1.6.0.105-1jpp.2.el5_11.i586.rpm java-1.6.0-sun-demo-1.6.0.105-1jpp.2.el5_11.x86_64.rpm java-1.6.0-sun-devel-1.6.0.105-1jpp.2.el5_11.i586.rpm java-1.6.0-sun-devel-1.6.0.105-1jpp.2.el5_11.x86_64.rpm java-1.6.0-sun-jdbc-1.6.0.105-1jpp.2.el5_11.i586.rpm java-1.6.0-sun-jdbc-1.6.0.105-1jpp.2.el5_11.x86_64.rpm java-1.6.0-sun-plugin-1.6.0.105-1jpp.2.el5_11.i586.rpm java-1.6.0-sun-plugin-1.6.0.105-1jpp.2.el5_11.x86_64.rpm java-1.6.0-sun-src-1.6.0.105-1jpp.2.el5_11.i586.rpm java-1.6.0-sun-src-1.6.0.105-1jpp.2.el5_11.x86_64.rpm Oracle Java for Red Hat Enterprise LinuxDesktop 6: i386: java-1.6.0-sun-1.6.0.105-1jpp.2.el6_7.i686.rpm java-1.6.0-sun-demo-1.6.0.105-1jpp.2.el6_7.i686.rpm java-1.6.0-sun-devel-1.6.0.105-1jpp.2.el6_7.i686.rpm java-1.6.0-sun-jdbc-1.6.0.105-1jpp.2.el6_7.i686.rpm java-1.6.0-sun-plugin-1.6.0.105-1jpp.2.el6_7.i686.rpm java-1.6.0-sun-src-1.6.0.105-1jpp.2.el6_7.i686.rpm x86_64: java-1.6.0-sun-1.6.0.105-1jpp.2.el6_7.i686.rpm java-1.6.0-sun-1.6.0.105-1jpp.2.el6_7.x86_64.rpm java-1.6.0-sun-demo-1.6.0.105-1jpp.2.el6_7.x86_64.rpm java-1.6.0-sun-devel-1.6.0.105-1jpp.2.el6_7.i686.rpm java-1.6.0-sun-devel-1.6.0.105-1jpp.2.el6_7.x86_64.rpm java-1.6.0-sun-jdbc-1.6.0.105-1jpp.2.el6_7.x86_64.rpm java-1.6.0-sun-plugin-1.6.0.105-1jpp.2.el6_7.x86_64.rpm java-1.6.0-sun-src-1.6.0.105-1jpp.2.el6_7.x86_64.rpm Oracle Java for Red Hat Enterprise Linux HPC Node 6: i386: java-1.6.0-sun-1.6.0.105-1jpp.2.el6_7.i686.rpm java-1.6.0-sun-demo-1.6.0.105-1jpp.2.el6_7.i686.rpm java-1.6.0-sun-devel-1.6.0.105-1jpp.2.el6_7.i686.rpm java-1.6.0-sun-jdbc-1.6.0.105-1jpp.2.el6_7.i686.rpm java-1.6.0-sun-plugin-1.6.0.105-1jpp.2.el6_7.i686.rpm java-1.6.0-sun-src-1.6.0.105-1jpp.2.el6_7.i686.rpm x86_64: java-1.6.0-sun-1.6.0.105-1jpp.2.el6_7.i686.rpm java-1.6.0-sun-1.6.0.105-1jpp.2.el6_7.x86_64.rpm java-1.6.0-sun-demo-1.6.0.105-1jpp.2.el6_7.x86_64.rpm java-1.6.0-sun-devel-1.6.0.105-1jpp.2.el6_7.i686.rpm java-1.6.0-sun-devel-1.6.0.105-1jpp.2.el6_7.x86_64.rpm java-1.6.0-sun-jdbc-1.6.0.105-1jpp.2.el6_7.x86_64.rpm java-1.6.0-sun-plugin-1.6.0.105-1jpp.2.el6_7.x86_64.rpm java-1.6.0-sun-src-1.6.0.105-1jpp.2.el6_7.x86_64.rpm Oracle Java for Red Hat Enterprise Linux Server6: i386: java-1.6.0-sun-1.6.0.105-1jpp.2.el6_7.i686.rpm java-1.6.0-sun-demo-1.6.0.105-1jpp.2.el6_7.i686.rpm java-1.6.0-sun-devel-1.6.0.105-1jpp.2.el6_7.i686.rpm java-1.6.0-sun-jdbc-1.6.0.105-1jpp.2.el6_7.i686.rpm java-1.6.0-sun-plugin-1.6.0.105-1jpp.2.el6_7.i686.rpm java-1.6.0-sun-src-1.6.0.105-1jpp.2.el6_7.i686.rpm x86_64: java-1.6.0-sun-1.6.0.105-1jpp.2.el6_7.i686.rpm java-1.6.0-sun-1.6.0.105-1jpp.2.el6_7.x86_64.rpm java-1.6.0-sun-demo-1.6.0.105-1jpp.2.el6_7.x86_64.rpm java-1.6.0-sun-devel-1.6.0.105-1jpp.2.el6_7.i686.rpm java-1.6.0-sun-devel-1.6.0.105-1jpp.2.el6_7.x86_64.rpm java-1.6.0-sun-jdbc-1.6.0.105-1jpp.2.el6_7.x86_64.rpm java-1.6.0-sun-plugin-1.6.0.105-1jpp.2.el6_7.x86_64.rpm java-1.6.0-sun-src-1.6.0.105-1jpp.2.el6_7.x86_64.rpm Oracle Java for Red Hat Enterprise Linux Workstation: i386: java-1.6.0-sun-1.6.0.105-1jpp.2.el6_7.i686.rpm java-1.6.0-sun-demo-1.6.0.105-1jpp.2.el6_7.i686.rpm java-1.6.0-sun-devel-1.6.0.105-1jpp.2.el6_7.i686.rpm java-1.6.0-sun-jdbc-1.6.0.105-1jpp.2.el6_7.i686.rpm java-1.6.0-sun-plugin-1.6.0.105-1jpp.2.el6_7.i686.rpm java-1.6.0-sun-src-1.6.0.105-1jpp.2.el6_7.i686.rpm x86_64: java-1.6.0-sun-1.6.0.105-1jpp.2.el6_7.i686.rpm java-1.6.0-sun-1.6.0.105-1jpp.2.el6_7.x86_64.rpm java-1.6.0-sun-demo-1.6.0.105-1jpp.2.el6_7.x86_64.rpm java-1.6.0-sun-devel-1.6.0.105-1jpp.2.el6_7.i686.rpm java-1.6.0-sun-devel-1.6.0.105-1jpp.2.el6_7.x86_64.rpm java-1.6.0-sun-jdbc-1.6.0.105-1jpp.2.el6_7.x86_64.rpm java-1.6.0-sun-plugin-1.6.0.105-1jpp.2.el6_7.x86_64.rpm java-1.6.0-sun-src-1.6.0.105-1jpp.2.el6_7.x86_64.rpm Oracle Java for Red Hat Enterprise Linux Client (v. 7): x86_64: java-1.6.0-sun-1.6.0.105-1jpp.2.el7_1.i686.rpm java-1.6.0-sun-1.6.0.105-1jpp.2.el7_1.x86_64.rpm java-1.6.0-sun-demo-1.6.0.105-1jpp.2.el7_1.x86_64.rpm java-1.6.0-sun-devel-1.6.0.105-1jpp.2.el7_1.i686.rpm java-1.6.0-sun-devel-1.6.0.105-1jpp.2.el7_1.x86_64.rpm java-1.6.0-sun-jdbc-1.6.0.105-1jpp.2.el7_1.x86_64.rpm java-1.6.0-sun-plugin-1.6.0.105-1jpp.2.el7_1.x86_64.rpm java-1.6.0-sun-src-1.6.0.105-1jpp.2.el7_1.x86_64.rpm OracleJava for Red Hat Enterprise Linux Compute Node (v. 7): x86_64: java-1.6.0-sun-1.6.0.105-1jpp.2.el7_1.i686.rpm java-1.6.0-sun-1.6.0.105-1jpp.2.el7_1.x86_64.rpm java-1.6.0-sun-demo-1.6.0.105-1jpp.2.el7_1.x86_64.rpm java-1.6.0-sun-devel-1.6.0.105-1jpp.2.el7_1.i686.rpm java-1.6.0-sun-devel-1.6.0.105-1jpp.2.el7_1.x86_64.rpm java-1.6.0-sun-jdbc-1.6.0.105-1jpp.2.el7_1.x86_64.rpm java-1.6.0-sun-plugin-1.6.0.105-1jpp.2.el7_1.x86_64.rpm java-1.6.0-sun-src-1.6.0.105-1jpp.2.el7_1.x86_64.rpm Oracle Java for Red Hat Enterprise Linux Server (v. 7): x86_64: java-1.6.0-sun-1.6.0.105-1jpp.2.el7_1.i686.rpm java-1.6.0-sun-1.6.0.105-1jpp.2.el7_1.x86_64.rpm java-1.6.0-sun-demo-1.6.0.105-1jpp.2.el7_1.x86_64.rpm java-1.6.0-sun-devel-1.6.0.105-1jpp.2.el7_1.i686.rpm java-1.6.0-sun-devel-1.6.0.105-1jpp.2.el7_1.x86_64.rpm java-1.6.0-sun-jdbc-1.6.0.105-1jpp.2.el7_1.x86_64.rpm java-1.6.0-sun-plugin-1.6.0.105-1jpp.2.el7_1.x86_64.rpm java-1.6.0-sun-src-1.6.0.105-1jpp.2.el7_1.x86_64.rpm Oracle Java for Red Hat Enterprise Linux Workstation (v. 7): x86_64: java-1.6.0-sun-1.6.0.105-1jpp.2.el7_1.i686.rpm java-1.6.0-sun-1.6.0.105-1jpp.2.el7_1.x86_64.rpm java-1.6.0-sun-demo-1.6.0.105-1jpp.2.el7_1.x86_64.rpm java-1.6.0-sun-devel-1.6.0.105-1jpp.2.el7_1.i686.rpm java-1.6.0-sun-devel-1.6.0.105-1jpp.2.el7_1.x86_64.rpm java-1.6.0-sun-jdbc-1.6.0.105-1jpp.2.el7_1.x86_64.rpm java-1.6.0-sun-plugin-1.6.0.105-1jpp.2.el7_1.x86_64.rpm java-1.6.0-sun-src-1.6.0.105-1jpp.2.el7_1.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7.References: https://access.redhat.com/security/cve/CVE-2015-4734 https://access.redhat.com/security/cve/CVE-2015-4803 https://access.redhat.com/security/cve/CVE-2015-4805 https://access.redhat.com/security/cve/CVE-2015-4806 https://access.redhat.com/security/cve/CVE-2015-4835 https://access.redhat.com/security/cve/CVE-2015-4842 https://access.redhat.com/security/cve/CVE-2015-4843 https://access.redhat.com/security/cve/CVE-2015-4844 https://access.redhat.com/security/cve/CVE-2015-4860 https://access.redhat.com/security/cve/CVE-2015-4872 https://access.redhat.com/security/cve/CVE-2015-4881 https://access.redhat.com/security/cve/CVE-2015-4882 https://access.redhat.com/security/cve/CVE-2015-4883 https://access.redhat.com/security/cve/CVE-2015-4893 https://access.redhat.com/security/cve/CVE-2015-4902 https://access.redhat.com/security/cve/CVE-2015-4903 https://access.redhat.com/security/cve/CVE-2015-4911 https://access.redhat.com/security/updates/classification/#important https://www.oracle.com/security-alerts/cpuoct2015.html 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2015 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iD8DBQFWKT+aXlSAg2UNWIIRAp6uAKCDbZM/uwB45ExlHTWX8bdbmTxUBwCfUyKo 9xArM37Jn8U8O23wMYp+9pc=l97t -----END PGP SIGNATURE----- -- Enterprise-watch-list mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. . Crucial Oracle Java patches released for Red Hat tackling several vulnerabilities. Update recommended for all users.. Red Hat Security Advisory, Java Security Update, Oracle Java Update. . Severity: Important. LinuxSecurity.com Team

Calendar 2 Oct 22, 2015 Important Red Hat
Banner 4 1028x280 1708121825 1771600306
98
Ls Advisories Redhat Esm H240
Price Tag 1security advisoryred hatsecurity fix

Red Hat 5/6 Advisory RHSA-2014:0486-01 Critical: IBM Java Update

Updated java-1.7.0-ibm packages that fix several security issues are now available for Red Hat Enterprise Linux 5 and 6 Supplementary. The Red Hat Security Response Team has rated this update as having Critical [More...]. ==================================================================== Red Hat Security Advisory Synopsis: Critical: java-1.7.0-ibm security update Advisory ID: RHSA-2014:0486-01 Product: Red Hat Enterprise Linux Supplementary Advisory URL: https://access.redhat.com/errata/RHSA-2014:0486.html Issue date: 2014-05-13 CVE Names: CVE-2013-6629 CVE-2013-6954 CVE-2014-0429 CVE-2014-0446 CVE-2014-0448 CVE-2014-0449 CVE-2014-0451 CVE-2014-0452 CVE-2014-0453 CVE-2014-0454 CVE-2014-0455 CVE-2014-0457 CVE-2014-0458 CVE-2014-0459 CVE-2014-0460 CVE-2014-0461 CVE-2014-1876 CVE-2014-2398 CVE-2014-2401 CVE-2014-2402 CVE-2014-2409 CVE-2014-2412 CVE-2014-2414 CVE-2014-2420 CVE-2014-2421 CVE-2014-2423 CVE-2014-2427 CVE-2014-2428 ==================================================================== 1. Summary: Updated java-1.7.0-ibm packages that fix several security issues are now available for Red Hat Enterprise Linux 5 and 6 Supplementary. The Red Hat Security Response Team has rated this update as having Critical security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Desktop Supplementary (v. 5) - i386, x86_64 Red Hat Enterprise Linux Desktop Supplementary (v. 6) - i386, x86_64 Red Hat Enterprise Linux HPC Node Supplementary (v. 6) - x86_64 Red Hat Enterprise Linux Server Supplementary (v. 5) - i386, ppc, s390x, x86_64 Red Hat Enterprise Linux Server Supplementary (v. 6)- i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux Workstation Supplementary (v. 6) - i386, x86_64 3. Description: IBM Java SE version 7 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update fixes several vulnerabilities in the IBM Java Runtime Environment and the IBM Java Software Development Kit. Detailed vulnerability descriptions are linked from the IBM Security alerts page, listed in the References section. (CVE-2014-0457, CVE-2014-2421, CVE-2014-0429, CVE-2014-0461, CVE-2014-0455, CVE-2014-2428, CVE-2014-0448, CVE-2014-0454, CVE-2014-0446, CVE-2014-0452, CVE-2014-0451, CVE-2014-2402, CVE-2014-2423, CVE-2014-2427, CVE-2014-0458, CVE-2014-2414, CVE-2014-2412, CVE-2014-2409, CVE-2014-0460, CVE-2013-6954, CVE-2013-6629, CVE-2014-2401, CVE-2014-0449, CVE-2014-0459, CVE-2014-0453, CVE-2014-2398, CVE-2014-1876, CVE-2014-2420) All users of java-1.7.0-ibm are advised to upgrade to these updated packages, containing the IBM Java SE 7 SR7 release. All running instances of IBM Java must be restarted for the update to take effect. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/site/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 1031734 - CVE-2013-6629 libjpeg: information leak (read of uninitialized memory) 1045561 - CVE-2013-6954 libpng: unhandled zero-length PLTE chunk or NULL palette 1060907 - CVE-2014-1876 OpenJDK: insecure temporary file use in unpack200 (Libraries, 8033618) 1086632 - CVE-2014-2398 OpenJDK: insufficient escaping of window title string (Javadoc, 8026736) 1086645 - CVE-2014-0453 OpenJDK: RSA unpadding timing issues (Security, 8027766) 1087409 - CVE-2014-0429 OpenJDK: Incorrect mlib/raster image validation (2D, 8027841) 1087411 - CVE-2014-0457 OpenJDK: ServiceLoader Exception handling security bypass(Libraries, 8031394) 1087417 - CVE-2014-2421 OpenJDK: JPEG decoder input stream handling (2D, 8029854) 1087424 - CVE-2014-0455 OpenJDK: MethodHandle variable argument lists handling (Libraries, 8029844) 1087426 - CVE-2014-0461 OpenJDK: Better ScriptEngineManager ScriptEngine management (Libraries, 8036794) 1087427 - CVE-2014-2412 OpenJDK: AWT thread context handling (AWT, 8025010) 1087428 - CVE-2014-0451 OpenJDK: AWT incorrect FlavorMap seperation (AWT, 8026797) 1087430 - CVE-2014-0458 OpenJDK: Activation framework default command map caching (JAX-WS, 8025152) 1087431 - CVE-2014-2414 OpenJDK: incorrect caching of data initialized via TCCL (JAXB, 8025030) 1087434 - CVE-2014-2423 OpenJDK: incorrect caching of data initialized via TCCL (JAXWS, 8026188) 1087436 - CVE-2014-0452 OpenJDK: incorrect caching of data initialized via TCCL (JAXWS, 8026801) 1087438 - CVE-2014-2402 OpenJDK: Incorrect NIO channel separation (Libraries, 8026716) 1087439 - CVE-2014-0446 OpenJDK: Protect logger handlers (Libraries, 8029740) 1087440 - CVE-2014-0454 OpenJDK: Prevent SIGNATURE_PRIMITIVE_SET from being modified (Security, 8029745) 1087441 - CVE-2014-2427 OpenJDK: remove insecure Java Sound provider caching (Sound, 8026163) 1087442 - CVE-2014-0460 OpenJDK: missing randomization of JNDI DNS client query IDs (JNDI, 8030731) 1087444 - CVE-2014-0459 lcms: insufficient ICC profile version validation (OpenJDK 2D, 8031335) 1088024 - CVE-2014-0448 Oracle JDK: unspecified vulnerability fixed in 7u55 and 8u5 (Deployment) 1088025 - CVE-2014-2428 Oracle JDK: unspecified vulnerability fixed in 6u75, 7u55 and 8u5 (Deployment) 1088027 - CVE-2014-2409 Oracle JDK: unspecified vulnerability fixed in 6u75, 7u55 and 8u5 (Deployment) 1088028 - CVE-2014-0449 Oracle JDK: unspecified vulnerability fixed in 6u75, 7u55 and 8u5 (Deployment) 1088030 - CVE-2014-2401 Oracle JDK: unspecified vulnerability fixed in 5.0u75, 6u75, 7u55 and 8u5 (2D) 1088031 - CVE-2014-2420 Oracle JDK: unspecified vulnerability fixed in 6u75, 7u55 and 8u5 (Deployment) 6. PackageList: Red Hat Enterprise Linux Desktop Supplementary (v. 5): i386: java-1.7.0-ibm-1.7.0.7.0-1jpp.1.el5_10.i386.rpm java-1.7.0-ibm-demo-1.7.0.7.0-1jpp.1.el5_10.i386.rpm java-1.7.0-ibm-devel-1.7.0.7.0-1jpp.1.el5_10.i386.rpm java-1.7.0-ibm-jdbc-1.7.0.7.0-1jpp.1.el5_10.i386.rpm java-1.7.0-ibm-plugin-1.7.0.7.0-1jpp.1.el5_10.i386.rpm java-1.7.0-ibm-src-1.7.0.7.0-1jpp.1.el5_10.i386.rpm x86_64: java-1.7.0-ibm-1.7.0.7.0-1jpp.1.el5_10.i386.rpm java-1.7.0-ibm-1.7.0.7.0-1jpp.1.el5_10.x86_64.rpm java-1.7.0-ibm-demo-1.7.0.7.0-1jpp.1.el5_10.i386.rpm java-1.7.0-ibm-demo-1.7.0.7.0-1jpp.1.el5_10.x86_64.rpm java-1.7.0-ibm-devel-1.7.0.7.0-1jpp.1.el5_10.i386.rpm java-1.7.0-ibm-devel-1.7.0.7.0-1jpp.1.el5_10.x86_64.rpm java-1.7.0-ibm-jdbc-1.7.0.7.0-1jpp.1.el5_10.i386.rpm java-1.7.0-ibm-jdbc-1.7.0.7.0-1jpp.1.el5_10.x86_64.rpm java-1.7.0-ibm-plugin-1.7.0.7.0-1jpp.1.el5_10.i386.rpm java-1.7.0-ibm-plugin-1.7.0.7.0-1jpp.1.el5_10.x86_64.rpm java-1.7.0-ibm-src-1.7.0.7.0-1jpp.1.el5_10.i386.rpm java-1.7.0-ibm-src-1.7.0.7.0-1jpp.1.el5_10.x86_64.rpm Red Hat Enterprise Linux Server Supplementary (v.5): i386: java-1.7.0-ibm-1.7.0.7.0-1jpp.1.el5_10.i386.rpm java-1.7.0-ibm-demo-1.7.0.7.0-1jpp.1.el5_10.i386.rpm java-1.7.0-ibm-devel-1.7.0.7.0-1jpp.1.el5_10.i386.rpm java-1.7.0-ibm-jdbc-1.7.0.7.0-1jpp.1.el5_10.i386.rpm java-1.7.0-ibm-plugin-1.7.0.7.0-1jpp.1.el5_10.i386.rpm java-1.7.0-ibm-src-1.7.0.7.0-1jpp.1.el5_10.i386.rpm ppc: java-1.7.0-ibm-1.7.0.7.0-1jpp.1.el5_10.ppc.rpm java-1.7.0-ibm-1.7.0.7.0-1jpp.1.el5_10.ppc64.rpm java-1.7.0-ibm-demo-1.7.0.7.0-1jpp.1.el5_10.ppc.rpm java-1.7.0-ibm-demo-1.7.0.7.0-1jpp.1.el5_10.ppc64.rpm java-1.7.0-ibm-devel-1.7.0.7.0-1jpp.1.el5_10.ppc.rpm java-1.7.0-ibm-devel-1.7.0.7.0-1jpp.1.el5_10.ppc64.rpm java-1.7.0-ibm-jdbc-1.7.0.7.0-1jpp.1.el5_10.ppc.rpm java-1.7.0-ibm-jdbc-1.7.0.7.0-1jpp.1.el5_10.ppc64.rpm java-1.7.0-ibm-plugin-1.7.0.7.0-1jpp.1.el5_10.ppc.rpm java-1.7.0-ibm-src-1.7.0.7.0-1jpp.1.el5_10.ppc.rpm java-1.7.0-ibm-src-1.7.0.7.0-1jpp.1.el5_10.ppc64.rpm s390x: java-1.7.0-ibm-1.7.0.7.0-1jpp.1.el5_10.s390.rpm java-1.7.0-ibm-1.7.0.7.0-1jpp.1.el5_10.s390x.rpm java-1.7.0-ibm-demo-1.7.0.7.0-1jpp.1.el5_10.s390.rpm java-1.7.0-ibm-demo-1.7.0.7.0-1jpp.1.el5_10.s390x.rpm java-1.7.0-ibm-devel-1.7.0.7.0-1jpp.1.el5_10.s390.rpm java-1.7.0-ibm-devel-1.7.0.7.0-1jpp.1.el5_10.s390x.rpm java-1.7.0-ibm-jdbc-1.7.0.7.0-1jpp.1.el5_10.s390.rpm java-1.7.0-ibm-jdbc-1.7.0.7.0-1jpp.1.el5_10.s390x.rpm java-1.7.0-ibm-src-1.7.0.7.0-1jpp.1.el5_10.s390.rpm java-1.7.0-ibm-src-1.7.0.7.0-1jpp.1.el5_10.s390x.rpm x86_64: java-1.7.0-ibm-1.7.0.7.0-1jpp.1.el5_10.i386.rpm java-1.7.0-ibm-1.7.0.7.0-1jpp.1.el5_10.x86_64.rpm java-1.7.0-ibm-demo-1.7.0.7.0-1jpp.1.el5_10.i386.rpm java-1.7.0-ibm-demo-1.7.0.7.0-1jpp.1.el5_10.x86_64.rpm java-1.7.0-ibm-devel-1.7.0.7.0-1jpp.1.el5_10.i386.rpm java-1.7.0-ibm-devel-1.7.0.7.0-1jpp.1.el5_10.x86_64.rpm java-1.7.0-ibm-jdbc-1.7.0.7.0-1jpp.1.el5_10.i386.rpm java-1.7.0-ibm-jdbc-1.7.0.7.0-1jpp.1.el5_10.x86_64.rpm java-1.7.0-ibm-plugin-1.7.0.7.0-1jpp.1.el5_10.i386.rpm java-1.7.0-ibm-plugin-1.7.0.7.0-1jpp.1.el5_10.x86_64.rpm java-1.7.0-ibm-src-1.7.0.7.0-1jpp.1.el5_10.i386.rpm java-1.7.0-ibm-src-1.7.0.7.0-1jpp.1.el5_10.x86_64.rpm Red Hat Enterprise Linux Desktop Supplementary (v. 6): i386: java-1.7.0-ibm-1.7.0.7.0-1jpp.1.el6_5.i686.rpm java-1.7.0-ibm-demo-1.7.0.7.0-1jpp.1.el6_5.i686.rpm java-1.7.0-ibm-devel-1.7.0.7.0-1jpp.1.el6_5.i686.rpm java-1.7.0-ibm-jdbc-1.7.0.7.0-1jpp.1.el6_5.i686.rpm java-1.7.0-ibm-plugin-1.7.0.7.0-1jpp.1.el6_5.i686.rpm java-1.7.0-ibm-src-1.7.0.7.0-1jpp.1.el6_5.i686.rpm x86_64: java-1.7.0-ibm-1.7.0.7.0-1jpp.1.el6_5.x86_64.rpm java-1.7.0-ibm-demo-1.7.0.7.0-1jpp.1.el6_5.x86_64.rpm java-1.7.0-ibm-devel-1.7.0.7.0-1jpp.1.el6_5.x86_64.rpm java-1.7.0-ibm-jdbc-1.7.0.7.0-1jpp.1.el6_5.x86_64.rpm java-1.7.0-ibm-plugin-1.7.0.7.0-1jpp.1.el6_5.x86_64.rpm java-1.7.0-ibm-src-1.7.0.7.0-1jpp.1.el6_5.x86_64.rpm Red Hat Enterprise Linux HPC Node Supplementary (v. 6): x86_64: java-1.7.0-ibm-1.7.0.7.0-1jpp.1.el6_5.x86_64.rpm java-1.7.0-ibm-demo-1.7.0.7.0-1jpp.1.el6_5.x86_64.rpm java-1.7.0-ibm-devel-1.7.0.7.0-1jpp.1.el6_5.x86_64.rpm java-1.7.0-ibm-src-1.7.0.7.0-1jpp.1.el6_5.x86_64.rpm Red Hat Enterprise Linux Server Supplementary (v.6): i386: java-1.7.0-ibm-1.7.0.7.0-1jpp.1.el6_5.i686.rpm java-1.7.0-ibm-demo-1.7.0.7.0-1jpp.1.el6_5.i686.rpm java-1.7.0-ibm-devel-1.7.0.7.0-1jpp.1.el6_5.i686.rpm java-1.7.0-ibm-jdbc-1.7.0.7.0-1jpp.1.el6_5.i686.rpm java-1.7.0-ibm-plugin-1.7.0.7.0-1jpp.1.el6_5.i686.rpm java-1.7.0-ibm-src-1.7.0.7.0-1jpp.1.el6_5.i686.rpm ppc64: java-1.7.0-ibm-1.7.0.7.0-1jpp.1.el6_5.ppc64.rpm java-1.7.0-ibm-demo-1.7.0.7.0-1jpp.1.el6_5.ppc64.rpm java-1.7.0-ibm-devel-1.7.0.7.0-1jpp.1.el6_5.ppc64.rpm java-1.7.0-ibm-jdbc-1.7.0.7.0-1jpp.1.el6_5.ppc64.rpm java-1.7.0-ibm-src-1.7.0.7.0-1jpp.1.el6_5.ppc64.rpm s390x: java-1.7.0-ibm-1.7.0.7.0-1jpp.1.el6_5.s390x.rpm java-1.7.0-ibm-demo-1.7.0.7.0-1jpp.1.el6_5.s390x.rpm java-1.7.0-ibm-devel-1.7.0.7.0-1jpp.1.el6_5.s390x.rpm java-1.7.0-ibm-jdbc-1.7.0.7.0-1jpp.1.el6_5.s390x.rpm java-1.7.0-ibm-src-1.7.0.7.0-1jpp.1.el6_5.s390x.rpm x86_64: java-1.7.0-ibm-1.7.0.7.0-1jpp.1.el6_5.x86_64.rpm java-1.7.0-ibm-demo-1.7.0.7.0-1jpp.1.el6_5.x86_64.rpm java-1.7.0-ibm-devel-1.7.0.7.0-1jpp.1.el6_5.x86_64.rpm java-1.7.0-ibm-jdbc-1.7.0.7.0-1jpp.1.el6_5.x86_64.rpm java-1.7.0-ibm-plugin-1.7.0.7.0-1jpp.1.el6_5.x86_64.rpm java-1.7.0-ibm-src-1.7.0.7.0-1jpp.1.el6_5.x86_64.rpm Red Hat Enterprise Linux Workstation Supplementary (v. 6): i386: java-1.7.0-ibm-1.7.0.7.0-1jpp.1.el6_5.i686.rpm java-1.7.0-ibm-demo-1.7.0.7.0-1jpp.1.el6_5.i686.rpm java-1.7.0-ibm-devel-1.7.0.7.0-1jpp.1.el6_5.i686.rpm java-1.7.0-ibm-jdbc-1.7.0.7.0-1jpp.1.el6_5.i686.rpm java-1.7.0-ibm-plugin-1.7.0.7.0-1jpp.1.el6_5.i686.rpm java-1.7.0-ibm-src-1.7.0.7.0-1jpp.1.el6_5.i686.rpm x86_64: java-1.7.0-ibm-1.7.0.7.0-1jpp.1.el6_5.x86_64.rpm java-1.7.0-ibm-demo-1.7.0.7.0-1jpp.1.el6_5.x86_64.rpm java-1.7.0-ibm-devel-1.7.0.7.0-1jpp.1.el6_5.x86_64.rpm java-1.7.0-ibm-jdbc-1.7.0.7.0-1jpp.1.el6_5.x86_64.rpm java-1.7.0-ibm-plugin-1.7.0.7.0-1jpp.1.el6_5.x86_64.rpm java-1.7.0-ibm-src-1.7.0.7.0-1jpp.1.el6_5.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are availablefrom https://access.redhat.com/security/team/key/#package 7. References: https://access.redhat.com/security/cve/CVE-2013-6629 https://access.redhat.com/security/cve/CVE-2013-6954 https://access.redhat.com/security/cve/CVE-2014-0429 https://access.redhat.com/security/cve/CVE-2014-0446 https://access.redhat.com/security/cve/CVE-2014-0448 https://access.redhat.com/security/cve/CVE-2014-0449 https://access.redhat.com/security/cve/CVE-2014-0451 https://access.redhat.com/security/cve/CVE-2014-0452 https://access.redhat.com/security/cve/CVE-2014-0453 https://access.redhat.com/security/cve/CVE-2014-0454 https://access.redhat.com/security/cve/CVE-2014-0455 https://access.redhat.com/security/cve/CVE-2014-0457 https://access.redhat.com/security/cve/CVE-2014-0458 https://access.redhat.com/security/cve/CVE-2014-0459 https://access.redhat.com/security/cve/CVE-2014-0460 https://access.redhat.com/security/cve/CVE-2014-0461 https://access.redhat.com/security/cve/CVE-2014-1876 https://access.redhat.com/security/cve/CVE-2014-2398 https://access.redhat.com/security/cve/CVE-2014-2401 https://access.redhat.com/security/cve/CVE-2014-2402 https://access.redhat.com/security/cve/CVE-2014-2409 https://access.redhat.com/security/cve/CVE-2014-2412 https://access.redhat.com/security/cve/CVE-2014-2414 https://access.redhat.com/security/cve/CVE-2014-2420 https://access.redhat.com/security/cve/CVE-2014-2421 https://access.redhat.com/security/cve/CVE-2014-2423 https://access.redhat.com/security/cve/CVE-2014-2427 https://access.redhat.com/security/cve/CVE-2014-2428 https://access.redhat.com/security/updates/classification/#critical / 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2014 Red Hat, Inc. . Important patch for java-1.7.0-ibm tackles several vulnerabilities found in Red Hat’s offering.. Red Hat Advisory, IBM Java Security, Critical Update, Java Package, Linux Security. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 May 13, 2014 Critical Red Hat
98
Ls Advisories Redhat Esm H240
Price Tag 1security advisorycritical issuesoftware fix

Red Hat Enterprise Linux 5 & 6: RHSA-2013:0625-01 Critical Java Threat

Updated java-1.6.0-ibm packages that fix several security issues are now available for Red Hat Enterprise Linux 5 and 6 Supplementary. The Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scoring System (CVSS) base scores,. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ==================================================================== Red Hat Security Advisory Synopsis: Critical: java-1.6.0-ibm security update Advisory ID: RHSA-2013:0625-01 Product: Red Hat Enterprise Linux Supplementary Advisory URL: https://access.redhat.com/errata/RHSA-2013:0625.html Issue date: 2013-03-11 CVE Names: CVE-2012-1541 CVE-2012-3213 CVE-2012-3342 CVE-2013-0351 CVE-2013-0409 CVE-2013-0419 CVE-2013-0423 CVE-2013-0424 CVE-2013-0425 CVE-2013-0426 CVE-2013-0427 CVE-2013-0428 CVE-2013-0432 CVE-2013-0433 CVE-2013-0434 CVE-2013-0435 CVE-2013-0438 CVE-2013-0440 CVE-2013-0441 CVE-2013-0442 CVE-2013-0443 CVE-2013-0445 CVE-2013-0446 CVE-2013-0450 CVE-2013-0809 CVE-2013-1473 CVE-2013-1476 CVE-2013-1478 CVE-2013-1480 CVE-2013-1481 CVE-2013-1486 CVE-2013-1487 CVE-2013-1493 ==================================================================== 1. Summary: Updated java-1.6.0-ibm packages that fix several security issues are now available for Red Hat Enterprise Linux 5 and 6 Supplementary. The Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Desktop Supplementary (v. 5) - i386, x86_64 Red Hat Enterprise Linux Desktop Supplementary (v. 6) - i386,x86_64 Red Hat Enterprise Linux HPC Node Supplementary (v. 6) - x86_64 Red Hat Enterprise Linux Server Supplementary (v. 5) - i386, ppc, s390x, x86_64 Red Hat Enterprise Linux Server Supplementary (v. 6) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux Workstation Supplementary (v. 6) - i386, x86_64 3. Description: IBM Java SE version 6 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update fixes several vulnerabilities in the IBM Java Runtime Environment and the IBM Java Software Development Kit. Detailed vulnerability descriptions are linked from the IBM Security alerts page, listed in the References section. (CVE-2012-1541, CVE-2012-3213, CVE-2012-3342, CVE-2013-0351, CVE-2013-0409, CVE-2013-0419, CVE-2013-0423, CVE-2013-0424, CVE-2013-0425, CVE-2013-0426, CVE-2013-0427, CVE-2013-0428, CVE-2013-0432, CVE-2013-0433, CVE-2013-0434, CVE-2013-0435, CVE-2013-0438, CVE-2013-0440, CVE-2013-0441, CVE-2013-0442, CVE-2013-0443, CVE-2013-0445, CVE-2013-0446, CVE-2013-0450, CVE-2013-0809, CVE-2013-1473, CVE-2013-1476, CVE-2013-1478, CVE-2013-1480, CVE-2013-1481, CVE-2013-1486, CVE-2013-1487, CVE-2013-1493) All users of java-1.6.0-ibm are advised to upgrade to these updated packages, containing the IBM Java SE 6 SR13 release. All running instances of IBM Java must be restarted for the update to take effect. 4. Solution: Before applying this update, make sure all previously-released errata relevant to your system have been applied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/knowledge/articles/11258 5. Bugs fixed (http://bugzilla.redhat.com/): 859140 - CVE-2013-0440 OpenJDK: CPU consumption DoS via repeated SSL ClientHello packets (JSSE, 7192393) 906813 - CVE-2013-0424 OpenJDK: RMI CGIHandler XSS issue (RMI, 6563318) 906892 - CVE-2013-0435 OpenJDK: com.sun.xml.internal.* not restricted packages (JAX-WS, 7201068) 906894 - CVE-2013-1478 OpenJDK: image parserinsufficient raster parameter checks (2D, 8001972) 906899 - CVE-2013-0442 OpenJDK: insufficient privilege checking issue (AWT, 7192977) 906900 - CVE-2013-0445 OpenJDK: insufficient privilege checking issue (AWT, 8001057) 906904 - CVE-2013-1480 OpenJDK: image parser insufficient raster parameter checks (AWT, 8002325) 906911 - CVE-2013-0450 OpenJDK: RequiredModelMBean missing access control context checks (JMX, 8000537) 906914 - CVE-2012-1541 Oracle JDK: unspecified vulnerability fixed in 6u39 and 7u13 (Deployment) 906916 - CVE-2013-0446 Oracle JDK: unspecified vulnerability fixed in 6u39 and 7u13 (Deployment) 906917 - CVE-2012-3342 Oracle JDK: unspecified vulnerability fixed in 6u39 and 7u13 (Deployment) 906918 - CVE-2013-0419 Oracle JDK: unspecified vulnerability fixed in 6u39 and 7u13 (Deployment) 906921 - CVE-2013-0423 Oracle JDK: unspecified vulnerability fixed in 6u39 and 7u13 (Deployment) 906923 - CVE-2013-0351 Oracle JDK: unspecified vulnerability fixed in 6u39 and 7u13 (Deployment) 906933 - CVE-2013-1473 Oracle JDK: unspecified vulnerability fixed in 6u39 and 7u13 (Deployment) 906935 - CVE-2013-0438 Oracle JDK: unspecified vulnerability fixed in 6u39 and 7u13 (Deployment) 907207 - CVE-2013-0428 OpenJDK: reflection API incorrect checks for proxy classes (Libraries, 7197546, SE-2012-01 Issue 29) 907219 - CVE-2013-0432 OpenJDK: insufficient clipboard access premission checks (AWT, 7186952) 907223 - CVE-2012-3213 Oracle JDK: unspecified vulnerability fixed in 6u39 and 7u13 (Scripting) 907224 - CVE-2013-1481 Oracle JDK: unspecified vulnerability fixed in 6u39 (Sound) 907226 - CVE-2013-0409 Oracle JDK: unspecified vulnerability fixed in 6u39 and 7u13 (JMX) 907340 - CVE-2013-0443 OpenJDK: insufficient Diffie-Hellman public key checks (JSSE, 7192392) 907344 - CVE-2013-0425 OpenJDK: logging insufficient access control checks (Libraries, 6664509) 907346 - CVE-2013-0426 OpenJDK: logging insufficient access control checks (Libraries, 6664528) 907453 - CVE-2013-0434 OpenJDK: loadPropertyFile missing restrictions(JAXP, 8001235) 907455 - CVE-2013-0427 OpenJDK: invalid threads subject to interrupts (Libraries, 6776941) 907456 - CVE-2013-0433 OpenJDK: InetSocketAddress serialization issue (Networking, 7201071) 907457 - CVE-2013-1476 OpenJDK: missing ValueHandlerImpl class constructor access restriction (CORBA, 8000631) 907458 - CVE-2013-0441 OpenJDK: missing serialization restriction (CORBA, 7201066) 913014 - CVE-2013-1486 OpenJDK: MBeanServer insufficient privilege restrictions (JMX, 8006446) 913030 - CVE-2013-1487 Oracle JDK: unspecified vulnerability fixed in 6u41 and 7u15 (Deployment) 917550 - CVE-2013-0809 OpenJDK: Specially crafted sample model integer overflow (2D, 8007014) 917553 - CVE-2013-1493 OpenJDK: CMM malformed raster memory corruption (2D, 8007675) 6. Package List: Red Hat Enterprise Linux Desktop Supplementary (v.5): i386: java-1.6.0-ibm-1.6.0.13.0-1jpp.2.el5_9.i386.rpm java-1.6.0-ibm-accessibility-1.6.0.13.0-1jpp.2.el5_9.i386.rpm java-1.6.0-ibm-demo-1.6.0.13.0-1jpp.2.el5_9.i386.rpm java-1.6.0-ibm-devel-1.6.0.13.0-1jpp.2.el5_9.i386.rpm java-1.6.0-ibm-javacomm-1.6.0.13.0-1jpp.2.el5_9.i386.rpm java-1.6.0-ibm-jdbc-1.6.0.13.0-1jpp.2.el5_9.i386.rpm java-1.6.0-ibm-plugin-1.6.0.13.0-1jpp.2.el5_9.i386.rpm java-1.6.0-ibm-src-1.6.0.13.0-1jpp.2.el5_9.i386.rpm x86_64: java-1.6.0-ibm-1.6.0.13.0-1jpp.2.el5_9.i386.rpm java-1.6.0-ibm-1.6.0.13.0-1jpp.2.el5_9.x86_64.rpm java-1.6.0-ibm-accessibility-1.6.0.13.0-1jpp.2.el5_9.x86_64.rpm java-1.6.0-ibm-demo-1.6.0.13.0-1jpp.2.el5_9.i386.rpm java-1.6.0-ibm-demo-1.6.0.13.0-1jpp.2.el5_9.x86_64.rpm java-1.6.0-ibm-devel-1.6.0.13.0-1jpp.2.el5_9.i386.rpm java-1.6.0-ibm-devel-1.6.0.13.0-1jpp.2.el5_9.x86_64.rpm java-1.6.0-ibm-javacomm-1.6.0.13.0-1jpp.2.el5_9.i386.rpm java-1.6.0-ibm-javacomm-1.6.0.13.0-1jpp.2.el5_9.x86_64.rpm java-1.6.0-ibm-jdbc-1.6.0.13.0-1jpp.2.el5_9.i386.rpm java-1.6.0-ibm-jdbc-1.6.0.13.0-1jpp.2.el5_9.x86_64.rpm java-1.6.0-ibm-plugin-1.6.0.13.0-1jpp.2.el5_9.i386.rpm java-1.6.0-ibm-plugin-1.6.0.13.0-1jpp.2.el5_9.x86_64.rpm java-1.6.0-ibm-src-1.6.0.13.0-1jpp.2.el5_9.i386.rpm java-1.6.0-ibm-src-1.6.0.13.0-1jpp.2.el5_9.x86_64.rpm Red Hat Enterprise Linux Server Supplementary (v.5): i386: java-1.6.0-ibm-1.6.0.13.0-1jpp.2.el5_9.i386.rpm java-1.6.0-ibm-accessibility-1.6.0.13.0-1jpp.2.el5_9.i386.rpm java-1.6.0-ibm-demo-1.6.0.13.0-1jpp.2.el5_9.i386.rpm java-1.6.0-ibm-devel-1.6.0.13.0-1jpp.2.el5_9.i386.rpm java-1.6.0-ibm-javacomm-1.6.0.13.0-1jpp.2.el5_9.i386.rpm java-1.6.0-ibm-jdbc-1.6.0.13.0-1jpp.2.el5_9.i386.rpm java-1.6.0-ibm-plugin-1.6.0.13.0-1jpp.2.el5_9.i386.rpm java-1.6.0-ibm-src-1.6.0.13.0-1jpp.2.el5_9.i386.rpm ppc: java-1.6.0-ibm-1.6.0.13.0-1jpp.2.el5_9.ppc.rpm java-1.6.0-ibm-1.6.0.13.0-1jpp.2.el5_9.ppc64.rpm java-1.6.0-ibm-accessibility-1.6.0.13.0-1jpp.2.el5_9.ppc.rpm java-1.6.0-ibm-demo-1.6.0.13.0-1jpp.2.el5_9.ppc.rpm java-1.6.0-ibm-demo-1.6.0.13.0-1jpp.2.el5_9.ppc64.rpm java-1.6.0-ibm-devel-1.6.0.13.0-1jpp.2.el5_9.ppc.rpm java-1.6.0-ibm-devel-1.6.0.13.0-1jpp.2.el5_9.ppc64.rpm java-1.6.0-ibm-javacomm-1.6.0.13.0-1jpp.2.el5_9.ppc.rpm java-1.6.0-ibm-javacomm-1.6.0.13.0-1jpp.2.el5_9.ppc64.rpm java-1.6.0-ibm-jdbc-1.6.0.13.0-1jpp.2.el5_9.ppc.rpm java-1.6.0-ibm-jdbc-1.6.0.13.0-1jpp.2.el5_9.ppc64.rpm java-1.6.0-ibm-plugin-1.6.0.13.0-1jpp.2.el5_9.ppc.rpm java-1.6.0-ibm-src-1.6.0.13.0-1jpp.2.el5_9.ppc.rpm java-1.6.0-ibm-src-1.6.0.13.0-1jpp.2.el5_9.ppc64.rpm s390x: java-1.6.0-ibm-1.6.0.13.0-1jpp.2.el5_9.s390.rpm java-1.6.0-ibm-1.6.0.13.0-1jpp.2.el5_9.s390x.rpm java-1.6.0-ibm-accessibility-1.6.0.13.0-1jpp.2.el5_9.s390x.rpm java-1.6.0-ibm-demo-1.6.0.13.0-1jpp.2.el5_9.s390.rpm java-1.6.0-ibm-demo-1.6.0.13.0-1jpp.2.el5_9.s390x.rpm java-1.6.0-ibm-devel-1.6.0.13.0-1jpp.2.el5_9.s390.rpm java-1.6.0-ibm-devel-1.6.0.13.0-1jpp.2.el5_9.s390x.rpm java-1.6.0-ibm-jdbc-1.6.0.13.0-1jpp.2.el5_9.s390.rpm java-1.6.0-ibm-jdbc-1.6.0.13.0-1jpp.2.el5_9.s390x.rpm java-1.6.0-ibm-src-1.6.0.13.0-1jpp.2.el5_9.s390.rpm java-1.6.0-ibm-src-1.6.0.13.0-1jpp.2.el5_9.s390x.rpm x86_64: java-1.6.0-ibm-1.6.0.13.0-1jpp.2.el5_9.i386.rpm java-1.6.0-ibm-1.6.0.13.0-1jpp.2.el5_9.x86_64.rpm java-1.6.0-ibm-accessibility-1.6.0.13.0-1jpp.2.el5_9.x86_64.rpm java-1.6.0-ibm-demo-1.6.0.13.0-1jpp.2.el5_9.i386.rpm java-1.6.0-ibm-demo-1.6.0.13.0-1jpp.2.el5_9.x86_64.rpm java-1.6.0-ibm-devel-1.6.0.13.0-1jpp.2.el5_9.i386.rpm java-1.6.0-ibm-devel-1.6.0.13.0-1jpp.2.el5_9.x86_64.rpm java-1.6.0-ibm-javacomm-1.6.0.13.0-1jpp.2.el5_9.i386.rpm java-1.6.0-ibm-javacomm-1.6.0.13.0-1jpp.2.el5_9.x86_64.rpm java-1.6.0-ibm-jdbc-1.6.0.13.0-1jpp.2.el5_9.i386.rpm java-1.6.0-ibm-jdbc-1.6.0.13.0-1jpp.2.el5_9.x86_64.rpm java-1.6.0-ibm-plugin-1.6.0.13.0-1jpp.2.el5_9.i386.rpm java-1.6.0-ibm-plugin-1.6.0.13.0-1jpp.2.el5_9.x86_64.rpm java-1.6.0-ibm-src-1.6.0.13.0-1jpp.2.el5_9.i386.rpm java-1.6.0-ibm-src-1.6.0.13.0-1jpp.2.el5_9.x86_64.rpm Red Hat Enterprise Linux Desktop Supplementary (v. 6): i386: java-1.6.0-ibm-1.6.0.13.0-1jpp.3.el6_4.i686.rpm java-1.6.0-ibm-demo-1.6.0.13.0-1jpp.3.el6_4.i686.rpm java-1.6.0-ibm-devel-1.6.0.13.0-1jpp.3.el6_4.i686.rpm java-1.6.0-ibm-javacomm-1.6.0.13.0-1jpp.3.el6_4.i686.rpm java-1.6.0-ibm-jdbc-1.6.0.13.0-1jpp.3.el6_4.i686.rpm java-1.6.0-ibm-plugin-1.6.0.13.0-1jpp.3.el6_4.i686.rpm java-1.6.0-ibm-src-1.6.0.13.0-1jpp.3.el6_4.i686.rpm x86_64: java-1.6.0-ibm-1.6.0.13.0-1jpp.3.el6_4.x86_64.rpm java-1.6.0-ibm-demo-1.6.0.13.0-1jpp.3.el6_4.x86_64.rpm java-1.6.0-ibm-devel-1.6.0.13.0-1jpp.3.el6_4.i686.rpm java-1.6.0-ibm-devel-1.6.0.13.0-1jpp.3.el6_4.x86_64.rpm java-1.6.0-ibm-javacomm-1.6.0.13.0-1jpp.3.el6_4.x86_64.rpm java-1.6.0-ibm-jdbc-1.6.0.13.0-1jpp.3.el6_4.x86_64.rpm java-1.6.0-ibm-plugin-1.6.0.13.0-1jpp.3.el6_4.x86_64.rpm java-1.6.0-ibm-src-1.6.0.13.0-1jpp.3.el6_4.x86_64.rpm Red Hat Enterprise Linux HPC Node Supplementary (v. 6): x86_64: java-1.6.0-ibm-1.6.0.13.0-1jpp.3.el6_4.x86_64.rpm java-1.6.0-ibm-demo-1.6.0.13.0-1jpp.3.el6_4.x86_64.rpm java-1.6.0-ibm-devel-1.6.0.13.0-1jpp.3.el6_4.i686.rpm java-1.6.0-ibm-devel-1.6.0.13.0-1jpp.3.el6_4.x86_64.rpm java-1.6.0-ibm-javacomm-1.6.0.13.0-1jpp.3.el6_4.x86_64.rpm java-1.6.0-ibm-src-1.6.0.13.0-1jpp.3.el6_4.x86_64.rpm Red Hat Enterprise Linux Server Supplementary (v.6): i386: java-1.6.0-ibm-1.6.0.13.0-1jpp.3.el6_4.i686.rpm java-1.6.0-ibm-demo-1.6.0.13.0-1jpp.3.el6_4.i686.rpm java-1.6.0-ibm-devel-1.6.0.13.0-1jpp.3.el6_4.i686.rpm java-1.6.0-ibm-javacomm-1.6.0.13.0-1jpp.3.el6_4.i686.rpm java-1.6.0-ibm-jdbc-1.6.0.13.0-1jpp.3.el6_4.i686.rpm java-1.6.0-ibm-plugin-1.6.0.13.0-1jpp.3.el6_4.i686.rpm java-1.6.0-ibm-src-1.6.0.13.0-1jpp.3.el6_4.i686.rpm ppc64: java-1.6.0-ibm-1.6.0.13.0-1jpp.3.el6_4.ppc64.rpm java-1.6.0-ibm-demo-1.6.0.13.0-1jpp.3.el6_4.ppc64.rpm java-1.6.0-ibm-devel-1.6.0.13.0-1jpp.3.el6_4.ppc.rpm java-1.6.0-ibm-devel-1.6.0.13.0-1jpp.3.el6_4.ppc64.rpm java-1.6.0-ibm-javacomm-1.6.0.13.0-1jpp.3.el6_4.ppc64.rpm java-1.6.0-ibm-jdbc-1.6.0.13.0-1jpp.3.el6_4.ppc64.rpm java-1.6.0-ibm-src-1.6.0.13.0-1jpp.3.el6_4.ppc64.rpm s390x: java-1.6.0-ibm-1.6.0.13.0-1jpp.3.el6_4.s390x.rpm java-1.6.0-ibm-demo-1.6.0.13.0-1jpp.3.el6_4.s390x.rpm java-1.6.0-ibm-devel-1.6.0.13.0-1jpp.3.el6_4.s390.rpm java-1.6.0-ibm-devel-1.6.0.13.0-1jpp.3.el6_4.s390x.rpm java-1.6.0-ibm-jdbc-1.6.0.13.0-1jpp.3.el6_4.s390x.rpm java-1.6.0-ibm-src-1.6.0.13.0-1jpp.3.el6_4.s390x.rpm x86_64: java-1.6.0-ibm-1.6.0.13.0-1jpp.3.el6_4.x86_64.rpm java-1.6.0-ibm-demo-1.6.0.13.0-1jpp.3.el6_4.x86_64.rpm java-1.6.0-ibm-devel-1.6.0.13.0-1jpp.3.el6_4.i686.rpm java-1.6.0-ibm-devel-1.6.0.13.0-1jpp.3.el6_4.x86_64.rpm java-1.6.0-ibm-javacomm-1.6.0.13.0-1jpp.3.el6_4.x86_64.rpm java-1.6.0-ibm-jdbc-1.6.0.13.0-1jpp.3.el6_4.x86_64.rpm java-1.6.0-ibm-plugin-1.6.0.13.0-1jpp.3.el6_4.x86_64.rpm java-1.6.0-ibm-src-1.6.0.13.0-1jpp.3.el6_4.x86_64.rpm Red Hat Enterprise Linux Workstation Supplementary (v.6): i386: java-1.6.0-ibm-1.6.0.13.0-1jpp.3.el6_4.i686.rpm java-1.6.0-ibm-demo-1.6.0.13.0-1jpp.3.el6_4.i686.rpm java-1.6.0-ibm-devel-1.6.0.13.0-1jpp.3.el6_4.i686.rpm java-1.6.0-ibm-javacomm-1.6.0.13.0-1jpp.3.el6_4.i686.rpm java-1.6.0-ibm-jdbc-1.6.0.13.0-1jpp.3.el6_4.i686.rpm java-1.6.0-ibm-plugin-1.6.0.13.0-1jpp.3.el6_4.i686.rpm java-1.6.0-ibm-src-1.6.0.13.0-1jpp.3.el6_4.i686.rpm x86_64: java-1.6.0-ibm-1.6.0.13.0-1jpp.3.el6_4.x86_64.rpm java-1.6.0-ibm-demo-1.6.0.13.0-1jpp.3.el6_4.x86_64.rpm java-1.6.0-ibm-devel-1.6.0.13.0-1jpp.3.el6_4.i686.rpm java-1.6.0-ibm-devel-1.6.0.13.0-1jpp.3.el6_4.x86_64.rpm java-1.6.0-ibm-javacomm-1.6.0.13.0-1jpp.3.el6_4.x86_64.rpm java-1.6.0-ibm-jdbc-1.6.0.13.0-1jpp.3.el6_4.x86_64.rpm java-1.6.0-ibm-plugin-1.6.0.13.0-1jpp.3.el6_4.x86_64.rpm java-1.6.0-ibm-src-1.6.0.13.0-1jpp.3.el6_4.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/#package 7.References: https://access.redhat.com/security/cve/CVE-2012-1541 https://access.redhat.com/security/cve/CVE-2012-3213 https://access.redhat.com/security/cve/CVE-2012-3342 https://access.redhat.com/security/cve/CVE-2013-0351 https://access.redhat.com/security/cve/CVE-2013-0409 https://access.redhat.com/security/cve/CVE-2013-0419 https://access.redhat.com/security/cve/CVE-2013-0423 https://access.redhat.com/security/cve/CVE-2013-0424 https://access.redhat.com/security/cve/CVE-2013-0425 https://access.redhat.com/security/cve/CVE-2013-0426 https://access.redhat.com/security/cve/CVE-2013-0427 https://access.redhat.com/security/cve/CVE-2013-0428 https://access.redhat.com/security/cve/CVE-2013-0432 https://access.redhat.com/security/cve/CVE-2013-0433 https://access.redhat.com/security/cve/CVE-2013-0434 https://access.redhat.com/security/cve/CVE-2013-0435 https://access.redhat.com/security/cve/CVE-2013-0438 https://access.redhat.com/security/cve/CVE-2013-0440 https://access.redhat.com/security/cve/CVE-2013-0441 https://access.redhat.com/security/cve/CVE-2013-0442 https://access.redhat.com/security/cve/CVE-2013-0443 https://access.redhat.com/security/cve/CVE-2013-0445 https://access.redhat.com/security/cve/CVE-2013-0446 https://access.redhat.com/security/cve/CVE-2013-0450 https://access.redhat.com/security/cve/CVE-2013-0809 https://access.redhat.com/security/cve/CVE-2013-1473 https://access.redhat.com/security/cve/CVE-2013-1476 https://access.redhat.com/security/cve/CVE-2013-1478 https://access.redhat.com/security/cve/CVE-2013-1480 https://access.redhat.com/security/cve/CVE-2013-1481 https://access.redhat.com/security/cve/CVE-2013-1486 https://access.redhat.com/security/cve/CVE-2013-1487 https://access.redhat.com/security/cve/CVE-2013-1493 https://access.redhat.com/security/updates/classification/#critical 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2013 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4(GNU/Linux) iD8DBQFRPjacXlSAg2UNWIIRAocMAKCHwniGV/DegcuINmJ4h95xUcpABQCeMoZu 7MA85UeOGKgGVLJXvZt6eVk=xr8S -----END PGP SIGNATURE----- -- Enterprise-watch-list mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. . Essential patch released for java-1.6.0-ibm packages in Red Hat Enterprise Linux resolving various vulnerabilities.. Java Security Fix, Red Hat Updates, Linux Security Solutions. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Mar 11, 2013 Critical Red Hat
Banner 4 1028x280 1708121825 1771600306
98
Ls Advisories Redhat Esm H240
Price Tag 1security advisorysecurity issuered hat

Red Hat: 2013:0624-01 Critical: Java-1.5.0-IBM Security Update

Updated java-1.5.0-ibm packages that fix several security issues are now available for Red Hat Enterprise Linux 5 and 6 Supplementary. The Red Hat Security Response Team has rated this update as having critical [More...]. ==================================================================== Red Hat Security Advisory Synopsis: Critical: java-1.5.0-ibm security update Advisory ID: RHSA-2013:0624-01 Product: Red Hat Enterprise Linux Supplementary Advisory URL: https://access.redhat.com/errata/RHSA-2013:0624.html Issue date: 2013-03-11 CVE Names: CVE-2013-0409 CVE-2013-0424 CVE-2013-0425 CVE-2013-0426 CVE-2013-0427 CVE-2013-0428 CVE-2013-0432 CVE-2013-0433 CVE-2013-0434 CVE-2013-0440 CVE-2013-0442 CVE-2013-0443 CVE-2013-0445 CVE-2013-0450 CVE-2013-0809 CVE-2013-1476 CVE-2013-1478 CVE-2013-1480 CVE-2013-1481 CVE-2013-1486 CVE-2013-1493 ==================================================================== 1. Summary: Updated java-1.5.0-ibm packages that fix several security issues are now available for Red Hat Enterprise Linux 5 and 6 Supplementary. The Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Desktop Supplementary (v. 5) - i386, x86_64 Red Hat Enterprise Linux Desktop Supplementary (v. 6) - i386, x86_64 Red Hat Enterprise Linux HPC Node Supplementary (v. 6) - x86_64 Red Hat Enterprise Linux Server Supplementary (v. 5) - i386, ppc, s390x, x86_64 Red Hat Enterprise Linux Server Supplementary (v. 6) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux Workstation Supplementary (v. 6) - i386, x86_64 3. Description: IBM J2SE version 5.0 includes the IBMJava Runtime Environment and the IBM Java Software Development Kit. This update fixes several vulnerabilities in the IBM Java Runtime Environment and the IBM Java Software Development Kit. Detailed vulnerability descriptions are linked from the IBM Security alerts page, listed in the References section. (CVE-2013-0409, CVE-2013-0424, CVE-2013-0425, CVE-2013-0426, CVE-2013-0427, CVE-2013-0428, CVE-2013-0432, CVE-2013-0433, CVE-2013-0434, CVE-2013-0440, CVE-2013-0442, CVE-2013-0443, CVE-2013-0445, CVE-2013-0450, CVE-2013-0809, CVE-2013-1476, CVE-2013-1478, CVE-2013-1480, CVE-2013-1481, CVE-2013-1486, CVE-2013-1493) All users of java-1.5.0-ibm are advised to upgrade to these updated packages, containing the IBM J2SE 5.0 SR16 release. All running instances of IBM Java must be restarted for this update to take effect. 4. Solution: Before applying this update, make sure all previously-released errata relevant to your system have been applied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/articles/11258 5. Bugs fixed (http://bugzilla.redhat.com/): 859140 - CVE-2013-0440 OpenJDK: CPU consumption DoS via repeated SSL ClientHello packets (JSSE, 7192393) 906813 - CVE-2013-0424 OpenJDK: RMI CGIHandler XSS issue (RMI, 6563318) 906894 - CVE-2013-1478 OpenJDK: image parser insufficient raster parameter checks (2D, 8001972) 906899 - CVE-2013-0442 OpenJDK: insufficient privilege checking issue (AWT, 7192977) 906900 - CVE-2013-0445 OpenJDK: insufficient privilege checking issue (AWT, 8001057) 906904 - CVE-2013-1480 OpenJDK: image parser insufficient raster parameter checks (AWT, 8002325) 906911 - CVE-2013-0450 OpenJDK: RequiredModelMBean missing access control context checks (JMX, 8000537) 907207 - CVE-2013-0428 OpenJDK: reflection API incorrect checks for proxy classes (Libraries, 7197546, SE-2012-01 Issue 29) 907219 - CVE-2013-0432 OpenJDK: insufficient clipboard access premission checks (AWT, 7186952) 907224 -CVE-2013-1481 Oracle JDK: unspecified vulnerability fixed in 6u39 (Sound) 907226 - CVE-2013-0409 Oracle JDK: unspecified vulnerability fixed in 6u39 and 7u13 (JMX) 907340 - CVE-2013-0443 OpenJDK: insufficient Diffie-Hellman public key checks (JSSE, 7192392) 907344 - CVE-2013-0425 OpenJDK: logging insufficient access control checks (Libraries, 6664509) 907346 - CVE-2013-0426 OpenJDK: logging insufficient access control checks (Libraries, 6664528) 907453 - CVE-2013-0434 OpenJDK: loadPropertyFile missing restrictions (JAXP, 8001235) 907455 - CVE-2013-0427 OpenJDK: invalid threads subject to interrupts (Libraries, 6776941) 907456 - CVE-2013-0433 OpenJDK: InetSocketAddress serialization issue (Networking, 7201071) 907457 - CVE-2013-1476 OpenJDK: missing ValueHandlerImpl class constructor access restriction (CORBA, 8000631) 913014 - CVE-2013-1486 OpenJDK: MBeanServer insufficient privilege restrictions (JMX, 8006446) 917550 - CVE-2013-0809 OpenJDK: Specially crafted sample model integer overflow (2D, 8007014) 917553 - CVE-2013-1493 OpenJDK: CMM malformed raster memory corruption (2D, 8007675) 6. Package List: Red Hat Enterprise Linux Desktop Supplementary (v.5): i386: java-1.5.0-ibm-1.5.0.16.0-1jpp.1.el5_9.i386.rpm java-1.5.0-ibm-accessibility-1.5.0.16.0-1jpp.1.el5_9.i386.rpm java-1.5.0-ibm-demo-1.5.0.16.0-1jpp.1.el5_9.i386.rpm java-1.5.0-ibm-devel-1.5.0.16.0-1jpp.1.el5_9.i386.rpm java-1.5.0-ibm-javacomm-1.5.0.16.0-1jpp.1.el5_9.i386.rpm java-1.5.0-ibm-jdbc-1.5.0.16.0-1jpp.1.el5_9.i386.rpm java-1.5.0-ibm-plugin-1.5.0.16.0-1jpp.1.el5_9.i386.rpm java-1.5.0-ibm-src-1.5.0.16.0-1jpp.1.el5_9.i386.rpm x86_64: java-1.5.0-ibm-1.5.0.16.0-1jpp.1.el5_9.i386.rpm java-1.5.0-ibm-1.5.0.16.0-1jpp.1.el5_9.x86_64.rpm java-1.5.0-ibm-accessibility-1.5.0.16.0-1jpp.1.el5_9.x86_64.rpm java-1.5.0-ibm-demo-1.5.0.16.0-1jpp.1.el5_9.i386.rpm java-1.5.0-ibm-demo-1.5.0.16.0-1jpp.1.el5_9.x86_64.rpm java-1.5.0-ibm-devel-1.5.0.16.0-1jpp.1.el5_9.i386.rpm java-1.5.0-ibm-devel-1.5.0.16.0-1jpp.1.el5_9.x86_64.rpm java-1.5.0-ibm-javacomm-1.5.0.16.0-1jpp.1.el5_9.i386.rpm java-1.5.0-ibm-javacomm-1.5.0.16.0-1jpp.1.el5_9.x86_64.rpm java-1.5.0-ibm-jdbc-1.5.0.16.0-1jpp.1.el5_9.i386.rpm java-1.5.0-ibm-plugin-1.5.0.16.0-1jpp.1.el5_9.i386.rpm java-1.5.0-ibm-src-1.5.0.16.0-1jpp.1.el5_9.i386.rpm java-1.5.0-ibm-src-1.5.0.16.0-1jpp.1.el5_9.x86_64.rpm Red Hat Enterprise Linux Server Supplementary (v.5): i386: java-1.5.0-ibm-1.5.0.16.0-1jpp.1.el5_9.i386.rpm java-1.5.0-ibm-accessibility-1.5.0.16.0-1jpp.1.el5_9.i386.rpm java-1.5.0-ibm-demo-1.5.0.16.0-1jpp.1.el5_9.i386.rpm java-1.5.0-ibm-devel-1.5.0.16.0-1jpp.1.el5_9.i386.rpm java-1.5.0-ibm-javacomm-1.5.0.16.0-1jpp.1.el5_9.i386.rpm java-1.5.0-ibm-jdbc-1.5.0.16.0-1jpp.1.el5_9.i386.rpm java-1.5.0-ibm-plugin-1.5.0.16.0-1jpp.1.el5_9.i386.rpm java-1.5.0-ibm-src-1.5.0.16.0-1jpp.1.el5_9.i386.rpm ppc: java-1.5.0-ibm-1.5.0.16.0-1jpp.1.el5_9.ppc.rpm java-1.5.0-ibm-1.5.0.16.0-1jpp.1.el5_9.ppc64.rpm java-1.5.0-ibm-accessibility-1.5.0.16.0-1jpp.1.el5_9.ppc.rpm java-1.5.0-ibm-demo-1.5.0.16.0-1jpp.1.el5_9.ppc.rpm java-1.5.0-ibm-demo-1.5.0.16.0-1jpp.1.el5_9.ppc64.rpm java-1.5.0-ibm-devel-1.5.0.16.0-1jpp.1.el5_9.ppc.rpm java-1.5.0-ibm-devel-1.5.0.16.0-1jpp.1.el5_9.ppc64.rpm java-1.5.0-ibm-javacomm-1.5.0.16.0-1jpp.1.el5_9.ppc.rpm java-1.5.0-ibm-javacomm-1.5.0.16.0-1jpp.1.el5_9.ppc64.rpm java-1.5.0-ibm-jdbc-1.5.0.16.0-1jpp.1.el5_9.ppc.rpm java-1.5.0-ibm-plugin-1.5.0.16.0-1jpp.1.el5_9.ppc.rpm java-1.5.0-ibm-src-1.5.0.16.0-1jpp.1.el5_9.ppc.rpm java-1.5.0-ibm-src-1.5.0.16.0-1jpp.1.el5_9.ppc64.rpm s390x: java-1.5.0-ibm-1.5.0.16.0-1jpp.1.el5_9.s390.rpm java-1.5.0-ibm-1.5.0.16.0-1jpp.1.el5_9.s390x.rpm java-1.5.0-ibm-accessibility-1.5.0.16.0-1jpp.1.el5_9.s390x.rpm java-1.5.0-ibm-demo-1.5.0.16.0-1jpp.1.el5_9.s390.rpm java-1.5.0-ibm-demo-1.5.0.16.0-1jpp.1.el5_9.s390x.rpm java-1.5.0-ibm-devel-1.5.0.16.0-1jpp.1.el5_9.s390.rpm java-1.5.0-ibm-devel-1.5.0.16.0-1jpp.1.el5_9.s390x.rpm java-1.5.0-ibm-jdbc-1.5.0.16.0-1jpp.1.el5_9.s390.rpm java-1.5.0-ibm-src-1.5.0.16.0-1jpp.1.el5_9.s390.rpm java-1.5.0-ibm-src-1.5.0.16.0-1jpp.1.el5_9.s390x.rpm x86_64: java-1.5.0-ibm-1.5.0.16.0-1jpp.1.el5_9.i386.rpm java-1.5.0-ibm-1.5.0.16.0-1jpp.1.el5_9.x86_64.rpm java-1.5.0-ibm-accessibility-1.5.0.16.0-1jpp.1.el5_9.x86_64.rpm java-1.5.0-ibm-demo-1.5.0.16.0-1jpp.1.el5_9.i386.rpm java-1.5.0-ibm-demo-1.5.0.16.0-1jpp.1.el5_9.x86_64.rpm java-1.5.0-ibm-devel-1.5.0.16.0-1jpp.1.el5_9.i386.rpm java-1.5.0-ibm-devel-1.5.0.16.0-1jpp.1.el5_9.x86_64.rpm java-1.5.0-ibm-javacomm-1.5.0.16.0-1jpp.1.el5_9.i386.rpm java-1.5.0-ibm-javacomm-1.5.0.16.0-1jpp.1.el5_9.x86_64.rpm java-1.5.0-ibm-jdbc-1.5.0.16.0-1jpp.1.el5_9.i386.rpm java-1.5.0-ibm-plugin-1.5.0.16.0-1jpp.1.el5_9.i386.rpm java-1.5.0-ibm-src-1.5.0.16.0-1jpp.1.el5_9.i386.rpm java-1.5.0-ibm-src-1.5.0.16.0-1jpp.1.el5_9.x86_64.rpm Red Hat Enterprise Linux Desktop Supplementary (v. 6): i386: java-1.5.0-ibm-1.5.0.16.0-1jpp.1.el6_4.i686.rpm java-1.5.0-ibm-demo-1.5.0.16.0-1jpp.1.el6_4.i686.rpm java-1.5.0-ibm-devel-1.5.0.16.0-1jpp.1.el6_4.i686.rpm java-1.5.0-ibm-javacomm-1.5.0.16.0-1jpp.1.el6_4.i686.rpm java-1.5.0-ibm-jdbc-1.5.0.16.0-1jpp.1.el6_4.i686.rpm java-1.5.0-ibm-plugin-1.5.0.16.0-1jpp.1.el6_4.i686.rpm java-1.5.0-ibm-src-1.5.0.16.0-1jpp.1.el6_4.i686.rpm x86_64: java-1.5.0-ibm-1.5.0.16.0-1jpp.1.el6_4.x86_64.rpm java-1.5.0-ibm-demo-1.5.0.16.0-1jpp.1.el6_4.x86_64.rpm java-1.5.0-ibm-devel-1.5.0.16.0-1jpp.1.el6_4.i686.rpm java-1.5.0-ibm-devel-1.5.0.16.0-1jpp.1.el6_4.x86_64.rpm java-1.5.0-ibm-javacomm-1.5.0.16.0-1jpp.1.el6_4.x86_64.rpm java-1.5.0-ibm-src-1.5.0.16.0-1jpp.1.el6_4.x86_64.rpm Red Hat Enterprise Linux HPC Node Supplementary (v. 6): x86_64: java-1.5.0-ibm-1.5.0.16.0-1jpp.1.el6_4.x86_64.rpm java-1.5.0-ibm-demo-1.5.0.16.0-1jpp.1.el6_4.x86_64.rpm java-1.5.0-ibm-devel-1.5.0.16.0-1jpp.1.el6_4.i686.rpm java-1.5.0-ibm-devel-1.5.0.16.0-1jpp.1.el6_4.x86_64.rpm java-1.5.0-ibm-javacomm-1.5.0.16.0-1jpp.1.el6_4.x86_64.rpm java-1.5.0-ibm-src-1.5.0.16.0-1jpp.1.el6_4.x86_64.rpm Red Hat Enterprise Linux Server Supplementary (v.6): i386: java-1.5.0-ibm-1.5.0.16.0-1jpp.1.el6_4.i686.rpm java-1.5.0-ibm-demo-1.5.0.16.0-1jpp.1.el6_4.i686.rpm java-1.5.0-ibm-devel-1.5.0.16.0-1jpp.1.el6_4.i686.rpm java-1.5.0-ibm-javacomm-1.5.0.16.0-1jpp.1.el6_4.i686.rpm java-1.5.0-ibm-jdbc-1.5.0.16.0-1jpp.1.el6_4.i686.rpm java-1.5.0-ibm-plugin-1.5.0.16.0-1jpp.1.el6_4.i686.rpm java-1.5.0-ibm-src-1.5.0.16.0-1jpp.1.el6_4.i686.rpm ppc64: java-1.5.0-ibm-1.5.0.16.0-1jpp.1.el6_4.ppc64.rpm java-1.5.0-ibm-demo-1.5.0.16.0-1jpp.1.el6_4.ppc64.rpm java-1.5.0-ibm-devel-1.5.0.16.0-1jpp.1.el6_4.ppc.rpm java-1.5.0-ibm-devel-1.5.0.16.0-1jpp.1.el6_4.ppc64.rpm java-1.5.0-ibm-javacomm-1.5.0.16.0-1jpp.1.el6_4.ppc64.rpm java-1.5.0-ibm-jdbc-1.5.0.16.0-1jpp.1.el6_4.ppc.rpm java-1.5.0-ibm-plugin-1.5.0.16.0-1jpp.1.el6_4.ppc.rpm java-1.5.0-ibm-src-1.5.0.16.0-1jpp.1.el6_4.ppc64.rpm s390x: java-1.5.0-ibm-1.5.0.16.0-1jpp.1.el6_4.s390x.rpm java-1.5.0-ibm-demo-1.5.0.16.0-1jpp.1.el6_4.s390x.rpm java-1.5.0-ibm-devel-1.5.0.16.0-1jpp.1.el6_4.s390.rpm java-1.5.0-ibm-devel-1.5.0.16.0-1jpp.1.el6_4.s390x.rpm java-1.5.0-ibm-jdbc-1.5.0.16.0-1jpp.1.el6_4.s390.rpm java-1.5.0-ibm-src-1.5.0.16.0-1jpp.1.el6_4.s390x.rpm x86_64: java-1.5.0-ibm-1.5.0.16.0-1jpp.1.el6_4.x86_64.rpm java-1.5.0-ibm-demo-1.5.0.16.0-1jpp.1.el6_4.x86_64.rpm java-1.5.0-ibm-devel-1.5.0.16.0-1jpp.1.el6_4.i686.rpm java-1.5.0-ibm-devel-1.5.0.16.0-1jpp.1.el6_4.x86_64.rpm java-1.5.0-ibm-javacomm-1.5.0.16.0-1jpp.1.el6_4.x86_64.rpm java-1.5.0-ibm-src-1.5.0.16.0-1jpp.1.el6_4.x86_64.rpm Red Hat Enterprise Linux Workstation Supplementary (v.6): i386: java-1.5.0-ibm-1.5.0.16.0-1jpp.1.el6_4.i686.rpm java-1.5.0-ibm-demo-1.5.0.16.0-1jpp.1.el6_4.i686.rpm java-1.5.0-ibm-devel-1.5.0.16.0-1jpp.1.el6_4.i686.rpm java-1.5.0-ibm-javacomm-1.5.0.16.0-1jpp.1.el6_4.i686.rpm java-1.5.0-ibm-jdbc-1.5.0.16.0-1jpp.1.el6_4.i686.rpm java-1.5.0-ibm-plugin-1.5.0.16.0-1jpp.1.el6_4.i686.rpm java-1.5.0-ibm-src-1.5.0.16.0-1jpp.1.el6_4.i686.rpm x86_64: java-1.5.0-ibm-1.5.0.16.0-1jpp.1.el6_4.x86_64.rpm java-1.5.0-ibm-demo-1.5.0.16.0-1jpp.1.el6_4.x86_64.rpm java-1.5.0-ibm-devel-1.5.0.16.0-1jpp.1.el6_4.i686.rpm java-1.5.0-ibm-devel-1.5.0.16.0-1jpp.1.el6_4.x86_64.rpm java-1.5.0-ibm-javacomm-1.5.0.16.0-1jpp.1.el6_4.x86_64.rpm java-1.5.0-ibm-src-1.5.0.16.0-1jpp.1.el6_4.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key#package 7.References: https://access.redhat.com/security/cve/CVE-2013-0409 https://access.redhat.com/security/cve/CVE-2013-0424 https://access.redhat.com/security/cve/CVE-2013-0425 https://access.redhat.com/security/cve/CVE-2013-0426 https://access.redhat.com/security/cve/CVE-2013-0427 https://access.redhat.com/security/cve/CVE-2013-0428 https://access.redhat.com/security/cve/CVE-2013-0432 https://access.redhat.com/security/cve/CVE-2013-0433 https://access.redhat.com/security/cve/CVE-2013-0434 https://access.redhat.com/security/cve/CVE-2013-0440 https://access.redhat.com/security/cve/CVE-2013-0442 https://access.redhat.com/security/cve/CVE-2013-0443 https://access.redhat.com/security/cve/CVE-2013-0445 https://access.redhat.com/security/cve/CVE-2013-0450 https://access.redhat.com/security/cve/CVE-2013-0809 https://access.redhat.com/security/cve/CVE-2013-1476 https://access.redhat.com/security/cve/CVE-2013-1478 https://access.redhat.com/security/cve/CVE-2013-1480 https://access.redhat.com/security/cve/CVE-2013-1481 https://access.redhat.com/security/cve/CVE-2013-1486 https://access.redhat.com/security/cve/CVE-2013-1493 https://access.redhat.com/security/updates/classification#critical https://www.ibm.com/support/pages/java-sdk/ 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact Copyright 2013 Red Hat, Inc. . Urgent patch released for java-1.5.0-ibm components in Red Hat Enterprise Linux to address serious vulnerabilities.. Red Hat Advisory, Java Security Fix, IBM Java Update, Linux Security Patch. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Mar 11, 2013 Critical Red Hat
98
Ls Advisories Redhat Esm H240
Price Tag 1security advisorysecurity issuered hat

Red Hat 3: RHSA-2010-0574 Critical: Java Update Security Issues

Updated java-1.4.2-ibm packages that fix several security issues are now available for Red Hat Enterprise Linux 3 Extras, Red Hat Enterprise Linux 4 Extras, and Red Hat Enterprise Linux 5 Supplementary. The Red Hat Security Response Team has rated this update as having critical. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ==================================================================== Red Hat Security Advisory Synopsis: Critical: java-1.4.2-ibm security update Advisory ID: RHSA-2010:0574-01 Product: Red Hat Enterprise Linux Extras Advisory URL: https://access.redhat.com/errata/RHSA-2010:0574.html Issue date: 2010-07-29 CVE Names: CVE-2010-0084 CVE-2010-0085 CVE-2010-0087 CVE-2010-0088 CVE-2010-0089 CVE-2010-0091 CVE-2010-0095 CVE-2010-0839 CVE-2010-0840 CVE-2010-0841 CVE-2010-0842 CVE-2010-0843 CVE-2010-0844 CVE-2010-0846 CVE-2010-0847 CVE-2010-0848 CVE-2010-0849 ==================================================================== 1. Summary: Updated java-1.4.2-ibm packages that fix several security issues are now available for Red Hat Enterprise Linux 3 Extras, Red Hat Enterprise Linux 4 Extras, and Red Hat Enterprise Linux 5 Supplementary. The Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. 2. Relevant releases/architectures: RHEL Desktop Supplementary (v. 5 client) - i386, x86_64 RHEL Supplementary (v. 5 server) - i386, ia64, ppc, s390x, x86_64 Red Hat Desktop version 3 Extras - i386, x86_64 Red Hat Desktop version 4 Extras - i386, x86_64 Red Hat Enterprise Linux AS version 3 Extras - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Enterprise Linux AS version 4 Extras - i386, ia64, ppc, s390, s390x, x86_64 Red HatEnterprise Linux ES version 3 Extras - i386, ia64, x86_64 Red Hat Enterprise Linux ES version 4 Extras - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 3 Extras - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 4 Extras - i386, ia64, x86_64 3. Description: The IBM 1.4.2 SR13-FP5 Java release includes the IBM Java 2 Runtime Environment and the IBM Java 2 Software Development Kit. This update fixes several vulnerabilities in the IBM Java 2 Runtime Environment and the IBM Java 2 Software Development Kit. These vulnerabilities are summarized on the IBM "Security alerts" page listed in the References section. (CVE-2010-0084, CVE-2010-0085, CVE-2010-0087, CVE-2010-0088, CVE-2010-0089, CVE-2010-0091, CVE-2010-0095, CVE-2010-0839, CVE-2010-0840, CVE-2010-0841, CVE-2010-0842, CVE-2010-0843, CVE-2010-0844, CVE-2010-0846, CVE-2010-0847, CVE-2010-0848, CVE-2010-0849) All users of java-1.4.2-ibm are advised to upgrade to these updated packages, which contain the IBM 1.4.2 SR13-FP5 Java release. All running instances of IBM Java must be restarted for this update to take effect. 4. Solution: Before applying this update, make sure all previously-released errata relevant to your system have been applied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at 5. Bugs fixed (http://bugzilla.redhat.com/): 575740 - CVE-2010-0084 OpenJDK Policy/PolicyFile leak dynamic ProtectionDomains. (6633872) 575747 - CVE-2010-0085 OpenJDK File TOCTOU deserialization vulnerability (6736390) 575755 - CVE-2010-0088 OpenJDK Inflater/Deflater clone issues (6745393) 575756 - CVE-2010-0091 OpenJDK Unsigned applet can retrieve the dragged information before drop action occurs(6887703) 575772 - CVE-2010-0095 OpenJDK Subclasses of InetAddress may incorrectly interpret network addresses (6893954) 575846 - CVE-2010-0840 OpenJDK Applet Trusted Methods Chaining Privilege Escalation Vulnerability (6904691) 575854 - CVE-2010-0841 OpenJDK JPEGImageReader stepXInteger Overflow Vulnerability (6909597) 575865 - CVE-2010-0848 OpenJDK AWT Library Invalid Index Vulnerability (6914823) 575871 - CVE-2010-0847 OpenJDK ImagingLib arbitrary code execution vulnerability (6914866) 578430 - CVE-2010-0846 JDK unspecified vulnerability in ImageIO component 578432 - CVE-2010-0849 JDK unspecified vulnerability in Java2D component 578433 - CVE-2010-0087 JDK unspecified vulnerability in JWS/Plugin component 578436 - CVE-2010-0839 CVE-2010-0842 CVE-2010-0843 CVE-2010-0844 JDK multiple unspecified vulnerabilities 578440 - CVE-2010-0089 JDK unspecified vulnerability in JavaWS/Plugin component 6. Package List: Red Hat Enterprise Linux AS version 3Extras: i386: java-1.4.2-ibm-1.4.2.13.5-1jpp.1.el3.i386.rpm java-1.4.2-ibm-demo-1.4.2.13.5-1jpp.1.el3.i386.rpm java-1.4.2-ibm-devel-1.4.2.13.5-1jpp.1.el3.i386.rpm java-1.4.2-ibm-jdbc-1.4.2.13.5-1jpp.1.el3.i386.rpm java-1.4.2-ibm-plugin-1.4.2.13.5-1jpp.1.el3.i386.rpm java-1.4.2-ibm-src-1.4.2.13.5-1jpp.1.el3.i386.rpm ia64: java-1.4.2-ibm-1.4.2.13.5-1jpp.1.el3.ia64.rpm java-1.4.2-ibm-demo-1.4.2.13.5-1jpp.1.el3.ia64.rpm java-1.4.2-ibm-devel-1.4.2.13.5-1jpp.1.el3.ia64.rpm java-1.4.2-ibm-src-1.4.2.13.5-1jpp.1.el3.ia64.rpm ppc: java-1.4.2-ibm-1.4.2.13.5-1jpp.1.el3.ppc.rpm java-1.4.2-ibm-demo-1.4.2.13.5-1jpp.1.el3.ppc.rpm java-1.4.2-ibm-devel-1.4.2.13.5-1jpp.1.el3.ppc.rpm java-1.4.2-ibm-jdbc-1.4.2.13.5-1jpp.1.el3.ppc.rpm java-1.4.2-ibm-src-1.4.2.13.5-1jpp.1.el3.ppc.rpm s390: java-1.4.2-ibm-1.4.2.13.5-1jpp.1.el3.s390.rpm java-1.4.2-ibm-demo-1.4.2.13.5-1jpp.1.el3.s390.rpm java-1.4.2-ibm-devel-1.4.2.13.5-1jpp.1.el3.s390.rpm java-1.4.2-ibm-jdbc-1.4.2.13.5-1jpp.1.el3.s390.rpm java-1.4.2-ibm-src-1.4.2.13.5-1jpp.1.el3.s390.rpm s390x: java-1.4.2-ibm-1.4.2.13.5-1jpp.1.el3.s390x.rpm java-1.4.2-ibm-demo-1.4.2.13.5-1jpp.1.el3.s390x.rpm java-1.4.2-ibm-devel-1.4.2.13.5-1jpp.1.el3.s390x.rpm java-1.4.2-ibm-src-1.4.2.13.5-1jpp.1.el3.s390x.rpm x86_64: java-1.4.2-ibm-1.4.2.13.5-1jpp.1.el3.x86_64.rpm java-1.4.2-ibm-demo-1.4.2.13.5-1jpp.1.el3.x86_64.rpm java-1.4.2-ibm-devel-1.4.2.13.5-1jpp.1.el3.x86_64.rpm java-1.4.2-ibm-src-1.4.2.13.5-1jpp.1.el3.x86_64.rpm Red Hat Desktop version 3 Extras: i386: java-1.4.2-ibm-1.4.2.13.5-1jpp.1.el3.i386.rpm java-1.4.2-ibm-demo-1.4.2.13.5-1jpp.1.el3.i386.rpm java-1.4.2-ibm-devel-1.4.2.13.5-1jpp.1.el3.i386.rpm java-1.4.2-ibm-jdbc-1.4.2.13.5-1jpp.1.el3.i386.rpm java-1.4.2-ibm-plugin-1.4.2.13.5-1jpp.1.el3.i386.rpm java-1.4.2-ibm-src-1.4.2.13.5-1jpp.1.el3.i386.rpm x86_64: java-1.4.2-ibm-1.4.2.13.5-1jpp.1.el3.x86_64.rpm java-1.4.2-ibm-demo-1.4.2.13.5-1jpp.1.el3.x86_64.rpm java-1.4.2-ibm-devel-1.4.2.13.5-1jpp.1.el3.x86_64.rpm java-1.4.2-ibm-src-1.4.2.13.5-1jpp.1.el3.x86_64.rpm Red Hat Enterprise LinuxES version 3 Extras: i386: java-1.4.2-ibm-1.4.2.13.5-1jpp.1.el3.i386.rpm java-1.4.2-ibm-demo-1.4.2.13.5-1jpp.1.el3.i386.rpm java-1.4.2-ibm-devel-1.4.2.13.5-1jpp.1.el3.i386.rpm java-1.4.2-ibm-jdbc-1.4.2.13.5-1jpp.1.el3.i386.rpm java-1.4.2-ibm-plugin-1.4.2.13.5-1jpp.1.el3.i386.rpm java-1.4.2-ibm-src-1.4.2.13.5-1jpp.1.el3.i386.rpm ia64: java-1.4.2-ibm-1.4.2.13.5-1jpp.1.el3.ia64.rpm java-1.4.2-ibm-demo-1.4.2.13.5-1jpp.1.el3.ia64.rpm java-1.4.2-ibm-devel-1.4.2.13.5-1jpp.1.el3.ia64.rpm java-1.4.2-ibm-src-1.4.2.13.5-1jpp.1.el3.ia64.rpm x86_64: java-1.4.2-ibm-1.4.2.13.5-1jpp.1.el3.x86_64.rpm java-1.4.2-ibm-demo-1.4.2.13.5-1jpp.1.el3.x86_64.rpm java-1.4.2-ibm-devel-1.4.2.13.5-1jpp.1.el3.x86_64.rpm java-1.4.2-ibm-src-1.4.2.13.5-1jpp.1.el3.x86_64.rpm Red Hat Enterprise Linux WS version 3 Extras: i386: java-1.4.2-ibm-1.4.2.13.5-1jpp.1.el3.i386.rpm java-1.4.2-ibm-demo-1.4.2.13.5-1jpp.1.el3.i386.rpm java-1.4.2-ibm-devel-1.4.2.13.5-1jpp.1.el3.i386.rpm java-1.4.2-ibm-jdbc-1.4.2.13.5-1jpp.1.el3.i386.rpm java-1.4.2-ibm-plugin-1.4.2.13.5-1jpp.1.el3.i386.rpm java-1.4.2-ibm-src-1.4.2.13.5-1jpp.1.el3.i386.rpm ia64: java-1.4.2-ibm-1.4.2.13.5-1jpp.1.el3.ia64.rpm java-1.4.2-ibm-demo-1.4.2.13.5-1jpp.1.el3.ia64.rpm java-1.4.2-ibm-devel-1.4.2.13.5-1jpp.1.el3.ia64.rpm java-1.4.2-ibm-src-1.4.2.13.5-1jpp.1.el3.ia64.rpm x86_64: java-1.4.2-ibm-1.4.2.13.5-1jpp.1.el3.x86_64.rpm java-1.4.2-ibm-demo-1.4.2.13.5-1jpp.1.el3.x86_64.rpm java-1.4.2-ibm-devel-1.4.2.13.5-1jpp.1.el3.x86_64.rpm java-1.4.2-ibm-src-1.4.2.13.5-1jpp.1.el3.x86_64.rpm Red Hat Enterprise Linux AS version 4Extras: i386: java-1.4.2-ibm-1.4.2.13.5-1jpp.1.el4.i386.rpm java-1.4.2-ibm-demo-1.4.2.13.5-1jpp.1.el4.i386.rpm java-1.4.2-ibm-devel-1.4.2.13.5-1jpp.1.el4.i386.rpm java-1.4.2-ibm-javacomm-1.4.2.13.5-1jpp.1.el4.i386.rpm java-1.4.2-ibm-jdbc-1.4.2.13.5-1jpp.1.el4.i386.rpm java-1.4.2-ibm-plugin-1.4.2.13.5-1jpp.1.el4.i386.rpm java-1.4.2-ibm-src-1.4.2.13.5-1jpp.1.el4.i386.rpm ia64: java-1.4.2-ibm-1.4.2.13.5-1jpp.1.el4.ia64.rpm java-1.4.2-ibm-demo-1.4.2.13.5-1jpp.1.el4.ia64.rpm java-1.4.2-ibm-devel-1.4.2.13.5-1jpp.1.el4.ia64.rpm java-1.4.2-ibm-src-1.4.2.13.5-1jpp.1.el4.ia64.rpm ppc: java-1.4.2-ibm-1.4.2.13.5-1jpp.1.el4.ppc.rpm java-1.4.2-ibm-1.4.2.13.5-1jpp.1.el4.ppc64.rpm java-1.4.2-ibm-demo-1.4.2.13.5-1jpp.1.el4.ppc.rpm java-1.4.2-ibm-demo-1.4.2.13.5-1jpp.1.el4.ppc64.rpm java-1.4.2-ibm-devel-1.4.2.13.5-1jpp.1.el4.ppc.rpm java-1.4.2-ibm-devel-1.4.2.13.5-1jpp.1.el4.ppc64.rpm java-1.4.2-ibm-javacomm-1.4.2.13.5-1jpp.1.el4.ppc.rpm java-1.4.2-ibm-javacomm-1.4.2.13.5-1jpp.1.el4.ppc64.rpm java-1.4.2-ibm-jdbc-1.4.2.13.5-1jpp.1.el4.ppc.rpm java-1.4.2-ibm-src-1.4.2.13.5-1jpp.1.el4.ppc.rpm java-1.4.2-ibm-src-1.4.2.13.5-1jpp.1.el4.ppc64.rpm s390: java-1.4.2-ibm-1.4.2.13.5-1jpp.1.el4.s390.rpm java-1.4.2-ibm-demo-1.4.2.13.5-1jpp.1.el4.s390.rpm java-1.4.2-ibm-devel-1.4.2.13.5-1jpp.1.el4.s390.rpm java-1.4.2-ibm-jdbc-1.4.2.13.5-1jpp.1.el4.s390.rpm java-1.4.2-ibm-src-1.4.2.13.5-1jpp.1.el4.s390.rpm s390x: java-1.4.2-ibm-1.4.2.13.5-1jpp.1.el4.s390x.rpm java-1.4.2-ibm-demo-1.4.2.13.5-1jpp.1.el4.s390x.rpm java-1.4.2-ibm-devel-1.4.2.13.5-1jpp.1.el4.s390x.rpm java-1.4.2-ibm-src-1.4.2.13.5-1jpp.1.el4.s390x.rpm x86_64: java-1.4.2-ibm-1.4.2.13.5-1jpp.1.el4.x86_64.rpm java-1.4.2-ibm-demo-1.4.2.13.5-1jpp.1.el4.x86_64.rpm java-1.4.2-ibm-devel-1.4.2.13.5-1jpp.1.el4.x86_64.rpm java-1.4.2-ibm-javacomm-1.4.2.13.5-1jpp.1.el4.x86_64.rpm java-1.4.2-ibm-src-1.4.2.13.5-1jpp.1.el4.x86_64.rpm Red Hat Desktop version 4Extras: i386: java-1.4.2-ibm-1.4.2.13.5-1jpp.1.el4.i386.rpm java-1.4.2-ibm-demo-1.4.2.13.5-1jpp.1.el4.i386.rpm java-1.4.2-ibm-devel-1.4.2.13.5-1jpp.1.el4.i386.rpm java-1.4.2-ibm-javacomm-1.4.2.13.5-1jpp.1.el4.i386.rpm java-1.4.2-ibm-jdbc-1.4.2.13.5-1jpp.1.el4.i386.rpm java-1.4.2-ibm-plugin-1.4.2.13.5-1jpp.1.el4.i386.rpm java-1.4.2-ibm-src-1.4.2.13.5-1jpp.1.el4.i386.rpm x86_64: java-1.4.2-ibm-1.4.2.13.5-1jpp.1.el4.x86_64.rpm java-1.4.2-ibm-demo-1.4.2.13.5-1jpp.1.el4.x86_64.rpm java-1.4.2-ibm-devel-1.4.2.13.5-1jpp.1.el4.x86_64.rpm java-1.4.2-ibm-javacomm-1.4.2.13.5-1jpp.1.el4.x86_64.rpm java-1.4.2-ibm-src-1.4.2.13.5-1jpp.1.el4.x86_64.rpm Red Hat Enterprise Linux ES version 4 Extras: i386: java-1.4.2-ibm-1.4.2.13.5-1jpp.1.el4.i386.rpm java-1.4.2-ibm-demo-1.4.2.13.5-1jpp.1.el4.i386.rpm java-1.4.2-ibm-devel-1.4.2.13.5-1jpp.1.el4.i386.rpm java-1.4.2-ibm-javacomm-1.4.2.13.5-1jpp.1.el4.i386.rpm java-1.4.2-ibm-jdbc-1.4.2.13.5-1jpp.1.el4.i386.rpm java-1.4.2-ibm-plugin-1.4.2.13.5-1jpp.1.el4.i386.rpm java-1.4.2-ibm-src-1.4.2.13.5-1jpp.1.el4.i386.rpm ia64: java-1.4.2-ibm-1.4.2.13.5-1jpp.1.el4.ia64.rpm java-1.4.2-ibm-demo-1.4.2.13.5-1jpp.1.el4.ia64.rpm java-1.4.2-ibm-devel-1.4.2.13.5-1jpp.1.el4.ia64.rpm java-1.4.2-ibm-src-1.4.2.13.5-1jpp.1.el4.ia64.rpm x86_64: java-1.4.2-ibm-1.4.2.13.5-1jpp.1.el4.x86_64.rpm java-1.4.2-ibm-demo-1.4.2.13.5-1jpp.1.el4.x86_64.rpm java-1.4.2-ibm-devel-1.4.2.13.5-1jpp.1.el4.x86_64.rpm java-1.4.2-ibm-javacomm-1.4.2.13.5-1jpp.1.el4.x86_64.rpm java-1.4.2-ibm-src-1.4.2.13.5-1jpp.1.el4.x86_64.rpm Red Hat Enterprise Linux WS version 4Extras: i386: java-1.4.2-ibm-1.4.2.13.5-1jpp.1.el4.i386.rpm java-1.4.2-ibm-demo-1.4.2.13.5-1jpp.1.el4.i386.rpm java-1.4.2-ibm-devel-1.4.2.13.5-1jpp.1.el4.i386.rpm java-1.4.2-ibm-javacomm-1.4.2.13.5-1jpp.1.el4.i386.rpm java-1.4.2-ibm-jdbc-1.4.2.13.5-1jpp.1.el4.i386.rpm java-1.4.2-ibm-plugin-1.4.2.13.5-1jpp.1.el4.i386.rpm java-1.4.2-ibm-src-1.4.2.13.5-1jpp.1.el4.i386.rpm ia64: java-1.4.2-ibm-1.4.2.13.5-1jpp.1.el4.ia64.rpm java-1.4.2-ibm-demo-1.4.2.13.5-1jpp.1.el4.ia64.rpm java-1.4.2-ibm-devel-1.4.2.13.5-1jpp.1.el4.ia64.rpm java-1.4.2-ibm-src-1.4.2.13.5-1jpp.1.el4.ia64.rpm x86_64: java-1.4.2-ibm-1.4.2.13.5-1jpp.1.el4.x86_64.rpm java-1.4.2-ibm-demo-1.4.2.13.5-1jpp.1.el4.x86_64.rpm java-1.4.2-ibm-devel-1.4.2.13.5-1jpp.1.el4.x86_64.rpm java-1.4.2-ibm-javacomm-1.4.2.13.5-1jpp.1.el4.x86_64.rpm java-1.4.2-ibm-src-1.4.2.13.5-1jpp.1.el4.x86_64.rpm RHEL Desktop Supplementary (v. 5 client): i386: java-1.4.2-ibm-1.4.2.13.5-1jpp.1.el5.i386.rpm java-1.4.2-ibm-demo-1.4.2.13.5-1jpp.1.el5.i386.rpm java-1.4.2-ibm-devel-1.4.2.13.5-1jpp.1.el5.i386.rpm java-1.4.2-ibm-javacomm-1.4.2.13.5-1jpp.1.el5.i386.rpm java-1.4.2-ibm-jdbc-1.4.2.13.5-1jpp.1.el5.i386.rpm java-1.4.2-ibm-plugin-1.4.2.13.5-1jpp.1.el5.i386.rpm java-1.4.2-ibm-src-1.4.2.13.5-1jpp.1.el5.i386.rpm x86_64: java-1.4.2-ibm-1.4.2.13.5-1jpp.1.el5.i386.rpm java-1.4.2-ibm-1.4.2.13.5-1jpp.1.el5.x86_64.rpm java-1.4.2-ibm-demo-1.4.2.13.5-1jpp.1.el5.i386.rpm java-1.4.2-ibm-demo-1.4.2.13.5-1jpp.1.el5.x86_64.rpm java-1.4.2-ibm-devel-1.4.2.13.5-1jpp.1.el5.i386.rpm java-1.4.2-ibm-devel-1.4.2.13.5-1jpp.1.el5.x86_64.rpm java-1.4.2-ibm-javacomm-1.4.2.13.5-1jpp.1.el5.i386.rpm java-1.4.2-ibm-javacomm-1.4.2.13.5-1jpp.1.el5.x86_64.rpm java-1.4.2-ibm-jdbc-1.4.2.13.5-1jpp.1.el5.i386.rpm java-1.4.2-ibm-plugin-1.4.2.13.5-1jpp.1.el5.i386.rpm java-1.4.2-ibm-src-1.4.2.13.5-1jpp.1.el5.i386.rpm java-1.4.2-ibm-src-1.4.2.13.5-1jpp.1.el5.x86_64.rpm RHEL Supplementary (v. 5server): i386: java-1.4.2-ibm-1.4.2.13.5-1jpp.1.el5.i386.rpm java-1.4.2-ibm-demo-1.4.2.13.5-1jpp.1.el5.i386.rpm java-1.4.2-ibm-devel-1.4.2.13.5-1jpp.1.el5.i386.rpm java-1.4.2-ibm-javacomm-1.4.2.13.5-1jpp.1.el5.i386.rpm java-1.4.2-ibm-jdbc-1.4.2.13.5-1jpp.1.el5.i386.rpm java-1.4.2-ibm-plugin-1.4.2.13.5-1jpp.1.el5.i386.rpm java-1.4.2-ibm-src-1.4.2.13.5-1jpp.1.el5.i386.rpm ia64: java-1.4.2-ibm-1.4.2.13.5-1jpp.1.el5.ia64.rpm java-1.4.2-ibm-demo-1.4.2.13.5-1jpp.1.el5.ia64.rpm java-1.4.2-ibm-devel-1.4.2.13.5-1jpp.1.el5.ia64.rpm java-1.4.2-ibm-src-1.4.2.13.5-1jpp.1.el5.ia64.rpm ppc: java-1.4.2-ibm-1.4.2.13.5-1jpp.1.el5.ppc.rpm java-1.4.2-ibm-1.4.2.13.5-1jpp.1.el5.ppc64.rpm java-1.4.2-ibm-demo-1.4.2.13.5-1jpp.1.el5.ppc.rpm java-1.4.2-ibm-demo-1.4.2.13.5-1jpp.1.el5.ppc64.rpm java-1.4.2-ibm-devel-1.4.2.13.5-1jpp.1.el5.ppc.rpm java-1.4.2-ibm-devel-1.4.2.13.5-1jpp.1.el5.ppc64.rpm java-1.4.2-ibm-javacomm-1.4.2.13.5-1jpp.1.el5.ppc.rpm java-1.4.2-ibm-javacomm-1.4.2.13.5-1jpp.1.el5.ppc64.rpm java-1.4.2-ibm-jdbc-1.4.2.13.5-1jpp.1.el5.ppc.rpm java-1.4.2-ibm-src-1.4.2.13.5-1jpp.1.el5.ppc.rpm java-1.4.2-ibm-src-1.4.2.13.5-1jpp.1.el5.ppc64.rpm s390x: java-1.4.2-ibm-1.4.2.13.5-1jpp.1.el5.s390.rpm java-1.4.2-ibm-1.4.2.13.5-1jpp.1.el5.s390x.rpm java-1.4.2-ibm-demo-1.4.2.13.5-1jpp.1.el5.s390.rpm java-1.4.2-ibm-demo-1.4.2.13.5-1jpp.1.el5.s390x.rpm java-1.4.2-ibm-devel-1.4.2.13.5-1jpp.1.el5.s390.rpm java-1.4.2-ibm-devel-1.4.2.13.5-1jpp.1.el5.s390x.rpm java-1.4.2-ibm-jdbc-1.4.2.13.5-1jpp.1.el5.s390.rpm java-1.4.2-ibm-src-1.4.2.13.5-1jpp.1.el5.s390.rpm java-1.4.2-ibm-src-1.4.2.13.5-1jpp.1.el5.s390x.rpm x86_64: java-1.4.2-ibm-1.4.2.13.5-1jpp.1.el5.i386.rpm java-1.4.2-ibm-1.4.2.13.5-1jpp.1.el5.x86_64.rpm java-1.4.2-ibm-demo-1.4.2.13.5-1jpp.1.el5.i386.rpm java-1.4.2-ibm-demo-1.4.2.13.5-1jpp.1.el5.x86_64.rpm java-1.4.2-ibm-devel-1.4.2.13.5-1jpp.1.el5.i386.rpm java-1.4.2-ibm-devel-1.4.2.13.5-1jpp.1.el5.x86_64.rpm java-1.4.2-ibm-javacomm-1.4.2.13.5-1jpp.1.el5.i386.rpm java-1.4.2-ibm-javacomm-1.4.2.13.5-1jpp.1.el5.x86_64.rpm java-1.4.2-ibm-jdbc-1.4.2.13.5-1jpp.1.el5.i386.rpm java-1.4.2-ibm-plugin-1.4.2.13.5-1jpp.1.el5.i386.rpm java-1.4.2-ibm-src-1.4.2.13.5-1jpp.1.el5.i386.rpm java-1.4.2-ibm-src-1.4.2.13.5-1jpp.1.el5.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key#package 7. References: https://access.redhat.com/security/cve/CVE-2010-0084 https://access.redhat.com/security/cve/CVE-2010-0085 https://access.redhat.com/security/cve/CVE-2010-0087 https://access.redhat.com/security/cve/CVE-2010-0088 https://access.redhat.com/security/cve/CVE-2010-0089 https://access.redhat.com/security/cve/CVE-2010-0091 https://access.redhat.com/security/cve/CVE-2010-0095 https://access.redhat.com/security/cve/CVE-2010-0839 https://access.redhat.com/security/cve/CVE-2010-0840 https://access.redhat.com/security/cve/CVE-2010-0841 https://access.redhat.com/security/cve/CVE-2010-0842 https://access.redhat.com/security/cve/CVE-2010-0843 https://access.redhat.com/security/cve/CVE-2010-0844 https://access.redhat.com/security/cve/CVE-2010-0846 https://access.redhat.com/security/cve/CVE-2010-0847 https://access.redhat.com/security/cve/CVE-2010-0848 https://access.redhat.com/security/cve/CVE-2010-0849 https://access.redhat.com/security/updates/classification#critical https://www.ibm.com/support/pages/java-sdk/ 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact Copyright 2010 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFMUbAoXlSAg2UNWIIRAljZAKCTMdOpuyHLlD2V5dp87x4ESYdK6QCffwp7 zFChnRrKAolgMa4XUIDh9vc=jmNl -----END PGP SIGNATURE----- -- Enterprise-watch-list mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. . Important revision for java-1.4.2-ibm on Red Hat tackles several vulnerabilities affecting users.. Java Security Vulnerabilities, Red Hat Updates, IBM Java Security. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Jul 29, 2010 Critical Red Hat
Banner 4 1028x280 1708121825 1771600306
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":545,"type":"x","order":1,"pct":78.42,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.32,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.89,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.37,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200

Search Topics

Your message here