Action not permitted
Modal body text goes here.
CVE-2016-2183
Vulnerability from cvelistv5
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-05T23:17:50.753Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "RHSA-2017:3113", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2017:3113" }, { "name": "RHSA-2017:0338", "tags": [ "vendor-advisory", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2017-0338.html" }, { "tags": [ "x_transferred" ], "url": "https://www.tenable.com/security/tns-2016-20" }, { "tags": [ "x_transferred" ], "url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbgn03765en_us" }, { "name": "GLSA-201612-16", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/201612-16" }, { "tags": [ "x_transferred" ], "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05369403" }, { "tags": [ "x_transferred" ], "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05385680" }, { "tags": [ "x_transferred" ], "url": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA40312" }, { "tags": [ "x_transferred" ], "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05369415" }, { "name": "RHSA-2017:3240", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2017:3240" }, { "tags": [ "x_transferred" ], "url": "https://www.tenable.com/security/tns-2016-16" }, { "name": "RHSA-2017:2709", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2017:2709" }, { "name": "92630", "tags": [ "vdb-entry", "x_transferred" ], "url": "http://www.securityfocus.com/bid/92630" }, { "tags": [ "x_transferred" ], "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05349499" }, { "tags": [ "x_transferred" ], "url": "https://www.tenable.com/security/tns-2016-21" }, { "tags": [ "x_transferred" ], "url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10171" }, { "name": "RHSA-2017:3239", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2017:3239" }, { "name": "42091", "tags": [ "exploit", "x_transferred" ], "url": "https://www.exploit-db.com/exploits/42091/" }, { "name": "GLSA-201701-65", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/201701-65" }, { "tags": [ "x_transferred" ], "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722" }, { "name": "1036696", "tags": [ "vdb-entry", "x_transferred" ], "url": "http://www.securitytracker.com/id/1036696" }, { "tags": [ "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20160915-0001/" }, { "tags": [ "x_transferred" ], "url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbux03725en_us" }, { "name": "GLSA-201707-01", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/201707-01" }, { "name": "95568", "tags": [ "vdb-entry", "x_transferred" ], "url": "http://www.securityfocus.com/bid/95568" }, { "name": "RHSA-2017:3114", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2017:3114" }, { "tags": [ "x_transferred" ], "url": "https://bto.bluecoat.com/security-advisory/sa133" }, { "tags": [ "x_transferred" ], "url": "https://www.tenable.com/security/tns-2017-09" }, { "tags": [ "x_transferred" ], "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390849" }, { "tags": [ "x_transferred" ], "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05323116" }, { "name": "RHSA-2017:1216", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2017:1216" }, { "tags": [ "x_transferred" ], "url": "https://wiki.opendaylight.org/view/Security_Advisories" }, { "name": "RHSA-2017:2710", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2017:2710" }, { "tags": [ "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20170119-0001/" }, { "tags": [ "x_transferred" ], "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05309984" }, { "name": "[tls] 20091120 RC4+3DES rekeying - long-lived TLS connections", "tags": [ "mailing-list", "x_transferred" ], "url": "https://www.ietf.org/mail-archive/web/tls/current/msg04560.html" }, { "name": "RHSA-2018:2123", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2018:2123" }, { "name": "RHSA-2017:0337", "tags": [ "vendor-advisory", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2017-0337.html" }, { "name": "RHSA-2017:2708", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2017:2708" }, { "name": "RHSA-2017:0336", "tags": [ "vendor-advisory", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2017-0336.html" }, { "name": "SUSE-SU-2016:2470", "tags": [ "vendor-advisory", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00013.html" }, { "tags": [ "x_transferred" ], "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05356388" }, { "name": "RHSA-2017:0462", "tags": [ "vendor-advisory", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2017-0462.html" }, { "tags": [ "x_transferred" ], "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05302448" }, { "tags": [ "x_transferred" ], "url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10759" }, { "tags": [ "x_transferred" ], "url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10215" }, { "name": "SUSE-SU-2017:2700", "tags": [ "vendor-advisory", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00011.html" }, { "name": "20170329 [security bulletin] HPESBUX03725 rev.1 - HPE HP-UX Web Server Suite running Apache, Multiple Vulnerabilities", "tags": [ "mailing-list", "x_transferred" ], "url": "http://www.securityfocus.com/archive/1/540341/100/0/threaded" }, { "name": "USN-3087-1", "tags": [ "vendor-advisory", "x_transferred" ], "url": "http://www.ubuntu.com/usn/USN-3087-1" }, { "name": "SUSE-SU-2016:2469", "tags": [ "vendor-advisory", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00012.html" }, { "tags": [ "x_transferred" ], "url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-c05385680" }, { "name": "openSUSE-SU-2016:2537", "tags": [ "vendor-advisory", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00029.html" }, { "name": "20161207 [security bulletin] HPSBHF03674 rev.1 HPE Comware 5 and Comware 7 Network Products using SSL/TLS, Remote Disclosure of Information", "tags": [ "mailing-list", "x_transferred" ], "url": "http://www.securityfocus.com/archive/1/archive/1/539885/100/0/threaded" }, { "name": "USN-3087-2", "tags": [ "vendor-advisory", "x_transferred" ], "url": "http://www.ubuntu.com/usn/USN-3087-2" }, { "name": "20180510 [security bulletin] MFSBGN03805 - HP Service Manager, Remote Disclosure of Information", "tags": [ "mailing-list", "x_transferred" ], "url": "http://www.securityfocus.com/archive/1/archive/1/542005/100/0/threaded" }, { "tags": [ "x_transferred" ], "url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10197" }, { "tags": [ "x_transferred" ], "url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10186" }, { "name": "SUSE-SU-2017:2699", "tags": [ "vendor-advisory", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00010.html" }, { "name": "20170831 [security bulletin] HPESBGN03765 rev.2 - HPE LoadRunner and HPE Performance Center, Remote Disclosure of Information", "tags": [ "mailing-list", "x_transferred" ], "url": "http://www.securityfocus.com/archive/1/archive/1/541104/100/0/threaded" }, { "tags": [ "x_transferred" ], "url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-c05390849" }, { "name": "openSUSE-SU-2016:2407", "tags": [ "vendor-advisory", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-09/msg00031.html" }, { "tags": [ "x_transferred" ], "url": "https://softwaresupport.softwaregrp.com/document/-/facetsearch/document/KM03158613" }, { "name": "20170717 Orion Elite Hidden IP Browser Pro - All Versions - Multiple Known Vulnerabilities", "tags": [ "mailing-list", "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2017/Jul/31" }, { "name": "USN-3194-1", "tags": [ "vendor-advisory", "x_transferred" ], "url": "http://www.ubuntu.com/usn/USN-3194-1" }, { "name": "SUSE-SU-2016:2458", "tags": [ "vendor-advisory", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00005.html" }, { "name": "20181113 [security bulletin] MFSBGN03831 rev. - Service Management Automation, remote disclosure of information", "tags": [ "mailing-list", "x_transferred" ], "url": "https://seclists.org/bugtraq/2018/Nov/21" }, { "tags": [ "x_transferred" ], "url": "https://support.f5.com/csp/article/K13167034" }, { "tags": [ "x_transferred" ], "url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-c05390722" }, { "name": "20180510 [security bulletin] MFSBGN03805 - HP Service Manager, Remote Disclosure of Information", "tags": [ "mailing-list", "x_transferred" ], "url": "http://www.securityfocus.com/archive/1/542005/100/0/threaded" }, { "name": "DSA-3673", "tags": [ "vendor-advisory", "x_transferred" ], "url": "http://www.debian.org/security/2016/dsa-3673" }, { "name": "openSUSE-SU-2016:2391", "tags": [ "vendor-advisory", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-09/msg00023.html" }, { "name": "USN-3372-1", "tags": [ "vendor-advisory", "x_transferred" ], "url": "http://www.ubuntu.com/usn/USN-3372-1" }, { "name": "openSUSE-SU-2018:0458", "tags": [ "vendor-advisory", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2018-02/msg00032.html" }, { "name": "SUSE-SU-2017:0460", "tags": [ "vendor-advisory", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2017-02/msg00023.html" }, { "name": "SUSE-SU-2017:0490", "tags": [ "vendor-advisory", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2017-02/msg00028.html" }, { "name": "USN-3270-1", "tags": [ "vendor-advisory", "x_transferred" ], "url": "http://www.ubuntu.com/usn/USN-3270-1" }, { "name": "20170214 [security bulletin] HPESBGN03697 rev.1 - HPE Business Service Management (BSM), Remote Disclosure of Information", "tags": [ "mailing-list", "x_transferred" ], "url": "http://www.securityfocus.com/archive/1/archive/1/540129/100/0/threaded" }, { "tags": [ "x_transferred" ], "url": "https://softwaresupport.softwaregrp.com/document/-/facetsearch/document/KM03286178" }, { "name": "SUSE-SU-2016:2387", "tags": [ "vendor-advisory", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-09/msg00022.html" }, { "name": "20170529 SSD Advisory - IBM Informix Dynamic Server and Informix Open Admin Tool Multiple Vulnerabilities", "tags": [ "mailing-list", "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2017/May/105" }, { "name": "openSUSE-SU-2017:0513", "tags": [ "vendor-advisory", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2017-02/msg00032.html" }, { "tags": [ "x_transferred" ], "url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-c05302448" }, { "name": "20161207 [security bulletin] HPSBHF03674 rev.1 HPE Comware 5 and Comware 7 Network Products using SSL/TLS, Remote Disclosure of Information", "tags": [ "mailing-list", "x_transferred" ], "url": "http://www.securityfocus.com/archive/1/539885/100/0/threaded" }, { "name": "openSUSE-SU-2017:0374", "tags": [ "vendor-advisory", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2017-02/msg00003.html" }, { "tags": [ "x_transferred" ], "url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-c05369415" }, { "tags": [ "x_transferred" ], "url": "http://packetstormsecurity.com/files/142756/IBM-Informix-Dynamic-Server-DLL-Injection-Code-Execution.html" }, { "name": "SUSE-SU-2016:2468", "tags": [ "vendor-advisory", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00011.html" }, { "name": "SUSE-SU-2017:0346", "tags": [ "vendor-advisory", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2017-01/msg00068.html" }, { "name": "openSUSE-SU-2016:2496", "tags": [ "vendor-advisory", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00021.html" }, { "name": "USN-3198-1", "tags": [ "vendor-advisory", "x_transferred" ], "url": "http://www.ubuntu.com/usn/USN-3198-1" }, { "tags": [ "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2017/May/105" }, { "tags": [ "x_transferred" ], "url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-c05369403" }, { "name": "20170831 [security bulletin] HPESBGN03765 rev.2 - HPE LoadRunner and HPE Performance Center, Remote Disclosure of Information", "tags": [ "mailing-list", "x_transferred" ], "url": "http://www.securityfocus.com/archive/1/541104/100/0/threaded" }, { "name": "SUSE-SU-2017:1444", "tags": [ "vendor-advisory", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2017-05/msg00076.html" }, { "name": "SUSE-SU-2016:2394", "tags": [ "vendor-advisory", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-09/msg00024.html" }, { "name": "20170329 [security bulletin] HPESBUX03725 rev.1 - HPE HP-UX Web Server Suite running Apache, Multiple Vulnerabilities", "tags": [ "mailing-list", "x_transferred" ], "url": "http://www.securityfocus.com/archive/1/archive/1/540341/100/0/threaded" }, { "name": "USN-3179-1", "tags": [ "vendor-advisory", "x_transferred" ], "url": "http://www.ubuntu.com/usn/USN-3179-1" }, { "tags": [ "x_transferred" ], "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20170322-01-openssl-en" }, { "name": "RHSA-2019:1245", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2019:1245" }, { "name": "RHSA-2019:2859", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2019:2859" }, { "name": "RHSA-2020:0451", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2020:0451" }, { "tags": [ "x_transferred" ], "url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10310" }, { "tags": [ "x_transferred" ], "url": "https://www.oracle.com/security-alerts/cpuapr2020.html" }, { "tags": [ "x_transferred" ], "url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html" }, { "tags": [ "x_transferred" ], "url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html" }, { "tags": [ "x_transferred" ], "url": "https://www.oracle.com/security-alerts/cpujul2020.html" }, { "tags": [ "x_transferred" ], "url": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html" }, { "tags": [ "x_transferred" ], "url": "https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html" }, { "tags": [ "x_transferred" ], "url": "https://www.oracle.com/security-alerts/cpujan2020.html" }, { "tags": [ "x_transferred" ], "url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html" }, { "tags": [ "x_transferred" ], "url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html" }, { "tags": [ "x_transferred" ], "url": "https://sweet32.info/" }, { "tags": [ "x_transferred" ], "url": "http://www.splunk.com/view/SP-CAAAPUE" }, { "tags": [ "x_transferred" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1369383" }, { "tags": [ "x_transferred" ], "url": "https://blog.cryptographyengineering.com/2016/08/24/attack-of-week-64-bit-ciphers-in-tls/" }, { "tags": [ "x_transferred" ], "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2016-3090545.html" }, { "tags": [ "x_transferred" ], "url": "https://access.redhat.com/articles/2548661" }, { "tags": [ "x_transferred" ], "url": "https://www.teskalabs.com/blog/teskalabs-bulletin-160826-seacat-sweet32-issue" }, { "tags": [ "x_transferred" ], "url": "http://www.splunk.com/view/SP-CAAAPSV" }, { "tags": [ "x_transferred" ], "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21995039" }, { "tags": [ "x_transferred" ], "url": "https://github.com/ssllabs/ssllabs-scan/issues/387#issuecomment-242514633" }, { "tags": [ "x_transferred" ], "url": "https://nodejs.org/en/blog/vulnerability/september-2016-security-releases/" }, { "tags": [ "x_transferred" ], "url": "https://www.sigsac.org/ccs/CCS2016/accepted-papers/" }, { "tags": [ "x_transferred" ], "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21991482" }, { "tags": [ "x_transferred" ], "url": "https://www.openssl.org/blog/blog/2016/08/24/sweet32/" }, { "tags": [ "x_transferred" ], "url": "https://access.redhat.com/security/cve/cve-2016-2183" }, { "tags": [ "x_transferred" ], "url": "https://www.nccgroup.trust/us/about-us/newsroom-and-events/blog/2016/august/new-practical-attacks-on-64-bit-block-ciphers-3des-blowfish/" }, { "tags": [ "x_transferred" ], "url": "https://ics-cert.us-cert.gov/advisories/ICSMA-18-058-02" }, { "tags": [ "x_transferred" ], "url": "http://www.oracle.com/technetwork/topics/security/ovmbulletinoct2016-3090547.html" }, { "tags": [ "x_transferred" ], "url": "https://nakedsecurity.sophos.com/2016/08/25/anatomy-of-a-cryptographic-collision-the-sweet32-attack/" }, { "tags": [ "x_transferred" ], "url": "https://www.mitel.com/en-ca/support/security-advisories/mitel-product-security-advisory-17-0008" }, { "tags": [ "x_transferred" ], "url": "http://www-01.ibm.com/support/docview.wss?uid=nas8N1021697" }, { "tags": [ "x_transferred" ], "url": "https://www.oracle.com/security-alerts/cpuoct2020.html" }, { "tags": [ "x_transferred" ], "url": "https://www.oracle.com/security-alerts/cpuoct2021.html" }, { "tags": [ "x_transferred" ], "url": "https://www.arista.com/en/support/advisories-notices/security-advisories/1749-security-advisory-24" }, { "tags": [ "x_transferred" ], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-412672.pdf" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2016-08-24T00:00:00", "descriptions": [ { "lang": "en", "value": "The DES and Triple DES ciphers, as used in the TLS, SSH, and IPSec protocols and other protocols and products, have a birthday bound of approximately four billion blocks, which makes it easier for remote attackers to obtain cleartext data via a birthday attack against a long-duration encrypted session, as demonstrated by an HTTPS session using Triple DES in CBC mode, aka a \"Sweet32\" attack." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2022-12-13T00:00:00", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat" }, "references": [ { "name": "RHSA-2017:3113", "tags": [ "vendor-advisory" ], "url": "https://access.redhat.com/errata/RHSA-2017:3113" }, { "name": "RHSA-2017:0338", "tags": [ "vendor-advisory" ], "url": "http://rhn.redhat.com/errata/RHSA-2017-0338.html" }, { "url": "https://www.tenable.com/security/tns-2016-20" }, { "url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbgn03765en_us" }, { "name": "GLSA-201612-16", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/201612-16" }, { "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05369403" }, { "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05385680" }, { "url": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA40312" }, { "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05369415" }, { "name": "RHSA-2017:3240", "tags": [ "vendor-advisory" ], "url": "https://access.redhat.com/errata/RHSA-2017:3240" }, { "url": "https://www.tenable.com/security/tns-2016-16" }, { "name": "RHSA-2017:2709", "tags": [ "vendor-advisory" ], "url": "https://access.redhat.com/errata/RHSA-2017:2709" }, { "name": "92630", "tags": [ "vdb-entry" ], "url": "http://www.securityfocus.com/bid/92630" }, { "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05349499" }, { "url": "https://www.tenable.com/security/tns-2016-21" }, { "url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10171" }, { "name": "RHSA-2017:3239", "tags": [ "vendor-advisory" ], "url": "https://access.redhat.com/errata/RHSA-2017:3239" }, { "name": "42091", "tags": [ "exploit" ], "url": "https://www.exploit-db.com/exploits/42091/" }, { "name": "GLSA-201701-65", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/201701-65" }, { "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722" }, { "name": "1036696", "tags": [ "vdb-entry" ], "url": "http://www.securitytracker.com/id/1036696" }, { "url": "https://security.netapp.com/advisory/ntap-20160915-0001/" }, { "url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbux03725en_us" }, { "name": "GLSA-201707-01", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/201707-01" }, { "name": "95568", "tags": [ "vdb-entry" ], "url": "http://www.securityfocus.com/bid/95568" }, { "name": "RHSA-2017:3114", "tags": [ "vendor-advisory" ], "url": "https://access.redhat.com/errata/RHSA-2017:3114" }, { "url": "https://bto.bluecoat.com/security-advisory/sa133" }, { "url": "https://www.tenable.com/security/tns-2017-09" }, { "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390849" }, { "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05323116" }, { "name": "RHSA-2017:1216", "tags": [ "vendor-advisory" ], "url": "https://access.redhat.com/errata/RHSA-2017:1216" }, { "url": "https://wiki.opendaylight.org/view/Security_Advisories" }, { "name": "RHSA-2017:2710", "tags": [ "vendor-advisory" ], "url": "https://access.redhat.com/errata/RHSA-2017:2710" }, { "url": "https://security.netapp.com/advisory/ntap-20170119-0001/" }, { "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05309984" }, { "name": "[tls] 20091120 RC4+3DES rekeying - long-lived TLS connections", "tags": [ "mailing-list" ], "url": "https://www.ietf.org/mail-archive/web/tls/current/msg04560.html" }, { "name": "RHSA-2018:2123", "tags": [ "vendor-advisory" ], "url": "https://access.redhat.com/errata/RHSA-2018:2123" }, { "name": "RHSA-2017:0337", "tags": [ "vendor-advisory" ], "url": "http://rhn.redhat.com/errata/RHSA-2017-0337.html" }, { "name": "RHSA-2017:2708", "tags": [ "vendor-advisory" ], "url": "https://access.redhat.com/errata/RHSA-2017:2708" }, { "name": "RHSA-2017:0336", "tags": [ "vendor-advisory" ], "url": "http://rhn.redhat.com/errata/RHSA-2017-0336.html" }, { "name": "SUSE-SU-2016:2470", "tags": [ "vendor-advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00013.html" }, { "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05356388" }, { "name": "RHSA-2017:0462", "tags": [ "vendor-advisory" ], "url": "http://rhn.redhat.com/errata/RHSA-2017-0462.html" }, { "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05302448" }, { "url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10759" }, { "url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10215" }, { "name": "SUSE-SU-2017:2700", "tags": [ "vendor-advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00011.html" }, { "name": "20170329 [security bulletin] HPESBUX03725 rev.1 - HPE HP-UX Web Server Suite running Apache, Multiple Vulnerabilities", "tags": [ "mailing-list" ], "url": "http://www.securityfocus.com/archive/1/540341/100/0/threaded" }, { "name": "USN-3087-1", "tags": [ "vendor-advisory" ], "url": "http://www.ubuntu.com/usn/USN-3087-1" }, { "name": "SUSE-SU-2016:2469", "tags": [ "vendor-advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00012.html" }, { "url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-c05385680" }, { "name": "openSUSE-SU-2016:2537", "tags": [ "vendor-advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00029.html" }, { "name": "20161207 [security bulletin] HPSBHF03674 rev.1 HPE Comware 5 and Comware 7 Network Products using SSL/TLS, Remote Disclosure of Information", "tags": [ "mailing-list" ], "url": "http://www.securityfocus.com/archive/1/archive/1/539885/100/0/threaded" }, { "name": "USN-3087-2", "tags": [ "vendor-advisory" ], "url": "http://www.ubuntu.com/usn/USN-3087-2" }, { "name": "20180510 [security bulletin] MFSBGN03805 - HP Service Manager, Remote Disclosure of Information", "tags": [ "mailing-list" ], "url": "http://www.securityfocus.com/archive/1/archive/1/542005/100/0/threaded" }, { "url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10197" }, { "url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10186" }, { "name": "SUSE-SU-2017:2699", "tags": [ "vendor-advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00010.html" }, { "name": "20170831 [security bulletin] HPESBGN03765 rev.2 - HPE LoadRunner and HPE Performance Center, Remote Disclosure of Information", "tags": [ "mailing-list" ], "url": "http://www.securityfocus.com/archive/1/archive/1/541104/100/0/threaded" }, { "url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-c05390849" }, { "name": "openSUSE-SU-2016:2407", "tags": [ "vendor-advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-09/msg00031.html" }, { "url": "https://softwaresupport.softwaregrp.com/document/-/facetsearch/document/KM03158613" }, { "name": "20170717 Orion Elite Hidden IP Browser Pro - All Versions - Multiple Known Vulnerabilities", "tags": [ "mailing-list" ], "url": "http://seclists.org/fulldisclosure/2017/Jul/31" }, { "name": "USN-3194-1", "tags": [ "vendor-advisory" ], "url": "http://www.ubuntu.com/usn/USN-3194-1" }, { "name": "SUSE-SU-2016:2458", "tags": [ "vendor-advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00005.html" }, { "name": "20181113 [security bulletin] MFSBGN03831 rev. - Service Management Automation, remote disclosure of information", "tags": [ "mailing-list" ], "url": "https://seclists.org/bugtraq/2018/Nov/21" }, { "url": "https://support.f5.com/csp/article/K13167034" }, { "url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-c05390722" }, { "name": "20180510 [security bulletin] MFSBGN03805 - HP Service Manager, Remote Disclosure of Information", "tags": [ "mailing-list" ], "url": "http://www.securityfocus.com/archive/1/542005/100/0/threaded" }, { "name": "DSA-3673", "tags": [ "vendor-advisory" ], "url": "http://www.debian.org/security/2016/dsa-3673" }, { "name": "openSUSE-SU-2016:2391", "tags": [ "vendor-advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-09/msg00023.html" }, { "name": "USN-3372-1", "tags": [ "vendor-advisory" ], "url": "http://www.ubuntu.com/usn/USN-3372-1" }, { "name": "openSUSE-SU-2018:0458", "tags": [ "vendor-advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2018-02/msg00032.html" }, { "name": "SUSE-SU-2017:0460", "tags": [ "vendor-advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2017-02/msg00023.html" }, { "name": "SUSE-SU-2017:0490", "tags": [ "vendor-advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2017-02/msg00028.html" }, { "name": "USN-3270-1", "tags": [ "vendor-advisory" ], "url": "http://www.ubuntu.com/usn/USN-3270-1" }, { "name": "20170214 [security bulletin] HPESBGN03697 rev.1 - HPE Business Service Management (BSM), Remote Disclosure of Information", "tags": [ "mailing-list" ], "url": "http://www.securityfocus.com/archive/1/archive/1/540129/100/0/threaded" }, { "url": "https://softwaresupport.softwaregrp.com/document/-/facetsearch/document/KM03286178" }, { "name": "SUSE-SU-2016:2387", "tags": [ "vendor-advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-09/msg00022.html" }, { "name": "20170529 SSD Advisory - IBM Informix Dynamic Server and Informix Open Admin Tool Multiple Vulnerabilities", "tags": [ "mailing-list" ], "url": "http://seclists.org/fulldisclosure/2017/May/105" }, { "name": "openSUSE-SU-2017:0513", "tags": [ "vendor-advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2017-02/msg00032.html" }, { "url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-c05302448" }, { "name": "20161207 [security bulletin] HPSBHF03674 rev.1 HPE Comware 5 and Comware 7 Network Products using SSL/TLS, Remote Disclosure of Information", "tags": [ "mailing-list" ], "url": "http://www.securityfocus.com/archive/1/539885/100/0/threaded" }, { "name": "openSUSE-SU-2017:0374", "tags": [ "vendor-advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2017-02/msg00003.html" }, { "url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-c05369415" }, { "url": "http://packetstormsecurity.com/files/142756/IBM-Informix-Dynamic-Server-DLL-Injection-Code-Execution.html" }, { "name": "SUSE-SU-2016:2468", "tags": [ "vendor-advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00011.html" }, { "name": "SUSE-SU-2017:0346", "tags": [ "vendor-advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2017-01/msg00068.html" }, { "name": "openSUSE-SU-2016:2496", "tags": [ "vendor-advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00021.html" }, { "name": "USN-3198-1", "tags": [ "vendor-advisory" ], "url": "http://www.ubuntu.com/usn/USN-3198-1" }, { "url": "http://seclists.org/fulldisclosure/2017/May/105" }, { "url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-c05369403" }, { "name": "20170831 [security bulletin] HPESBGN03765 rev.2 - HPE LoadRunner and HPE Performance Center, Remote Disclosure of Information", "tags": [ "mailing-list" ], "url": "http://www.securityfocus.com/archive/1/541104/100/0/threaded" }, { "name": "SUSE-SU-2017:1444", "tags": [ "vendor-advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2017-05/msg00076.html" }, { "name": "SUSE-SU-2016:2394", "tags": [ "vendor-advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-09/msg00024.html" }, { "name": "20170329 [security bulletin] HPESBUX03725 rev.1 - HPE HP-UX Web Server Suite running Apache, Multiple Vulnerabilities", "tags": [ "mailing-list" ], "url": "http://www.securityfocus.com/archive/1/archive/1/540341/100/0/threaded" }, { "name": "USN-3179-1", "tags": [ "vendor-advisory" ], "url": "http://www.ubuntu.com/usn/USN-3179-1" }, { "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20170322-01-openssl-en" }, { "name": "RHSA-2019:1245", "tags": [ "vendor-advisory" ], "url": "https://access.redhat.com/errata/RHSA-2019:1245" }, { "name": "RHSA-2019:2859", "tags": [ "vendor-advisory" ], "url": "https://access.redhat.com/errata/RHSA-2019:2859" }, { "name": "RHSA-2020:0451", "tags": [ "vendor-advisory" ], "url": "https://access.redhat.com/errata/RHSA-2020:0451" }, { "url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10310" }, { "url": "https://www.oracle.com/security-alerts/cpuapr2020.html" }, { "url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html" }, { "url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html" }, { "url": "https://www.oracle.com/security-alerts/cpujul2020.html" }, { "url": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html" }, { "url": "https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html" }, { "url": "https://www.oracle.com/security-alerts/cpujan2020.html" }, { "url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html" }, { "url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html" }, { "url": "https://sweet32.info/" }, { "url": "http://www.splunk.com/view/SP-CAAAPUE" }, { "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1369383" }, { "url": "https://blog.cryptographyengineering.com/2016/08/24/attack-of-week-64-bit-ciphers-in-tls/" }, { "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2016-3090545.html" }, { "url": "https://access.redhat.com/articles/2548661" }, { "url": "https://www.teskalabs.com/blog/teskalabs-bulletin-160826-seacat-sweet32-issue" }, { "url": "http://www.splunk.com/view/SP-CAAAPSV" }, { "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21995039" }, { "url": "https://github.com/ssllabs/ssllabs-scan/issues/387#issuecomment-242514633" }, { "url": "https://nodejs.org/en/blog/vulnerability/september-2016-security-releases/" }, { "url": "https://www.sigsac.org/ccs/CCS2016/accepted-papers/" }, { "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21991482" }, { "url": "https://www.openssl.org/blog/blog/2016/08/24/sweet32/" }, { "url": "https://access.redhat.com/security/cve/cve-2016-2183" }, { "url": "https://www.nccgroup.trust/us/about-us/newsroom-and-events/blog/2016/august/new-practical-attacks-on-64-bit-block-ciphers-3des-blowfish/" }, { "url": "https://ics-cert.us-cert.gov/advisories/ICSMA-18-058-02" }, { "url": "http://www.oracle.com/technetwork/topics/security/ovmbulletinoct2016-3090547.html" }, { "url": "https://nakedsecurity.sophos.com/2016/08/25/anatomy-of-a-cryptographic-collision-the-sweet32-attack/" }, { "url": "https://www.mitel.com/en-ca/support/security-advisories/mitel-product-security-advisory-17-0008" }, { "url": "http://www-01.ibm.com/support/docview.wss?uid=nas8N1021697" }, { "url": "https://www.oracle.com/security-alerts/cpuoct2020.html" }, { "url": "https://www.oracle.com/security-alerts/cpuoct2021.html" }, { "url": "https://www.arista.com/en/support/advisories-notices/security-advisories/1749-security-advisory-24" }, { "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-412672.pdf" } ] } }, "cveMetadata": { "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2016-2183", "datePublished": "2016-09-01T00:00:00", "dateReserved": "2016-01-29T00:00:00", "dateUpdated": "2024-08-05T23:17:50.753Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1", "meta": { "nvd": "{\"cve\":{\"id\":\"CVE-2016-2183\",\"sourceIdentifier\":\"secalert@redhat.com\",\"published\":\"2016-09-01T00:59:00.137\",\"lastModified\":\"2023-02-12T23:17:38.140\",\"vulnStatus\":\"Modified\",\"descriptions\":[{\"lang\":\"en\",\"value\":\"The DES and Triple DES ciphers, as used in the TLS, SSH, and IPSec protocols and other protocols and products, have a birthday bound of approximately four billion blocks, which makes it easier for remote attackers to obtain cleartext data via a birthday attack against a long-duration encrypted session, as demonstrated by an HTTPS session using Triple DES in CBC mode, aka a \\\"Sweet32\\\" attack.\"},{\"lang\":\"es\",\"value\":\"Los cifrados DES y Triple DES, como se usan en los protocolos TLS, SSH e IPSec y otros protocolos y productos, tienen una cota de cumplea\u00f1os de aproximadamente cuatro mil millones de bloques, lo que facilita a atacantes remotos obtener datos de texto plano a trav\u00e9s de un ataque de cumplea\u00f1os contra una sesi\u00f3n cifrada de larga duraci\u00f3n, seg\u00fan lo demostrado por una sesi\u00f3n HTTPS usando Triple DES en modo CBC, tambi\u00e9n conocido como un ataque \\\"Sweet32\\\".\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":3.6}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:P/I:N/A:N\",\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\",\"baseScore\":5.0},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":10.0,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-200\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:jboss_enterprise_application_platform:6.0.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B142ACCC-F7A9-4A3B-BE60-0D6691D5058D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:jboss_enterprise_web_server:1.0.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"14259BF1-3601-4BF1-A591-FC4DE1639C57\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:jboss_enterprise_web_server:2.0.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"681173DF-537E-4A64-8FC7-75F439CCAD0D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:jboss_web_server:3.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"54EB07A0-FB38-4F17-9C8D-DB629967F07B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1D8B549B-E57B-4DFE-8A13-CAB06B5356B3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2F6AB192-9D7D-4A9A-8995-E53A9DE9EAFC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"142AD0DD-4CF3-4D74-9442-459CE3347E3A\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:python:python:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"2.7.0\",\"versionEndExcluding\":\"2.7.13\",\"matchCriteriaId\":\"23F7B6BD-821B-4355-8C81-CEA6079B9A85\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:python:python:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"3.4.0\",\"versionEndExcluding\":\"3.4.7\",\"matchCriteriaId\":\"E65C03FE-52E0-477A-A104-8F2CC0EEE753\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:python:python:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"3.5.0\",\"versionEndExcluding\":\"3.5.3\",\"matchCriteriaId\":\"35B35EBF-9EA0-4BB4-B868-600D2BAA9790\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:content_security_management_appliance:9.6.6-068:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4FA04185-D9B6-4ED0-9D23-7642BF0228F0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:content_security_management_appliance:9.7.0-006:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A61A1AF3-CE0F-4744-A11A-57DE1ABC7CC6\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:1.0.1a:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3A66E6CF-39CF-412E-8EF0-8E10BA21B4A4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:1.0.1b:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C684FB18-FDDC-4BED-A28C-C23EE6CD0094\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:1.0.1c:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A74A79A7-4FAF-4C81-8622-050008B96AE1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:1.0.1d:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CEDACCB9-8D61-49EE-9957-9E58BC7BB031\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:1.0.1e:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4993DD56-F9E3-4AC8-AC3E-BF204B950DEC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:1.0.1f:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E884B241-F9C3-44F8-A420-DE65F5F3D660\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:1.0.1g:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3A383620-B4F7-44A7-85DA-A4FF2E115D80\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:1.0.1h:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5F0C6812-F455-49CF-B29B-9AC00306DA43\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:1.0.1i:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3F2D462C-A1B4-4572-A615-BDE9DC5F1E55\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:1.0.1j:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3703E445-17C0-4C85-A496-A35641C0C8DB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:1.0.1k:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2F4034B9-EF1C-40E6-B92A-D4D7B7E7E774\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:1.0.1l:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"ABEC1927-F469-4B9E-B544-DA6CF90F0B34\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:1.0.1m:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DE2188F9-FAF8-4A0C-BB49-E95BDBC119BF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:1.0.1n:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A9EC827B-5313-47D7-BF49-CFF033CF3D53\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:1.0.1o:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A438E65F-33B1-46BC-AD93-200DCC6B43D4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:1.0.1p:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4BFDCF78-62C1-429E-A43C-0C9FEC14837D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:1.0.1q:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6A0B4DEF-C6E8-4243-9893-6E650013600C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:1.0.1r:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E28CD4F7-522F-4ECA-9035-228596CDE769\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:1.0.1t:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0AF4953B-BB23-4C80-8C48-9E94EB234AAE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:1.0.2a:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"60F946FD-F564-49DA-B043-5943308BA9EE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:1.0.2b:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4847BCF3-EFCE-41AF-8E7D-3D51EB9DCC5B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:1.0.2c:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9B89180B-FB68-4DD8-B076-16E51CC7FB91\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:1.0.2d:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4C986592-4086-4A39-9767-EF34DBAA6A53\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:1.0.2e:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7B23181C-03DB-4E92-B3F6-6B585B5231B4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:1.0.2f:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"94D9EC1C-4843-4026-9B05-E060E9391734\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:1.0.2h:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"036FB24F-7D86-4730-8BC9-722875BEC807\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:database:11.2.0.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5100F5C8-D5F8-466B-AABE-E42B3770B39D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:database:12.1.0.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1F3C58EE-B36B-4081-A307-0FE9B52D8E62\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"0.10.0\",\"versionEndExcluding\":\"0.10.47\",\"matchCriteriaId\":\"BACF673F-7ADA-4D70-9BA9-2F5252E3467A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"0.12.0\",\"versionEndExcluding\":\"0.12.16\",\"matchCriteriaId\":\"CF8D1AA1-18BE-4134-883E-97CE3E729CBB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:nodejs:node.js:*:*:*:*:-:*:*:*\",\"versionStartIncluding\":\"4.0.0\",\"versionEndExcluding\":\"4.1.2\",\"matchCriteriaId\":\"8B5C9903-298B-4084-A505-E60A00A63558\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:nodejs:node.js:*:*:*:*:lts:*:*:*\",\"versionStartIncluding\":\"4.2.0\",\"versionEndExcluding\":\"4.6.0\",\"matchCriteriaId\":\"303F780C-C971-4216-86D6-5026AAD56279\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:nodejs:node.js:*:*:*:*:-:*:*:*\",\"versionStartIncluding\":\"6.0.0\",\"versionEndExcluding\":\"6.7.0\",\"matchCriteriaId\":\"8291D42E-9E50-414D-9752-D70906D512B2\"}]}]}],\"references\":[{\"url\":\"http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10759\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2016-09/msg00022.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2016-09/msg00023.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2016-09/msg00024.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2016-09/msg00031.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00005.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00011.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00012.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00013.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00021.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00029.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2017-01/msg00068.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2017-02/msg00003.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2017-02/msg00023.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2017-02/msg00028.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2017-02/msg00032.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2017-05/msg00076.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00010.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00011.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2018-02/msg00032.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://packetstormsecurity.com/files/142756/IBM-Informix-Dynamic-Server-DLL-Injection-Code-Execution.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2017-0336.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2017-0337.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2017-0338.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2017-0462.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://seclists.org/fulldisclosure/2017/Jul/31\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://seclists.org/fulldisclosure/2017/May/105\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://www-01.ibm.com/support/docview.wss?uid=nas8N1021697\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www-01.ibm.com/support/docview.wss?uid=swg21991482\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www-01.ibm.com/support/docview.wss?uid=swg21995039\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.debian.org/security/2016/dsa-3673\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20170322-01-openssl-en\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2016-3090545.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.oracle.com/technetwork/topics/security/ovmbulletinoct2016-3090547.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.securityfocus.com/archive/1/539885/100/0/threaded\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securityfocus.com/archive/1/540341/100/0/threaded\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securityfocus.com/archive/1/541104/100/0/threaded\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securityfocus.com/archive/1/542005/100/0/threaded\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securityfocus.com/archive/1/archive/1/539885/100/0/threaded\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securityfocus.com/archive/1/archive/1/540129/100/0/threaded\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securityfocus.com/archive/1/archive/1/540341/100/0/threaded\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securityfocus.com/archive/1/archive/1/541104/100/0/threaded\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securityfocus.com/archive/1/archive/1/542005/100/0/threaded\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securityfocus.com/bid/92630\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securityfocus.com/bid/95568\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securitytracker.com/id/1036696\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.splunk.com/view/SP-CAAAPSV\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.splunk.com/view/SP-CAAAPUE\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.ubuntu.com/usn/USN-3087-1\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.ubuntu.com/usn/USN-3087-2\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.ubuntu.com/usn/USN-3179-1\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.ubuntu.com/usn/USN-3194-1\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.ubuntu.com/usn/USN-3198-1\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.ubuntu.com/usn/USN-3270-1\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.ubuntu.com/usn/USN-3372-1\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/articles/2548661\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Mitigation\",\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2017:1216\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2017:2708\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2017:2709\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2017:2710\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2017:3113\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2017:3114\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2017:3239\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2017:3240\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2018:2123\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2019:1245\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2019:2859\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2020:0451\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/security/cve/cve-2016-2183\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://blog.cryptographyengineering.com/2016/08/24/attack-of-week-64-bit-ciphers-in-tls/\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Press/Media Coverage\",\"Technical Description\",\"Third Party Advisory\"]},{\"url\":\"https://bto.bluecoat.com/security-advisory/sa133\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://bugzilla.redhat.com/show_bug.cgi?id=1369383\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Issue Tracking\",\"Third Party Advisory\"]},{\"url\":\"https://cert-portal.siemens.com/productcert/pdf/ssa-412672.pdf\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://github.com/ssllabs/ssllabs-scan/issues/387#issuecomment-242514633\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-c05302448\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-c05369403\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-c05369415\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-c05385680\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-c05390722\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-c05390849\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbgn03765en_us\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbux03725en_us\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05302448\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05309984\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05323116\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05349499\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05356388\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05369403\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05369415\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05385680\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390849\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://ics-cert.us-cert.gov/advisories/ICSMA-18-058-02\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\",\"US Government Resource\"]},{\"url\":\"https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA40312\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10171\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10186\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10197\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10215\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10310\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://nakedsecurity.sophos.com/2016/08/25/anatomy-of-a-cryptographic-collision-the-sweet32-attack/\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Press/Media Coverage\",\"Technical Description\",\"Third Party Advisory\"]},{\"url\":\"https://nodejs.org/en/blog/vulnerability/september-2016-security-releases/\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://seclists.org/bugtraq/2018/Nov/21\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://security.gentoo.org/glsa/201612-16\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://security.gentoo.org/glsa/201701-65\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://security.gentoo.org/glsa/201707-01\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://security.netapp.com/advisory/ntap-20160915-0001/\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://security.netapp.com/advisory/ntap-20170119-0001/\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://softwaresupport.softwaregrp.com/document/-/facetsearch/document/KM03158613\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://softwaresupport.softwaregrp.com/document/-/facetsearch/document/KM03286178\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://support.f5.com/csp/article/K13167034\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://sweet32.info/\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Technical Description\",\"Third Party Advisory\"]},{\"url\":\"https://wiki.opendaylight.org/view/Security_Advisories\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.arista.com/en/support/advisories-notices/security-advisories/1749-security-advisory-24\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.exploit-db.com/exploits/42091/\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://www.ietf.org/mail-archive/web/tls/current/msg04560.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://www.mitel.com/en-ca/support/security-advisories/mitel-product-security-advisory-17-0008\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.nccgroup.trust/us/about-us/newsroom-and-events/blog/2016/august/new-practical-attacks-on-64-bit-block-ciphers-3des-blowfish/\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Press/Media Coverage\",\"Technical Description\",\"Third Party Advisory\"]},{\"url\":\"https://www.openssl.org/blog/blog/2016/08/24/sweet32/\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Mitigation\",\"Press/Media Coverage\",\"Third Party Advisory\"]},{\"url\":\"https://www.oracle.com/security-alerts/cpuapr2020.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.oracle.com/security-alerts/cpujan2020.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.oracle.com/security-alerts/cpujul2020.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.oracle.com/security-alerts/cpuoct2020.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.oracle.com/security-alerts/cpuoct2021.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://www.sigsac.org/ccs/CCS2016/accepted-papers/\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.tenable.com/security/tns-2016-16\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.tenable.com/security/tns-2016-20\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.tenable.com/security/tns-2016-21\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.tenable.com/security/tns-2017-09\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.teskalabs.com/blog/teskalabs-bulletin-160826-seacat-sweet32-issue\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]}]}}" } }
rhsa-2017_3239
Vulnerability from csaf_redhat
Notes
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Important" }, "category": "csaf_vex", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "An update is now available for Red Hat JBoss Enterprise Application Platform.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.\n\n[Updated 21st November 2017]\nPreviously, this erratum was marked as a replacement of the JBoss Enterprise Application Platform 6.4.16 Natives. This was incorrect; the erratum is an update, not a replacement. The erratum text has been modified to reflect this.", "title": "Topic" }, { "category": "general", "text": "Red Hat JBoss Enterprise Application Platform is a platform for Java applications based on the JBoss Application Server.\n\nThis release provides an update to httpd and OpenSSL. The updates are documented in the Release Notes document linked to in the References.\n\nThe httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server.\n\nOpenSSL is a toolkit that implements the Secure Sockets Layer (SSL) and Transport Layer Security (TLS) protocols, as well as a full-strength general-purpose cryptography library.\n\nThis release of JBoss Enterprise Application Platform 6.4.18 Natives serves as an update to the JBoss Enterprise Application Platform 6.4.16 Natives and includes bug fixes which are documented in the Release Notes document linked to in the References.\n\nAll users of Red Hat JBoss Enterprise Application Platform 6.4 Natives are advised to upgrade to these updated packages.\n\nSecurity Fix(es):\n\n* It was discovered that the httpd\u0027s mod_auth_digest module did not properly initialize memory before using it when processing certain headers related to digest authentication. A remote attacker could possibly use this flaw to disclose potentially sensitive information or cause httpd child process to crash by sending specially crafted requests to a server. (CVE-2017-9788)\n\n* A flaw was found in the way the DES/3DES cipher was used as part of the TLS/SSL protocol. A man-in-the-middle attacker could use this flaw to recover some plaintext data by capturing large amounts of encrypted traffic between TLS/SSL server and client if the communication used a DES/3DES based ciphersuite. (CVE-2016-2183)\n\n* A use-after-free flaw was found in the way httpd handled invalid and previously unregistered HTTP methods specified in the Limit directive used in an .htaccess file. A remote attacker could possibly use this flaw to disclose portions of the server memory, or cause httpd child process to crash. (CVE-2017-9798)\n\nRed Hat would like to thank OpenVPN for reporting CVE-2016-2183 and Hanno B\u00f6ck for reporting CVE-2017-9798. Upstream acknowledges Karthikeyan Bhargavan (Inria) and Ga\u00ebtan Leurent (Inria) as the original reporters of CVE-2016-2183.\n\nBug Fix(es):\n\n* CRL checking of very large CRLs fails with OpenSSL 1.0.2 (BZ#1508880)\n\n* mod_cluster segfaults in process_info() due to wrongly generated assembler instruction movslq (BZ#1508884)\n\n* Corruption in nodestatsmem in multiple core dumps but in different functions of each core dump. (BZ#1508885)", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat offerings.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHSA-2017:3239", "url": "https://access.redhat.com/errata/RHSA-2017:3239" }, { "category": "external", "summary": "https://access.redhat.com/security/updates/classification/#important", "url": "https://access.redhat.com/security/updates/classification/#important" }, { "category": "external", "summary": "https://access.redhat.com/documentation/en/jboss-enterprise-application-platform/", "url": "https://access.redhat.com/documentation/en/jboss-enterprise-application-platform/" }, { "category": "external", "summary": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?product=appplatform\u0026downloadType=securityPatches\u0026version=6.4", "url": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?product=appplatform\u0026downloadType=securityPatches\u0026version=6.4" }, { "category": "external", "summary": "https://access.redhat.com/articles/3229231", "url": "https://access.redhat.com/articles/3229231" }, { "category": "external", "summary": "1369383", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1369383" }, { "category": "external", "summary": "1470748", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1470748" }, { "category": "external", "summary": "1490344", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1490344" }, { "category": "external", "summary": "1508880", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1508880" }, { "category": "external", "summary": "1508884", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1508884" }, { "category": "external", "summary": "1508885", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1508885" }, { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/data/csaf/v2/advisories/2017/rhsa-2017_3239.json" } ], "title": "Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 6.4.18 security update", "tracking": { "current_release_date": "2024-09-15T19:53:51+00:00", "generator": { "date": "2024-09-15T19:53:51+00:00", "engine": { "name": "Red Hat SDEngine", "version": "3.33.3" } }, "id": "RHSA-2017:3239", "initial_release_date": "2017-11-16T19:10:21+00:00", "revision_history": [ { "date": "2017-11-16T19:10:21+00:00", "number": "1", "summary": "Initial version" }, { "date": "2017-11-21T18:05:17+00:00", "number": "2", "summary": "Last updated version" }, { "date": "2024-09-15T19:53:51+00:00", "number": "3", "summary": "Last generated version" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "Red Hat JBoss Enterprise Application Platform 6.4", "product": { "name": "Red Hat JBoss Enterprise Application Platform 6.4", "product_id": "Red Hat JBoss Enterprise Application Platform 6.4", "product_identification_helper": { "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6.4" } } } ], "category": "product_family", "name": "Red Hat JBoss Enterprise Application Platform" } ], "category": "vendor", "name": "Red Hat" } ] }, "vulnerabilities": [ { "cve": "CVE-2009-3560", "discovery_date": "2009-11-03T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "533174" } ], "notes": [ { "category": "description", "text": "The big2_toUtf8 function in lib/xmltok.c in libexpat in Expat 2.0.1, as used in the XML-Twig module for Perl, allows context-dependent attackers to cause a denial of service (application crash) via an XML document with malformed UTF-8 sequences that trigger a buffer over-read, related to the doProlog function in lib/xmlparse.c, a different vulnerability than CVE-2009-2625 and CVE-2009-3720.", "title": "Vulnerability description" }, { "category": "summary", "text": "expat: buffer over-read and crash in big2_toUtf8() on XML with malformed UTF-8 sequences", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red Hat JBoss Enterprise Application Platform 6.4" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2009-3560" }, { "category": "external", "summary": "RHBZ#533174", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=533174" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2009-3560", "url": "https://www.cve.org/CVERecord?id=CVE-2009-3560" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2009-3560", "url": "https://nvd.nist.gov/vuln/detail/CVE-2009-3560" } ], "release_date": "2009-12-02T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nThe References section of this erratum contains a download link (you must log in to download the update).\n\nThe JBoss server process must be restarted for the update to take effect.", "product_ids": [ "Red Hat JBoss Enterprise Application Platform 6.4" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2017:3239" } ], "scores": [ { "cvss_v2": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0" }, "products": [ "Red Hat JBoss Enterprise Application Platform 6.4" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "expat: buffer over-read and crash in big2_toUtf8() on XML with malformed UTF-8 sequences" }, { "cve": "CVE-2009-3720", "discovery_date": "2009-08-21T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "531697" } ], "notes": [ { "category": "description", "text": "The updatePosition function in lib/xmltok_impl.c in libexpat in Expat 2.0.1, as used in Python, PyXML, w3c-libwww, and other software, allows context-dependent attackers to cause a denial of service (application crash) via an XML document with crafted UTF-8 sequences that trigger a buffer over-read, a different vulnerability than CVE-2009-2625.", "title": "Vulnerability description" }, { "category": "summary", "text": "expat: buffer over-read and crash on XML with malformed UTF-8 sequences", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red Hat JBoss Enterprise Application Platform 6.4" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2009-3720" }, { "category": "external", "summary": "RHBZ#531697", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=531697" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2009-3720", "url": "https://www.cve.org/CVERecord?id=CVE-2009-3720" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2009-3720", "url": "https://nvd.nist.gov/vuln/detail/CVE-2009-3720" } ], "release_date": "2009-01-17T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nThe References section of this erratum contains a download link (you must log in to download the update).\n\nThe JBoss server process must be restarted for the update to take effect.", "product_ids": [ "Red Hat JBoss Enterprise Application Platform 6.4" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2017:3239" } ], "scores": [ { "cvss_v2": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0" }, "products": [ "Red Hat JBoss Enterprise Application Platform 6.4" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "expat: buffer over-read and crash on XML with malformed UTF-8 sequences" }, { "cve": "CVE-2012-0876", "cwe": { "id": "CWE-407", "name": "Inefficient Algorithmic Complexity" }, "discovery_date": "2012-01-16T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "786617" } ], "notes": [ { "category": "description", "text": "A denial of service flaw was found in the implementation of hash arrays in Expat. An attacker could use this flaw to make an application using Expat consume an excessive amount of CPU time by providing a specially crafted XML file that triggers multiple hash function collisions. To mitigate this issue, randomization has been added to the hash function to reduce the chance of an attacker successfully causing intentional collisions.", "title": "Vulnerability description" }, { "category": "summary", "text": "expat: hash table collisions CPU usage DoS", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red Hat JBoss Enterprise Application Platform 6.4" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2012-0876" }, { "category": "external", "summary": "RHBZ#786617", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=786617" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2012-0876", "url": "https://www.cve.org/CVERecord?id=CVE-2012-0876" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2012-0876", "url": "https://nvd.nist.gov/vuln/detail/CVE-2012-0876" } ], "release_date": "2012-03-03T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nThe References section of this erratum contains a download link (you must log in to download the update).\n\nThe JBoss server process must be restarted for the update to take effect.", "product_ids": [ "Red Hat JBoss Enterprise Application Platform 6.4" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2017:3239" } ], "scores": [ { "cvss_v2": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0" }, "products": [ "Red Hat JBoss Enterprise Application Platform 6.4" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "expat: hash table collisions CPU usage DoS" }, { "acknowledgments": [ { "names": [ "OpenVPN" ] }, { "names": [ "Karthikeyan Bhargavan", "Ga\u00ebtan Leurent" ], "organization": "Inria", "summary": "Acknowledged by upstream." } ], "cve": "CVE-2016-2183", "cwe": { "id": "CWE-327", "name": "Use of a Broken or Risky Cryptographic Algorithm" }, "discovery_date": "2016-08-18T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1369383" } ], "notes": [ { "category": "description", "text": "A flaw was found in the way the DES/3DES cipher was used as part of the TLS/SSL protocol. A man-in-the-middle attacker could use this flaw to recover some plaintext data by capturing large amounts of encrypted traffic between TLS/SSL server and client if the communication used a DES/3DES based ciphersuite.", "title": "Vulnerability description" }, { "category": "summary", "text": "SSL/TLS: Birthday attack against 64-bit block ciphers (SWEET32)", "title": "Vulnerability summary" }, { "category": "other", "text": "OpenSSL security update RHSA-2016:1940 mitigates this issue by lowering priority of DES cipher suites so they are not preferred over cipher suites using AES. For compatibility reasons, DES cipher suites remain enabled by default and included in the set of cipher suites identified by the HIGH cipher string. Future updates may move them to MEDIUM or not enable them by default.\n\nNSS addressed this issue by implementing limits on the amount of plain text which can be encrypted by using the same key. Once the limit is reached, the keys will need to be re-negotiated manually. This change will be available in nss-3.27.\n\nGnuTLS is not affected by this issue, since it prioritizes AES before 3DES in the cipher list.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red Hat JBoss Enterprise Application Platform 6.4" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2016-2183" }, { "category": "external", "summary": "RHBZ#1369383", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1369383" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2016-2183", "url": "https://www.cve.org/CVERecord?id=CVE-2016-2183" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-2183", "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-2183" }, { "category": "external", "summary": "https://access.redhat.com/articles/2548661", "url": "https://access.redhat.com/articles/2548661" }, { "category": "external", "summary": "https://access.redhat.com/errata/RHSA-2016:1940", "url": "https://access.redhat.com/errata/RHSA-2016:1940" }, { "category": "external", "summary": "https://sweet32.info/", "url": "https://sweet32.info/" } ], "release_date": "2016-08-24T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nThe References section of this erratum contains a download link (you must log in to download the update).\n\nThe JBoss server process must be restarted for the update to take effect.", "product_ids": [ "Red Hat JBoss Enterprise Application Platform 6.4" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2017:3239" }, { "category": "workaround", "details": "1.SSL/TLS configurations should prefer AES over DES. Versions of OpenSSL shipped with Red Hat Enterprise Linux 6 and 7 already do so. In the version of OpenSSL shipped with Red Hat Enterprise Linux 5, 3DES is listed below the AES-256 cipher and above the AES-128 cipher, therefore AES-256 based ciphersuite should not be disabled on the server.\n2. Servers using OpenSSL, should not disable AES-128 and AES-256 ciphersuites. Versions of Apache shipped with Red Hat Enterprise Linux use the default cipher string, in which AES is preferred over DES/3DES based ciphersuites.\n\nFor JBoss Middleware, and Java mitigations, please review this knowledge base article:\n\nhttps://access.redhat.com/articles/2598471\n\nThis can be mitigated on OpenShift Container Platform (OCP) by disabling the vulnerable TLS cipher suite in the applicable component. TLS configuration options for OCP are described here:\n\nhttps://access.redhat.com/articles/5348961", "product_ids": [ "Red Hat JBoss Enterprise Application Platform 6.4" ] } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0" }, "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.0" }, "products": [ "Red Hat JBoss Enterprise Application Platform 6.4" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "SSL/TLS: Birthday attack against 64-bit block ciphers (SWEET32)" }, { "cve": "CVE-2017-9788", "cwe": { "id": "CWE-456", "name": "Missing Initialization of a Variable" }, "discovery_date": "2017-07-13T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1470748" } ], "notes": [ { "category": "description", "text": "It was discovered that the httpd\u0027s mod_auth_digest module did not properly initialize memory before using it when processing certain headers related to digest authentication. A remote attacker could possibly use this flaw to disclose potentially sensitive information or cause httpd child process to crash by sending specially crafted requests to a server.", "title": "Vulnerability description" }, { "category": "summary", "text": "httpd: Uninitialized memory reflection in mod_auth_digest", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red Hat JBoss Enterprise Application Platform 6.4" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2017-9788" }, { "category": "external", "summary": "RHBZ#1470748", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1470748" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2017-9788", "url": "https://www.cve.org/CVERecord?id=CVE-2017-9788" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-9788", "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-9788" }, { "category": "external", "summary": "https://httpd.apache.org/security/vulnerabilities_22.html#2.2.34", "url": "https://httpd.apache.org/security/vulnerabilities_22.html#2.2.34" }, { "category": "external", "summary": "https://httpd.apache.org/security/vulnerabilities_24.html#2.4.27", "url": "https://httpd.apache.org/security/vulnerabilities_24.html#2.4.27" } ], "release_date": "2017-07-11T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nThe References section of this erratum contains a download link (you must log in to download the update).\n\nThe JBoss server process must be restarted for the update to take effect.", "product_ids": [ "Red Hat JBoss Enterprise Application Platform 6.4" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2017:3239" }, { "category": "workaround", "details": "If you do not use digest authentication, do not load the \"auth_digest_module\".\n\nFor example, on RHEL 7, this can be done by commenting out or removing the\n\"LoadModule auth_digest_module modules/mod_auth_digest.so\"\nline within the /etc/httpd/conf.modules.d/00-base.conf configuration file and restarting the service.\n\nYou can then use the \"httpd -t -D DUMP_MODULES\" command to verify that the module is no longer loaded.", "product_ids": [ "Red Hat JBoss Enterprise Application Platform 6.4" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 4.8, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:L", "version": "3.0" }, "products": [ "Red Hat JBoss Enterprise Application Platform 6.4" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "httpd: Uninitialized memory reflection in mod_auth_digest" }, { "acknowledgments": [ { "names": [ "Hanno B\u00f6ck" ] } ], "cve": "CVE-2017-9798", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "discovery_date": "2017-09-11T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1490344" } ], "notes": [ { "category": "description", "text": "A use-after-free flaw was found in the way httpd handled invalid and previously unregistered HTTP methods specified in the Limit directive used in an .htaccess file. A remote attacker could possibly use this flaw to disclose portions of the server memory, or cause httpd child process to crash.", "title": "Vulnerability description" }, { "category": "summary", "text": "httpd: Use-after-free by limiting unregistered HTTP method (Optionsbleed)", "title": "Vulnerability summary" }, { "category": "other", "text": "This issue affects the versions of httpd as shipped with Red Hat Enterprise Linux 5, 6, and 7. This issue affects the versions of httpd24-httpd as shipped with Red Hat Software Collections. Product Security has rated this issue as having Moderate security impact.\n\nIn order to be vulnerable, .htaccess files need to contain an invalid or not globally registered HTTP method in a \"Limit\" directive.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red Hat JBoss Enterprise Application Platform 6.4" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2017-9798" }, { "category": "external", "summary": "RHBZ#1490344", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1490344" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2017-9798", "url": "https://www.cve.org/CVERecord?id=CVE-2017-9798" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-9798", "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-9798" }, { "category": "external", "summary": "https://blog.fuzzing-project.org/60-Optionsbleed-HTTP-OPTIONS-method-can-leak-Apaches-server-memory.html", "url": "https://blog.fuzzing-project.org/60-Optionsbleed-HTTP-OPTIONS-method-can-leak-Apaches-server-memory.html" } ], "release_date": "2017-09-18T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nThe References section of this erratum contains a download link (you must log in to download the update).\n\nThe JBoss server process must be restarted for the update to take effect.", "product_ids": [ "Red Hat JBoss Enterprise Application Platform 6.4" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2017:3239" }, { "category": "workaround", "details": "This issue can be mitigated by configuring httpd to disallow the use of the \"Limit\" configuration directive in .htaccess files. The set of directives that can be used in .htaccess files is configured using the \"AllowOverride\" directive. Refer to Red Hat Bugzilla bug 1490344 for further details:\nhttps://bugzilla.redhat.com/show_bug.cgi?id=1490344#c18", "product_ids": [ "Red Hat JBoss Enterprise Application Platform 6.4" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.9, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.0" }, "products": [ "Red Hat JBoss Enterprise Application Platform 6.4" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "httpd: Use-after-free by limiting unregistered HTTP method (Optionsbleed)" } ] }
rhsa-2017_3113
Vulnerability from csaf_redhat
Notes
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Important" }, "category": "csaf_vex", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "An update is now available for Red Hat JBoss Enterprise Web Server 2.1.2 for RHEL 6 and Red Hat JBoss Enterprise Web Server 2.1.2 for RHEL 7.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", "title": "Topic" }, { "category": "general", "text": "The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server.\n\nOpenSSL is a toolkit that implements the Secure Sockets Layer (SSL) and Transport Layer Security (TLS) protocols, as well as a full-strength general-purpose cryptography library.\n\nApache Tomcat is a servlet container for the Java Servlet and JavaServer Pages (JSP) technologies.\n\nThis release provides an update to httpd, OpenSSL and Tomcat 6/7 for Red Hat JBoss Web Server 2.1.2. The updates are documented in the Release Notes document linked to in the References.\n\nThis release of Red Hat JBoss Web Server 2.1.2 Service Pack 2 serves as a update for Red Hat JBoss Web Server 2, and includes bug fixes, which are documented in the Release Notes document linked to in the References.\n\nUsers of Red Hat JBoss Web Server 2 should upgrade to these updated packages, which resolve several security issues.\n\nSecurity Fix(es):\n\n* It was discovered that the httpd\u0027s mod_auth_digest module did not properly initialize memory before using it when processing certain headers related to digest authentication. A remote attacker could possibly use this flaw to disclose potentially sensitive information or cause httpd child process to crash by sending specially crafted requests to a server. (CVE-2017-9788)\n\n* A vulnerability was discovered in Tomcat where if a servlet context was configured with readonly=false and HTTP PUT requests were allowed, an attacker could upload a JSP file to that context and achieve code execution. (CVE-2017-12615)\n\n* A vulnerability was discovered in Tomcat where if a servlet context was configured with readonly=false and HTTP PUT requests were allowed, an attacker could upload a JSP file to that context and achieve code execution. (CVE-2017-12617)\n\n* A flaw was found in the way the DES/3DES cipher was used as part of the TLS/SSL protocol. A man-in-the-middle attacker could use this flaw to recover some plaintext data by capturing large amounts of encrypted traffic between TLS/SSL server and client if the communication used a DES/3DES based ciphersuite. (CVE-2016-2183)\n\n* A use-after-free flaw was found in the way httpd handled invalid and previously unregistered HTTP methods specified in the Limit directive used in an .htaccess file. A remote attacker could possibly use this flaw to disclose portions of the server memory, or cause httpd child process to crash. (CVE-2017-9798)\n\nRed Hat would like to thank OpenVPN for reporting CVE-2016-2183 and Hanno B\u00f6ck for reporting CVE-2017-9798. Upstream acknowledges Karthikeyan Bhargavan (Inria) and Ga\u00ebtan Leurent (Inria) as the original reporters of CVE-2016-2183.\n\nBug Fix(es):\n\n* Corruption in nodestatsmem in multiple core dumps but in different functions of each core dump. (BZ#1338640)\n\n* mod_cluster segfaults in process_info() due to wrongly generated assembler instruction movslq (BZ#1448709)\n\n* CRL checking of very large CRLs fails with OpenSSL 1.0.2 (BZ#1493075)", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat offerings.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHSA-2017:3113", "url": "https://access.redhat.com/errata/RHSA-2017:3113" }, { "category": "external", "summary": "https://access.redhat.com/security/updates/classification/#important", "url": "https://access.redhat.com/security/updates/classification/#important" }, { "category": "external", "summary": "https://access.redhat.com/articles/3227901", "url": "https://access.redhat.com/articles/3227901" }, { "category": "external", "summary": "1369383", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1369383" }, { "category": "external", "summary": "1470748", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1470748" }, { "category": "external", "summary": "1490344", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1490344" }, { "category": "external", "summary": "1493075", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1493075" }, { "category": "external", "summary": "1493220", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1493220" }, { "category": "external", "summary": "1494283", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1494283" }, { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/data/csaf/v2/advisories/2017/rhsa-2017_3113.json" } ], "title": "Red Hat Security Advisory: Red Hat JBoss Web Server security and bug fix update", "tracking": { "current_release_date": "2024-09-16T00:25:25+00:00", "generator": { "date": "2024-09-16T00:25:25+00:00", "engine": { "name": "Red Hat SDEngine", "version": "3.33.3" } }, "id": "RHSA-2017:3113", "initial_release_date": "2017-11-02T19:15:44+00:00", "revision_history": [ { "date": "2017-11-02T19:15:44+00:00", "number": "1", "summary": "Initial version" }, { "date": "2017-11-02T19:15:44+00:00", "number": "2", "summary": "Last updated version" }, { "date": "2024-09-16T00:25:25+00:00", "number": "3", "summary": "Last generated version" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server", "product": { "name": "Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server", "product_id": "6Server-JBEWS-2", "product_identification_helper": { "cpe": "cpe:/a:redhat:jboss_enterprise_web_server:2::el6" } } }, { "category": "product_name", "name": "Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server", "product": { "name": "Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server", "product_id": "7Server-JBEWS-2", "product_identification_helper": { "cpe": "cpe:/a:redhat:jboss_enterprise_web_server:2::el7" } } } ], "category": "product_family", "name": "Red Hat JBoss Web Server" }, { "branches": [ { "category": "product_version", "name": "httpd-0:2.2.26-57.ep6.el6.x86_64", "product": { "name": "httpd-0:2.2.26-57.ep6.el6.x86_64", "product_id": "httpd-0:2.2.26-57.ep6.el6.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/httpd@2.2.26-57.ep6.el6?arch=x86_64" } } }, { "category": "product_version", "name": "httpd-debuginfo-0:2.2.26-57.ep6.el6.x86_64", "product": { "name": "httpd-debuginfo-0:2.2.26-57.ep6.el6.x86_64", "product_id": "httpd-debuginfo-0:2.2.26-57.ep6.el6.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/httpd-debuginfo@2.2.26-57.ep6.el6?arch=x86_64" } } }, { "category": "product_version", "name": "mod_ldap-0:2.2.26-57.ep6.el6.x86_64", "product": { "name": "mod_ldap-0:2.2.26-57.ep6.el6.x86_64", "product_id": "mod_ldap-0:2.2.26-57.ep6.el6.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/mod_ldap@2.2.26-57.ep6.el6?arch=x86_64" } } }, { "category": "product_version", "name": "httpd-tools-0:2.2.26-57.ep6.el6.x86_64", "product": { "name": "httpd-tools-0:2.2.26-57.ep6.el6.x86_64", "product_id": "httpd-tools-0:2.2.26-57.ep6.el6.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/httpd-tools@2.2.26-57.ep6.el6?arch=x86_64" } } }, { "category": "product_version", "name": "httpd-devel-0:2.2.26-57.ep6.el6.x86_64", "product": { "name": "httpd-devel-0:2.2.26-57.ep6.el6.x86_64", "product_id": "httpd-devel-0:2.2.26-57.ep6.el6.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/httpd-devel@2.2.26-57.ep6.el6?arch=x86_64" } } }, { "category": "product_version", "name": "mod_ssl-1:2.2.26-57.ep6.el6.x86_64", "product": { "name": "mod_ssl-1:2.2.26-57.ep6.el6.x86_64", "product_id": "mod_ssl-1:2.2.26-57.ep6.el6.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/mod_ssl@2.2.26-57.ep6.el6?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "httpd-manual-0:2.2.26-57.ep6.el6.x86_64", "product": { "name": "httpd-manual-0:2.2.26-57.ep6.el6.x86_64", "product_id": "httpd-manual-0:2.2.26-57.ep6.el6.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/httpd-manual@2.2.26-57.ep6.el6?arch=x86_64" } } }, { "category": "product_version", "name": "mod_cluster-native-debuginfo-0:1.2.13-9.Final_redhat_2.ep6.el6.x86_64", "product": { "name": "mod_cluster-native-debuginfo-0:1.2.13-9.Final_redhat_2.ep6.el6.x86_64", "product_id": "mod_cluster-native-debuginfo-0:1.2.13-9.Final_redhat_2.ep6.el6.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/mod_cluster-native-debuginfo@1.2.13-9.Final_redhat_2.ep6.el6?arch=x86_64" } } }, { "category": "product_version", "name": "mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el6.x86_64", "product": { "name": "mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el6.x86_64", "product_id": "mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el6.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/mod_cluster-native@1.2.13-9.Final_redhat_2.ep6.el6?arch=x86_64" } } }, { "category": "product_version", "name": "jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el6.x86_64", "product": { "name": "jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el6.x86_64", "product_id": "jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el6.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-openssl-static@1.0.2h-14.jbcs.el6?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el6.x86_64", "product": { "name": "jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el6.x86_64", "product_id": "jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el6.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-openssl-libs@1.0.2h-14.jbcs.el6?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el6.x86_64", "product": { "name": "jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el6.x86_64", "product_id": "jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el6.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-openssl-perl@1.0.2h-14.jbcs.el6?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.x86_64", "product": { "name": "jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.x86_64", "product_id": "jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-openssl@1.0.2h-14.jbcs.el6?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el6.x86_64", "product": { "name": "jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el6.x86_64", "product_id": "jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el6.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-openssl-debuginfo@1.0.2h-14.jbcs.el6?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el6.x86_64", "product": { "name": "jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el6.x86_64", "product_id": "jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el6.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-openssl-devel@1.0.2h-14.jbcs.el6?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "mod_cluster-native-debuginfo-0:1.2.13-9.Final_redhat_2.ep6.el7.x86_64", "product": { "name": "mod_cluster-native-debuginfo-0:1.2.13-9.Final_redhat_2.ep6.el7.x86_64", "product_id": "mod_cluster-native-debuginfo-0:1.2.13-9.Final_redhat_2.ep6.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/mod_cluster-native-debuginfo@1.2.13-9.Final_redhat_2.ep6.el7?arch=x86_64" } } }, { "category": "product_version", "name": "mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el7.x86_64", "product": { "name": "mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el7.x86_64", "product_id": "mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/mod_cluster-native@1.2.13-9.Final_redhat_2.ep6.el7?arch=x86_64" } } }, { "category": "product_version", "name": "mod_ssl22-1:2.2.26-58.ep6.el7.x86_64", "product": { "name": "mod_ssl22-1:2.2.26-58.ep6.el7.x86_64", "product_id": "mod_ssl22-1:2.2.26-58.ep6.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/mod_ssl22@2.2.26-58.ep6.el7?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "httpd22-manual-0:2.2.26-58.ep6.el7.x86_64", "product": { "name": "httpd22-manual-0:2.2.26-58.ep6.el7.x86_64", "product_id": "httpd22-manual-0:2.2.26-58.ep6.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/httpd22-manual@2.2.26-58.ep6.el7?arch=x86_64" } } }, { "category": "product_version", "name": "mod_ldap22-0:2.2.26-58.ep6.el7.x86_64", "product": { "name": "mod_ldap22-0:2.2.26-58.ep6.el7.x86_64", "product_id": "mod_ldap22-0:2.2.26-58.ep6.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/mod_ldap22@2.2.26-58.ep6.el7?arch=x86_64" } } }, { "category": "product_version", "name": "httpd22-0:2.2.26-58.ep6.el7.x86_64", "product": { "name": "httpd22-0:2.2.26-58.ep6.el7.x86_64", "product_id": "httpd22-0:2.2.26-58.ep6.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/httpd22@2.2.26-58.ep6.el7?arch=x86_64" } } }, { "category": "product_version", "name": "httpd22-debuginfo-0:2.2.26-58.ep6.el7.x86_64", "product": { "name": "httpd22-debuginfo-0:2.2.26-58.ep6.el7.x86_64", "product_id": "httpd22-debuginfo-0:2.2.26-58.ep6.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/httpd22-debuginfo@2.2.26-58.ep6.el7?arch=x86_64" } } }, { "category": "product_version", "name": "httpd22-tools-0:2.2.26-58.ep6.el7.x86_64", "product": { "name": "httpd22-tools-0:2.2.26-58.ep6.el7.x86_64", "product_id": "httpd22-tools-0:2.2.26-58.ep6.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/httpd22-tools@2.2.26-58.ep6.el7?arch=x86_64" } } }, { "category": "product_version", "name": "httpd22-devel-0:2.2.26-58.ep6.el7.x86_64", "product": { "name": "httpd22-devel-0:2.2.26-58.ep6.el7.x86_64", "product_id": "httpd22-devel-0:2.2.26-58.ep6.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/httpd22-devel@2.2.26-58.ep6.el7?arch=x86_64" } } }, { "category": "product_version", "name": "jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el7.x86_64", "product": { "name": "jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el7.x86_64", "product_id": "jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-openssl-static@1.0.2h-14.jbcs.el7?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el7.x86_64", "product": { "name": "jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el7.x86_64", "product_id": "jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-openssl-libs@1.0.2h-14.jbcs.el7?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el7.x86_64", "product": { "name": "jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el7.x86_64", "product_id": "jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-openssl-perl@1.0.2h-14.jbcs.el7?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el7.x86_64", "product": { "name": "jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el7.x86_64", "product_id": "jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-openssl@1.0.2h-14.jbcs.el7?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el7.x86_64", "product": { "name": "jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el7.x86_64", "product_id": "jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-openssl-devel@1.0.2h-14.jbcs.el7?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el7.x86_64", "product": { "name": "jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el7.x86_64", "product_id": "jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-openssl-debuginfo@1.0.2h-14.jbcs.el7?arch=x86_64\u0026epoch=1" } } } ], "category": "architecture", "name": "x86_64" }, { "branches": [ { "category": "product_version", "name": "httpd-0:2.2.26-57.ep6.el6.i386", "product": { "name": "httpd-0:2.2.26-57.ep6.el6.i386", "product_id": "httpd-0:2.2.26-57.ep6.el6.i386", "product_identification_helper": { "purl": "pkg:rpm/redhat/httpd@2.2.26-57.ep6.el6?arch=i386" } } }, { "category": "product_version", "name": "httpd-debuginfo-0:2.2.26-57.ep6.el6.i386", "product": { "name": "httpd-debuginfo-0:2.2.26-57.ep6.el6.i386", "product_id": "httpd-debuginfo-0:2.2.26-57.ep6.el6.i386", "product_identification_helper": { "purl": "pkg:rpm/redhat/httpd-debuginfo@2.2.26-57.ep6.el6?arch=i386" } } }, { "category": "product_version", "name": "mod_ldap-0:2.2.26-57.ep6.el6.i386", "product": { "name": "mod_ldap-0:2.2.26-57.ep6.el6.i386", "product_id": "mod_ldap-0:2.2.26-57.ep6.el6.i386", "product_identification_helper": { "purl": "pkg:rpm/redhat/mod_ldap@2.2.26-57.ep6.el6?arch=i386" } } }, { "category": "product_version", "name": "httpd-tools-0:2.2.26-57.ep6.el6.i386", "product": { "name": "httpd-tools-0:2.2.26-57.ep6.el6.i386", "product_id": "httpd-tools-0:2.2.26-57.ep6.el6.i386", "product_identification_helper": { "purl": "pkg:rpm/redhat/httpd-tools@2.2.26-57.ep6.el6?arch=i386" } } }, { "category": "product_version", "name": "httpd-devel-0:2.2.26-57.ep6.el6.i386", "product": { "name": "httpd-devel-0:2.2.26-57.ep6.el6.i386", "product_id": "httpd-devel-0:2.2.26-57.ep6.el6.i386", "product_identification_helper": { "purl": "pkg:rpm/redhat/httpd-devel@2.2.26-57.ep6.el6?arch=i386" } } }, { "category": "product_version", "name": "mod_ssl-1:2.2.26-57.ep6.el6.i386", "product": { "name": "mod_ssl-1:2.2.26-57.ep6.el6.i386", "product_id": "mod_ssl-1:2.2.26-57.ep6.el6.i386", "product_identification_helper": { "purl": "pkg:rpm/redhat/mod_ssl@2.2.26-57.ep6.el6?arch=i386\u0026epoch=1" } } }, { "category": "product_version", "name": "httpd-manual-0:2.2.26-57.ep6.el6.i386", "product": { "name": "httpd-manual-0:2.2.26-57.ep6.el6.i386", "product_id": "httpd-manual-0:2.2.26-57.ep6.el6.i386", "product_identification_helper": { "purl": "pkg:rpm/redhat/httpd-manual@2.2.26-57.ep6.el6?arch=i386" } } }, { "category": "product_version", "name": "mod_cluster-native-debuginfo-0:1.2.13-9.Final_redhat_2.ep6.el6.i386", "product": { "name": "mod_cluster-native-debuginfo-0:1.2.13-9.Final_redhat_2.ep6.el6.i386", "product_id": "mod_cluster-native-debuginfo-0:1.2.13-9.Final_redhat_2.ep6.el6.i386", "product_identification_helper": { "purl": "pkg:rpm/redhat/mod_cluster-native-debuginfo@1.2.13-9.Final_redhat_2.ep6.el6?arch=i386" } } }, { "category": "product_version", "name": "mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el6.i386", "product": { "name": "mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el6.i386", "product_id": "mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el6.i386", "product_identification_helper": { "purl": "pkg:rpm/redhat/mod_cluster-native@1.2.13-9.Final_redhat_2.ep6.el6?arch=i386" } } } ], "category": "architecture", "name": "i386" }, { "branches": [ { "category": "product_version", "name": "httpd-0:2.2.26-57.ep6.el6.src", "product": { "name": "httpd-0:2.2.26-57.ep6.el6.src", "product_id": "httpd-0:2.2.26-57.ep6.el6.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/httpd@2.2.26-57.ep6.el6?arch=src" } } }, { "category": "product_version", "name": "mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el6.src", "product": { "name": "mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el6.src", "product_id": "mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el6.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/mod_cluster-native@1.2.13-9.Final_redhat_2.ep6.el6?arch=src" } } }, { "category": "product_version", "name": "jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.src", "product": { "name": "jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.src", "product_id": "jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-openssl@1.0.2h-14.jbcs.el6?arch=src\u0026epoch=1" } } }, { "category": "product_version", "name": "tomcat6-0:6.0.41-19_patch_04.ep6.el6.src", "product": { "name": "tomcat6-0:6.0.41-19_patch_04.ep6.el6.src", "product_id": "tomcat6-0:6.0.41-19_patch_04.ep6.el6.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/tomcat6@6.0.41-19_patch_04.ep6.el6?arch=src" } } }, { "category": "product_version", "name": "tomcat7-0:7.0.54-28_patch_05.ep6.el6.src", "product": { "name": "tomcat7-0:7.0.54-28_patch_05.ep6.el6.src", "product_id": "tomcat7-0:7.0.54-28_patch_05.ep6.el6.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/tomcat7@7.0.54-28_patch_05.ep6.el6?arch=src" } } }, { "category": "product_version", "name": "mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el7.src", "product": { "name": "mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el7.src", "product_id": "mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/mod_cluster-native@1.2.13-9.Final_redhat_2.ep6.el7?arch=src" } } }, { "category": "product_version", "name": "httpd22-0:2.2.26-58.ep6.el7.src", "product": { "name": "httpd22-0:2.2.26-58.ep6.el7.src", "product_id": "httpd22-0:2.2.26-58.ep6.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/httpd22@2.2.26-58.ep6.el7?arch=src" } } }, { "category": "product_version", "name": "jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el7.src", "product": { "name": "jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el7.src", "product_id": "jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-openssl@1.0.2h-14.jbcs.el7?arch=src\u0026epoch=1" } } }, { "category": "product_version", "name": "tomcat6-0:6.0.41-19_patch_04.ep6.el7.src", "product": { "name": "tomcat6-0:6.0.41-19_patch_04.ep6.el7.src", "product_id": "tomcat6-0:6.0.41-19_patch_04.ep6.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/tomcat6@6.0.41-19_patch_04.ep6.el7?arch=src" } } }, { "category": "product_version", "name": "tomcat7-0:7.0.54-28_patch_05.ep6.el7.src", "product": { "name": "tomcat7-0:7.0.54-28_patch_05.ep6.el7.src", "product_id": "tomcat7-0:7.0.54-28_patch_05.ep6.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/tomcat7@7.0.54-28_patch_05.ep6.el7?arch=src" } } } ], "category": "architecture", "name": "src" }, { "branches": [ { "category": "product_version", "name": "jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el6.i686", "product": { "name": "jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el6.i686", "product_id": "jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el6.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-openssl-static@1.0.2h-14.jbcs.el6?arch=i686\u0026epoch=1" } } }, { "category": "product_version", "name": "jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el6.i686", "product": { "name": "jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el6.i686", "product_id": "jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el6.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-openssl-libs@1.0.2h-14.jbcs.el6?arch=i686\u0026epoch=1" } } }, { "category": "product_version", "name": "jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el6.i686", "product": { "name": "jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el6.i686", "product_id": "jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el6.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-openssl-perl@1.0.2h-14.jbcs.el6?arch=i686\u0026epoch=1" } } }, { "category": "product_version", "name": "jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.i686", "product": { "name": "jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.i686", "product_id": "jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-openssl@1.0.2h-14.jbcs.el6?arch=i686\u0026epoch=1" } } }, { "category": "product_version", "name": "jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el6.i686", "product": { "name": "jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el6.i686", "product_id": "jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el6.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-openssl-debuginfo@1.0.2h-14.jbcs.el6?arch=i686\u0026epoch=1" } } }, { "category": "product_version", "name": "jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el6.i686", "product": { "name": "jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el6.i686", "product_id": "jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el6.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-openssl-devel@1.0.2h-14.jbcs.el6?arch=i686\u0026epoch=1" } } } ], "category": "architecture", "name": "i686" }, { "branches": [ { "category": "product_version", "name": "tomcat6-maven-devel-0:6.0.41-19_patch_04.ep6.el6.noarch", "product": { "name": "tomcat6-maven-devel-0:6.0.41-19_patch_04.ep6.el6.noarch", "product_id": "tomcat6-maven-devel-0:6.0.41-19_patch_04.ep6.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/tomcat6-maven-devel@6.0.41-19_patch_04.ep6.el6?arch=noarch" } } }, { "category": "product_version", "name": "tomcat6-el-2.1-api-0:6.0.41-19_patch_04.ep6.el6.noarch", "product": { "name": "tomcat6-el-2.1-api-0:6.0.41-19_patch_04.ep6.el6.noarch", "product_id": "tomcat6-el-2.1-api-0:6.0.41-19_patch_04.ep6.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/tomcat6-el-2.1-api@6.0.41-19_patch_04.ep6.el6?arch=noarch" } } }, { "category": "product_version", "name": "tomcat6-0:6.0.41-19_patch_04.ep6.el6.noarch", "product": { "name": "tomcat6-0:6.0.41-19_patch_04.ep6.el6.noarch", "product_id": "tomcat6-0:6.0.41-19_patch_04.ep6.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/tomcat6@6.0.41-19_patch_04.ep6.el6?arch=noarch" } } }, { "category": "product_version", "name": "tomcat6-webapps-0:6.0.41-19_patch_04.ep6.el6.noarch", "product": { "name": "tomcat6-webapps-0:6.0.41-19_patch_04.ep6.el6.noarch", "product_id": "tomcat6-webapps-0:6.0.41-19_patch_04.ep6.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/tomcat6-webapps@6.0.41-19_patch_04.ep6.el6?arch=noarch" } } }, { "category": "product_version", "name": "tomcat6-servlet-2.5-api-0:6.0.41-19_patch_04.ep6.el6.noarch", "product": { "name": "tomcat6-servlet-2.5-api-0:6.0.41-19_patch_04.ep6.el6.noarch", "product_id": "tomcat6-servlet-2.5-api-0:6.0.41-19_patch_04.ep6.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/tomcat6-servlet-2.5-api@6.0.41-19_patch_04.ep6.el6?arch=noarch" } } }, { "category": "product_version", "name": "tomcat6-log4j-0:6.0.41-19_patch_04.ep6.el6.noarch", "product": { "name": "tomcat6-log4j-0:6.0.41-19_patch_04.ep6.el6.noarch", "product_id": "tomcat6-log4j-0:6.0.41-19_patch_04.ep6.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/tomcat6-log4j@6.0.41-19_patch_04.ep6.el6?arch=noarch" } } }, { "category": "product_version", "name": "tomcat6-docs-webapp-0:6.0.41-19_patch_04.ep6.el6.noarch", "product": { "name": "tomcat6-docs-webapp-0:6.0.41-19_patch_04.ep6.el6.noarch", "product_id": "tomcat6-docs-webapp-0:6.0.41-19_patch_04.ep6.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/tomcat6-docs-webapp@6.0.41-19_patch_04.ep6.el6?arch=noarch" } } }, { "category": "product_version", "name": "tomcat6-jsp-2.1-api-0:6.0.41-19_patch_04.ep6.el6.noarch", "product": { "name": "tomcat6-jsp-2.1-api-0:6.0.41-19_patch_04.ep6.el6.noarch", "product_id": "tomcat6-jsp-2.1-api-0:6.0.41-19_patch_04.ep6.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/tomcat6-jsp-2.1-api@6.0.41-19_patch_04.ep6.el6?arch=noarch" } } }, { "category": "product_version", "name": "tomcat6-admin-webapps-0:6.0.41-19_patch_04.ep6.el6.noarch", "product": { "name": "tomcat6-admin-webapps-0:6.0.41-19_patch_04.ep6.el6.noarch", "product_id": "tomcat6-admin-webapps-0:6.0.41-19_patch_04.ep6.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/tomcat6-admin-webapps@6.0.41-19_patch_04.ep6.el6?arch=noarch" } } }, { "category": "product_version", "name": "tomcat6-javadoc-0:6.0.41-19_patch_04.ep6.el6.noarch", "product": { "name": "tomcat6-javadoc-0:6.0.41-19_patch_04.ep6.el6.noarch", "product_id": "tomcat6-javadoc-0:6.0.41-19_patch_04.ep6.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/tomcat6-javadoc@6.0.41-19_patch_04.ep6.el6?arch=noarch" } } }, { "category": "product_version", "name": "tomcat6-lib-0:6.0.41-19_patch_04.ep6.el6.noarch", "product": { "name": "tomcat6-lib-0:6.0.41-19_patch_04.ep6.el6.noarch", "product_id": "tomcat6-lib-0:6.0.41-19_patch_04.ep6.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/tomcat6-lib@6.0.41-19_patch_04.ep6.el6?arch=noarch" } } }, { "category": "product_version", "name": "tomcat7-javadoc-0:7.0.54-28_patch_05.ep6.el6.noarch", "product": { "name": "tomcat7-javadoc-0:7.0.54-28_patch_05.ep6.el6.noarch", "product_id": "tomcat7-javadoc-0:7.0.54-28_patch_05.ep6.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/tomcat7-javadoc@7.0.54-28_patch_05.ep6.el6?arch=noarch" } } }, { "category": "product_version", "name": "tomcat7-maven-devel-0:7.0.54-28_patch_05.ep6.el6.noarch", "product": { "name": "tomcat7-maven-devel-0:7.0.54-28_patch_05.ep6.el6.noarch", "product_id": "tomcat7-maven-devel-0:7.0.54-28_patch_05.ep6.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/tomcat7-maven-devel@7.0.54-28_patch_05.ep6.el6?arch=noarch" } } }, { "category": "product_version", "name": "tomcat7-lib-0:7.0.54-28_patch_05.ep6.el6.noarch", "product": { "name": "tomcat7-lib-0:7.0.54-28_patch_05.ep6.el6.noarch", "product_id": "tomcat7-lib-0:7.0.54-28_patch_05.ep6.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/tomcat7-lib@7.0.54-28_patch_05.ep6.el6?arch=noarch" } } }, { "category": "product_version", "name": "tomcat7-docs-webapp-0:7.0.54-28_patch_05.ep6.el6.noarch", "product": { "name": "tomcat7-docs-webapp-0:7.0.54-28_patch_05.ep6.el6.noarch", "product_id": "tomcat7-docs-webapp-0:7.0.54-28_patch_05.ep6.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/tomcat7-docs-webapp@7.0.54-28_patch_05.ep6.el6?arch=noarch" } } }, { "category": "product_version", "name": "tomcat7-webapps-0:7.0.54-28_patch_05.ep6.el6.noarch", "product": { "name": "tomcat7-webapps-0:7.0.54-28_patch_05.ep6.el6.noarch", "product_id": "tomcat7-webapps-0:7.0.54-28_patch_05.ep6.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/tomcat7-webapps@7.0.54-28_patch_05.ep6.el6?arch=noarch" } } }, { "category": "product_version", "name": "tomcat7-0:7.0.54-28_patch_05.ep6.el6.noarch", "product": { "name": "tomcat7-0:7.0.54-28_patch_05.ep6.el6.noarch", "product_id": "tomcat7-0:7.0.54-28_patch_05.ep6.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/tomcat7@7.0.54-28_patch_05.ep6.el6?arch=noarch" } } }, { "category": "product_version", "name": "tomcat7-jsp-2.2-api-0:7.0.54-28_patch_05.ep6.el6.noarch", "product": { "name": "tomcat7-jsp-2.2-api-0:7.0.54-28_patch_05.ep6.el6.noarch", "product_id": "tomcat7-jsp-2.2-api-0:7.0.54-28_patch_05.ep6.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/tomcat7-jsp-2.2-api@7.0.54-28_patch_05.ep6.el6?arch=noarch" } } }, { "category": "product_version", "name": "tomcat7-admin-webapps-0:7.0.54-28_patch_05.ep6.el6.noarch", "product": { "name": "tomcat7-admin-webapps-0:7.0.54-28_patch_05.ep6.el6.noarch", "product_id": "tomcat7-admin-webapps-0:7.0.54-28_patch_05.ep6.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/tomcat7-admin-webapps@7.0.54-28_patch_05.ep6.el6?arch=noarch" } } }, { "category": "product_version", "name": "tomcat7-el-2.2-api-0:7.0.54-28_patch_05.ep6.el6.noarch", "product": { "name": "tomcat7-el-2.2-api-0:7.0.54-28_patch_05.ep6.el6.noarch", "product_id": "tomcat7-el-2.2-api-0:7.0.54-28_patch_05.ep6.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/tomcat7-el-2.2-api@7.0.54-28_patch_05.ep6.el6?arch=noarch" } } }, { "category": "product_version", "name": "tomcat7-servlet-3.0-api-0:7.0.54-28_patch_05.ep6.el6.noarch", "product": { "name": "tomcat7-servlet-3.0-api-0:7.0.54-28_patch_05.ep6.el6.noarch", "product_id": "tomcat7-servlet-3.0-api-0:7.0.54-28_patch_05.ep6.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/tomcat7-servlet-3.0-api@7.0.54-28_patch_05.ep6.el6?arch=noarch" } } }, { "category": "product_version", "name": "tomcat7-log4j-0:7.0.54-28_patch_05.ep6.el6.noarch", "product": { "name": "tomcat7-log4j-0:7.0.54-28_patch_05.ep6.el6.noarch", "product_id": "tomcat7-log4j-0:7.0.54-28_patch_05.ep6.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/tomcat7-log4j@7.0.54-28_patch_05.ep6.el6?arch=noarch" } } }, { "category": "product_version", "name": "tomcat6-maven-devel-0:6.0.41-19_patch_04.ep6.el7.noarch", "product": { "name": "tomcat6-maven-devel-0:6.0.41-19_patch_04.ep6.el7.noarch", "product_id": "tomcat6-maven-devel-0:6.0.41-19_patch_04.ep6.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/tomcat6-maven-devel@6.0.41-19_patch_04.ep6.el7?arch=noarch" } } }, { "category": "product_version", "name": "tomcat6-docs-webapp-0:6.0.41-19_patch_04.ep6.el7.noarch", "product": { "name": "tomcat6-docs-webapp-0:6.0.41-19_patch_04.ep6.el7.noarch", "product_id": "tomcat6-docs-webapp-0:6.0.41-19_patch_04.ep6.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/tomcat6-docs-webapp@6.0.41-19_patch_04.ep6.el7?arch=noarch" } } }, { "category": "product_version", "name": "tomcat6-webapps-0:6.0.41-19_patch_04.ep6.el7.noarch", "product": { "name": "tomcat6-webapps-0:6.0.41-19_patch_04.ep6.el7.noarch", "product_id": "tomcat6-webapps-0:6.0.41-19_patch_04.ep6.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/tomcat6-webapps@6.0.41-19_patch_04.ep6.el7?arch=noarch" } } }, { "category": "product_version", "name": "tomcat6-0:6.0.41-19_patch_04.ep6.el7.noarch", "product": { "name": "tomcat6-0:6.0.41-19_patch_04.ep6.el7.noarch", "product_id": "tomcat6-0:6.0.41-19_patch_04.ep6.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/tomcat6@6.0.41-19_patch_04.ep6.el7?arch=noarch" } } }, { "category": "product_version", "name": "tomcat6-servlet-2.5-api-0:6.0.41-19_patch_04.ep6.el7.noarch", "product": { "name": "tomcat6-servlet-2.5-api-0:6.0.41-19_patch_04.ep6.el7.noarch", "product_id": "tomcat6-servlet-2.5-api-0:6.0.41-19_patch_04.ep6.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/tomcat6-servlet-2.5-api@6.0.41-19_patch_04.ep6.el7?arch=noarch" } } }, { "category": "product_version", "name": "tomcat6-el-2.1-api-0:6.0.41-19_patch_04.ep6.el7.noarch", "product": { "name": "tomcat6-el-2.1-api-0:6.0.41-19_patch_04.ep6.el7.noarch", "product_id": "tomcat6-el-2.1-api-0:6.0.41-19_patch_04.ep6.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/tomcat6-el-2.1-api@6.0.41-19_patch_04.ep6.el7?arch=noarch" } } }, { "category": "product_version", "name": "tomcat6-log4j-0:6.0.41-19_patch_04.ep6.el7.noarch", "product": { "name": "tomcat6-log4j-0:6.0.41-19_patch_04.ep6.el7.noarch", "product_id": "tomcat6-log4j-0:6.0.41-19_patch_04.ep6.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/tomcat6-log4j@6.0.41-19_patch_04.ep6.el7?arch=noarch" } } }, { "category": "product_version", "name": "tomcat6-admin-webapps-0:6.0.41-19_patch_04.ep6.el7.noarch", "product": { "name": "tomcat6-admin-webapps-0:6.0.41-19_patch_04.ep6.el7.noarch", "product_id": "tomcat6-admin-webapps-0:6.0.41-19_patch_04.ep6.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/tomcat6-admin-webapps@6.0.41-19_patch_04.ep6.el7?arch=noarch" } } }, { "category": "product_version", "name": "tomcat6-jsp-2.1-api-0:6.0.41-19_patch_04.ep6.el7.noarch", "product": { "name": "tomcat6-jsp-2.1-api-0:6.0.41-19_patch_04.ep6.el7.noarch", "product_id": "tomcat6-jsp-2.1-api-0:6.0.41-19_patch_04.ep6.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/tomcat6-jsp-2.1-api@6.0.41-19_patch_04.ep6.el7?arch=noarch" } } }, { "category": "product_version", "name": "tomcat6-lib-0:6.0.41-19_patch_04.ep6.el7.noarch", "product": { "name": "tomcat6-lib-0:6.0.41-19_patch_04.ep6.el7.noarch", "product_id": "tomcat6-lib-0:6.0.41-19_patch_04.ep6.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/tomcat6-lib@6.0.41-19_patch_04.ep6.el7?arch=noarch" } } }, { "category": "product_version", "name": "tomcat6-javadoc-0:6.0.41-19_patch_04.ep6.el7.noarch", "product": { "name": "tomcat6-javadoc-0:6.0.41-19_patch_04.ep6.el7.noarch", "product_id": "tomcat6-javadoc-0:6.0.41-19_patch_04.ep6.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/tomcat6-javadoc@6.0.41-19_patch_04.ep6.el7?arch=noarch" } } }, { "category": "product_version", "name": "tomcat7-javadoc-0:7.0.54-28_patch_05.ep6.el7.noarch", "product": { "name": "tomcat7-javadoc-0:7.0.54-28_patch_05.ep6.el7.noarch", "product_id": "tomcat7-javadoc-0:7.0.54-28_patch_05.ep6.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/tomcat7-javadoc@7.0.54-28_patch_05.ep6.el7?arch=noarch" } } }, { "category": "product_version", "name": "tomcat7-lib-0:7.0.54-28_patch_05.ep6.el7.noarch", "product": { "name": "tomcat7-lib-0:7.0.54-28_patch_05.ep6.el7.noarch", "product_id": "tomcat7-lib-0:7.0.54-28_patch_05.ep6.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/tomcat7-lib@7.0.54-28_patch_05.ep6.el7?arch=noarch" } } }, { "category": "product_version", "name": "tomcat7-docs-webapp-0:7.0.54-28_patch_05.ep6.el7.noarch", "product": { "name": "tomcat7-docs-webapp-0:7.0.54-28_patch_05.ep6.el7.noarch", "product_id": "tomcat7-docs-webapp-0:7.0.54-28_patch_05.ep6.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/tomcat7-docs-webapp@7.0.54-28_patch_05.ep6.el7?arch=noarch" } } }, { "category": "product_version", "name": "tomcat7-webapps-0:7.0.54-28_patch_05.ep6.el7.noarch", "product": { "name": "tomcat7-webapps-0:7.0.54-28_patch_05.ep6.el7.noarch", "product_id": "tomcat7-webapps-0:7.0.54-28_patch_05.ep6.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/tomcat7-webapps@7.0.54-28_patch_05.ep6.el7?arch=noarch" } } }, { "category": "product_version", "name": "tomcat7-0:7.0.54-28_patch_05.ep6.el7.noarch", "product": { "name": "tomcat7-0:7.0.54-28_patch_05.ep6.el7.noarch", "product_id": "tomcat7-0:7.0.54-28_patch_05.ep6.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/tomcat7@7.0.54-28_patch_05.ep6.el7?arch=noarch" } } }, { "category": "product_version", "name": "tomcat7-admin-webapps-0:7.0.54-28_patch_05.ep6.el7.noarch", "product": { "name": "tomcat7-admin-webapps-0:7.0.54-28_patch_05.ep6.el7.noarch", "product_id": "tomcat7-admin-webapps-0:7.0.54-28_patch_05.ep6.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/tomcat7-admin-webapps@7.0.54-28_patch_05.ep6.el7?arch=noarch" } } }, { "category": "product_version", "name": "tomcat7-jsp-2.2-api-0:7.0.54-28_patch_05.ep6.el7.noarch", "product": { "name": "tomcat7-jsp-2.2-api-0:7.0.54-28_patch_05.ep6.el7.noarch", "product_id": "tomcat7-jsp-2.2-api-0:7.0.54-28_patch_05.ep6.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/tomcat7-jsp-2.2-api@7.0.54-28_patch_05.ep6.el7?arch=noarch" } } }, { "category": "product_version", "name": "tomcat7-log4j-0:7.0.54-28_patch_05.ep6.el7.noarch", "product": { "name": "tomcat7-log4j-0:7.0.54-28_patch_05.ep6.el7.noarch", "product_id": "tomcat7-log4j-0:7.0.54-28_patch_05.ep6.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/tomcat7-log4j@7.0.54-28_patch_05.ep6.el7?arch=noarch" } } }, { "category": "product_version", "name": "tomcat7-el-2.2-api-0:7.0.54-28_patch_05.ep6.el7.noarch", "product": { "name": "tomcat7-el-2.2-api-0:7.0.54-28_patch_05.ep6.el7.noarch", "product_id": "tomcat7-el-2.2-api-0:7.0.54-28_patch_05.ep6.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/tomcat7-el-2.2-api@7.0.54-28_patch_05.ep6.el7?arch=noarch" } } }, { "category": "product_version", "name": "tomcat7-servlet-3.0-api-0:7.0.54-28_patch_05.ep6.el7.noarch", "product": { "name": "tomcat7-servlet-3.0-api-0:7.0.54-28_patch_05.ep6.el7.noarch", "product_id": "tomcat7-servlet-3.0-api-0:7.0.54-28_patch_05.ep6.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/tomcat7-servlet-3.0-api@7.0.54-28_patch_05.ep6.el7?arch=noarch" } } }, { "category": "product_version", "name": "tomcat7-maven-devel-0:7.0.54-28_patch_05.ep6.el7.noarch", "product": { "name": "tomcat7-maven-devel-0:7.0.54-28_patch_05.ep6.el7.noarch", "product_id": "tomcat7-maven-devel-0:7.0.54-28_patch_05.ep6.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/tomcat7-maven-devel@7.0.54-28_patch_05.ep6.el7?arch=noarch" } } } ], "category": "architecture", "name": "noarch" } ], "category": "vendor", "name": "Red Hat" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "httpd-0:2.2.26-57.ep6.el6.i386 as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server", "product_id": "6Server-JBEWS-2:httpd-0:2.2.26-57.ep6.el6.i386" }, "product_reference": "httpd-0:2.2.26-57.ep6.el6.i386", "relates_to_product_reference": "6Server-JBEWS-2" }, { "category": "default_component_of", "full_product_name": { "name": "httpd-0:2.2.26-57.ep6.el6.src as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server", "product_id": "6Server-JBEWS-2:httpd-0:2.2.26-57.ep6.el6.src" }, "product_reference": "httpd-0:2.2.26-57.ep6.el6.src", "relates_to_product_reference": "6Server-JBEWS-2" }, { "category": "default_component_of", "full_product_name": { "name": "httpd-0:2.2.26-57.ep6.el6.x86_64 as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server", "product_id": "6Server-JBEWS-2:httpd-0:2.2.26-57.ep6.el6.x86_64" }, "product_reference": "httpd-0:2.2.26-57.ep6.el6.x86_64", "relates_to_product_reference": "6Server-JBEWS-2" }, { "category": "default_component_of", "full_product_name": { "name": "httpd-debuginfo-0:2.2.26-57.ep6.el6.i386 as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server", "product_id": "6Server-JBEWS-2:httpd-debuginfo-0:2.2.26-57.ep6.el6.i386" }, "product_reference": "httpd-debuginfo-0:2.2.26-57.ep6.el6.i386", "relates_to_product_reference": "6Server-JBEWS-2" }, { "category": "default_component_of", "full_product_name": { "name": "httpd-debuginfo-0:2.2.26-57.ep6.el6.x86_64 as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server", "product_id": "6Server-JBEWS-2:httpd-debuginfo-0:2.2.26-57.ep6.el6.x86_64" }, "product_reference": "httpd-debuginfo-0:2.2.26-57.ep6.el6.x86_64", "relates_to_product_reference": "6Server-JBEWS-2" }, { "category": "default_component_of", "full_product_name": { "name": "httpd-devel-0:2.2.26-57.ep6.el6.i386 as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server", "product_id": "6Server-JBEWS-2:httpd-devel-0:2.2.26-57.ep6.el6.i386" }, "product_reference": "httpd-devel-0:2.2.26-57.ep6.el6.i386", "relates_to_product_reference": "6Server-JBEWS-2" }, { "category": "default_component_of", "full_product_name": { "name": "httpd-devel-0:2.2.26-57.ep6.el6.x86_64 as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server", "product_id": "6Server-JBEWS-2:httpd-devel-0:2.2.26-57.ep6.el6.x86_64" }, "product_reference": "httpd-devel-0:2.2.26-57.ep6.el6.x86_64", "relates_to_product_reference": "6Server-JBEWS-2" }, { "category": "default_component_of", "full_product_name": { "name": "httpd-manual-0:2.2.26-57.ep6.el6.i386 as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server", "product_id": "6Server-JBEWS-2:httpd-manual-0:2.2.26-57.ep6.el6.i386" }, "product_reference": "httpd-manual-0:2.2.26-57.ep6.el6.i386", "relates_to_product_reference": "6Server-JBEWS-2" }, { "category": "default_component_of", "full_product_name": { "name": "httpd-manual-0:2.2.26-57.ep6.el6.x86_64 as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server", "product_id": "6Server-JBEWS-2:httpd-manual-0:2.2.26-57.ep6.el6.x86_64" }, "product_reference": "httpd-manual-0:2.2.26-57.ep6.el6.x86_64", "relates_to_product_reference": "6Server-JBEWS-2" }, { "category": "default_component_of", "full_product_name": { "name": "httpd-tools-0:2.2.26-57.ep6.el6.i386 as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server", "product_id": "6Server-JBEWS-2:httpd-tools-0:2.2.26-57.ep6.el6.i386" }, "product_reference": "httpd-tools-0:2.2.26-57.ep6.el6.i386", "relates_to_product_reference": "6Server-JBEWS-2" }, { "category": "default_component_of", "full_product_name": { "name": "httpd-tools-0:2.2.26-57.ep6.el6.x86_64 as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server", "product_id": "6Server-JBEWS-2:httpd-tools-0:2.2.26-57.ep6.el6.x86_64" }, "product_reference": "httpd-tools-0:2.2.26-57.ep6.el6.x86_64", "relates_to_product_reference": "6Server-JBEWS-2" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.i686 as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server", "product_id": "6Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.i686" }, "product_reference": "jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.i686", "relates_to_product_reference": "6Server-JBEWS-2" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.src as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server", "product_id": "6Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.src" }, "product_reference": "jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.src", "relates_to_product_reference": "6Server-JBEWS-2" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.x86_64 as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server", "product_id": "6Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.x86_64" }, "product_reference": "jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.x86_64", "relates_to_product_reference": "6Server-JBEWS-2" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el6.i686 as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server", "product_id": "6Server-JBEWS-2:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el6.i686" }, "product_reference": "jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el6.i686", "relates_to_product_reference": "6Server-JBEWS-2" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el6.x86_64 as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server", "product_id": "6Server-JBEWS-2:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el6.x86_64" }, "product_reference": "jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el6.x86_64", "relates_to_product_reference": "6Server-JBEWS-2" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el6.i686 as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server", "product_id": "6Server-JBEWS-2:jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el6.i686" }, "product_reference": "jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el6.i686", "relates_to_product_reference": "6Server-JBEWS-2" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el6.x86_64 as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server", "product_id": "6Server-JBEWS-2:jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el6.x86_64" }, "product_reference": "jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el6.x86_64", "relates_to_product_reference": "6Server-JBEWS-2" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el6.i686 as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server", "product_id": "6Server-JBEWS-2:jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el6.i686" }, "product_reference": "jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el6.i686", "relates_to_product_reference": "6Server-JBEWS-2" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el6.x86_64 as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server", "product_id": "6Server-JBEWS-2:jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el6.x86_64" }, "product_reference": "jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el6.x86_64", "relates_to_product_reference": "6Server-JBEWS-2" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el6.i686 as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server", "product_id": "6Server-JBEWS-2:jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el6.i686" }, "product_reference": "jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el6.i686", "relates_to_product_reference": "6Server-JBEWS-2" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el6.x86_64 as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server", "product_id": "6Server-JBEWS-2:jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el6.x86_64" }, "product_reference": "jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el6.x86_64", "relates_to_product_reference": "6Server-JBEWS-2" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el6.i686 as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server", "product_id": "6Server-JBEWS-2:jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el6.i686" }, "product_reference": "jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el6.i686", "relates_to_product_reference": "6Server-JBEWS-2" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el6.x86_64 as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server", "product_id": "6Server-JBEWS-2:jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el6.x86_64" }, "product_reference": "jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el6.x86_64", "relates_to_product_reference": "6Server-JBEWS-2" }, { "category": "default_component_of", "full_product_name": { "name": "mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el6.i386 as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server", "product_id": "6Server-JBEWS-2:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el6.i386" }, "product_reference": "mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el6.i386", "relates_to_product_reference": "6Server-JBEWS-2" }, { "category": "default_component_of", "full_product_name": { "name": "mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el6.src as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server", "product_id": "6Server-JBEWS-2:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el6.src" }, "product_reference": "mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el6.src", "relates_to_product_reference": "6Server-JBEWS-2" }, { "category": "default_component_of", "full_product_name": { "name": "mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el6.x86_64 as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server", "product_id": "6Server-JBEWS-2:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el6.x86_64" }, "product_reference": "mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el6.x86_64", "relates_to_product_reference": "6Server-JBEWS-2" }, { "category": "default_component_of", "full_product_name": { "name": "mod_cluster-native-debuginfo-0:1.2.13-9.Final_redhat_2.ep6.el6.i386 as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server", "product_id": "6Server-JBEWS-2:mod_cluster-native-debuginfo-0:1.2.13-9.Final_redhat_2.ep6.el6.i386" }, "product_reference": "mod_cluster-native-debuginfo-0:1.2.13-9.Final_redhat_2.ep6.el6.i386", "relates_to_product_reference": "6Server-JBEWS-2" }, { "category": "default_component_of", "full_product_name": { "name": "mod_cluster-native-debuginfo-0:1.2.13-9.Final_redhat_2.ep6.el6.x86_64 as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server", "product_id": "6Server-JBEWS-2:mod_cluster-native-debuginfo-0:1.2.13-9.Final_redhat_2.ep6.el6.x86_64" }, "product_reference": "mod_cluster-native-debuginfo-0:1.2.13-9.Final_redhat_2.ep6.el6.x86_64", "relates_to_product_reference": "6Server-JBEWS-2" }, { "category": "default_component_of", "full_product_name": { "name": "mod_ldap-0:2.2.26-57.ep6.el6.i386 as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server", "product_id": "6Server-JBEWS-2:mod_ldap-0:2.2.26-57.ep6.el6.i386" }, "product_reference": "mod_ldap-0:2.2.26-57.ep6.el6.i386", "relates_to_product_reference": "6Server-JBEWS-2" }, { "category": "default_component_of", "full_product_name": { "name": "mod_ldap-0:2.2.26-57.ep6.el6.x86_64 as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server", "product_id": "6Server-JBEWS-2:mod_ldap-0:2.2.26-57.ep6.el6.x86_64" }, "product_reference": "mod_ldap-0:2.2.26-57.ep6.el6.x86_64", "relates_to_product_reference": "6Server-JBEWS-2" }, { "category": "default_component_of", "full_product_name": { "name": "mod_ssl-1:2.2.26-57.ep6.el6.i386 as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server", "product_id": "6Server-JBEWS-2:mod_ssl-1:2.2.26-57.ep6.el6.i386" }, "product_reference": "mod_ssl-1:2.2.26-57.ep6.el6.i386", "relates_to_product_reference": "6Server-JBEWS-2" }, { "category": "default_component_of", "full_product_name": { "name": "mod_ssl-1:2.2.26-57.ep6.el6.x86_64 as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server", "product_id": "6Server-JBEWS-2:mod_ssl-1:2.2.26-57.ep6.el6.x86_64" }, "product_reference": "mod_ssl-1:2.2.26-57.ep6.el6.x86_64", "relates_to_product_reference": "6Server-JBEWS-2" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat6-0:6.0.41-19_patch_04.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server", "product_id": "6Server-JBEWS-2:tomcat6-0:6.0.41-19_patch_04.ep6.el6.noarch" }, "product_reference": "tomcat6-0:6.0.41-19_patch_04.ep6.el6.noarch", "relates_to_product_reference": "6Server-JBEWS-2" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat6-0:6.0.41-19_patch_04.ep6.el6.src as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server", "product_id": "6Server-JBEWS-2:tomcat6-0:6.0.41-19_patch_04.ep6.el6.src" }, "product_reference": "tomcat6-0:6.0.41-19_patch_04.ep6.el6.src", "relates_to_product_reference": "6Server-JBEWS-2" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat6-admin-webapps-0:6.0.41-19_patch_04.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server", "product_id": "6Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-19_patch_04.ep6.el6.noarch" }, "product_reference": "tomcat6-admin-webapps-0:6.0.41-19_patch_04.ep6.el6.noarch", "relates_to_product_reference": "6Server-JBEWS-2" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat6-docs-webapp-0:6.0.41-19_patch_04.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server", "product_id": "6Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-19_patch_04.ep6.el6.noarch" }, "product_reference": "tomcat6-docs-webapp-0:6.0.41-19_patch_04.ep6.el6.noarch", "relates_to_product_reference": "6Server-JBEWS-2" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat6-el-2.1-api-0:6.0.41-19_patch_04.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server", "product_id": "6Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-19_patch_04.ep6.el6.noarch" }, "product_reference": "tomcat6-el-2.1-api-0:6.0.41-19_patch_04.ep6.el6.noarch", "relates_to_product_reference": "6Server-JBEWS-2" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat6-javadoc-0:6.0.41-19_patch_04.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server", "product_id": "6Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-19_patch_04.ep6.el6.noarch" }, "product_reference": "tomcat6-javadoc-0:6.0.41-19_patch_04.ep6.el6.noarch", "relates_to_product_reference": "6Server-JBEWS-2" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat6-jsp-2.1-api-0:6.0.41-19_patch_04.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server", "product_id": "6Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-19_patch_04.ep6.el6.noarch" }, "product_reference": "tomcat6-jsp-2.1-api-0:6.0.41-19_patch_04.ep6.el6.noarch", "relates_to_product_reference": "6Server-JBEWS-2" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat6-lib-0:6.0.41-19_patch_04.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server", "product_id": "6Server-JBEWS-2:tomcat6-lib-0:6.0.41-19_patch_04.ep6.el6.noarch" }, "product_reference": "tomcat6-lib-0:6.0.41-19_patch_04.ep6.el6.noarch", "relates_to_product_reference": "6Server-JBEWS-2" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat6-log4j-0:6.0.41-19_patch_04.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server", "product_id": "6Server-JBEWS-2:tomcat6-log4j-0:6.0.41-19_patch_04.ep6.el6.noarch" }, "product_reference": "tomcat6-log4j-0:6.0.41-19_patch_04.ep6.el6.noarch", "relates_to_product_reference": "6Server-JBEWS-2" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat6-maven-devel-0:6.0.41-19_patch_04.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server", "product_id": "6Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-19_patch_04.ep6.el6.noarch" }, "product_reference": "tomcat6-maven-devel-0:6.0.41-19_patch_04.ep6.el6.noarch", "relates_to_product_reference": "6Server-JBEWS-2" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat6-servlet-2.5-api-0:6.0.41-19_patch_04.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server", "product_id": "6Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-19_patch_04.ep6.el6.noarch" }, "product_reference": "tomcat6-servlet-2.5-api-0:6.0.41-19_patch_04.ep6.el6.noarch", "relates_to_product_reference": "6Server-JBEWS-2" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat6-webapps-0:6.0.41-19_patch_04.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server", "product_id": "6Server-JBEWS-2:tomcat6-webapps-0:6.0.41-19_patch_04.ep6.el6.noarch" }, "product_reference": "tomcat6-webapps-0:6.0.41-19_patch_04.ep6.el6.noarch", "relates_to_product_reference": "6Server-JBEWS-2" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat7-0:7.0.54-28_patch_05.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server", "product_id": "6Server-JBEWS-2:tomcat7-0:7.0.54-28_patch_05.ep6.el6.noarch" }, "product_reference": "tomcat7-0:7.0.54-28_patch_05.ep6.el6.noarch", "relates_to_product_reference": "6Server-JBEWS-2" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat7-0:7.0.54-28_patch_05.ep6.el6.src as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server", "product_id": "6Server-JBEWS-2:tomcat7-0:7.0.54-28_patch_05.ep6.el6.src" }, "product_reference": "tomcat7-0:7.0.54-28_patch_05.ep6.el6.src", "relates_to_product_reference": "6Server-JBEWS-2" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat7-admin-webapps-0:7.0.54-28_patch_05.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server", "product_id": "6Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-28_patch_05.ep6.el6.noarch" }, "product_reference": "tomcat7-admin-webapps-0:7.0.54-28_patch_05.ep6.el6.noarch", "relates_to_product_reference": "6Server-JBEWS-2" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat7-docs-webapp-0:7.0.54-28_patch_05.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server", "product_id": "6Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-28_patch_05.ep6.el6.noarch" }, "product_reference": "tomcat7-docs-webapp-0:7.0.54-28_patch_05.ep6.el6.noarch", "relates_to_product_reference": "6Server-JBEWS-2" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat7-el-2.2-api-0:7.0.54-28_patch_05.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server", "product_id": "6Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-28_patch_05.ep6.el6.noarch" }, "product_reference": "tomcat7-el-2.2-api-0:7.0.54-28_patch_05.ep6.el6.noarch", "relates_to_product_reference": "6Server-JBEWS-2" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat7-javadoc-0:7.0.54-28_patch_05.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server", "product_id": "6Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-28_patch_05.ep6.el6.noarch" }, "product_reference": "tomcat7-javadoc-0:7.0.54-28_patch_05.ep6.el6.noarch", "relates_to_product_reference": "6Server-JBEWS-2" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat7-jsp-2.2-api-0:7.0.54-28_patch_05.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server", "product_id": "6Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-28_patch_05.ep6.el6.noarch" }, "product_reference": "tomcat7-jsp-2.2-api-0:7.0.54-28_patch_05.ep6.el6.noarch", "relates_to_product_reference": "6Server-JBEWS-2" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat7-lib-0:7.0.54-28_patch_05.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server", "product_id": "6Server-JBEWS-2:tomcat7-lib-0:7.0.54-28_patch_05.ep6.el6.noarch" }, "product_reference": "tomcat7-lib-0:7.0.54-28_patch_05.ep6.el6.noarch", "relates_to_product_reference": "6Server-JBEWS-2" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat7-log4j-0:7.0.54-28_patch_05.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server", "product_id": "6Server-JBEWS-2:tomcat7-log4j-0:7.0.54-28_patch_05.ep6.el6.noarch" }, "product_reference": "tomcat7-log4j-0:7.0.54-28_patch_05.ep6.el6.noarch", "relates_to_product_reference": "6Server-JBEWS-2" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat7-maven-devel-0:7.0.54-28_patch_05.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server", "product_id": "6Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-28_patch_05.ep6.el6.noarch" }, "product_reference": "tomcat7-maven-devel-0:7.0.54-28_patch_05.ep6.el6.noarch", "relates_to_product_reference": "6Server-JBEWS-2" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat7-servlet-3.0-api-0:7.0.54-28_patch_05.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server", "product_id": "6Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-28_patch_05.ep6.el6.noarch" }, "product_reference": "tomcat7-servlet-3.0-api-0:7.0.54-28_patch_05.ep6.el6.noarch", "relates_to_product_reference": "6Server-JBEWS-2" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat7-webapps-0:7.0.54-28_patch_05.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server", "product_id": "6Server-JBEWS-2:tomcat7-webapps-0:7.0.54-28_patch_05.ep6.el6.noarch" }, "product_reference": "tomcat7-webapps-0:7.0.54-28_patch_05.ep6.el6.noarch", "relates_to_product_reference": "6Server-JBEWS-2" }, { "category": "default_component_of", "full_product_name": { "name": "httpd22-0:2.2.26-58.ep6.el7.src as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server", "product_id": "7Server-JBEWS-2:httpd22-0:2.2.26-58.ep6.el7.src" }, "product_reference": "httpd22-0:2.2.26-58.ep6.el7.src", "relates_to_product_reference": "7Server-JBEWS-2" }, { "category": "default_component_of", "full_product_name": { "name": "httpd22-0:2.2.26-58.ep6.el7.x86_64 as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server", "product_id": "7Server-JBEWS-2:httpd22-0:2.2.26-58.ep6.el7.x86_64" }, "product_reference": "httpd22-0:2.2.26-58.ep6.el7.x86_64", "relates_to_product_reference": "7Server-JBEWS-2" }, { "category": "default_component_of", "full_product_name": { "name": "httpd22-debuginfo-0:2.2.26-58.ep6.el7.x86_64 as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server", "product_id": "7Server-JBEWS-2:httpd22-debuginfo-0:2.2.26-58.ep6.el7.x86_64" }, "product_reference": "httpd22-debuginfo-0:2.2.26-58.ep6.el7.x86_64", "relates_to_product_reference": "7Server-JBEWS-2" }, { "category": "default_component_of", "full_product_name": { "name": "httpd22-devel-0:2.2.26-58.ep6.el7.x86_64 as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server", "product_id": "7Server-JBEWS-2:httpd22-devel-0:2.2.26-58.ep6.el7.x86_64" }, "product_reference": "httpd22-devel-0:2.2.26-58.ep6.el7.x86_64", "relates_to_product_reference": "7Server-JBEWS-2" }, { "category": "default_component_of", "full_product_name": { "name": "httpd22-manual-0:2.2.26-58.ep6.el7.x86_64 as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server", "product_id": "7Server-JBEWS-2:httpd22-manual-0:2.2.26-58.ep6.el7.x86_64" }, "product_reference": "httpd22-manual-0:2.2.26-58.ep6.el7.x86_64", "relates_to_product_reference": "7Server-JBEWS-2" }, { "category": "default_component_of", "full_product_name": { "name": "httpd22-tools-0:2.2.26-58.ep6.el7.x86_64 as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server", "product_id": "7Server-JBEWS-2:httpd22-tools-0:2.2.26-58.ep6.el7.x86_64" }, "product_reference": "httpd22-tools-0:2.2.26-58.ep6.el7.x86_64", "relates_to_product_reference": "7Server-JBEWS-2" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el7.src as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server", "product_id": "7Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el7.src" }, "product_reference": "jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el7.src", "relates_to_product_reference": "7Server-JBEWS-2" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el7.x86_64 as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server", "product_id": "7Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el7.x86_64" }, "product_reference": "jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el7.x86_64", "relates_to_product_reference": "7Server-JBEWS-2" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el7.x86_64 as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server", "product_id": "7Server-JBEWS-2:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el7.x86_64" }, "product_reference": "jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el7.x86_64", "relates_to_product_reference": "7Server-JBEWS-2" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el7.x86_64 as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server", "product_id": "7Server-JBEWS-2:jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el7.x86_64" }, "product_reference": "jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el7.x86_64", "relates_to_product_reference": "7Server-JBEWS-2" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el7.x86_64 as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server", "product_id": "7Server-JBEWS-2:jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el7.x86_64" }, "product_reference": "jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el7.x86_64", "relates_to_product_reference": "7Server-JBEWS-2" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el7.x86_64 as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server", "product_id": "7Server-JBEWS-2:jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el7.x86_64" }, "product_reference": "jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el7.x86_64", "relates_to_product_reference": "7Server-JBEWS-2" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el7.x86_64 as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server", "product_id": "7Server-JBEWS-2:jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el7.x86_64" }, "product_reference": "jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el7.x86_64", "relates_to_product_reference": "7Server-JBEWS-2" }, { "category": "default_component_of", "full_product_name": { "name": "mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el7.src as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server", "product_id": "7Server-JBEWS-2:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el7.src" }, "product_reference": "mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el7.src", "relates_to_product_reference": "7Server-JBEWS-2" }, { "category": "default_component_of", "full_product_name": { "name": "mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el7.x86_64 as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server", "product_id": "7Server-JBEWS-2:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el7.x86_64" }, "product_reference": "mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el7.x86_64", "relates_to_product_reference": "7Server-JBEWS-2" }, { "category": "default_component_of", "full_product_name": { "name": "mod_cluster-native-debuginfo-0:1.2.13-9.Final_redhat_2.ep6.el7.x86_64 as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server", "product_id": "7Server-JBEWS-2:mod_cluster-native-debuginfo-0:1.2.13-9.Final_redhat_2.ep6.el7.x86_64" }, "product_reference": "mod_cluster-native-debuginfo-0:1.2.13-9.Final_redhat_2.ep6.el7.x86_64", "relates_to_product_reference": "7Server-JBEWS-2" }, { "category": "default_component_of", "full_product_name": { "name": "mod_ldap22-0:2.2.26-58.ep6.el7.x86_64 as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server", "product_id": "7Server-JBEWS-2:mod_ldap22-0:2.2.26-58.ep6.el7.x86_64" }, "product_reference": "mod_ldap22-0:2.2.26-58.ep6.el7.x86_64", "relates_to_product_reference": "7Server-JBEWS-2" }, { "category": "default_component_of", "full_product_name": { "name": "mod_ssl22-1:2.2.26-58.ep6.el7.x86_64 as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server", "product_id": "7Server-JBEWS-2:mod_ssl22-1:2.2.26-58.ep6.el7.x86_64" }, "product_reference": "mod_ssl22-1:2.2.26-58.ep6.el7.x86_64", "relates_to_product_reference": "7Server-JBEWS-2" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat6-0:6.0.41-19_patch_04.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server", "product_id": "7Server-JBEWS-2:tomcat6-0:6.0.41-19_patch_04.ep6.el7.noarch" }, "product_reference": "tomcat6-0:6.0.41-19_patch_04.ep6.el7.noarch", "relates_to_product_reference": "7Server-JBEWS-2" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat6-0:6.0.41-19_patch_04.ep6.el7.src as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server", "product_id": "7Server-JBEWS-2:tomcat6-0:6.0.41-19_patch_04.ep6.el7.src" }, "product_reference": "tomcat6-0:6.0.41-19_patch_04.ep6.el7.src", "relates_to_product_reference": "7Server-JBEWS-2" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat6-admin-webapps-0:6.0.41-19_patch_04.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server", "product_id": "7Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-19_patch_04.ep6.el7.noarch" }, "product_reference": "tomcat6-admin-webapps-0:6.0.41-19_patch_04.ep6.el7.noarch", "relates_to_product_reference": "7Server-JBEWS-2" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat6-docs-webapp-0:6.0.41-19_patch_04.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server", "product_id": "7Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-19_patch_04.ep6.el7.noarch" }, "product_reference": "tomcat6-docs-webapp-0:6.0.41-19_patch_04.ep6.el7.noarch", "relates_to_product_reference": "7Server-JBEWS-2" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat6-el-2.1-api-0:6.0.41-19_patch_04.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server", "product_id": "7Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-19_patch_04.ep6.el7.noarch" }, "product_reference": "tomcat6-el-2.1-api-0:6.0.41-19_patch_04.ep6.el7.noarch", "relates_to_product_reference": "7Server-JBEWS-2" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat6-javadoc-0:6.0.41-19_patch_04.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server", "product_id": "7Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-19_patch_04.ep6.el7.noarch" }, "product_reference": "tomcat6-javadoc-0:6.0.41-19_patch_04.ep6.el7.noarch", "relates_to_product_reference": "7Server-JBEWS-2" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat6-jsp-2.1-api-0:6.0.41-19_patch_04.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server", "product_id": "7Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-19_patch_04.ep6.el7.noarch" }, "product_reference": "tomcat6-jsp-2.1-api-0:6.0.41-19_patch_04.ep6.el7.noarch", "relates_to_product_reference": "7Server-JBEWS-2" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat6-lib-0:6.0.41-19_patch_04.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server", "product_id": "7Server-JBEWS-2:tomcat6-lib-0:6.0.41-19_patch_04.ep6.el7.noarch" }, "product_reference": "tomcat6-lib-0:6.0.41-19_patch_04.ep6.el7.noarch", "relates_to_product_reference": "7Server-JBEWS-2" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat6-log4j-0:6.0.41-19_patch_04.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server", "product_id": "7Server-JBEWS-2:tomcat6-log4j-0:6.0.41-19_patch_04.ep6.el7.noarch" }, "product_reference": "tomcat6-log4j-0:6.0.41-19_patch_04.ep6.el7.noarch", "relates_to_product_reference": "7Server-JBEWS-2" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat6-maven-devel-0:6.0.41-19_patch_04.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server", "product_id": "7Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-19_patch_04.ep6.el7.noarch" }, "product_reference": "tomcat6-maven-devel-0:6.0.41-19_patch_04.ep6.el7.noarch", "relates_to_product_reference": "7Server-JBEWS-2" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat6-servlet-2.5-api-0:6.0.41-19_patch_04.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server", "product_id": "7Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-19_patch_04.ep6.el7.noarch" }, "product_reference": "tomcat6-servlet-2.5-api-0:6.0.41-19_patch_04.ep6.el7.noarch", "relates_to_product_reference": "7Server-JBEWS-2" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat6-webapps-0:6.0.41-19_patch_04.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server", "product_id": "7Server-JBEWS-2:tomcat6-webapps-0:6.0.41-19_patch_04.ep6.el7.noarch" }, "product_reference": "tomcat6-webapps-0:6.0.41-19_patch_04.ep6.el7.noarch", "relates_to_product_reference": "7Server-JBEWS-2" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat7-0:7.0.54-28_patch_05.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server", "product_id": "7Server-JBEWS-2:tomcat7-0:7.0.54-28_patch_05.ep6.el7.noarch" }, "product_reference": "tomcat7-0:7.0.54-28_patch_05.ep6.el7.noarch", "relates_to_product_reference": "7Server-JBEWS-2" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat7-0:7.0.54-28_patch_05.ep6.el7.src as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server", "product_id": "7Server-JBEWS-2:tomcat7-0:7.0.54-28_patch_05.ep6.el7.src" }, "product_reference": "tomcat7-0:7.0.54-28_patch_05.ep6.el7.src", "relates_to_product_reference": "7Server-JBEWS-2" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat7-admin-webapps-0:7.0.54-28_patch_05.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server", "product_id": "7Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-28_patch_05.ep6.el7.noarch" }, "product_reference": "tomcat7-admin-webapps-0:7.0.54-28_patch_05.ep6.el7.noarch", "relates_to_product_reference": "7Server-JBEWS-2" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat7-docs-webapp-0:7.0.54-28_patch_05.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server", "product_id": "7Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-28_patch_05.ep6.el7.noarch" }, "product_reference": "tomcat7-docs-webapp-0:7.0.54-28_patch_05.ep6.el7.noarch", "relates_to_product_reference": "7Server-JBEWS-2" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat7-el-2.2-api-0:7.0.54-28_patch_05.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server", "product_id": "7Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-28_patch_05.ep6.el7.noarch" }, "product_reference": "tomcat7-el-2.2-api-0:7.0.54-28_patch_05.ep6.el7.noarch", "relates_to_product_reference": "7Server-JBEWS-2" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat7-javadoc-0:7.0.54-28_patch_05.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server", "product_id": "7Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-28_patch_05.ep6.el7.noarch" }, "product_reference": "tomcat7-javadoc-0:7.0.54-28_patch_05.ep6.el7.noarch", "relates_to_product_reference": "7Server-JBEWS-2" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat7-jsp-2.2-api-0:7.0.54-28_patch_05.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server", "product_id": "7Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-28_patch_05.ep6.el7.noarch" }, "product_reference": "tomcat7-jsp-2.2-api-0:7.0.54-28_patch_05.ep6.el7.noarch", "relates_to_product_reference": "7Server-JBEWS-2" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat7-lib-0:7.0.54-28_patch_05.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server", "product_id": "7Server-JBEWS-2:tomcat7-lib-0:7.0.54-28_patch_05.ep6.el7.noarch" }, "product_reference": "tomcat7-lib-0:7.0.54-28_patch_05.ep6.el7.noarch", "relates_to_product_reference": "7Server-JBEWS-2" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat7-log4j-0:7.0.54-28_patch_05.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server", "product_id": "7Server-JBEWS-2:tomcat7-log4j-0:7.0.54-28_patch_05.ep6.el7.noarch" }, "product_reference": "tomcat7-log4j-0:7.0.54-28_patch_05.ep6.el7.noarch", "relates_to_product_reference": "7Server-JBEWS-2" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat7-maven-devel-0:7.0.54-28_patch_05.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server", "product_id": "7Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-28_patch_05.ep6.el7.noarch" }, "product_reference": "tomcat7-maven-devel-0:7.0.54-28_patch_05.ep6.el7.noarch", "relates_to_product_reference": "7Server-JBEWS-2" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat7-servlet-3.0-api-0:7.0.54-28_patch_05.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server", "product_id": "7Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-28_patch_05.ep6.el7.noarch" }, "product_reference": "tomcat7-servlet-3.0-api-0:7.0.54-28_patch_05.ep6.el7.noarch", "relates_to_product_reference": "7Server-JBEWS-2" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat7-webapps-0:7.0.54-28_patch_05.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server", "product_id": "7Server-JBEWS-2:tomcat7-webapps-0:7.0.54-28_patch_05.ep6.el7.noarch" }, "product_reference": "tomcat7-webapps-0:7.0.54-28_patch_05.ep6.el7.noarch", "relates_to_product_reference": "7Server-JBEWS-2" } ] }, "vulnerabilities": [ { "acknowledgments": [ { "names": [ "OpenVPN" ] }, { "names": [ "Karthikeyan Bhargavan", "Ga\u00ebtan Leurent" ], "organization": "Inria", "summary": "Acknowledged by upstream." } ], "cve": "CVE-2016-2183", "cwe": { "id": "CWE-327", "name": "Use of a Broken or Risky Cryptographic Algorithm" }, "discovery_date": "2016-08-18T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1369383" } ], "notes": [ { "category": "description", "text": "A flaw was found in the way the DES/3DES cipher was used as part of the TLS/SSL protocol. A man-in-the-middle attacker could use this flaw to recover some plaintext data by capturing large amounts of encrypted traffic between TLS/SSL server and client if the communication used a DES/3DES based ciphersuite.", "title": "Vulnerability description" }, { "category": "summary", "text": "SSL/TLS: Birthday attack against 64-bit block ciphers (SWEET32)", "title": "Vulnerability summary" }, { "category": "other", "text": "OpenSSL security update RHSA-2016:1940 mitigates this issue by lowering priority of DES cipher suites so they are not preferred over cipher suites using AES. For compatibility reasons, DES cipher suites remain enabled by default and included in the set of cipher suites identified by the HIGH cipher string. Future updates may move them to MEDIUM or not enable them by default.\n\nNSS addressed this issue by implementing limits on the amount of plain text which can be encrypted by using the same key. Once the limit is reached, the keys will need to be re-negotiated manually. This change will be available in nss-3.27.\n\nGnuTLS is not affected by this issue, since it prioritizes AES before 3DES in the cipher list.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Server-JBEWS-2:httpd-0:2.2.26-57.ep6.el6.i386", "6Server-JBEWS-2:httpd-0:2.2.26-57.ep6.el6.src", "6Server-JBEWS-2:httpd-0:2.2.26-57.ep6.el6.x86_64", "6Server-JBEWS-2:httpd-debuginfo-0:2.2.26-57.ep6.el6.i386", "6Server-JBEWS-2:httpd-debuginfo-0:2.2.26-57.ep6.el6.x86_64", "6Server-JBEWS-2:httpd-devel-0:2.2.26-57.ep6.el6.i386", "6Server-JBEWS-2:httpd-devel-0:2.2.26-57.ep6.el6.x86_64", "6Server-JBEWS-2:httpd-manual-0:2.2.26-57.ep6.el6.i386", "6Server-JBEWS-2:httpd-manual-0:2.2.26-57.ep6.el6.x86_64", "6Server-JBEWS-2:httpd-tools-0:2.2.26-57.ep6.el6.i386", "6Server-JBEWS-2:httpd-tools-0:2.2.26-57.ep6.el6.x86_64", "6Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.i686", "6Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.src", "6Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.x86_64", "6Server-JBEWS-2:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el6.i686", "6Server-JBEWS-2:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el6.x86_64", "6Server-JBEWS-2:jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el6.i686", "6Server-JBEWS-2:jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el6.x86_64", "6Server-JBEWS-2:jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el6.i686", "6Server-JBEWS-2:jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el6.x86_64", "6Server-JBEWS-2:jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el6.i686", "6Server-JBEWS-2:jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el6.x86_64", "6Server-JBEWS-2:jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el6.i686", "6Server-JBEWS-2:jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el6.x86_64", "6Server-JBEWS-2:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el6.i386", "6Server-JBEWS-2:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el6.src", "6Server-JBEWS-2:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el6.x86_64", "6Server-JBEWS-2:mod_cluster-native-debuginfo-0:1.2.13-9.Final_redhat_2.ep6.el6.i386", "6Server-JBEWS-2:mod_cluster-native-debuginfo-0:1.2.13-9.Final_redhat_2.ep6.el6.x86_64", "6Server-JBEWS-2:mod_ldap-0:2.2.26-57.ep6.el6.i386", "6Server-JBEWS-2:mod_ldap-0:2.2.26-57.ep6.el6.x86_64", "6Server-JBEWS-2:mod_ssl-1:2.2.26-57.ep6.el6.i386", "6Server-JBEWS-2:mod_ssl-1:2.2.26-57.ep6.el6.x86_64", "6Server-JBEWS-2:tomcat6-0:6.0.41-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-0:6.0.41-19_patch_04.ep6.el6.src", "6Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-lib-0:6.0.41-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-log4j-0:6.0.41-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-webapps-0:6.0.41-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-0:7.0.54-28_patch_05.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-0:7.0.54-28_patch_05.ep6.el6.src", "6Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-28_patch_05.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-28_patch_05.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-28_patch_05.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-28_patch_05.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-28_patch_05.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-lib-0:7.0.54-28_patch_05.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-log4j-0:7.0.54-28_patch_05.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-28_patch_05.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-28_patch_05.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-webapps-0:7.0.54-28_patch_05.ep6.el6.noarch", "7Server-JBEWS-2:httpd22-0:2.2.26-58.ep6.el7.src", "7Server-JBEWS-2:httpd22-0:2.2.26-58.ep6.el7.x86_64", "7Server-JBEWS-2:httpd22-debuginfo-0:2.2.26-58.ep6.el7.x86_64", "7Server-JBEWS-2:httpd22-devel-0:2.2.26-58.ep6.el7.x86_64", "7Server-JBEWS-2:httpd22-manual-0:2.2.26-58.ep6.el7.x86_64", "7Server-JBEWS-2:httpd22-tools-0:2.2.26-58.ep6.el7.x86_64", "7Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el7.src", "7Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el7.x86_64", "7Server-JBEWS-2:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el7.x86_64", "7Server-JBEWS-2:jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el7.x86_64", "7Server-JBEWS-2:jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el7.x86_64", "7Server-JBEWS-2:jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el7.x86_64", "7Server-JBEWS-2:jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el7.x86_64", "7Server-JBEWS-2:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el7.src", "7Server-JBEWS-2:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el7.x86_64", "7Server-JBEWS-2:mod_cluster-native-debuginfo-0:1.2.13-9.Final_redhat_2.ep6.el7.x86_64", "7Server-JBEWS-2:mod_ldap22-0:2.2.26-58.ep6.el7.x86_64", "7Server-JBEWS-2:mod_ssl22-1:2.2.26-58.ep6.el7.x86_64", "7Server-JBEWS-2:tomcat6-0:6.0.41-19_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-0:6.0.41-19_patch_04.ep6.el7.src", "7Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-19_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-19_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-19_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-19_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-19_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-lib-0:6.0.41-19_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-log4j-0:6.0.41-19_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-19_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-19_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-webapps-0:6.0.41-19_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-0:7.0.54-28_patch_05.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-0:7.0.54-28_patch_05.ep6.el7.src", "7Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-28_patch_05.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-28_patch_05.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-28_patch_05.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-28_patch_05.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-28_patch_05.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-lib-0:7.0.54-28_patch_05.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-log4j-0:7.0.54-28_patch_05.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-28_patch_05.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-28_patch_05.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-webapps-0:7.0.54-28_patch_05.ep6.el7.noarch" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2016-2183" }, { "category": "external", "summary": "RHBZ#1369383", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1369383" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2016-2183", "url": "https://www.cve.org/CVERecord?id=CVE-2016-2183" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-2183", "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-2183" }, { "category": "external", "summary": "https://access.redhat.com/articles/2548661", "url": "https://access.redhat.com/articles/2548661" }, { "category": "external", "summary": "https://access.redhat.com/errata/RHSA-2016:1940", "url": "https://access.redhat.com/errata/RHSA-2016:1940" }, { "category": "external", "summary": "https://sweet32.info/", "url": "https://sweet32.info/" } ], "release_date": "2016-08-24T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "details": "Before applying the update, back up your existing Red Hat JBoss Web Server installation (including all applications and configuration files).\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nFor the update to take effect, all services linked to the OpenSSL library must be restarted, or the system rebooted. After installing the updated packages, the httpd daemon will be restarted automatically.", "product_ids": [ "6Server-JBEWS-2:httpd-0:2.2.26-57.ep6.el6.i386", "6Server-JBEWS-2:httpd-0:2.2.26-57.ep6.el6.src", "6Server-JBEWS-2:httpd-0:2.2.26-57.ep6.el6.x86_64", "6Server-JBEWS-2:httpd-debuginfo-0:2.2.26-57.ep6.el6.i386", "6Server-JBEWS-2:httpd-debuginfo-0:2.2.26-57.ep6.el6.x86_64", "6Server-JBEWS-2:httpd-devel-0:2.2.26-57.ep6.el6.i386", "6Server-JBEWS-2:httpd-devel-0:2.2.26-57.ep6.el6.x86_64", "6Server-JBEWS-2:httpd-manual-0:2.2.26-57.ep6.el6.i386", "6Server-JBEWS-2:httpd-manual-0:2.2.26-57.ep6.el6.x86_64", "6Server-JBEWS-2:httpd-tools-0:2.2.26-57.ep6.el6.i386", "6Server-JBEWS-2:httpd-tools-0:2.2.26-57.ep6.el6.x86_64", "6Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.i686", "6Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.src", "6Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.x86_64", "6Server-JBEWS-2:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el6.i686", "6Server-JBEWS-2:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el6.x86_64", "6Server-JBEWS-2:jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el6.i686", "6Server-JBEWS-2:jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el6.x86_64", "6Server-JBEWS-2:jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el6.i686", "6Server-JBEWS-2:jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el6.x86_64", "6Server-JBEWS-2:jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el6.i686", "6Server-JBEWS-2:jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el6.x86_64", "6Server-JBEWS-2:jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el6.i686", "6Server-JBEWS-2:jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el6.x86_64", "6Server-JBEWS-2:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el6.i386", "6Server-JBEWS-2:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el6.src", "6Server-JBEWS-2:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el6.x86_64", "6Server-JBEWS-2:mod_cluster-native-debuginfo-0:1.2.13-9.Final_redhat_2.ep6.el6.i386", "6Server-JBEWS-2:mod_cluster-native-debuginfo-0:1.2.13-9.Final_redhat_2.ep6.el6.x86_64", "6Server-JBEWS-2:mod_ldap-0:2.2.26-57.ep6.el6.i386", "6Server-JBEWS-2:mod_ldap-0:2.2.26-57.ep6.el6.x86_64", "6Server-JBEWS-2:mod_ssl-1:2.2.26-57.ep6.el6.i386", "6Server-JBEWS-2:mod_ssl-1:2.2.26-57.ep6.el6.x86_64", "6Server-JBEWS-2:tomcat6-0:6.0.41-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-0:6.0.41-19_patch_04.ep6.el6.src", "6Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-lib-0:6.0.41-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-log4j-0:6.0.41-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-webapps-0:6.0.41-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-0:7.0.54-28_patch_05.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-0:7.0.54-28_patch_05.ep6.el6.src", "6Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-28_patch_05.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-28_patch_05.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-28_patch_05.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-28_patch_05.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-28_patch_05.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-lib-0:7.0.54-28_patch_05.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-log4j-0:7.0.54-28_patch_05.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-28_patch_05.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-28_patch_05.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-webapps-0:7.0.54-28_patch_05.ep6.el6.noarch", "7Server-JBEWS-2:httpd22-0:2.2.26-58.ep6.el7.src", "7Server-JBEWS-2:httpd22-0:2.2.26-58.ep6.el7.x86_64", "7Server-JBEWS-2:httpd22-debuginfo-0:2.2.26-58.ep6.el7.x86_64", "7Server-JBEWS-2:httpd22-devel-0:2.2.26-58.ep6.el7.x86_64", "7Server-JBEWS-2:httpd22-manual-0:2.2.26-58.ep6.el7.x86_64", "7Server-JBEWS-2:httpd22-tools-0:2.2.26-58.ep6.el7.x86_64", "7Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el7.src", "7Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el7.x86_64", "7Server-JBEWS-2:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el7.x86_64", "7Server-JBEWS-2:jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el7.x86_64", "7Server-JBEWS-2:jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el7.x86_64", "7Server-JBEWS-2:jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el7.x86_64", "7Server-JBEWS-2:jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el7.x86_64", "7Server-JBEWS-2:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el7.src", "7Server-JBEWS-2:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el7.x86_64", "7Server-JBEWS-2:mod_cluster-native-debuginfo-0:1.2.13-9.Final_redhat_2.ep6.el7.x86_64", "7Server-JBEWS-2:mod_ldap22-0:2.2.26-58.ep6.el7.x86_64", "7Server-JBEWS-2:mod_ssl22-1:2.2.26-58.ep6.el7.x86_64", "7Server-JBEWS-2:tomcat6-0:6.0.41-19_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-0:6.0.41-19_patch_04.ep6.el7.src", "7Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-19_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-19_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-19_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-19_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-19_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-lib-0:6.0.41-19_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-log4j-0:6.0.41-19_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-19_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-19_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-webapps-0:6.0.41-19_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-0:7.0.54-28_patch_05.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-0:7.0.54-28_patch_05.ep6.el7.src", "7Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-28_patch_05.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-28_patch_05.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-28_patch_05.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-28_patch_05.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-28_patch_05.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-lib-0:7.0.54-28_patch_05.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-log4j-0:7.0.54-28_patch_05.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-28_patch_05.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-28_patch_05.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-webapps-0:7.0.54-28_patch_05.ep6.el7.noarch" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2017:3113" }, { "category": "workaround", "details": "1.SSL/TLS configurations should prefer AES over DES. Versions of OpenSSL shipped with Red Hat Enterprise Linux 6 and 7 already do so. In the version of OpenSSL shipped with Red Hat Enterprise Linux 5, 3DES is listed below the AES-256 cipher and above the AES-128 cipher, therefore AES-256 based ciphersuite should not be disabled on the server.\n2. Servers using OpenSSL, should not disable AES-128 and AES-256 ciphersuites. Versions of Apache shipped with Red Hat Enterprise Linux use the default cipher string, in which AES is preferred over DES/3DES based ciphersuites.\n\nFor JBoss Middleware, and Java mitigations, please review this knowledge base article:\n\nhttps://access.redhat.com/articles/2598471\n\nThis can be mitigated on OpenShift Container Platform (OCP) by disabling the vulnerable TLS cipher suite in the applicable component. TLS configuration options for OCP are described here:\n\nhttps://access.redhat.com/articles/5348961", "product_ids": [ "6Server-JBEWS-2:httpd-0:2.2.26-57.ep6.el6.i386", "6Server-JBEWS-2:httpd-0:2.2.26-57.ep6.el6.src", "6Server-JBEWS-2:httpd-0:2.2.26-57.ep6.el6.x86_64", "6Server-JBEWS-2:httpd-debuginfo-0:2.2.26-57.ep6.el6.i386", "6Server-JBEWS-2:httpd-debuginfo-0:2.2.26-57.ep6.el6.x86_64", "6Server-JBEWS-2:httpd-devel-0:2.2.26-57.ep6.el6.i386", "6Server-JBEWS-2:httpd-devel-0:2.2.26-57.ep6.el6.x86_64", "6Server-JBEWS-2:httpd-manual-0:2.2.26-57.ep6.el6.i386", "6Server-JBEWS-2:httpd-manual-0:2.2.26-57.ep6.el6.x86_64", "6Server-JBEWS-2:httpd-tools-0:2.2.26-57.ep6.el6.i386", "6Server-JBEWS-2:httpd-tools-0:2.2.26-57.ep6.el6.x86_64", "6Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.i686", "6Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.src", "6Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.x86_64", "6Server-JBEWS-2:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el6.i686", "6Server-JBEWS-2:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el6.x86_64", "6Server-JBEWS-2:jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el6.i686", "6Server-JBEWS-2:jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el6.x86_64", "6Server-JBEWS-2:jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el6.i686", "6Server-JBEWS-2:jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el6.x86_64", "6Server-JBEWS-2:jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el6.i686", "6Server-JBEWS-2:jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el6.x86_64", "6Server-JBEWS-2:jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el6.i686", "6Server-JBEWS-2:jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el6.x86_64", "6Server-JBEWS-2:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el6.i386", "6Server-JBEWS-2:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el6.src", "6Server-JBEWS-2:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el6.x86_64", "6Server-JBEWS-2:mod_cluster-native-debuginfo-0:1.2.13-9.Final_redhat_2.ep6.el6.i386", "6Server-JBEWS-2:mod_cluster-native-debuginfo-0:1.2.13-9.Final_redhat_2.ep6.el6.x86_64", "6Server-JBEWS-2:mod_ldap-0:2.2.26-57.ep6.el6.i386", "6Server-JBEWS-2:mod_ldap-0:2.2.26-57.ep6.el6.x86_64", "6Server-JBEWS-2:mod_ssl-1:2.2.26-57.ep6.el6.i386", "6Server-JBEWS-2:mod_ssl-1:2.2.26-57.ep6.el6.x86_64", "6Server-JBEWS-2:tomcat6-0:6.0.41-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-0:6.0.41-19_patch_04.ep6.el6.src", "6Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-lib-0:6.0.41-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-log4j-0:6.0.41-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-webapps-0:6.0.41-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-0:7.0.54-28_patch_05.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-0:7.0.54-28_patch_05.ep6.el6.src", "6Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-28_patch_05.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-28_patch_05.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-28_patch_05.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-28_patch_05.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-28_patch_05.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-lib-0:7.0.54-28_patch_05.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-log4j-0:7.0.54-28_patch_05.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-28_patch_05.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-28_patch_05.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-webapps-0:7.0.54-28_patch_05.ep6.el6.noarch", "7Server-JBEWS-2:httpd22-0:2.2.26-58.ep6.el7.src", "7Server-JBEWS-2:httpd22-0:2.2.26-58.ep6.el7.x86_64", "7Server-JBEWS-2:httpd22-debuginfo-0:2.2.26-58.ep6.el7.x86_64", "7Server-JBEWS-2:httpd22-devel-0:2.2.26-58.ep6.el7.x86_64", "7Server-JBEWS-2:httpd22-manual-0:2.2.26-58.ep6.el7.x86_64", "7Server-JBEWS-2:httpd22-tools-0:2.2.26-58.ep6.el7.x86_64", "7Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el7.src", "7Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el7.x86_64", "7Server-JBEWS-2:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el7.x86_64", "7Server-JBEWS-2:jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el7.x86_64", "7Server-JBEWS-2:jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el7.x86_64", "7Server-JBEWS-2:jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el7.x86_64", "7Server-JBEWS-2:jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el7.x86_64", "7Server-JBEWS-2:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el7.src", "7Server-JBEWS-2:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el7.x86_64", "7Server-JBEWS-2:mod_cluster-native-debuginfo-0:1.2.13-9.Final_redhat_2.ep6.el7.x86_64", "7Server-JBEWS-2:mod_ldap22-0:2.2.26-58.ep6.el7.x86_64", "7Server-JBEWS-2:mod_ssl22-1:2.2.26-58.ep6.el7.x86_64", "7Server-JBEWS-2:tomcat6-0:6.0.41-19_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-0:6.0.41-19_patch_04.ep6.el7.src", "7Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-19_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-19_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-19_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-19_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-19_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-lib-0:6.0.41-19_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-log4j-0:6.0.41-19_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-19_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-19_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-webapps-0:6.0.41-19_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-0:7.0.54-28_patch_05.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-0:7.0.54-28_patch_05.ep6.el7.src", "7Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-28_patch_05.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-28_patch_05.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-28_patch_05.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-28_patch_05.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-28_patch_05.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-lib-0:7.0.54-28_patch_05.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-log4j-0:7.0.54-28_patch_05.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-28_patch_05.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-28_patch_05.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-webapps-0:7.0.54-28_patch_05.ep6.el7.noarch" ] } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0" }, "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.0" }, "products": [ "6Server-JBEWS-2:httpd-0:2.2.26-57.ep6.el6.i386", "6Server-JBEWS-2:httpd-0:2.2.26-57.ep6.el6.src", "6Server-JBEWS-2:httpd-0:2.2.26-57.ep6.el6.x86_64", "6Server-JBEWS-2:httpd-debuginfo-0:2.2.26-57.ep6.el6.i386", "6Server-JBEWS-2:httpd-debuginfo-0:2.2.26-57.ep6.el6.x86_64", "6Server-JBEWS-2:httpd-devel-0:2.2.26-57.ep6.el6.i386", "6Server-JBEWS-2:httpd-devel-0:2.2.26-57.ep6.el6.x86_64", "6Server-JBEWS-2:httpd-manual-0:2.2.26-57.ep6.el6.i386", "6Server-JBEWS-2:httpd-manual-0:2.2.26-57.ep6.el6.x86_64", "6Server-JBEWS-2:httpd-tools-0:2.2.26-57.ep6.el6.i386", "6Server-JBEWS-2:httpd-tools-0:2.2.26-57.ep6.el6.x86_64", "6Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.i686", "6Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.src", "6Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.x86_64", "6Server-JBEWS-2:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el6.i686", "6Server-JBEWS-2:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el6.x86_64", "6Server-JBEWS-2:jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el6.i686", "6Server-JBEWS-2:jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el6.x86_64", "6Server-JBEWS-2:jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el6.i686", "6Server-JBEWS-2:jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el6.x86_64", "6Server-JBEWS-2:jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el6.i686", "6Server-JBEWS-2:jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el6.x86_64", "6Server-JBEWS-2:jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el6.i686", "6Server-JBEWS-2:jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el6.x86_64", "6Server-JBEWS-2:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el6.i386", "6Server-JBEWS-2:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el6.src", "6Server-JBEWS-2:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el6.x86_64", "6Server-JBEWS-2:mod_cluster-native-debuginfo-0:1.2.13-9.Final_redhat_2.ep6.el6.i386", "6Server-JBEWS-2:mod_cluster-native-debuginfo-0:1.2.13-9.Final_redhat_2.ep6.el6.x86_64", "6Server-JBEWS-2:mod_ldap-0:2.2.26-57.ep6.el6.i386", "6Server-JBEWS-2:mod_ldap-0:2.2.26-57.ep6.el6.x86_64", "6Server-JBEWS-2:mod_ssl-1:2.2.26-57.ep6.el6.i386", "6Server-JBEWS-2:mod_ssl-1:2.2.26-57.ep6.el6.x86_64", "6Server-JBEWS-2:tomcat6-0:6.0.41-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-0:6.0.41-19_patch_04.ep6.el6.src", "6Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-lib-0:6.0.41-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-log4j-0:6.0.41-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-webapps-0:6.0.41-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-0:7.0.54-28_patch_05.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-0:7.0.54-28_patch_05.ep6.el6.src", "6Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-28_patch_05.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-28_patch_05.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-28_patch_05.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-28_patch_05.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-28_patch_05.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-lib-0:7.0.54-28_patch_05.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-log4j-0:7.0.54-28_patch_05.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-28_patch_05.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-28_patch_05.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-webapps-0:7.0.54-28_patch_05.ep6.el6.noarch", "7Server-JBEWS-2:httpd22-0:2.2.26-58.ep6.el7.src", "7Server-JBEWS-2:httpd22-0:2.2.26-58.ep6.el7.x86_64", "7Server-JBEWS-2:httpd22-debuginfo-0:2.2.26-58.ep6.el7.x86_64", "7Server-JBEWS-2:httpd22-devel-0:2.2.26-58.ep6.el7.x86_64", "7Server-JBEWS-2:httpd22-manual-0:2.2.26-58.ep6.el7.x86_64", "7Server-JBEWS-2:httpd22-tools-0:2.2.26-58.ep6.el7.x86_64", "7Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el7.src", "7Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el7.x86_64", "7Server-JBEWS-2:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el7.x86_64", "7Server-JBEWS-2:jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el7.x86_64", "7Server-JBEWS-2:jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el7.x86_64", "7Server-JBEWS-2:jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el7.x86_64", "7Server-JBEWS-2:jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el7.x86_64", "7Server-JBEWS-2:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el7.src", "7Server-JBEWS-2:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el7.x86_64", "7Server-JBEWS-2:mod_cluster-native-debuginfo-0:1.2.13-9.Final_redhat_2.ep6.el7.x86_64", "7Server-JBEWS-2:mod_ldap22-0:2.2.26-58.ep6.el7.x86_64", "7Server-JBEWS-2:mod_ssl22-1:2.2.26-58.ep6.el7.x86_64", "7Server-JBEWS-2:tomcat6-0:6.0.41-19_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-0:6.0.41-19_patch_04.ep6.el7.src", "7Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-19_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-19_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-19_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-19_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-19_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-lib-0:6.0.41-19_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-log4j-0:6.0.41-19_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-19_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-19_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-webapps-0:6.0.41-19_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-0:7.0.54-28_patch_05.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-0:7.0.54-28_patch_05.ep6.el7.src", "7Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-28_patch_05.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-28_patch_05.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-28_patch_05.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-28_patch_05.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-28_patch_05.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-lib-0:7.0.54-28_patch_05.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-log4j-0:7.0.54-28_patch_05.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-28_patch_05.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-28_patch_05.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-webapps-0:7.0.54-28_patch_05.ep6.el7.noarch" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "SSL/TLS: Birthday attack against 64-bit block ciphers (SWEET32)" }, { "cve": "CVE-2017-9788", "cwe": { "id": "CWE-456", "name": "Missing Initialization of a Variable" }, "discovery_date": "2017-07-13T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1470748" } ], "notes": [ { "category": "description", "text": "It was discovered that the httpd\u0027s mod_auth_digest module did not properly initialize memory before using it when processing certain headers related to digest authentication. A remote attacker could possibly use this flaw to disclose potentially sensitive information or cause httpd child process to crash by sending specially crafted requests to a server.", "title": "Vulnerability description" }, { "category": "summary", "text": "httpd: Uninitialized memory reflection in mod_auth_digest", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Server-JBEWS-2:httpd-0:2.2.26-57.ep6.el6.i386", "6Server-JBEWS-2:httpd-0:2.2.26-57.ep6.el6.src", "6Server-JBEWS-2:httpd-0:2.2.26-57.ep6.el6.x86_64", "6Server-JBEWS-2:httpd-debuginfo-0:2.2.26-57.ep6.el6.i386", "6Server-JBEWS-2:httpd-debuginfo-0:2.2.26-57.ep6.el6.x86_64", "6Server-JBEWS-2:httpd-devel-0:2.2.26-57.ep6.el6.i386", "6Server-JBEWS-2:httpd-devel-0:2.2.26-57.ep6.el6.x86_64", "6Server-JBEWS-2:httpd-manual-0:2.2.26-57.ep6.el6.i386", "6Server-JBEWS-2:httpd-manual-0:2.2.26-57.ep6.el6.x86_64", "6Server-JBEWS-2:httpd-tools-0:2.2.26-57.ep6.el6.i386", "6Server-JBEWS-2:httpd-tools-0:2.2.26-57.ep6.el6.x86_64", "6Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.i686", "6Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.src", "6Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.x86_64", "6Server-JBEWS-2:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el6.i686", "6Server-JBEWS-2:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el6.x86_64", "6Server-JBEWS-2:jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el6.i686", "6Server-JBEWS-2:jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el6.x86_64", "6Server-JBEWS-2:jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el6.i686", "6Server-JBEWS-2:jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el6.x86_64", "6Server-JBEWS-2:jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el6.i686", "6Server-JBEWS-2:jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el6.x86_64", "6Server-JBEWS-2:jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el6.i686", "6Server-JBEWS-2:jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el6.x86_64", "6Server-JBEWS-2:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el6.i386", "6Server-JBEWS-2:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el6.src", "6Server-JBEWS-2:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el6.x86_64", "6Server-JBEWS-2:mod_cluster-native-debuginfo-0:1.2.13-9.Final_redhat_2.ep6.el6.i386", "6Server-JBEWS-2:mod_cluster-native-debuginfo-0:1.2.13-9.Final_redhat_2.ep6.el6.x86_64", "6Server-JBEWS-2:mod_ldap-0:2.2.26-57.ep6.el6.i386", "6Server-JBEWS-2:mod_ldap-0:2.2.26-57.ep6.el6.x86_64", "6Server-JBEWS-2:mod_ssl-1:2.2.26-57.ep6.el6.i386", "6Server-JBEWS-2:mod_ssl-1:2.2.26-57.ep6.el6.x86_64", "6Server-JBEWS-2:tomcat6-0:6.0.41-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-0:6.0.41-19_patch_04.ep6.el6.src", "6Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-lib-0:6.0.41-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-log4j-0:6.0.41-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-webapps-0:6.0.41-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-0:7.0.54-28_patch_05.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-0:7.0.54-28_patch_05.ep6.el6.src", "6Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-28_patch_05.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-28_patch_05.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-28_patch_05.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-28_patch_05.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-28_patch_05.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-lib-0:7.0.54-28_patch_05.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-log4j-0:7.0.54-28_patch_05.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-28_patch_05.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-28_patch_05.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-webapps-0:7.0.54-28_patch_05.ep6.el6.noarch", "7Server-JBEWS-2:httpd22-0:2.2.26-58.ep6.el7.src", "7Server-JBEWS-2:httpd22-0:2.2.26-58.ep6.el7.x86_64", "7Server-JBEWS-2:httpd22-debuginfo-0:2.2.26-58.ep6.el7.x86_64", "7Server-JBEWS-2:httpd22-devel-0:2.2.26-58.ep6.el7.x86_64", "7Server-JBEWS-2:httpd22-manual-0:2.2.26-58.ep6.el7.x86_64", "7Server-JBEWS-2:httpd22-tools-0:2.2.26-58.ep6.el7.x86_64", "7Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el7.src", "7Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el7.x86_64", "7Server-JBEWS-2:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el7.x86_64", "7Server-JBEWS-2:jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el7.x86_64", "7Server-JBEWS-2:jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el7.x86_64", "7Server-JBEWS-2:jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el7.x86_64", "7Server-JBEWS-2:jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el7.x86_64", "7Server-JBEWS-2:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el7.src", "7Server-JBEWS-2:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el7.x86_64", "7Server-JBEWS-2:mod_cluster-native-debuginfo-0:1.2.13-9.Final_redhat_2.ep6.el7.x86_64", "7Server-JBEWS-2:mod_ldap22-0:2.2.26-58.ep6.el7.x86_64", "7Server-JBEWS-2:mod_ssl22-1:2.2.26-58.ep6.el7.x86_64", "7Server-JBEWS-2:tomcat6-0:6.0.41-19_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-0:6.0.41-19_patch_04.ep6.el7.src", "7Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-19_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-19_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-19_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-19_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-19_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-lib-0:6.0.41-19_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-log4j-0:6.0.41-19_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-19_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-19_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-webapps-0:6.0.41-19_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-0:7.0.54-28_patch_05.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-0:7.0.54-28_patch_05.ep6.el7.src", "7Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-28_patch_05.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-28_patch_05.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-28_patch_05.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-28_patch_05.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-28_patch_05.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-lib-0:7.0.54-28_patch_05.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-log4j-0:7.0.54-28_patch_05.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-28_patch_05.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-28_patch_05.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-webapps-0:7.0.54-28_patch_05.ep6.el7.noarch" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2017-9788" }, { "category": "external", "summary": "RHBZ#1470748", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1470748" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2017-9788", "url": "https://www.cve.org/CVERecord?id=CVE-2017-9788" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-9788", "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-9788" }, { "category": "external", "summary": "https://httpd.apache.org/security/vulnerabilities_22.html#2.2.34", "url": "https://httpd.apache.org/security/vulnerabilities_22.html#2.2.34" }, { "category": "external", "summary": "https://httpd.apache.org/security/vulnerabilities_24.html#2.4.27", "url": "https://httpd.apache.org/security/vulnerabilities_24.html#2.4.27" } ], "release_date": "2017-07-11T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "details": "Before applying the update, back up your existing Red Hat JBoss Web Server installation (including all applications and configuration files).\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nFor the update to take effect, all services linked to the OpenSSL library must be restarted, or the system rebooted. After installing the updated packages, the httpd daemon will be restarted automatically.", "product_ids": [ "6Server-JBEWS-2:httpd-0:2.2.26-57.ep6.el6.i386", "6Server-JBEWS-2:httpd-0:2.2.26-57.ep6.el6.src", "6Server-JBEWS-2:httpd-0:2.2.26-57.ep6.el6.x86_64", "6Server-JBEWS-2:httpd-debuginfo-0:2.2.26-57.ep6.el6.i386", "6Server-JBEWS-2:httpd-debuginfo-0:2.2.26-57.ep6.el6.x86_64", "6Server-JBEWS-2:httpd-devel-0:2.2.26-57.ep6.el6.i386", "6Server-JBEWS-2:httpd-devel-0:2.2.26-57.ep6.el6.x86_64", "6Server-JBEWS-2:httpd-manual-0:2.2.26-57.ep6.el6.i386", "6Server-JBEWS-2:httpd-manual-0:2.2.26-57.ep6.el6.x86_64", "6Server-JBEWS-2:httpd-tools-0:2.2.26-57.ep6.el6.i386", "6Server-JBEWS-2:httpd-tools-0:2.2.26-57.ep6.el6.x86_64", "6Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.i686", "6Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.src", "6Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.x86_64", "6Server-JBEWS-2:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el6.i686", "6Server-JBEWS-2:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el6.x86_64", "6Server-JBEWS-2:jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el6.i686", "6Server-JBEWS-2:jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el6.x86_64", "6Server-JBEWS-2:jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el6.i686", "6Server-JBEWS-2:jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el6.x86_64", "6Server-JBEWS-2:jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el6.i686", "6Server-JBEWS-2:jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el6.x86_64", "6Server-JBEWS-2:jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el6.i686", "6Server-JBEWS-2:jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el6.x86_64", "6Server-JBEWS-2:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el6.i386", "6Server-JBEWS-2:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el6.src", "6Server-JBEWS-2:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el6.x86_64", "6Server-JBEWS-2:mod_cluster-native-debuginfo-0:1.2.13-9.Final_redhat_2.ep6.el6.i386", "6Server-JBEWS-2:mod_cluster-native-debuginfo-0:1.2.13-9.Final_redhat_2.ep6.el6.x86_64", "6Server-JBEWS-2:mod_ldap-0:2.2.26-57.ep6.el6.i386", "6Server-JBEWS-2:mod_ldap-0:2.2.26-57.ep6.el6.x86_64", "6Server-JBEWS-2:mod_ssl-1:2.2.26-57.ep6.el6.i386", "6Server-JBEWS-2:mod_ssl-1:2.2.26-57.ep6.el6.x86_64", "6Server-JBEWS-2:tomcat6-0:6.0.41-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-0:6.0.41-19_patch_04.ep6.el6.src", "6Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-lib-0:6.0.41-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-log4j-0:6.0.41-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-webapps-0:6.0.41-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-0:7.0.54-28_patch_05.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-0:7.0.54-28_patch_05.ep6.el6.src", "6Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-28_patch_05.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-28_patch_05.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-28_patch_05.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-28_patch_05.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-28_patch_05.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-lib-0:7.0.54-28_patch_05.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-log4j-0:7.0.54-28_patch_05.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-28_patch_05.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-28_patch_05.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-webapps-0:7.0.54-28_patch_05.ep6.el6.noarch", "7Server-JBEWS-2:httpd22-0:2.2.26-58.ep6.el7.src", "7Server-JBEWS-2:httpd22-0:2.2.26-58.ep6.el7.x86_64", "7Server-JBEWS-2:httpd22-debuginfo-0:2.2.26-58.ep6.el7.x86_64", "7Server-JBEWS-2:httpd22-devel-0:2.2.26-58.ep6.el7.x86_64", "7Server-JBEWS-2:httpd22-manual-0:2.2.26-58.ep6.el7.x86_64", "7Server-JBEWS-2:httpd22-tools-0:2.2.26-58.ep6.el7.x86_64", "7Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el7.src", "7Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el7.x86_64", "7Server-JBEWS-2:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el7.x86_64", "7Server-JBEWS-2:jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el7.x86_64", "7Server-JBEWS-2:jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el7.x86_64", "7Server-JBEWS-2:jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el7.x86_64", "7Server-JBEWS-2:jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el7.x86_64", "7Server-JBEWS-2:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el7.src", "7Server-JBEWS-2:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el7.x86_64", "7Server-JBEWS-2:mod_cluster-native-debuginfo-0:1.2.13-9.Final_redhat_2.ep6.el7.x86_64", "7Server-JBEWS-2:mod_ldap22-0:2.2.26-58.ep6.el7.x86_64", "7Server-JBEWS-2:mod_ssl22-1:2.2.26-58.ep6.el7.x86_64", "7Server-JBEWS-2:tomcat6-0:6.0.41-19_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-0:6.0.41-19_patch_04.ep6.el7.src", "7Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-19_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-19_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-19_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-19_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-19_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-lib-0:6.0.41-19_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-log4j-0:6.0.41-19_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-19_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-19_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-webapps-0:6.0.41-19_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-0:7.0.54-28_patch_05.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-0:7.0.54-28_patch_05.ep6.el7.src", "7Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-28_patch_05.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-28_patch_05.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-28_patch_05.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-28_patch_05.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-28_patch_05.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-lib-0:7.0.54-28_patch_05.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-log4j-0:7.0.54-28_patch_05.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-28_patch_05.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-28_patch_05.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-webapps-0:7.0.54-28_patch_05.ep6.el7.noarch" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2017:3113" }, { "category": "workaround", "details": "If you do not use digest authentication, do not load the \"auth_digest_module\".\n\nFor example, on RHEL 7, this can be done by commenting out or removing the\n\"LoadModule auth_digest_module modules/mod_auth_digest.so\"\nline within the /etc/httpd/conf.modules.d/00-base.conf configuration file and restarting the service.\n\nYou can then use the \"httpd -t -D DUMP_MODULES\" command to verify that the module is no longer loaded.", "product_ids": [ "6Server-JBEWS-2:httpd-0:2.2.26-57.ep6.el6.i386", "6Server-JBEWS-2:httpd-0:2.2.26-57.ep6.el6.src", "6Server-JBEWS-2:httpd-0:2.2.26-57.ep6.el6.x86_64", "6Server-JBEWS-2:httpd-debuginfo-0:2.2.26-57.ep6.el6.i386", "6Server-JBEWS-2:httpd-debuginfo-0:2.2.26-57.ep6.el6.x86_64", "6Server-JBEWS-2:httpd-devel-0:2.2.26-57.ep6.el6.i386", "6Server-JBEWS-2:httpd-devel-0:2.2.26-57.ep6.el6.x86_64", "6Server-JBEWS-2:httpd-manual-0:2.2.26-57.ep6.el6.i386", "6Server-JBEWS-2:httpd-manual-0:2.2.26-57.ep6.el6.x86_64", "6Server-JBEWS-2:httpd-tools-0:2.2.26-57.ep6.el6.i386", "6Server-JBEWS-2:httpd-tools-0:2.2.26-57.ep6.el6.x86_64", "6Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.i686", "6Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.src", "6Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.x86_64", "6Server-JBEWS-2:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el6.i686", "6Server-JBEWS-2:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el6.x86_64", "6Server-JBEWS-2:jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el6.i686", "6Server-JBEWS-2:jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el6.x86_64", "6Server-JBEWS-2:jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el6.i686", "6Server-JBEWS-2:jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el6.x86_64", "6Server-JBEWS-2:jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el6.i686", "6Server-JBEWS-2:jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el6.x86_64", "6Server-JBEWS-2:jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el6.i686", "6Server-JBEWS-2:jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el6.x86_64", "6Server-JBEWS-2:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el6.i386", "6Server-JBEWS-2:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el6.src", "6Server-JBEWS-2:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el6.x86_64", "6Server-JBEWS-2:mod_cluster-native-debuginfo-0:1.2.13-9.Final_redhat_2.ep6.el6.i386", "6Server-JBEWS-2:mod_cluster-native-debuginfo-0:1.2.13-9.Final_redhat_2.ep6.el6.x86_64", "6Server-JBEWS-2:mod_ldap-0:2.2.26-57.ep6.el6.i386", "6Server-JBEWS-2:mod_ldap-0:2.2.26-57.ep6.el6.x86_64", "6Server-JBEWS-2:mod_ssl-1:2.2.26-57.ep6.el6.i386", "6Server-JBEWS-2:mod_ssl-1:2.2.26-57.ep6.el6.x86_64", "6Server-JBEWS-2:tomcat6-0:6.0.41-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-0:6.0.41-19_patch_04.ep6.el6.src", "6Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-lib-0:6.0.41-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-log4j-0:6.0.41-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-webapps-0:6.0.41-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-0:7.0.54-28_patch_05.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-0:7.0.54-28_patch_05.ep6.el6.src", "6Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-28_patch_05.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-28_patch_05.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-28_patch_05.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-28_patch_05.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-28_patch_05.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-lib-0:7.0.54-28_patch_05.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-log4j-0:7.0.54-28_patch_05.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-28_patch_05.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-28_patch_05.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-webapps-0:7.0.54-28_patch_05.ep6.el6.noarch", "7Server-JBEWS-2:httpd22-0:2.2.26-58.ep6.el7.src", "7Server-JBEWS-2:httpd22-0:2.2.26-58.ep6.el7.x86_64", "7Server-JBEWS-2:httpd22-debuginfo-0:2.2.26-58.ep6.el7.x86_64", "7Server-JBEWS-2:httpd22-devel-0:2.2.26-58.ep6.el7.x86_64", "7Server-JBEWS-2:httpd22-manual-0:2.2.26-58.ep6.el7.x86_64", "7Server-JBEWS-2:httpd22-tools-0:2.2.26-58.ep6.el7.x86_64", "7Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el7.src", "7Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el7.x86_64", "7Server-JBEWS-2:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el7.x86_64", "7Server-JBEWS-2:jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el7.x86_64", "7Server-JBEWS-2:jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el7.x86_64", "7Server-JBEWS-2:jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el7.x86_64", "7Server-JBEWS-2:jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el7.x86_64", "7Server-JBEWS-2:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el7.src", "7Server-JBEWS-2:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el7.x86_64", "7Server-JBEWS-2:mod_cluster-native-debuginfo-0:1.2.13-9.Final_redhat_2.ep6.el7.x86_64", "7Server-JBEWS-2:mod_ldap22-0:2.2.26-58.ep6.el7.x86_64", "7Server-JBEWS-2:mod_ssl22-1:2.2.26-58.ep6.el7.x86_64", "7Server-JBEWS-2:tomcat6-0:6.0.41-19_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-0:6.0.41-19_patch_04.ep6.el7.src", "7Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-19_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-19_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-19_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-19_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-19_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-lib-0:6.0.41-19_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-log4j-0:6.0.41-19_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-19_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-19_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-webapps-0:6.0.41-19_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-0:7.0.54-28_patch_05.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-0:7.0.54-28_patch_05.ep6.el7.src", "7Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-28_patch_05.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-28_patch_05.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-28_patch_05.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-28_patch_05.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-28_patch_05.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-lib-0:7.0.54-28_patch_05.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-log4j-0:7.0.54-28_patch_05.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-28_patch_05.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-28_patch_05.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-webapps-0:7.0.54-28_patch_05.ep6.el7.noarch" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 4.8, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:L", "version": "3.0" }, "products": [ "6Server-JBEWS-2:httpd-0:2.2.26-57.ep6.el6.i386", "6Server-JBEWS-2:httpd-0:2.2.26-57.ep6.el6.src", "6Server-JBEWS-2:httpd-0:2.2.26-57.ep6.el6.x86_64", "6Server-JBEWS-2:httpd-debuginfo-0:2.2.26-57.ep6.el6.i386", "6Server-JBEWS-2:httpd-debuginfo-0:2.2.26-57.ep6.el6.x86_64", "6Server-JBEWS-2:httpd-devel-0:2.2.26-57.ep6.el6.i386", "6Server-JBEWS-2:httpd-devel-0:2.2.26-57.ep6.el6.x86_64", "6Server-JBEWS-2:httpd-manual-0:2.2.26-57.ep6.el6.i386", "6Server-JBEWS-2:httpd-manual-0:2.2.26-57.ep6.el6.x86_64", "6Server-JBEWS-2:httpd-tools-0:2.2.26-57.ep6.el6.i386", "6Server-JBEWS-2:httpd-tools-0:2.2.26-57.ep6.el6.x86_64", "6Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.i686", "6Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.src", "6Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.x86_64", "6Server-JBEWS-2:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el6.i686", "6Server-JBEWS-2:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el6.x86_64", "6Server-JBEWS-2:jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el6.i686", "6Server-JBEWS-2:jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el6.x86_64", "6Server-JBEWS-2:jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el6.i686", "6Server-JBEWS-2:jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el6.x86_64", "6Server-JBEWS-2:jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el6.i686", "6Server-JBEWS-2:jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el6.x86_64", "6Server-JBEWS-2:jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el6.i686", "6Server-JBEWS-2:jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el6.x86_64", "6Server-JBEWS-2:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el6.i386", "6Server-JBEWS-2:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el6.src", "6Server-JBEWS-2:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el6.x86_64", "6Server-JBEWS-2:mod_cluster-native-debuginfo-0:1.2.13-9.Final_redhat_2.ep6.el6.i386", "6Server-JBEWS-2:mod_cluster-native-debuginfo-0:1.2.13-9.Final_redhat_2.ep6.el6.x86_64", "6Server-JBEWS-2:mod_ldap-0:2.2.26-57.ep6.el6.i386", "6Server-JBEWS-2:mod_ldap-0:2.2.26-57.ep6.el6.x86_64", "6Server-JBEWS-2:mod_ssl-1:2.2.26-57.ep6.el6.i386", "6Server-JBEWS-2:mod_ssl-1:2.2.26-57.ep6.el6.x86_64", "6Server-JBEWS-2:tomcat6-0:6.0.41-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-0:6.0.41-19_patch_04.ep6.el6.src", "6Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-lib-0:6.0.41-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-log4j-0:6.0.41-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-webapps-0:6.0.41-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-0:7.0.54-28_patch_05.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-0:7.0.54-28_patch_05.ep6.el6.src", "6Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-28_patch_05.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-28_patch_05.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-28_patch_05.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-28_patch_05.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-28_patch_05.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-lib-0:7.0.54-28_patch_05.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-log4j-0:7.0.54-28_patch_05.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-28_patch_05.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-28_patch_05.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-webapps-0:7.0.54-28_patch_05.ep6.el6.noarch", "7Server-JBEWS-2:httpd22-0:2.2.26-58.ep6.el7.src", "7Server-JBEWS-2:httpd22-0:2.2.26-58.ep6.el7.x86_64", "7Server-JBEWS-2:httpd22-debuginfo-0:2.2.26-58.ep6.el7.x86_64", "7Server-JBEWS-2:httpd22-devel-0:2.2.26-58.ep6.el7.x86_64", "7Server-JBEWS-2:httpd22-manual-0:2.2.26-58.ep6.el7.x86_64", "7Server-JBEWS-2:httpd22-tools-0:2.2.26-58.ep6.el7.x86_64", "7Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el7.src", "7Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el7.x86_64", "7Server-JBEWS-2:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el7.x86_64", "7Server-JBEWS-2:jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el7.x86_64", "7Server-JBEWS-2:jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el7.x86_64", "7Server-JBEWS-2:jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el7.x86_64", "7Server-JBEWS-2:jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el7.x86_64", "7Server-JBEWS-2:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el7.src", "7Server-JBEWS-2:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el7.x86_64", "7Server-JBEWS-2:mod_cluster-native-debuginfo-0:1.2.13-9.Final_redhat_2.ep6.el7.x86_64", "7Server-JBEWS-2:mod_ldap22-0:2.2.26-58.ep6.el7.x86_64", "7Server-JBEWS-2:mod_ssl22-1:2.2.26-58.ep6.el7.x86_64", "7Server-JBEWS-2:tomcat6-0:6.0.41-19_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-0:6.0.41-19_patch_04.ep6.el7.src", "7Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-19_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-19_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-19_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-19_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-19_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-lib-0:6.0.41-19_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-log4j-0:6.0.41-19_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-19_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-19_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-webapps-0:6.0.41-19_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-0:7.0.54-28_patch_05.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-0:7.0.54-28_patch_05.ep6.el7.src", "7Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-28_patch_05.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-28_patch_05.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-28_patch_05.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-28_patch_05.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-28_patch_05.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-lib-0:7.0.54-28_patch_05.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-log4j-0:7.0.54-28_patch_05.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-28_patch_05.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-28_patch_05.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-webapps-0:7.0.54-28_patch_05.ep6.el7.noarch" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "httpd: Uninitialized memory reflection in mod_auth_digest" }, { "acknowledgments": [ { "names": [ "Hanno B\u00f6ck" ] } ], "cve": "CVE-2017-9798", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "discovery_date": "2017-09-11T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1490344" } ], "notes": [ { "category": "description", "text": "A use-after-free flaw was found in the way httpd handled invalid and previously unregistered HTTP methods specified in the Limit directive used in an .htaccess file. A remote attacker could possibly use this flaw to disclose portions of the server memory, or cause httpd child process to crash.", "title": "Vulnerability description" }, { "category": "summary", "text": "httpd: Use-after-free by limiting unregistered HTTP method (Optionsbleed)", "title": "Vulnerability summary" }, { "category": "other", "text": "This issue affects the versions of httpd as shipped with Red Hat Enterprise Linux 5, 6, and 7. This issue affects the versions of httpd24-httpd as shipped with Red Hat Software Collections. Product Security has rated this issue as having Moderate security impact.\n\nIn order to be vulnerable, .htaccess files need to contain an invalid or not globally registered HTTP method in a \"Limit\" directive.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Server-JBEWS-2:httpd-0:2.2.26-57.ep6.el6.i386", "6Server-JBEWS-2:httpd-0:2.2.26-57.ep6.el6.src", "6Server-JBEWS-2:httpd-0:2.2.26-57.ep6.el6.x86_64", "6Server-JBEWS-2:httpd-debuginfo-0:2.2.26-57.ep6.el6.i386", "6Server-JBEWS-2:httpd-debuginfo-0:2.2.26-57.ep6.el6.x86_64", "6Server-JBEWS-2:httpd-devel-0:2.2.26-57.ep6.el6.i386", "6Server-JBEWS-2:httpd-devel-0:2.2.26-57.ep6.el6.x86_64", "6Server-JBEWS-2:httpd-manual-0:2.2.26-57.ep6.el6.i386", "6Server-JBEWS-2:httpd-manual-0:2.2.26-57.ep6.el6.x86_64", "6Server-JBEWS-2:httpd-tools-0:2.2.26-57.ep6.el6.i386", "6Server-JBEWS-2:httpd-tools-0:2.2.26-57.ep6.el6.x86_64", "6Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.i686", "6Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.src", "6Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.x86_64", "6Server-JBEWS-2:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el6.i686", "6Server-JBEWS-2:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el6.x86_64", "6Server-JBEWS-2:jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el6.i686", "6Server-JBEWS-2:jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el6.x86_64", "6Server-JBEWS-2:jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el6.i686", "6Server-JBEWS-2:jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el6.x86_64", "6Server-JBEWS-2:jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el6.i686", "6Server-JBEWS-2:jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el6.x86_64", "6Server-JBEWS-2:jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el6.i686", "6Server-JBEWS-2:jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el6.x86_64", "6Server-JBEWS-2:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el6.i386", "6Server-JBEWS-2:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el6.src", "6Server-JBEWS-2:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el6.x86_64", "6Server-JBEWS-2:mod_cluster-native-debuginfo-0:1.2.13-9.Final_redhat_2.ep6.el6.i386", "6Server-JBEWS-2:mod_cluster-native-debuginfo-0:1.2.13-9.Final_redhat_2.ep6.el6.x86_64", "6Server-JBEWS-2:mod_ldap-0:2.2.26-57.ep6.el6.i386", "6Server-JBEWS-2:mod_ldap-0:2.2.26-57.ep6.el6.x86_64", "6Server-JBEWS-2:mod_ssl-1:2.2.26-57.ep6.el6.i386", "6Server-JBEWS-2:mod_ssl-1:2.2.26-57.ep6.el6.x86_64", "6Server-JBEWS-2:tomcat6-0:6.0.41-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-0:6.0.41-19_patch_04.ep6.el6.src", "6Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-lib-0:6.0.41-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-log4j-0:6.0.41-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-webapps-0:6.0.41-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-0:7.0.54-28_patch_05.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-0:7.0.54-28_patch_05.ep6.el6.src", "6Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-28_patch_05.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-28_patch_05.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-28_patch_05.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-28_patch_05.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-28_patch_05.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-lib-0:7.0.54-28_patch_05.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-log4j-0:7.0.54-28_patch_05.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-28_patch_05.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-28_patch_05.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-webapps-0:7.0.54-28_patch_05.ep6.el6.noarch", "7Server-JBEWS-2:httpd22-0:2.2.26-58.ep6.el7.src", "7Server-JBEWS-2:httpd22-0:2.2.26-58.ep6.el7.x86_64", "7Server-JBEWS-2:httpd22-debuginfo-0:2.2.26-58.ep6.el7.x86_64", "7Server-JBEWS-2:httpd22-devel-0:2.2.26-58.ep6.el7.x86_64", "7Server-JBEWS-2:httpd22-manual-0:2.2.26-58.ep6.el7.x86_64", "7Server-JBEWS-2:httpd22-tools-0:2.2.26-58.ep6.el7.x86_64", "7Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el7.src", "7Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el7.x86_64", "7Server-JBEWS-2:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el7.x86_64", "7Server-JBEWS-2:jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el7.x86_64", "7Server-JBEWS-2:jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el7.x86_64", "7Server-JBEWS-2:jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el7.x86_64", "7Server-JBEWS-2:jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el7.x86_64", "7Server-JBEWS-2:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el7.src", "7Server-JBEWS-2:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el7.x86_64", "7Server-JBEWS-2:mod_cluster-native-debuginfo-0:1.2.13-9.Final_redhat_2.ep6.el7.x86_64", "7Server-JBEWS-2:mod_ldap22-0:2.2.26-58.ep6.el7.x86_64", "7Server-JBEWS-2:mod_ssl22-1:2.2.26-58.ep6.el7.x86_64", "7Server-JBEWS-2:tomcat6-0:6.0.41-19_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-0:6.0.41-19_patch_04.ep6.el7.src", "7Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-19_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-19_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-19_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-19_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-19_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-lib-0:6.0.41-19_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-log4j-0:6.0.41-19_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-19_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-19_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-webapps-0:6.0.41-19_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-0:7.0.54-28_patch_05.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-0:7.0.54-28_patch_05.ep6.el7.src", "7Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-28_patch_05.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-28_patch_05.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-28_patch_05.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-28_patch_05.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-28_patch_05.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-lib-0:7.0.54-28_patch_05.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-log4j-0:7.0.54-28_patch_05.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-28_patch_05.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-28_patch_05.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-webapps-0:7.0.54-28_patch_05.ep6.el7.noarch" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2017-9798" }, { "category": "external", "summary": "RHBZ#1490344", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1490344" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2017-9798", "url": "https://www.cve.org/CVERecord?id=CVE-2017-9798" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-9798", "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-9798" }, { "category": "external", "summary": "https://blog.fuzzing-project.org/60-Optionsbleed-HTTP-OPTIONS-method-can-leak-Apaches-server-memory.html", "url": "https://blog.fuzzing-project.org/60-Optionsbleed-HTTP-OPTIONS-method-can-leak-Apaches-server-memory.html" } ], "release_date": "2017-09-18T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "details": "Before applying the update, back up your existing Red Hat JBoss Web Server installation (including all applications and configuration files).\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nFor the update to take effect, all services linked to the OpenSSL library must be restarted, or the system rebooted. After installing the updated packages, the httpd daemon will be restarted automatically.", "product_ids": [ "6Server-JBEWS-2:httpd-0:2.2.26-57.ep6.el6.i386", "6Server-JBEWS-2:httpd-0:2.2.26-57.ep6.el6.src", "6Server-JBEWS-2:httpd-0:2.2.26-57.ep6.el6.x86_64", "6Server-JBEWS-2:httpd-debuginfo-0:2.2.26-57.ep6.el6.i386", "6Server-JBEWS-2:httpd-debuginfo-0:2.2.26-57.ep6.el6.x86_64", "6Server-JBEWS-2:httpd-devel-0:2.2.26-57.ep6.el6.i386", "6Server-JBEWS-2:httpd-devel-0:2.2.26-57.ep6.el6.x86_64", "6Server-JBEWS-2:httpd-manual-0:2.2.26-57.ep6.el6.i386", "6Server-JBEWS-2:httpd-manual-0:2.2.26-57.ep6.el6.x86_64", "6Server-JBEWS-2:httpd-tools-0:2.2.26-57.ep6.el6.i386", "6Server-JBEWS-2:httpd-tools-0:2.2.26-57.ep6.el6.x86_64", "6Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.i686", "6Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.src", "6Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.x86_64", "6Server-JBEWS-2:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el6.i686", "6Server-JBEWS-2:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el6.x86_64", "6Server-JBEWS-2:jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el6.i686", "6Server-JBEWS-2:jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el6.x86_64", "6Server-JBEWS-2:jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el6.i686", "6Server-JBEWS-2:jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el6.x86_64", "6Server-JBEWS-2:jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el6.i686", "6Server-JBEWS-2:jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el6.x86_64", "6Server-JBEWS-2:jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el6.i686", "6Server-JBEWS-2:jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el6.x86_64", "6Server-JBEWS-2:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el6.i386", "6Server-JBEWS-2:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el6.src", "6Server-JBEWS-2:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el6.x86_64", "6Server-JBEWS-2:mod_cluster-native-debuginfo-0:1.2.13-9.Final_redhat_2.ep6.el6.i386", "6Server-JBEWS-2:mod_cluster-native-debuginfo-0:1.2.13-9.Final_redhat_2.ep6.el6.x86_64", "6Server-JBEWS-2:mod_ldap-0:2.2.26-57.ep6.el6.i386", "6Server-JBEWS-2:mod_ldap-0:2.2.26-57.ep6.el6.x86_64", "6Server-JBEWS-2:mod_ssl-1:2.2.26-57.ep6.el6.i386", "6Server-JBEWS-2:mod_ssl-1:2.2.26-57.ep6.el6.x86_64", "6Server-JBEWS-2:tomcat6-0:6.0.41-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-0:6.0.41-19_patch_04.ep6.el6.src", "6Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-lib-0:6.0.41-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-log4j-0:6.0.41-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-webapps-0:6.0.41-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-0:7.0.54-28_patch_05.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-0:7.0.54-28_patch_05.ep6.el6.src", "6Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-28_patch_05.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-28_patch_05.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-28_patch_05.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-28_patch_05.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-28_patch_05.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-lib-0:7.0.54-28_patch_05.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-log4j-0:7.0.54-28_patch_05.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-28_patch_05.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-28_patch_05.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-webapps-0:7.0.54-28_patch_05.ep6.el6.noarch", "7Server-JBEWS-2:httpd22-0:2.2.26-58.ep6.el7.src", "7Server-JBEWS-2:httpd22-0:2.2.26-58.ep6.el7.x86_64", "7Server-JBEWS-2:httpd22-debuginfo-0:2.2.26-58.ep6.el7.x86_64", "7Server-JBEWS-2:httpd22-devel-0:2.2.26-58.ep6.el7.x86_64", "7Server-JBEWS-2:httpd22-manual-0:2.2.26-58.ep6.el7.x86_64", "7Server-JBEWS-2:httpd22-tools-0:2.2.26-58.ep6.el7.x86_64", "7Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el7.src", "7Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el7.x86_64", "7Server-JBEWS-2:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el7.x86_64", "7Server-JBEWS-2:jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el7.x86_64", "7Server-JBEWS-2:jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el7.x86_64", "7Server-JBEWS-2:jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el7.x86_64", "7Server-JBEWS-2:jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el7.x86_64", "7Server-JBEWS-2:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el7.src", "7Server-JBEWS-2:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el7.x86_64", "7Server-JBEWS-2:mod_cluster-native-debuginfo-0:1.2.13-9.Final_redhat_2.ep6.el7.x86_64", "7Server-JBEWS-2:mod_ldap22-0:2.2.26-58.ep6.el7.x86_64", "7Server-JBEWS-2:mod_ssl22-1:2.2.26-58.ep6.el7.x86_64", "7Server-JBEWS-2:tomcat6-0:6.0.41-19_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-0:6.0.41-19_patch_04.ep6.el7.src", "7Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-19_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-19_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-19_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-19_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-19_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-lib-0:6.0.41-19_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-log4j-0:6.0.41-19_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-19_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-19_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-webapps-0:6.0.41-19_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-0:7.0.54-28_patch_05.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-0:7.0.54-28_patch_05.ep6.el7.src", "7Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-28_patch_05.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-28_patch_05.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-28_patch_05.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-28_patch_05.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-28_patch_05.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-lib-0:7.0.54-28_patch_05.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-log4j-0:7.0.54-28_patch_05.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-28_patch_05.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-28_patch_05.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-webapps-0:7.0.54-28_patch_05.ep6.el7.noarch" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2017:3113" }, { "category": "workaround", "details": "This issue can be mitigated by configuring httpd to disallow the use of the \"Limit\" configuration directive in .htaccess files. The set of directives that can be used in .htaccess files is configured using the \"AllowOverride\" directive. Refer to Red Hat Bugzilla bug 1490344 for further details:\nhttps://bugzilla.redhat.com/show_bug.cgi?id=1490344#c18", "product_ids": [ "6Server-JBEWS-2:httpd-0:2.2.26-57.ep6.el6.i386", "6Server-JBEWS-2:httpd-0:2.2.26-57.ep6.el6.src", "6Server-JBEWS-2:httpd-0:2.2.26-57.ep6.el6.x86_64", "6Server-JBEWS-2:httpd-debuginfo-0:2.2.26-57.ep6.el6.i386", "6Server-JBEWS-2:httpd-debuginfo-0:2.2.26-57.ep6.el6.x86_64", "6Server-JBEWS-2:httpd-devel-0:2.2.26-57.ep6.el6.i386", "6Server-JBEWS-2:httpd-devel-0:2.2.26-57.ep6.el6.x86_64", "6Server-JBEWS-2:httpd-manual-0:2.2.26-57.ep6.el6.i386", "6Server-JBEWS-2:httpd-manual-0:2.2.26-57.ep6.el6.x86_64", "6Server-JBEWS-2:httpd-tools-0:2.2.26-57.ep6.el6.i386", "6Server-JBEWS-2:httpd-tools-0:2.2.26-57.ep6.el6.x86_64", "6Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.i686", "6Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.src", "6Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.x86_64", "6Server-JBEWS-2:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el6.i686", "6Server-JBEWS-2:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el6.x86_64", "6Server-JBEWS-2:jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el6.i686", "6Server-JBEWS-2:jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el6.x86_64", "6Server-JBEWS-2:jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el6.i686", "6Server-JBEWS-2:jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el6.x86_64", "6Server-JBEWS-2:jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el6.i686", "6Server-JBEWS-2:jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el6.x86_64", "6Server-JBEWS-2:jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el6.i686", "6Server-JBEWS-2:jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el6.x86_64", "6Server-JBEWS-2:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el6.i386", "6Server-JBEWS-2:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el6.src", "6Server-JBEWS-2:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el6.x86_64", "6Server-JBEWS-2:mod_cluster-native-debuginfo-0:1.2.13-9.Final_redhat_2.ep6.el6.i386", "6Server-JBEWS-2:mod_cluster-native-debuginfo-0:1.2.13-9.Final_redhat_2.ep6.el6.x86_64", "6Server-JBEWS-2:mod_ldap-0:2.2.26-57.ep6.el6.i386", "6Server-JBEWS-2:mod_ldap-0:2.2.26-57.ep6.el6.x86_64", "6Server-JBEWS-2:mod_ssl-1:2.2.26-57.ep6.el6.i386", "6Server-JBEWS-2:mod_ssl-1:2.2.26-57.ep6.el6.x86_64", "6Server-JBEWS-2:tomcat6-0:6.0.41-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-0:6.0.41-19_patch_04.ep6.el6.src", "6Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-lib-0:6.0.41-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-log4j-0:6.0.41-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-webapps-0:6.0.41-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-0:7.0.54-28_patch_05.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-0:7.0.54-28_patch_05.ep6.el6.src", "6Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-28_patch_05.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-28_patch_05.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-28_patch_05.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-28_patch_05.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-28_patch_05.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-lib-0:7.0.54-28_patch_05.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-log4j-0:7.0.54-28_patch_05.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-28_patch_05.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-28_patch_05.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-webapps-0:7.0.54-28_patch_05.ep6.el6.noarch", "7Server-JBEWS-2:httpd22-0:2.2.26-58.ep6.el7.src", "7Server-JBEWS-2:httpd22-0:2.2.26-58.ep6.el7.x86_64", "7Server-JBEWS-2:httpd22-debuginfo-0:2.2.26-58.ep6.el7.x86_64", "7Server-JBEWS-2:httpd22-devel-0:2.2.26-58.ep6.el7.x86_64", "7Server-JBEWS-2:httpd22-manual-0:2.2.26-58.ep6.el7.x86_64", "7Server-JBEWS-2:httpd22-tools-0:2.2.26-58.ep6.el7.x86_64", "7Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el7.src", "7Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el7.x86_64", "7Server-JBEWS-2:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el7.x86_64", "7Server-JBEWS-2:jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el7.x86_64", "7Server-JBEWS-2:jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el7.x86_64", "7Server-JBEWS-2:jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el7.x86_64", "7Server-JBEWS-2:jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el7.x86_64", "7Server-JBEWS-2:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el7.src", "7Server-JBEWS-2:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el7.x86_64", "7Server-JBEWS-2:mod_cluster-native-debuginfo-0:1.2.13-9.Final_redhat_2.ep6.el7.x86_64", "7Server-JBEWS-2:mod_ldap22-0:2.2.26-58.ep6.el7.x86_64", "7Server-JBEWS-2:mod_ssl22-1:2.2.26-58.ep6.el7.x86_64", "7Server-JBEWS-2:tomcat6-0:6.0.41-19_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-0:6.0.41-19_patch_04.ep6.el7.src", "7Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-19_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-19_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-19_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-19_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-19_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-lib-0:6.0.41-19_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-log4j-0:6.0.41-19_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-19_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-19_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-webapps-0:6.0.41-19_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-0:7.0.54-28_patch_05.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-0:7.0.54-28_patch_05.ep6.el7.src", "7Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-28_patch_05.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-28_patch_05.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-28_patch_05.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-28_patch_05.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-28_patch_05.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-lib-0:7.0.54-28_patch_05.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-log4j-0:7.0.54-28_patch_05.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-28_patch_05.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-28_patch_05.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-webapps-0:7.0.54-28_patch_05.ep6.el7.noarch" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.9, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.0" }, "products": [ "6Server-JBEWS-2:httpd-0:2.2.26-57.ep6.el6.i386", "6Server-JBEWS-2:httpd-0:2.2.26-57.ep6.el6.src", "6Server-JBEWS-2:httpd-0:2.2.26-57.ep6.el6.x86_64", "6Server-JBEWS-2:httpd-debuginfo-0:2.2.26-57.ep6.el6.i386", "6Server-JBEWS-2:httpd-debuginfo-0:2.2.26-57.ep6.el6.x86_64", "6Server-JBEWS-2:httpd-devel-0:2.2.26-57.ep6.el6.i386", "6Server-JBEWS-2:httpd-devel-0:2.2.26-57.ep6.el6.x86_64", "6Server-JBEWS-2:httpd-manual-0:2.2.26-57.ep6.el6.i386", "6Server-JBEWS-2:httpd-manual-0:2.2.26-57.ep6.el6.x86_64", "6Server-JBEWS-2:httpd-tools-0:2.2.26-57.ep6.el6.i386", "6Server-JBEWS-2:httpd-tools-0:2.2.26-57.ep6.el6.x86_64", "6Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.i686", "6Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.src", "6Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.x86_64", "6Server-JBEWS-2:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el6.i686", "6Server-JBEWS-2:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el6.x86_64", "6Server-JBEWS-2:jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el6.i686", "6Server-JBEWS-2:jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el6.x86_64", "6Server-JBEWS-2:jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el6.i686", "6Server-JBEWS-2:jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el6.x86_64", "6Server-JBEWS-2:jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el6.i686", "6Server-JBEWS-2:jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el6.x86_64", "6Server-JBEWS-2:jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el6.i686", "6Server-JBEWS-2:jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el6.x86_64", "6Server-JBEWS-2:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el6.i386", "6Server-JBEWS-2:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el6.src", "6Server-JBEWS-2:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el6.x86_64", "6Server-JBEWS-2:mod_cluster-native-debuginfo-0:1.2.13-9.Final_redhat_2.ep6.el6.i386", "6Server-JBEWS-2:mod_cluster-native-debuginfo-0:1.2.13-9.Final_redhat_2.ep6.el6.x86_64", "6Server-JBEWS-2:mod_ldap-0:2.2.26-57.ep6.el6.i386", "6Server-JBEWS-2:mod_ldap-0:2.2.26-57.ep6.el6.x86_64", "6Server-JBEWS-2:mod_ssl-1:2.2.26-57.ep6.el6.i386", "6Server-JBEWS-2:mod_ssl-1:2.2.26-57.ep6.el6.x86_64", "6Server-JBEWS-2:tomcat6-0:6.0.41-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-0:6.0.41-19_patch_04.ep6.el6.src", "6Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-lib-0:6.0.41-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-log4j-0:6.0.41-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-webapps-0:6.0.41-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-0:7.0.54-28_patch_05.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-0:7.0.54-28_patch_05.ep6.el6.src", "6Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-28_patch_05.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-28_patch_05.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-28_patch_05.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-28_patch_05.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-28_patch_05.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-lib-0:7.0.54-28_patch_05.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-log4j-0:7.0.54-28_patch_05.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-28_patch_05.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-28_patch_05.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-webapps-0:7.0.54-28_patch_05.ep6.el6.noarch", "7Server-JBEWS-2:httpd22-0:2.2.26-58.ep6.el7.src", "7Server-JBEWS-2:httpd22-0:2.2.26-58.ep6.el7.x86_64", "7Server-JBEWS-2:httpd22-debuginfo-0:2.2.26-58.ep6.el7.x86_64", "7Server-JBEWS-2:httpd22-devel-0:2.2.26-58.ep6.el7.x86_64", "7Server-JBEWS-2:httpd22-manual-0:2.2.26-58.ep6.el7.x86_64", "7Server-JBEWS-2:httpd22-tools-0:2.2.26-58.ep6.el7.x86_64", "7Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el7.src", "7Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el7.x86_64", "7Server-JBEWS-2:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el7.x86_64", "7Server-JBEWS-2:jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el7.x86_64", "7Server-JBEWS-2:jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el7.x86_64", "7Server-JBEWS-2:jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el7.x86_64", "7Server-JBEWS-2:jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el7.x86_64", "7Server-JBEWS-2:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el7.src", "7Server-JBEWS-2:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el7.x86_64", "7Server-JBEWS-2:mod_cluster-native-debuginfo-0:1.2.13-9.Final_redhat_2.ep6.el7.x86_64", "7Server-JBEWS-2:mod_ldap22-0:2.2.26-58.ep6.el7.x86_64", "7Server-JBEWS-2:mod_ssl22-1:2.2.26-58.ep6.el7.x86_64", "7Server-JBEWS-2:tomcat6-0:6.0.41-19_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-0:6.0.41-19_patch_04.ep6.el7.src", "7Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-19_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-19_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-19_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-19_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-19_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-lib-0:6.0.41-19_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-log4j-0:6.0.41-19_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-19_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-19_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-webapps-0:6.0.41-19_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-0:7.0.54-28_patch_05.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-0:7.0.54-28_patch_05.ep6.el7.src", "7Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-28_patch_05.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-28_patch_05.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-28_patch_05.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-28_patch_05.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-28_patch_05.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-lib-0:7.0.54-28_patch_05.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-log4j-0:7.0.54-28_patch_05.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-28_patch_05.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-28_patch_05.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-webapps-0:7.0.54-28_patch_05.ep6.el7.noarch" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "httpd: Use-after-free by limiting unregistered HTTP method (Optionsbleed)" }, { "cve": "CVE-2017-12615", "cwe": { "id": "CWE-20", "name": "Improper Input Validation" }, "discovery_date": "2017-09-19T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1493220" } ], "notes": [ { "category": "description", "text": "A vulnerability was discovered in Tomcat where if a servlet context was configured with readonly=false and HTTP PUT requests were allowed, an attacker could upload a JSP file to that context and achieve code execution.", "title": "Vulnerability description" }, { "category": "summary", "text": "tomcat: Remote Code Execution via JSP Upload", "title": "Vulnerability summary" }, { "category": "other", "text": "This flaw affects Tomcat on Red Hat Enterprise Linux only when a specific context is configured with readonly=false. The default configuration has a readonly context, so it is not affected.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Server-JBEWS-2:httpd-0:2.2.26-57.ep6.el6.i386", "6Server-JBEWS-2:httpd-0:2.2.26-57.ep6.el6.src", "6Server-JBEWS-2:httpd-0:2.2.26-57.ep6.el6.x86_64", "6Server-JBEWS-2:httpd-debuginfo-0:2.2.26-57.ep6.el6.i386", "6Server-JBEWS-2:httpd-debuginfo-0:2.2.26-57.ep6.el6.x86_64", "6Server-JBEWS-2:httpd-devel-0:2.2.26-57.ep6.el6.i386", "6Server-JBEWS-2:httpd-devel-0:2.2.26-57.ep6.el6.x86_64", "6Server-JBEWS-2:httpd-manual-0:2.2.26-57.ep6.el6.i386", "6Server-JBEWS-2:httpd-manual-0:2.2.26-57.ep6.el6.x86_64", "6Server-JBEWS-2:httpd-tools-0:2.2.26-57.ep6.el6.i386", "6Server-JBEWS-2:httpd-tools-0:2.2.26-57.ep6.el6.x86_64", "6Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.i686", "6Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.src", "6Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.x86_64", "6Server-JBEWS-2:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el6.i686", "6Server-JBEWS-2:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el6.x86_64", "6Server-JBEWS-2:jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el6.i686", "6Server-JBEWS-2:jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el6.x86_64", "6Server-JBEWS-2:jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el6.i686", "6Server-JBEWS-2:jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el6.x86_64", "6Server-JBEWS-2:jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el6.i686", "6Server-JBEWS-2:jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el6.x86_64", "6Server-JBEWS-2:jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el6.i686", "6Server-JBEWS-2:jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el6.x86_64", "6Server-JBEWS-2:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el6.i386", "6Server-JBEWS-2:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el6.src", "6Server-JBEWS-2:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el6.x86_64", "6Server-JBEWS-2:mod_cluster-native-debuginfo-0:1.2.13-9.Final_redhat_2.ep6.el6.i386", "6Server-JBEWS-2:mod_cluster-native-debuginfo-0:1.2.13-9.Final_redhat_2.ep6.el6.x86_64", "6Server-JBEWS-2:mod_ldap-0:2.2.26-57.ep6.el6.i386", "6Server-JBEWS-2:mod_ldap-0:2.2.26-57.ep6.el6.x86_64", "6Server-JBEWS-2:mod_ssl-1:2.2.26-57.ep6.el6.i386", "6Server-JBEWS-2:mod_ssl-1:2.2.26-57.ep6.el6.x86_64", "6Server-JBEWS-2:tomcat6-0:6.0.41-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-0:6.0.41-19_patch_04.ep6.el6.src", "6Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-lib-0:6.0.41-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-log4j-0:6.0.41-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-webapps-0:6.0.41-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-0:7.0.54-28_patch_05.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-0:7.0.54-28_patch_05.ep6.el6.src", "6Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-28_patch_05.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-28_patch_05.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-28_patch_05.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-28_patch_05.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-28_patch_05.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-lib-0:7.0.54-28_patch_05.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-log4j-0:7.0.54-28_patch_05.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-28_patch_05.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-28_patch_05.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-webapps-0:7.0.54-28_patch_05.ep6.el6.noarch", "7Server-JBEWS-2:httpd22-0:2.2.26-58.ep6.el7.src", "7Server-JBEWS-2:httpd22-0:2.2.26-58.ep6.el7.x86_64", "7Server-JBEWS-2:httpd22-debuginfo-0:2.2.26-58.ep6.el7.x86_64", "7Server-JBEWS-2:httpd22-devel-0:2.2.26-58.ep6.el7.x86_64", "7Server-JBEWS-2:httpd22-manual-0:2.2.26-58.ep6.el7.x86_64", "7Server-JBEWS-2:httpd22-tools-0:2.2.26-58.ep6.el7.x86_64", "7Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el7.src", "7Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el7.x86_64", "7Server-JBEWS-2:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el7.x86_64", "7Server-JBEWS-2:jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el7.x86_64", "7Server-JBEWS-2:jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el7.x86_64", "7Server-JBEWS-2:jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el7.x86_64", "7Server-JBEWS-2:jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el7.x86_64", "7Server-JBEWS-2:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el7.src", "7Server-JBEWS-2:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el7.x86_64", "7Server-JBEWS-2:mod_cluster-native-debuginfo-0:1.2.13-9.Final_redhat_2.ep6.el7.x86_64", "7Server-JBEWS-2:mod_ldap22-0:2.2.26-58.ep6.el7.x86_64", "7Server-JBEWS-2:mod_ssl22-1:2.2.26-58.ep6.el7.x86_64", "7Server-JBEWS-2:tomcat6-0:6.0.41-19_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-0:6.0.41-19_patch_04.ep6.el7.src", "7Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-19_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-19_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-19_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-19_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-19_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-lib-0:6.0.41-19_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-log4j-0:6.0.41-19_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-19_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-19_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-webapps-0:6.0.41-19_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-0:7.0.54-28_patch_05.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-0:7.0.54-28_patch_05.ep6.el7.src", "7Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-28_patch_05.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-28_patch_05.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-28_patch_05.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-28_patch_05.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-28_patch_05.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-lib-0:7.0.54-28_patch_05.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-log4j-0:7.0.54-28_patch_05.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-28_patch_05.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-28_patch_05.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-webapps-0:7.0.54-28_patch_05.ep6.el7.noarch" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2017-12615" }, { "category": "external", "summary": "RHBZ#1493220", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1493220" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2017-12615", "url": "https://www.cve.org/CVERecord?id=CVE-2017-12615" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-12615", "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-12615" }, { "category": "external", "summary": "https://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.81", "url": "https://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.81" }, { "category": "external", "summary": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog", "url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog" } ], "release_date": "2017-09-19T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "details": "Before applying the update, back up your existing Red Hat JBoss Web Server installation (including all applications and configuration files).\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nFor the update to take effect, all services linked to the OpenSSL library must be restarted, or the system rebooted. After installing the updated packages, the httpd daemon will be restarted automatically.", "product_ids": [ "6Server-JBEWS-2:httpd-0:2.2.26-57.ep6.el6.i386", "6Server-JBEWS-2:httpd-0:2.2.26-57.ep6.el6.src", "6Server-JBEWS-2:httpd-0:2.2.26-57.ep6.el6.x86_64", "6Server-JBEWS-2:httpd-debuginfo-0:2.2.26-57.ep6.el6.i386", "6Server-JBEWS-2:httpd-debuginfo-0:2.2.26-57.ep6.el6.x86_64", "6Server-JBEWS-2:httpd-devel-0:2.2.26-57.ep6.el6.i386", "6Server-JBEWS-2:httpd-devel-0:2.2.26-57.ep6.el6.x86_64", "6Server-JBEWS-2:httpd-manual-0:2.2.26-57.ep6.el6.i386", "6Server-JBEWS-2:httpd-manual-0:2.2.26-57.ep6.el6.x86_64", "6Server-JBEWS-2:httpd-tools-0:2.2.26-57.ep6.el6.i386", "6Server-JBEWS-2:httpd-tools-0:2.2.26-57.ep6.el6.x86_64", "6Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.i686", "6Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.src", "6Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.x86_64", "6Server-JBEWS-2:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el6.i686", "6Server-JBEWS-2:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el6.x86_64", "6Server-JBEWS-2:jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el6.i686", "6Server-JBEWS-2:jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el6.x86_64", "6Server-JBEWS-2:jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el6.i686", "6Server-JBEWS-2:jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el6.x86_64", "6Server-JBEWS-2:jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el6.i686", "6Server-JBEWS-2:jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el6.x86_64", "6Server-JBEWS-2:jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el6.i686", "6Server-JBEWS-2:jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el6.x86_64", "6Server-JBEWS-2:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el6.i386", "6Server-JBEWS-2:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el6.src", "6Server-JBEWS-2:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el6.x86_64", "6Server-JBEWS-2:mod_cluster-native-debuginfo-0:1.2.13-9.Final_redhat_2.ep6.el6.i386", "6Server-JBEWS-2:mod_cluster-native-debuginfo-0:1.2.13-9.Final_redhat_2.ep6.el6.x86_64", "6Server-JBEWS-2:mod_ldap-0:2.2.26-57.ep6.el6.i386", "6Server-JBEWS-2:mod_ldap-0:2.2.26-57.ep6.el6.x86_64", "6Server-JBEWS-2:mod_ssl-1:2.2.26-57.ep6.el6.i386", "6Server-JBEWS-2:mod_ssl-1:2.2.26-57.ep6.el6.x86_64", "6Server-JBEWS-2:tomcat6-0:6.0.41-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-0:6.0.41-19_patch_04.ep6.el6.src", "6Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-lib-0:6.0.41-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-log4j-0:6.0.41-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-webapps-0:6.0.41-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-0:7.0.54-28_patch_05.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-0:7.0.54-28_patch_05.ep6.el6.src", "6Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-28_patch_05.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-28_patch_05.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-28_patch_05.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-28_patch_05.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-28_patch_05.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-lib-0:7.0.54-28_patch_05.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-log4j-0:7.0.54-28_patch_05.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-28_patch_05.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-28_patch_05.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-webapps-0:7.0.54-28_patch_05.ep6.el6.noarch", "7Server-JBEWS-2:httpd22-0:2.2.26-58.ep6.el7.src", "7Server-JBEWS-2:httpd22-0:2.2.26-58.ep6.el7.x86_64", "7Server-JBEWS-2:httpd22-debuginfo-0:2.2.26-58.ep6.el7.x86_64", "7Server-JBEWS-2:httpd22-devel-0:2.2.26-58.ep6.el7.x86_64", "7Server-JBEWS-2:httpd22-manual-0:2.2.26-58.ep6.el7.x86_64", "7Server-JBEWS-2:httpd22-tools-0:2.2.26-58.ep6.el7.x86_64", "7Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el7.src", "7Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el7.x86_64", "7Server-JBEWS-2:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el7.x86_64", "7Server-JBEWS-2:jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el7.x86_64", "7Server-JBEWS-2:jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el7.x86_64", "7Server-JBEWS-2:jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el7.x86_64", "7Server-JBEWS-2:jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el7.x86_64", "7Server-JBEWS-2:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el7.src", "7Server-JBEWS-2:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el7.x86_64", "7Server-JBEWS-2:mod_cluster-native-debuginfo-0:1.2.13-9.Final_redhat_2.ep6.el7.x86_64", "7Server-JBEWS-2:mod_ldap22-0:2.2.26-58.ep6.el7.x86_64", "7Server-JBEWS-2:mod_ssl22-1:2.2.26-58.ep6.el7.x86_64", "7Server-JBEWS-2:tomcat6-0:6.0.41-19_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-0:6.0.41-19_patch_04.ep6.el7.src", "7Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-19_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-19_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-19_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-19_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-19_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-lib-0:6.0.41-19_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-log4j-0:6.0.41-19_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-19_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-19_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-webapps-0:6.0.41-19_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-0:7.0.54-28_patch_05.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-0:7.0.54-28_patch_05.ep6.el7.src", "7Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-28_patch_05.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-28_patch_05.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-28_patch_05.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-28_patch_05.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-28_patch_05.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-lib-0:7.0.54-28_patch_05.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-log4j-0:7.0.54-28_patch_05.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-28_patch_05.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-28_patch_05.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-webapps-0:7.0.54-28_patch_05.ep6.el7.noarch" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2017:3113" }, { "category": "workaround", "details": "Ensure that readonly is set to true (the default) for the DefaultServlet, WebDAV servlet or application context.\n\nBlock HTTP methods that permit resource modification for untrusted users.", "product_ids": [ "6Server-JBEWS-2:httpd-0:2.2.26-57.ep6.el6.i386", "6Server-JBEWS-2:httpd-0:2.2.26-57.ep6.el6.src", "6Server-JBEWS-2:httpd-0:2.2.26-57.ep6.el6.x86_64", "6Server-JBEWS-2:httpd-debuginfo-0:2.2.26-57.ep6.el6.i386", "6Server-JBEWS-2:httpd-debuginfo-0:2.2.26-57.ep6.el6.x86_64", "6Server-JBEWS-2:httpd-devel-0:2.2.26-57.ep6.el6.i386", "6Server-JBEWS-2:httpd-devel-0:2.2.26-57.ep6.el6.x86_64", "6Server-JBEWS-2:httpd-manual-0:2.2.26-57.ep6.el6.i386", "6Server-JBEWS-2:httpd-manual-0:2.2.26-57.ep6.el6.x86_64", "6Server-JBEWS-2:httpd-tools-0:2.2.26-57.ep6.el6.i386", "6Server-JBEWS-2:httpd-tools-0:2.2.26-57.ep6.el6.x86_64", "6Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.i686", "6Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.src", "6Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.x86_64", "6Server-JBEWS-2:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el6.i686", "6Server-JBEWS-2:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el6.x86_64", "6Server-JBEWS-2:jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el6.i686", "6Server-JBEWS-2:jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el6.x86_64", "6Server-JBEWS-2:jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el6.i686", "6Server-JBEWS-2:jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el6.x86_64", "6Server-JBEWS-2:jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el6.i686", "6Server-JBEWS-2:jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el6.x86_64", "6Server-JBEWS-2:jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el6.i686", "6Server-JBEWS-2:jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el6.x86_64", "6Server-JBEWS-2:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el6.i386", "6Server-JBEWS-2:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el6.src", "6Server-JBEWS-2:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el6.x86_64", "6Server-JBEWS-2:mod_cluster-native-debuginfo-0:1.2.13-9.Final_redhat_2.ep6.el6.i386", "6Server-JBEWS-2:mod_cluster-native-debuginfo-0:1.2.13-9.Final_redhat_2.ep6.el6.x86_64", "6Server-JBEWS-2:mod_ldap-0:2.2.26-57.ep6.el6.i386", "6Server-JBEWS-2:mod_ldap-0:2.2.26-57.ep6.el6.x86_64", "6Server-JBEWS-2:mod_ssl-1:2.2.26-57.ep6.el6.i386", "6Server-JBEWS-2:mod_ssl-1:2.2.26-57.ep6.el6.x86_64", "6Server-JBEWS-2:tomcat6-0:6.0.41-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-0:6.0.41-19_patch_04.ep6.el6.src", "6Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-lib-0:6.0.41-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-log4j-0:6.0.41-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-webapps-0:6.0.41-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-0:7.0.54-28_patch_05.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-0:7.0.54-28_patch_05.ep6.el6.src", "6Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-28_patch_05.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-28_patch_05.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-28_patch_05.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-28_patch_05.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-28_patch_05.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-lib-0:7.0.54-28_patch_05.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-log4j-0:7.0.54-28_patch_05.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-28_patch_05.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-28_patch_05.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-webapps-0:7.0.54-28_patch_05.ep6.el6.noarch", "7Server-JBEWS-2:httpd22-0:2.2.26-58.ep6.el7.src", "7Server-JBEWS-2:httpd22-0:2.2.26-58.ep6.el7.x86_64", "7Server-JBEWS-2:httpd22-debuginfo-0:2.2.26-58.ep6.el7.x86_64", "7Server-JBEWS-2:httpd22-devel-0:2.2.26-58.ep6.el7.x86_64", "7Server-JBEWS-2:httpd22-manual-0:2.2.26-58.ep6.el7.x86_64", "7Server-JBEWS-2:httpd22-tools-0:2.2.26-58.ep6.el7.x86_64", "7Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el7.src", "7Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el7.x86_64", "7Server-JBEWS-2:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el7.x86_64", "7Server-JBEWS-2:jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el7.x86_64", "7Server-JBEWS-2:jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el7.x86_64", "7Server-JBEWS-2:jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el7.x86_64", "7Server-JBEWS-2:jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el7.x86_64", "7Server-JBEWS-2:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el7.src", "7Server-JBEWS-2:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el7.x86_64", "7Server-JBEWS-2:mod_cluster-native-debuginfo-0:1.2.13-9.Final_redhat_2.ep6.el7.x86_64", "7Server-JBEWS-2:mod_ldap22-0:2.2.26-58.ep6.el7.x86_64", "7Server-JBEWS-2:mod_ssl22-1:2.2.26-58.ep6.el7.x86_64", "7Server-JBEWS-2:tomcat6-0:6.0.41-19_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-0:6.0.41-19_patch_04.ep6.el7.src", "7Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-19_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-19_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-19_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-19_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-19_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-lib-0:6.0.41-19_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-log4j-0:6.0.41-19_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-19_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-19_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-webapps-0:6.0.41-19_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-0:7.0.54-28_patch_05.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-0:7.0.54-28_patch_05.ep6.el7.src", "7Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-28_patch_05.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-28_patch_05.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-28_patch_05.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-28_patch_05.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-28_patch_05.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-lib-0:7.0.54-28_patch_05.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-log4j-0:7.0.54-28_patch_05.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-28_patch_05.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-28_patch_05.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-webapps-0:7.0.54-28_patch_05.ep6.el7.noarch" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" }, "products": [ "6Server-JBEWS-2:httpd-0:2.2.26-57.ep6.el6.i386", "6Server-JBEWS-2:httpd-0:2.2.26-57.ep6.el6.src", "6Server-JBEWS-2:httpd-0:2.2.26-57.ep6.el6.x86_64", "6Server-JBEWS-2:httpd-debuginfo-0:2.2.26-57.ep6.el6.i386", "6Server-JBEWS-2:httpd-debuginfo-0:2.2.26-57.ep6.el6.x86_64", "6Server-JBEWS-2:httpd-devel-0:2.2.26-57.ep6.el6.i386", "6Server-JBEWS-2:httpd-devel-0:2.2.26-57.ep6.el6.x86_64", "6Server-JBEWS-2:httpd-manual-0:2.2.26-57.ep6.el6.i386", "6Server-JBEWS-2:httpd-manual-0:2.2.26-57.ep6.el6.x86_64", "6Server-JBEWS-2:httpd-tools-0:2.2.26-57.ep6.el6.i386", "6Server-JBEWS-2:httpd-tools-0:2.2.26-57.ep6.el6.x86_64", "6Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.i686", "6Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.src", "6Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.x86_64", "6Server-JBEWS-2:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el6.i686", "6Server-JBEWS-2:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el6.x86_64", "6Server-JBEWS-2:jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el6.i686", "6Server-JBEWS-2:jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el6.x86_64", "6Server-JBEWS-2:jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el6.i686", "6Server-JBEWS-2:jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el6.x86_64", "6Server-JBEWS-2:jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el6.i686", "6Server-JBEWS-2:jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el6.x86_64", "6Server-JBEWS-2:jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el6.i686", "6Server-JBEWS-2:jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el6.x86_64", "6Server-JBEWS-2:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el6.i386", "6Server-JBEWS-2:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el6.src", "6Server-JBEWS-2:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el6.x86_64", "6Server-JBEWS-2:mod_cluster-native-debuginfo-0:1.2.13-9.Final_redhat_2.ep6.el6.i386", "6Server-JBEWS-2:mod_cluster-native-debuginfo-0:1.2.13-9.Final_redhat_2.ep6.el6.x86_64", "6Server-JBEWS-2:mod_ldap-0:2.2.26-57.ep6.el6.i386", "6Server-JBEWS-2:mod_ldap-0:2.2.26-57.ep6.el6.x86_64", "6Server-JBEWS-2:mod_ssl-1:2.2.26-57.ep6.el6.i386", "6Server-JBEWS-2:mod_ssl-1:2.2.26-57.ep6.el6.x86_64", "6Server-JBEWS-2:tomcat6-0:6.0.41-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-0:6.0.41-19_patch_04.ep6.el6.src", "6Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-lib-0:6.0.41-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-log4j-0:6.0.41-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-webapps-0:6.0.41-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-0:7.0.54-28_patch_05.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-0:7.0.54-28_patch_05.ep6.el6.src", "6Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-28_patch_05.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-28_patch_05.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-28_patch_05.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-28_patch_05.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-28_patch_05.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-lib-0:7.0.54-28_patch_05.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-log4j-0:7.0.54-28_patch_05.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-28_patch_05.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-28_patch_05.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-webapps-0:7.0.54-28_patch_05.ep6.el6.noarch", "7Server-JBEWS-2:httpd22-0:2.2.26-58.ep6.el7.src", "7Server-JBEWS-2:httpd22-0:2.2.26-58.ep6.el7.x86_64", "7Server-JBEWS-2:httpd22-debuginfo-0:2.2.26-58.ep6.el7.x86_64", "7Server-JBEWS-2:httpd22-devel-0:2.2.26-58.ep6.el7.x86_64", "7Server-JBEWS-2:httpd22-manual-0:2.2.26-58.ep6.el7.x86_64", "7Server-JBEWS-2:httpd22-tools-0:2.2.26-58.ep6.el7.x86_64", "7Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el7.src", "7Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el7.x86_64", "7Server-JBEWS-2:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el7.x86_64", "7Server-JBEWS-2:jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el7.x86_64", "7Server-JBEWS-2:jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el7.x86_64", "7Server-JBEWS-2:jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el7.x86_64", "7Server-JBEWS-2:jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el7.x86_64", "7Server-JBEWS-2:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el7.src", "7Server-JBEWS-2:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el7.x86_64", "7Server-JBEWS-2:mod_cluster-native-debuginfo-0:1.2.13-9.Final_redhat_2.ep6.el7.x86_64", "7Server-JBEWS-2:mod_ldap22-0:2.2.26-58.ep6.el7.x86_64", "7Server-JBEWS-2:mod_ssl22-1:2.2.26-58.ep6.el7.x86_64", "7Server-JBEWS-2:tomcat6-0:6.0.41-19_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-0:6.0.41-19_patch_04.ep6.el7.src", "7Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-19_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-19_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-19_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-19_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-19_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-lib-0:6.0.41-19_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-log4j-0:6.0.41-19_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-19_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-19_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-webapps-0:6.0.41-19_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-0:7.0.54-28_patch_05.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-0:7.0.54-28_patch_05.ep6.el7.src", "7Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-28_patch_05.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-28_patch_05.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-28_patch_05.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-28_patch_05.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-28_patch_05.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-lib-0:7.0.54-28_patch_05.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-log4j-0:7.0.54-28_patch_05.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-28_patch_05.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-28_patch_05.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-webapps-0:7.0.54-28_patch_05.ep6.el7.noarch" ] } ], "threats": [ { "category": "exploit_status", "date": "2022-03-25T00:00:00+00:00", "details": "CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog" }, { "category": "impact", "details": "Important" } ], "title": "tomcat: Remote Code Execution via JSP Upload" }, { "cve": "CVE-2017-12617", "cwe": { "id": "CWE-20", "name": "Improper Input Validation" }, "discovery_date": "2017-09-21T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1494283" } ], "notes": [ { "category": "description", "text": "A vulnerability was discovered in Tomcat where if a servlet context was configured with readonly=false and HTTP PUT requests were allowed, an attacker could upload a JSP file to that context and achieve code execution.", "title": "Vulnerability description" }, { "category": "summary", "text": "tomcat: Remote Code Execution bypass for CVE-2017-12615", "title": "Vulnerability summary" }, { "category": "other", "text": "This flaw affects Tomcat on Red Hat Enterprise Linux only when a specific context is configured with readonly=false. The default configuration has a readonly context, so it is not affected.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Server-JBEWS-2:httpd-0:2.2.26-57.ep6.el6.i386", "6Server-JBEWS-2:httpd-0:2.2.26-57.ep6.el6.src", "6Server-JBEWS-2:httpd-0:2.2.26-57.ep6.el6.x86_64", "6Server-JBEWS-2:httpd-debuginfo-0:2.2.26-57.ep6.el6.i386", "6Server-JBEWS-2:httpd-debuginfo-0:2.2.26-57.ep6.el6.x86_64", "6Server-JBEWS-2:httpd-devel-0:2.2.26-57.ep6.el6.i386", "6Server-JBEWS-2:httpd-devel-0:2.2.26-57.ep6.el6.x86_64", "6Server-JBEWS-2:httpd-manual-0:2.2.26-57.ep6.el6.i386", "6Server-JBEWS-2:httpd-manual-0:2.2.26-57.ep6.el6.x86_64", "6Server-JBEWS-2:httpd-tools-0:2.2.26-57.ep6.el6.i386", "6Server-JBEWS-2:httpd-tools-0:2.2.26-57.ep6.el6.x86_64", "6Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.i686", "6Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.src", "6Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.x86_64", "6Server-JBEWS-2:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el6.i686", "6Server-JBEWS-2:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el6.x86_64", "6Server-JBEWS-2:jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el6.i686", "6Server-JBEWS-2:jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el6.x86_64", "6Server-JBEWS-2:jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el6.i686", "6Server-JBEWS-2:jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el6.x86_64", "6Server-JBEWS-2:jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el6.i686", "6Server-JBEWS-2:jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el6.x86_64", "6Server-JBEWS-2:jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el6.i686", "6Server-JBEWS-2:jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el6.x86_64", "6Server-JBEWS-2:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el6.i386", "6Server-JBEWS-2:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el6.src", "6Server-JBEWS-2:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el6.x86_64", "6Server-JBEWS-2:mod_cluster-native-debuginfo-0:1.2.13-9.Final_redhat_2.ep6.el6.i386", "6Server-JBEWS-2:mod_cluster-native-debuginfo-0:1.2.13-9.Final_redhat_2.ep6.el6.x86_64", "6Server-JBEWS-2:mod_ldap-0:2.2.26-57.ep6.el6.i386", "6Server-JBEWS-2:mod_ldap-0:2.2.26-57.ep6.el6.x86_64", "6Server-JBEWS-2:mod_ssl-1:2.2.26-57.ep6.el6.i386", "6Server-JBEWS-2:mod_ssl-1:2.2.26-57.ep6.el6.x86_64", "6Server-JBEWS-2:tomcat6-0:6.0.41-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-0:6.0.41-19_patch_04.ep6.el6.src", "6Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-lib-0:6.0.41-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-log4j-0:6.0.41-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-webapps-0:6.0.41-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-0:7.0.54-28_patch_05.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-0:7.0.54-28_patch_05.ep6.el6.src", "6Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-28_patch_05.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-28_patch_05.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-28_patch_05.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-28_patch_05.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-28_patch_05.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-lib-0:7.0.54-28_patch_05.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-log4j-0:7.0.54-28_patch_05.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-28_patch_05.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-28_patch_05.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-webapps-0:7.0.54-28_patch_05.ep6.el6.noarch", "7Server-JBEWS-2:httpd22-0:2.2.26-58.ep6.el7.src", "7Server-JBEWS-2:httpd22-0:2.2.26-58.ep6.el7.x86_64", "7Server-JBEWS-2:httpd22-debuginfo-0:2.2.26-58.ep6.el7.x86_64", "7Server-JBEWS-2:httpd22-devel-0:2.2.26-58.ep6.el7.x86_64", "7Server-JBEWS-2:httpd22-manual-0:2.2.26-58.ep6.el7.x86_64", "7Server-JBEWS-2:httpd22-tools-0:2.2.26-58.ep6.el7.x86_64", "7Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el7.src", "7Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el7.x86_64", "7Server-JBEWS-2:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el7.x86_64", "7Server-JBEWS-2:jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el7.x86_64", "7Server-JBEWS-2:jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el7.x86_64", "7Server-JBEWS-2:jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el7.x86_64", "7Server-JBEWS-2:jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el7.x86_64", "7Server-JBEWS-2:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el7.src", "7Server-JBEWS-2:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el7.x86_64", "7Server-JBEWS-2:mod_cluster-native-debuginfo-0:1.2.13-9.Final_redhat_2.ep6.el7.x86_64", "7Server-JBEWS-2:mod_ldap22-0:2.2.26-58.ep6.el7.x86_64", "7Server-JBEWS-2:mod_ssl22-1:2.2.26-58.ep6.el7.x86_64", "7Server-JBEWS-2:tomcat6-0:6.0.41-19_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-0:6.0.41-19_patch_04.ep6.el7.src", "7Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-19_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-19_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-19_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-19_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-19_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-lib-0:6.0.41-19_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-log4j-0:6.0.41-19_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-19_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-19_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-webapps-0:6.0.41-19_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-0:7.0.54-28_patch_05.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-0:7.0.54-28_patch_05.ep6.el7.src", "7Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-28_patch_05.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-28_patch_05.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-28_patch_05.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-28_patch_05.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-28_patch_05.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-lib-0:7.0.54-28_patch_05.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-log4j-0:7.0.54-28_patch_05.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-28_patch_05.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-28_patch_05.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-webapps-0:7.0.54-28_patch_05.ep6.el7.noarch" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2017-12617" }, { "category": "external", "summary": "RHBZ#1494283", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1494283" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2017-12617", "url": "https://www.cve.org/CVERecord?id=CVE-2017-12617" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-12617", "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-12617" }, { "category": "external", "summary": "https://tomcat.apache.org/security-7.html", "url": "https://tomcat.apache.org/security-7.html" }, { "category": "external", "summary": "https://tomcat.apache.org/security-8.html", "url": "https://tomcat.apache.org/security-8.html" }, { "category": "external", "summary": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog", "url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog" } ], "release_date": "2017-09-21T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "details": "Before applying the update, back up your existing Red Hat JBoss Web Server installation (including all applications and configuration files).\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nFor the update to take effect, all services linked to the OpenSSL library must be restarted, or the system rebooted. After installing the updated packages, the httpd daemon will be restarted automatically.", "product_ids": [ "6Server-JBEWS-2:httpd-0:2.2.26-57.ep6.el6.i386", "6Server-JBEWS-2:httpd-0:2.2.26-57.ep6.el6.src", "6Server-JBEWS-2:httpd-0:2.2.26-57.ep6.el6.x86_64", "6Server-JBEWS-2:httpd-debuginfo-0:2.2.26-57.ep6.el6.i386", "6Server-JBEWS-2:httpd-debuginfo-0:2.2.26-57.ep6.el6.x86_64", "6Server-JBEWS-2:httpd-devel-0:2.2.26-57.ep6.el6.i386", "6Server-JBEWS-2:httpd-devel-0:2.2.26-57.ep6.el6.x86_64", "6Server-JBEWS-2:httpd-manual-0:2.2.26-57.ep6.el6.i386", "6Server-JBEWS-2:httpd-manual-0:2.2.26-57.ep6.el6.x86_64", "6Server-JBEWS-2:httpd-tools-0:2.2.26-57.ep6.el6.i386", "6Server-JBEWS-2:httpd-tools-0:2.2.26-57.ep6.el6.x86_64", "6Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.i686", "6Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.src", "6Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.x86_64", "6Server-JBEWS-2:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el6.i686", "6Server-JBEWS-2:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el6.x86_64", "6Server-JBEWS-2:jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el6.i686", "6Server-JBEWS-2:jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el6.x86_64", "6Server-JBEWS-2:jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el6.i686", "6Server-JBEWS-2:jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el6.x86_64", "6Server-JBEWS-2:jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el6.i686", "6Server-JBEWS-2:jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el6.x86_64", "6Server-JBEWS-2:jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el6.i686", "6Server-JBEWS-2:jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el6.x86_64", "6Server-JBEWS-2:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el6.i386", "6Server-JBEWS-2:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el6.src", "6Server-JBEWS-2:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el6.x86_64", "6Server-JBEWS-2:mod_cluster-native-debuginfo-0:1.2.13-9.Final_redhat_2.ep6.el6.i386", "6Server-JBEWS-2:mod_cluster-native-debuginfo-0:1.2.13-9.Final_redhat_2.ep6.el6.x86_64", "6Server-JBEWS-2:mod_ldap-0:2.2.26-57.ep6.el6.i386", "6Server-JBEWS-2:mod_ldap-0:2.2.26-57.ep6.el6.x86_64", "6Server-JBEWS-2:mod_ssl-1:2.2.26-57.ep6.el6.i386", "6Server-JBEWS-2:mod_ssl-1:2.2.26-57.ep6.el6.x86_64", "6Server-JBEWS-2:tomcat6-0:6.0.41-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-0:6.0.41-19_patch_04.ep6.el6.src", "6Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-lib-0:6.0.41-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-log4j-0:6.0.41-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-webapps-0:6.0.41-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-0:7.0.54-28_patch_05.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-0:7.0.54-28_patch_05.ep6.el6.src", "6Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-28_patch_05.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-28_patch_05.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-28_patch_05.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-28_patch_05.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-28_patch_05.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-lib-0:7.0.54-28_patch_05.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-log4j-0:7.0.54-28_patch_05.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-28_patch_05.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-28_patch_05.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-webapps-0:7.0.54-28_patch_05.ep6.el6.noarch", "7Server-JBEWS-2:httpd22-0:2.2.26-58.ep6.el7.src", "7Server-JBEWS-2:httpd22-0:2.2.26-58.ep6.el7.x86_64", "7Server-JBEWS-2:httpd22-debuginfo-0:2.2.26-58.ep6.el7.x86_64", "7Server-JBEWS-2:httpd22-devel-0:2.2.26-58.ep6.el7.x86_64", "7Server-JBEWS-2:httpd22-manual-0:2.2.26-58.ep6.el7.x86_64", "7Server-JBEWS-2:httpd22-tools-0:2.2.26-58.ep6.el7.x86_64", "7Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el7.src", "7Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el7.x86_64", "7Server-JBEWS-2:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el7.x86_64", "7Server-JBEWS-2:jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el7.x86_64", "7Server-JBEWS-2:jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el7.x86_64", "7Server-JBEWS-2:jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el7.x86_64", "7Server-JBEWS-2:jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el7.x86_64", "7Server-JBEWS-2:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el7.src", "7Server-JBEWS-2:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el7.x86_64", "7Server-JBEWS-2:mod_cluster-native-debuginfo-0:1.2.13-9.Final_redhat_2.ep6.el7.x86_64", "7Server-JBEWS-2:mod_ldap22-0:2.2.26-58.ep6.el7.x86_64", "7Server-JBEWS-2:mod_ssl22-1:2.2.26-58.ep6.el7.x86_64", "7Server-JBEWS-2:tomcat6-0:6.0.41-19_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-0:6.0.41-19_patch_04.ep6.el7.src", "7Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-19_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-19_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-19_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-19_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-19_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-lib-0:6.0.41-19_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-log4j-0:6.0.41-19_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-19_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-19_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-webapps-0:6.0.41-19_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-0:7.0.54-28_patch_05.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-0:7.0.54-28_patch_05.ep6.el7.src", "7Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-28_patch_05.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-28_patch_05.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-28_patch_05.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-28_patch_05.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-28_patch_05.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-lib-0:7.0.54-28_patch_05.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-log4j-0:7.0.54-28_patch_05.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-28_patch_05.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-28_patch_05.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-webapps-0:7.0.54-28_patch_05.ep6.el7.noarch" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2017:3113" }, { "category": "workaround", "details": "Ensure that readonly is set to true (the default) for the DefaultServlet, WebDAV servlet or application context.\n\nBlock HTTP methods that permit resource modification for untrusted users.", "product_ids": [ "6Server-JBEWS-2:httpd-0:2.2.26-57.ep6.el6.i386", "6Server-JBEWS-2:httpd-0:2.2.26-57.ep6.el6.src", "6Server-JBEWS-2:httpd-0:2.2.26-57.ep6.el6.x86_64", "6Server-JBEWS-2:httpd-debuginfo-0:2.2.26-57.ep6.el6.i386", "6Server-JBEWS-2:httpd-debuginfo-0:2.2.26-57.ep6.el6.x86_64", "6Server-JBEWS-2:httpd-devel-0:2.2.26-57.ep6.el6.i386", "6Server-JBEWS-2:httpd-devel-0:2.2.26-57.ep6.el6.x86_64", "6Server-JBEWS-2:httpd-manual-0:2.2.26-57.ep6.el6.i386", "6Server-JBEWS-2:httpd-manual-0:2.2.26-57.ep6.el6.x86_64", "6Server-JBEWS-2:httpd-tools-0:2.2.26-57.ep6.el6.i386", "6Server-JBEWS-2:httpd-tools-0:2.2.26-57.ep6.el6.x86_64", "6Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.i686", "6Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.src", "6Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.x86_64", "6Server-JBEWS-2:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el6.i686", "6Server-JBEWS-2:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el6.x86_64", "6Server-JBEWS-2:jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el6.i686", "6Server-JBEWS-2:jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el6.x86_64", "6Server-JBEWS-2:jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el6.i686", "6Server-JBEWS-2:jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el6.x86_64", "6Server-JBEWS-2:jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el6.i686", "6Server-JBEWS-2:jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el6.x86_64", "6Server-JBEWS-2:jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el6.i686", "6Server-JBEWS-2:jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el6.x86_64", "6Server-JBEWS-2:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el6.i386", "6Server-JBEWS-2:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el6.src", "6Server-JBEWS-2:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el6.x86_64", "6Server-JBEWS-2:mod_cluster-native-debuginfo-0:1.2.13-9.Final_redhat_2.ep6.el6.i386", "6Server-JBEWS-2:mod_cluster-native-debuginfo-0:1.2.13-9.Final_redhat_2.ep6.el6.x86_64", "6Server-JBEWS-2:mod_ldap-0:2.2.26-57.ep6.el6.i386", "6Server-JBEWS-2:mod_ldap-0:2.2.26-57.ep6.el6.x86_64", "6Server-JBEWS-2:mod_ssl-1:2.2.26-57.ep6.el6.i386", "6Server-JBEWS-2:mod_ssl-1:2.2.26-57.ep6.el6.x86_64", "6Server-JBEWS-2:tomcat6-0:6.0.41-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-0:6.0.41-19_patch_04.ep6.el6.src", "6Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-lib-0:6.0.41-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-log4j-0:6.0.41-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-webapps-0:6.0.41-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-0:7.0.54-28_patch_05.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-0:7.0.54-28_patch_05.ep6.el6.src", "6Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-28_patch_05.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-28_patch_05.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-28_patch_05.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-28_patch_05.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-28_patch_05.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-lib-0:7.0.54-28_patch_05.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-log4j-0:7.0.54-28_patch_05.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-28_patch_05.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-28_patch_05.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-webapps-0:7.0.54-28_patch_05.ep6.el6.noarch", "7Server-JBEWS-2:httpd22-0:2.2.26-58.ep6.el7.src", "7Server-JBEWS-2:httpd22-0:2.2.26-58.ep6.el7.x86_64", "7Server-JBEWS-2:httpd22-debuginfo-0:2.2.26-58.ep6.el7.x86_64", "7Server-JBEWS-2:httpd22-devel-0:2.2.26-58.ep6.el7.x86_64", "7Server-JBEWS-2:httpd22-manual-0:2.2.26-58.ep6.el7.x86_64", "7Server-JBEWS-2:httpd22-tools-0:2.2.26-58.ep6.el7.x86_64", "7Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el7.src", "7Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el7.x86_64", "7Server-JBEWS-2:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el7.x86_64", "7Server-JBEWS-2:jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el7.x86_64", "7Server-JBEWS-2:jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el7.x86_64", "7Server-JBEWS-2:jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el7.x86_64", "7Server-JBEWS-2:jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el7.x86_64", "7Server-JBEWS-2:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el7.src", "7Server-JBEWS-2:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el7.x86_64", "7Server-JBEWS-2:mod_cluster-native-debuginfo-0:1.2.13-9.Final_redhat_2.ep6.el7.x86_64", "7Server-JBEWS-2:mod_ldap22-0:2.2.26-58.ep6.el7.x86_64", "7Server-JBEWS-2:mod_ssl22-1:2.2.26-58.ep6.el7.x86_64", "7Server-JBEWS-2:tomcat6-0:6.0.41-19_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-0:6.0.41-19_patch_04.ep6.el7.src", "7Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-19_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-19_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-19_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-19_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-19_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-lib-0:6.0.41-19_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-log4j-0:6.0.41-19_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-19_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-19_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-webapps-0:6.0.41-19_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-0:7.0.54-28_patch_05.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-0:7.0.54-28_patch_05.ep6.el7.src", "7Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-28_patch_05.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-28_patch_05.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-28_patch_05.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-28_patch_05.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-28_patch_05.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-lib-0:7.0.54-28_patch_05.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-log4j-0:7.0.54-28_patch_05.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-28_patch_05.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-28_patch_05.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-webapps-0:7.0.54-28_patch_05.ep6.el7.noarch" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" }, "products": [ "6Server-JBEWS-2:httpd-0:2.2.26-57.ep6.el6.i386", "6Server-JBEWS-2:httpd-0:2.2.26-57.ep6.el6.src", "6Server-JBEWS-2:httpd-0:2.2.26-57.ep6.el6.x86_64", "6Server-JBEWS-2:httpd-debuginfo-0:2.2.26-57.ep6.el6.i386", "6Server-JBEWS-2:httpd-debuginfo-0:2.2.26-57.ep6.el6.x86_64", "6Server-JBEWS-2:httpd-devel-0:2.2.26-57.ep6.el6.i386", "6Server-JBEWS-2:httpd-devel-0:2.2.26-57.ep6.el6.x86_64", "6Server-JBEWS-2:httpd-manual-0:2.2.26-57.ep6.el6.i386", "6Server-JBEWS-2:httpd-manual-0:2.2.26-57.ep6.el6.x86_64", "6Server-JBEWS-2:httpd-tools-0:2.2.26-57.ep6.el6.i386", "6Server-JBEWS-2:httpd-tools-0:2.2.26-57.ep6.el6.x86_64", "6Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.i686", "6Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.src", "6Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.x86_64", "6Server-JBEWS-2:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el6.i686", "6Server-JBEWS-2:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el6.x86_64", "6Server-JBEWS-2:jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el6.i686", "6Server-JBEWS-2:jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el6.x86_64", "6Server-JBEWS-2:jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el6.i686", "6Server-JBEWS-2:jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el6.x86_64", "6Server-JBEWS-2:jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el6.i686", "6Server-JBEWS-2:jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el6.x86_64", "6Server-JBEWS-2:jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el6.i686", "6Server-JBEWS-2:jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el6.x86_64", "6Server-JBEWS-2:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el6.i386", "6Server-JBEWS-2:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el6.src", "6Server-JBEWS-2:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el6.x86_64", "6Server-JBEWS-2:mod_cluster-native-debuginfo-0:1.2.13-9.Final_redhat_2.ep6.el6.i386", "6Server-JBEWS-2:mod_cluster-native-debuginfo-0:1.2.13-9.Final_redhat_2.ep6.el6.x86_64", "6Server-JBEWS-2:mod_ldap-0:2.2.26-57.ep6.el6.i386", "6Server-JBEWS-2:mod_ldap-0:2.2.26-57.ep6.el6.x86_64", "6Server-JBEWS-2:mod_ssl-1:2.2.26-57.ep6.el6.i386", "6Server-JBEWS-2:mod_ssl-1:2.2.26-57.ep6.el6.x86_64", "6Server-JBEWS-2:tomcat6-0:6.0.41-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-0:6.0.41-19_patch_04.ep6.el6.src", "6Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-lib-0:6.0.41-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-log4j-0:6.0.41-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-webapps-0:6.0.41-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-0:7.0.54-28_patch_05.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-0:7.0.54-28_patch_05.ep6.el6.src", "6Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-28_patch_05.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-28_patch_05.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-28_patch_05.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-28_patch_05.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-28_patch_05.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-lib-0:7.0.54-28_patch_05.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-log4j-0:7.0.54-28_patch_05.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-28_patch_05.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-28_patch_05.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-webapps-0:7.0.54-28_patch_05.ep6.el6.noarch", "7Server-JBEWS-2:httpd22-0:2.2.26-58.ep6.el7.src", "7Server-JBEWS-2:httpd22-0:2.2.26-58.ep6.el7.x86_64", "7Server-JBEWS-2:httpd22-debuginfo-0:2.2.26-58.ep6.el7.x86_64", "7Server-JBEWS-2:httpd22-devel-0:2.2.26-58.ep6.el7.x86_64", "7Server-JBEWS-2:httpd22-manual-0:2.2.26-58.ep6.el7.x86_64", "7Server-JBEWS-2:httpd22-tools-0:2.2.26-58.ep6.el7.x86_64", "7Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el7.src", "7Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el7.x86_64", "7Server-JBEWS-2:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el7.x86_64", "7Server-JBEWS-2:jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el7.x86_64", "7Server-JBEWS-2:jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el7.x86_64", "7Server-JBEWS-2:jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el7.x86_64", "7Server-JBEWS-2:jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el7.x86_64", "7Server-JBEWS-2:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el7.src", "7Server-JBEWS-2:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el7.x86_64", "7Server-JBEWS-2:mod_cluster-native-debuginfo-0:1.2.13-9.Final_redhat_2.ep6.el7.x86_64", "7Server-JBEWS-2:mod_ldap22-0:2.2.26-58.ep6.el7.x86_64", "7Server-JBEWS-2:mod_ssl22-1:2.2.26-58.ep6.el7.x86_64", "7Server-JBEWS-2:tomcat6-0:6.0.41-19_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-0:6.0.41-19_patch_04.ep6.el7.src", "7Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-19_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-19_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-19_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-19_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-19_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-lib-0:6.0.41-19_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-log4j-0:6.0.41-19_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-19_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-19_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-webapps-0:6.0.41-19_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-0:7.0.54-28_patch_05.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-0:7.0.54-28_patch_05.ep6.el7.src", "7Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-28_patch_05.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-28_patch_05.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-28_patch_05.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-28_patch_05.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-28_patch_05.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-lib-0:7.0.54-28_patch_05.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-log4j-0:7.0.54-28_patch_05.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-28_patch_05.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-28_patch_05.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-webapps-0:7.0.54-28_patch_05.ep6.el7.noarch" ] } ], "threats": [ { "category": "exploit_status", "date": "2022-03-25T00:00:00+00:00", "details": "CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog" }, { "category": "impact", "details": "Important" } ], "title": "tomcat: Remote Code Execution bypass for CVE-2017-12615" } ] }
rhsa-2017_0337
Vulnerability from csaf_redhat
Notes
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Critical" }, "category": "csaf_vex", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "An update for java-1.7.0-ibm is now available for Red Hat Enterprise Linux 5 Supplementary.\n\nRed Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", "title": "Topic" }, { "category": "general", "text": "IBM Java SE version 7 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit.\n\nThis update upgrades IBM Java SE 7 to version 7 SR10-FP1.\n\nSecurity Fix(es):\n\n* This update fixes multiple vulnerabilities in the IBM Java Runtime Environment and the IBM Java Software Development Kit. Further information about these flaws can be found on the IBM Java Security alerts page, listed in the References section. (CVE-2016-2183, CVE-2016-5546, CVE-2016-5547, CVE-2016-5548, CVE-2016-5549, CVE-2016-5552, CVE-2017-3231, CVE-2017-3241, CVE-2017-3252, CVE-2017-3253, CVE-2017-3259, CVE-2017-3261, CVE-2017-3272, CVE-2017-3289)", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat offerings.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHSA-2017:0337", "url": "https://access.redhat.com/errata/RHSA-2017:0337" }, { "category": "external", "summary": "https://access.redhat.com/security/updates/classification/#critical", "url": "https://access.redhat.com/security/updates/classification/#critical" }, { "category": "external", "summary": "https://developer.ibm.com/javasdk/support/security-vulnerabilities/", "url": "https://developer.ibm.com/javasdk/support/security-vulnerabilities/" }, { "category": "external", "summary": "1369383", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1369383" }, { "category": "external", "summary": "1413554", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1413554" }, { "category": "external", "summary": "1413562", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1413562" }, { "category": "external", "summary": "1413583", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1413583" }, { "category": "external", "summary": "1413653", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1413653" }, { "category": "external", "summary": "1413717", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1413717" }, { "category": "external", "summary": "1413764", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1413764" }, { "category": "external", "summary": "1413882", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1413882" }, { "category": "external", "summary": "1413906", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1413906" }, { "category": "external", "summary": "1413911", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1413911" }, { "category": "external", "summary": "1413920", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1413920" }, { "category": "external", "summary": "1413923", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1413923" }, { "category": "external", "summary": "1413955", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1413955" }, { "category": "external", "summary": "1414163", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1414163" }, { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/data/csaf/v2/advisories/2017/rhsa-2017_0337.json" } ], "title": "Red Hat Security Advisory: java-1.7.0-ibm security update", "tracking": { "current_release_date": "2024-09-13T11:58:15+00:00", "generator": { "date": "2024-09-13T11:58:15+00:00", "engine": { "name": "Red Hat SDEngine", "version": "3.33.3" } }, "id": "RHSA-2017:0337", "initial_release_date": "2017-02-28T08:19:27+00:00", "revision_history": [ { "date": "2017-02-28T08:19:27+00:00", "number": "1", "summary": "Initial version" }, { "date": "2017-02-28T08:19:27+00:00", "number": "2", "summary": "Last updated version" }, { "date": "2024-09-13T11:58:15+00:00", "number": "3", "summary": "Last generated version" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "Red Hat Enterprise Linux Desktop Supplementary (v. 5)", "product": { "name": "Red Hat Enterprise Linux Desktop Supplementary (v. 5)", "product_id": "5Client-Supplementary-5.11.Z", "product_identification_helper": { "cpe": "cpe:/a:redhat:rhel_extras:5::client" } } }, { "category": "product_name", "name": "Red Hat Enterprise Linux Server Supplementary (v. 5)", "product": { "name": "Red Hat Enterprise Linux Server Supplementary (v. 5)", "product_id": "5Server-Supplementary-5.11.Z", "product_identification_helper": { "cpe": "cpe:/a:redhat:rhel_extras:5::server" } } } ], "category": "product_family", "name": "Red Hat Enterprise Linux Supplementary" }, { "branches": [ { "category": "product_version", "name": "java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "product": { "name": "java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "product_id": "java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.7.0-ibm@1.7.0.10.1-1jpp.1.el5_11?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "product": { "name": "java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "product_id": "java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.7.0-ibm-jdbc@1.7.0.10.1-1jpp.1.el5_11?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "product": { "name": "java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "product_id": "java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.7.0-ibm-devel@1.7.0.10.1-1jpp.1.el5_11?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.7.0-ibm-plugin-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "product": { "name": "java-1.7.0-ibm-plugin-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "product_id": "java-1.7.0-ibm-plugin-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.7.0-ibm-plugin@1.7.0.10.1-1jpp.1.el5_11?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "product": { "name": "java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "product_id": "java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.7.0-ibm-demo@1.7.0.10.1-1jpp.1.el5_11?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "product": { "name": "java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "product_id": "java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.7.0-ibm-src@1.7.0.10.1-1jpp.1.el5_11?arch=x86_64\u0026epoch=1" } } } ], "category": "architecture", "name": "x86_64" }, { "branches": [ { "category": "product_version", "name": "java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.i386", "product": { "name": "java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.i386", "product_id": "java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.i386", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.7.0-ibm@1.7.0.10.1-1jpp.1.el5_11?arch=i386\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.i386", "product": { "name": "java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.i386", "product_id": "java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.i386", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.7.0-ibm-jdbc@1.7.0.10.1-1jpp.1.el5_11?arch=i386\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.i386", "product": { "name": "java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.i386", "product_id": "java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.i386", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.7.0-ibm-devel@1.7.0.10.1-1jpp.1.el5_11?arch=i386\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.7.0-ibm-plugin-1:1.7.0.10.1-1jpp.1.el5_11.i386", "product": { "name": "java-1.7.0-ibm-plugin-1:1.7.0.10.1-1jpp.1.el5_11.i386", "product_id": "java-1.7.0-ibm-plugin-1:1.7.0.10.1-1jpp.1.el5_11.i386", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.7.0-ibm-plugin@1.7.0.10.1-1jpp.1.el5_11?arch=i386\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.i386", "product": { "name": "java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.i386", "product_id": "java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.i386", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.7.0-ibm-demo@1.7.0.10.1-1jpp.1.el5_11?arch=i386\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.i386", "product": { "name": "java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.i386", "product_id": "java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.i386", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.7.0-ibm-src@1.7.0.10.1-1jpp.1.el5_11?arch=i386\u0026epoch=1" } } } ], "category": "architecture", "name": "i386" }, { "branches": [ { "category": "product_version", "name": "java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "product": { "name": "java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "product_id": "java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.7.0-ibm@1.7.0.10.1-1jpp.1.el5_11?arch=ppc\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "product": { "name": "java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "product_id": "java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.7.0-ibm-jdbc@1.7.0.10.1-1jpp.1.el5_11?arch=ppc\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "product": { "name": "java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "product_id": "java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.7.0-ibm-devel@1.7.0.10.1-1jpp.1.el5_11?arch=ppc\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.7.0-ibm-plugin-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "product": { "name": "java-1.7.0-ibm-plugin-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "product_id": "java-1.7.0-ibm-plugin-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.7.0-ibm-plugin@1.7.0.10.1-1jpp.1.el5_11?arch=ppc\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "product": { "name": "java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "product_id": "java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.7.0-ibm-demo@1.7.0.10.1-1jpp.1.el5_11?arch=ppc\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "product": { "name": "java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "product_id": "java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.7.0-ibm-src@1.7.0.10.1-1jpp.1.el5_11?arch=ppc\u0026epoch=1" } } } ], "category": "architecture", "name": "ppc" }, { "branches": [ { "category": "product_version", "name": "java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "product": { "name": "java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "product_id": "java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.7.0-ibm@1.7.0.10.1-1jpp.1.el5_11?arch=ppc64\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "product": { "name": "java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "product_id": "java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.7.0-ibm-jdbc@1.7.0.10.1-1jpp.1.el5_11?arch=ppc64\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "product": { "name": "java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "product_id": "java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.7.0-ibm-devel@1.7.0.10.1-1jpp.1.el5_11?arch=ppc64\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "product": { "name": "java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "product_id": "java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.7.0-ibm-demo@1.7.0.10.1-1jpp.1.el5_11?arch=ppc64\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "product": { "name": "java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "product_id": "java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.7.0-ibm-src@1.7.0.10.1-1jpp.1.el5_11?arch=ppc64\u0026epoch=1" } } } ], "category": "architecture", "name": "ppc64" }, { "branches": [ { "category": "product_version", "name": "java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.s390", "product": { "name": "java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.s390", "product_id": "java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.s390", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.7.0-ibm@1.7.0.10.1-1jpp.1.el5_11?arch=s390\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.s390", "product": { "name": "java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.s390", "product_id": "java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.s390", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.7.0-ibm-jdbc@1.7.0.10.1-1jpp.1.el5_11?arch=s390\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.s390", "product": { "name": "java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.s390", "product_id": "java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.s390", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.7.0-ibm-devel@1.7.0.10.1-1jpp.1.el5_11?arch=s390\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.s390", "product": { "name": "java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.s390", "product_id": "java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.s390", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.7.0-ibm-demo@1.7.0.10.1-1jpp.1.el5_11?arch=s390\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.s390", "product": { "name": "java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.s390", "product_id": "java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.s390", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.7.0-ibm-src@1.7.0.10.1-1jpp.1.el5_11?arch=s390\u0026epoch=1" } } } ], "category": "architecture", "name": "s390" }, { "branches": [ { "category": "product_version", "name": "java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "product": { "name": "java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "product_id": "java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.7.0-ibm@1.7.0.10.1-1jpp.1.el5_11?arch=s390x\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "product": { "name": "java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "product_id": "java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.7.0-ibm-jdbc@1.7.0.10.1-1jpp.1.el5_11?arch=s390x\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "product": { "name": "java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "product_id": "java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.7.0-ibm-devel@1.7.0.10.1-1jpp.1.el5_11?arch=s390x\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "product": { "name": "java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "product_id": "java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.7.0-ibm-demo@1.7.0.10.1-1jpp.1.el5_11?arch=s390x\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "product": { "name": "java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "product_id": "java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.7.0-ibm-src@1.7.0.10.1-1jpp.1.el5_11?arch=s390x\u0026epoch=1" } } } ], "category": "architecture", "name": "s390x" } ], "category": "vendor", "name": "Red Hat" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.i386 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)", "product_id": "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.i386" }, "product_reference": "java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.i386", "relates_to_product_reference": "5Client-Supplementary-5.11.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.ppc as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)", "product_id": "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.ppc" }, "product_reference": "java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "relates_to_product_reference": "5Client-Supplementary-5.11.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.ppc64 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)", "product_id": "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.ppc64" }, "product_reference": "java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "relates_to_product_reference": "5Client-Supplementary-5.11.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.s390 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)", "product_id": "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.s390" }, "product_reference": "java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.s390", "relates_to_product_reference": "5Client-Supplementary-5.11.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.s390x as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)", "product_id": "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.s390x" }, "product_reference": "java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "relates_to_product_reference": "5Client-Supplementary-5.11.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.x86_64 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)", "product_id": "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.x86_64" }, "product_reference": "java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "relates_to_product_reference": "5Client-Supplementary-5.11.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.i386 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)", "product_id": "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.i386" }, "product_reference": "java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.i386", "relates_to_product_reference": "5Client-Supplementary-5.11.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.ppc as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)", "product_id": "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.ppc" }, "product_reference": "java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "relates_to_product_reference": "5Client-Supplementary-5.11.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.ppc64 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)", "product_id": "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.ppc64" }, "product_reference": "java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "relates_to_product_reference": "5Client-Supplementary-5.11.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.s390 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)", "product_id": "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.s390" }, "product_reference": "java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.s390", "relates_to_product_reference": "5Client-Supplementary-5.11.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.s390x as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)", "product_id": "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.s390x" }, "product_reference": "java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "relates_to_product_reference": "5Client-Supplementary-5.11.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.x86_64 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)", "product_id": "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.x86_64" }, "product_reference": "java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "relates_to_product_reference": "5Client-Supplementary-5.11.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.i386 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)", "product_id": "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.i386" }, "product_reference": "java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.i386", "relates_to_product_reference": "5Client-Supplementary-5.11.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.ppc as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)", "product_id": "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.ppc" }, "product_reference": "java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "relates_to_product_reference": "5Client-Supplementary-5.11.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.ppc64 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)", "product_id": "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.ppc64" }, "product_reference": "java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "relates_to_product_reference": "5Client-Supplementary-5.11.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.s390 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)", "product_id": "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.s390" }, "product_reference": "java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.s390", "relates_to_product_reference": "5Client-Supplementary-5.11.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.s390x as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)", "product_id": "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.s390x" }, "product_reference": "java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "relates_to_product_reference": "5Client-Supplementary-5.11.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.x86_64 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)", "product_id": "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.x86_64" }, "product_reference": "java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "relates_to_product_reference": "5Client-Supplementary-5.11.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.i386 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)", "product_id": "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.i386" }, "product_reference": "java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.i386", "relates_to_product_reference": "5Client-Supplementary-5.11.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.ppc as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)", "product_id": "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.ppc" }, "product_reference": "java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "relates_to_product_reference": "5Client-Supplementary-5.11.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.ppc64 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)", "product_id": "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.ppc64" }, "product_reference": "java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "relates_to_product_reference": "5Client-Supplementary-5.11.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.s390 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)", "product_id": "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.s390" }, "product_reference": "java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.s390", "relates_to_product_reference": "5Client-Supplementary-5.11.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.s390x as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)", "product_id": "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.s390x" }, "product_reference": "java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "relates_to_product_reference": "5Client-Supplementary-5.11.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.x86_64 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)", "product_id": "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.x86_64" }, "product_reference": "java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "relates_to_product_reference": "5Client-Supplementary-5.11.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-ibm-plugin-1:1.7.0.10.1-1jpp.1.el5_11.i386 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)", "product_id": "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-plugin-1:1.7.0.10.1-1jpp.1.el5_11.i386" }, "product_reference": "java-1.7.0-ibm-plugin-1:1.7.0.10.1-1jpp.1.el5_11.i386", "relates_to_product_reference": "5Client-Supplementary-5.11.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-ibm-plugin-1:1.7.0.10.1-1jpp.1.el5_11.ppc as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)", "product_id": "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-plugin-1:1.7.0.10.1-1jpp.1.el5_11.ppc" }, "product_reference": "java-1.7.0-ibm-plugin-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "relates_to_product_reference": "5Client-Supplementary-5.11.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-ibm-plugin-1:1.7.0.10.1-1jpp.1.el5_11.x86_64 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)", "product_id": "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-plugin-1:1.7.0.10.1-1jpp.1.el5_11.x86_64" }, "product_reference": "java-1.7.0-ibm-plugin-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "relates_to_product_reference": "5Client-Supplementary-5.11.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.i386 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)", "product_id": "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.i386" }, "product_reference": "java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.i386", "relates_to_product_reference": "5Client-Supplementary-5.11.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.ppc as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)", "product_id": "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.ppc" }, "product_reference": "java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "relates_to_product_reference": "5Client-Supplementary-5.11.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.ppc64 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)", "product_id": "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.ppc64" }, "product_reference": "java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "relates_to_product_reference": "5Client-Supplementary-5.11.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.s390 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)", "product_id": "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.s390" }, "product_reference": "java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.s390", "relates_to_product_reference": "5Client-Supplementary-5.11.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.s390x as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)", "product_id": "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.s390x" }, "product_reference": "java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "relates_to_product_reference": "5Client-Supplementary-5.11.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.x86_64 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)", "product_id": "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.x86_64" }, "product_reference": "java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "relates_to_product_reference": "5Client-Supplementary-5.11.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.i386 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)", "product_id": "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.i386" }, "product_reference": "java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.i386", "relates_to_product_reference": "5Server-Supplementary-5.11.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.ppc as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)", "product_id": "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.ppc" }, "product_reference": "java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "relates_to_product_reference": "5Server-Supplementary-5.11.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.ppc64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)", "product_id": "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.ppc64" }, "product_reference": "java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "relates_to_product_reference": "5Server-Supplementary-5.11.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.s390 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)", "product_id": "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.s390" }, "product_reference": "java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.s390", "relates_to_product_reference": "5Server-Supplementary-5.11.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.s390x as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)", "product_id": "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.s390x" }, "product_reference": "java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "relates_to_product_reference": "5Server-Supplementary-5.11.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.x86_64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)", "product_id": "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.x86_64" }, "product_reference": "java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "relates_to_product_reference": "5Server-Supplementary-5.11.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.i386 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)", "product_id": "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.i386" }, "product_reference": "java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.i386", "relates_to_product_reference": "5Server-Supplementary-5.11.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.ppc as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)", "product_id": "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.ppc" }, "product_reference": "java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "relates_to_product_reference": "5Server-Supplementary-5.11.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.ppc64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)", "product_id": "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.ppc64" }, "product_reference": "java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "relates_to_product_reference": "5Server-Supplementary-5.11.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.s390 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)", "product_id": "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.s390" }, "product_reference": "java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.s390", "relates_to_product_reference": "5Server-Supplementary-5.11.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.s390x as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)", "product_id": "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.s390x" }, "product_reference": "java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "relates_to_product_reference": "5Server-Supplementary-5.11.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.x86_64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)", "product_id": "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.x86_64" }, "product_reference": "java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "relates_to_product_reference": "5Server-Supplementary-5.11.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.i386 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)", "product_id": "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.i386" }, "product_reference": "java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.i386", "relates_to_product_reference": "5Server-Supplementary-5.11.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.ppc as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)", "product_id": "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.ppc" }, "product_reference": "java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "relates_to_product_reference": "5Server-Supplementary-5.11.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.ppc64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)", "product_id": "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.ppc64" }, "product_reference": "java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "relates_to_product_reference": "5Server-Supplementary-5.11.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.s390 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)", "product_id": "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.s390" }, "product_reference": "java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.s390", "relates_to_product_reference": "5Server-Supplementary-5.11.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.s390x as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)", "product_id": "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.s390x" }, "product_reference": "java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "relates_to_product_reference": "5Server-Supplementary-5.11.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.x86_64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)", "product_id": "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.x86_64" }, "product_reference": "java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "relates_to_product_reference": "5Server-Supplementary-5.11.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.i386 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)", "product_id": "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.i386" }, "product_reference": "java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.i386", "relates_to_product_reference": "5Server-Supplementary-5.11.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.ppc as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)", "product_id": "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.ppc" }, "product_reference": "java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "relates_to_product_reference": "5Server-Supplementary-5.11.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.ppc64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)", "product_id": "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.ppc64" }, "product_reference": "java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "relates_to_product_reference": "5Server-Supplementary-5.11.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.s390 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)", "product_id": "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.s390" }, "product_reference": "java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.s390", "relates_to_product_reference": "5Server-Supplementary-5.11.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.s390x as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)", "product_id": "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.s390x" }, "product_reference": "java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "relates_to_product_reference": "5Server-Supplementary-5.11.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.x86_64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)", "product_id": "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.x86_64" }, "product_reference": "java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "relates_to_product_reference": "5Server-Supplementary-5.11.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-ibm-plugin-1:1.7.0.10.1-1jpp.1.el5_11.i386 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)", "product_id": "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-plugin-1:1.7.0.10.1-1jpp.1.el5_11.i386" }, "product_reference": "java-1.7.0-ibm-plugin-1:1.7.0.10.1-1jpp.1.el5_11.i386", "relates_to_product_reference": "5Server-Supplementary-5.11.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-ibm-plugin-1:1.7.0.10.1-1jpp.1.el5_11.ppc as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)", "product_id": "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-plugin-1:1.7.0.10.1-1jpp.1.el5_11.ppc" }, "product_reference": "java-1.7.0-ibm-plugin-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "relates_to_product_reference": "5Server-Supplementary-5.11.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-ibm-plugin-1:1.7.0.10.1-1jpp.1.el5_11.x86_64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)", "product_id": "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-plugin-1:1.7.0.10.1-1jpp.1.el5_11.x86_64" }, "product_reference": "java-1.7.0-ibm-plugin-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "relates_to_product_reference": "5Server-Supplementary-5.11.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.i386 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)", "product_id": "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.i386" }, "product_reference": "java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.i386", "relates_to_product_reference": "5Server-Supplementary-5.11.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.ppc as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)", "product_id": "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.ppc" }, "product_reference": "java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "relates_to_product_reference": "5Server-Supplementary-5.11.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.ppc64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)", "product_id": "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.ppc64" }, "product_reference": "java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "relates_to_product_reference": "5Server-Supplementary-5.11.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.s390 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)", "product_id": "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.s390" }, "product_reference": "java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.s390", "relates_to_product_reference": "5Server-Supplementary-5.11.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.s390x as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)", "product_id": "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.s390x" }, "product_reference": "java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "relates_to_product_reference": "5Server-Supplementary-5.11.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.x86_64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)", "product_id": "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.x86_64" }, "product_reference": "java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "relates_to_product_reference": "5Server-Supplementary-5.11.Z" } ] }, "vulnerabilities": [ { "acknowledgments": [ { "names": [ "OpenVPN" ] }, { "names": [ "Karthikeyan Bhargavan", "Ga\u00ebtan Leurent" ], "organization": "Inria", "summary": "Acknowledged by upstream." } ], "cve": "CVE-2016-2183", "cwe": { "id": "CWE-327", "name": "Use of a Broken or Risky Cryptographic Algorithm" }, "discovery_date": "2016-08-18T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1369383" } ], "notes": [ { "category": "description", "text": "A flaw was found in the way the DES/3DES cipher was used as part of the TLS/SSL protocol. A man-in-the-middle attacker could use this flaw to recover some plaintext data by capturing large amounts of encrypted traffic between TLS/SSL server and client if the communication used a DES/3DES based ciphersuite.", "title": "Vulnerability description" }, { "category": "summary", "text": "SSL/TLS: Birthday attack against 64-bit block ciphers (SWEET32)", "title": "Vulnerability summary" }, { "category": "other", "text": "OpenSSL security update RHSA-2016:1940 mitigates this issue by lowering priority of DES cipher suites so they are not preferred over cipher suites using AES. For compatibility reasons, DES cipher suites remain enabled by default and included in the set of cipher suites identified by the HIGH cipher string. Future updates may move them to MEDIUM or not enable them by default.\n\nNSS addressed this issue by implementing limits on the amount of plain text which can be encrypted by using the same key. Once the limit is reached, the keys will need to be re-negotiated manually. This change will be available in nss-3.27.\n\nGnuTLS is not affected by this issue, since it prioritizes AES before 3DES in the cipher list.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-plugin-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-plugin-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-plugin-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-plugin-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-plugin-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-plugin-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2016-2183" }, { "category": "external", "summary": "RHBZ#1369383", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1369383" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2016-2183", "url": "https://www.cve.org/CVERecord?id=CVE-2016-2183" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-2183", "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-2183" }, { "category": "external", "summary": "https://access.redhat.com/articles/2548661", "url": "https://access.redhat.com/articles/2548661" }, { "category": "external", "summary": "https://access.redhat.com/errata/RHSA-2016:1940", "url": "https://access.redhat.com/errata/RHSA-2016:1940" }, { "category": "external", "summary": "https://sweet32.info/", "url": "https://sweet32.info/" } ], "release_date": "2016-08-24T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of IBM Java must be restarted for this update to take effect.", "product_ids": [ "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-plugin-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-plugin-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-plugin-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-plugin-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-plugin-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-plugin-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2017:0337" }, { "category": "workaround", "details": "1.SSL/TLS configurations should prefer AES over DES. Versions of OpenSSL shipped with Red Hat Enterprise Linux 6 and 7 already do so. In the version of OpenSSL shipped with Red Hat Enterprise Linux 5, 3DES is listed below the AES-256 cipher and above the AES-128 cipher, therefore AES-256 based ciphersuite should not be disabled on the server.\n2. Servers using OpenSSL, should not disable AES-128 and AES-256 ciphersuites. Versions of Apache shipped with Red Hat Enterprise Linux use the default cipher string, in which AES is preferred over DES/3DES based ciphersuites.\n\nFor JBoss Middleware, and Java mitigations, please review this knowledge base article:\n\nhttps://access.redhat.com/articles/2598471\n\nThis can be mitigated on OpenShift Container Platform (OCP) by disabling the vulnerable TLS cipher suite in the applicable component. TLS configuration options for OCP are described here:\n\nhttps://access.redhat.com/articles/5348961", "product_ids": [ "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-plugin-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-plugin-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-plugin-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-plugin-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-plugin-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-plugin-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.x86_64" ] } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0" }, "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.0" }, "products": [ "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-plugin-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-plugin-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-plugin-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-plugin-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-plugin-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-plugin-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "SSL/TLS: Birthday attack against 64-bit block ciphers (SWEET32)" }, { "cve": "CVE-2016-5546", "cwe": { "id": "CWE-20", "name": "Improper Input Validation" }, "discovery_date": "2017-01-15T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1413911" } ], "notes": [ { "category": "description", "text": "It was discovered that the Libraries component of OpenJDK accepted ECDSA signatures using non-canonical DER encoding. This could cause a Java application to accept signature in an incorrect format not accepted by other cryptographic tools.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: incorrect ECDSA signature extraction from the DER input (Libraries, 8168714)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-plugin-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-plugin-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-plugin-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-plugin-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-plugin-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-plugin-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2016-5546" }, { "category": "external", "summary": "RHBZ#1413911", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1413911" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2016-5546", "url": "https://www.cve.org/CVERecord?id=CVE-2016-5546" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-5546", "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-5546" } ], "release_date": "2017-01-17T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of IBM Java must be restarted for this update to take effect.", "product_ids": [ "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-plugin-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-plugin-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-plugin-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-plugin-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-plugin-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-plugin-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2017:0337" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.0" }, "products": [ "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-plugin-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-plugin-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-plugin-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-plugin-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-plugin-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-plugin-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "OpenJDK: incorrect ECDSA signature extraction from the DER input (Libraries, 8168714)" }, { "cve": "CVE-2016-5547", "cwe": { "id": "CWE-770", "name": "Allocation of Resources Without Limits or Throttling" }, "discovery_date": "2017-01-15T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1413764" } ], "notes": [ { "category": "description", "text": "It was discovered that the Libraries component of OpenJDK did not validate the length of the object identifier read from the DER input before allocating memory to store the OID. An attacker able to make a Java application decode a specially crafted DER input could cause the application to consume an excessive amount of memory.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: missing ObjectIdentifier length check (Libraries, 8168705)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-plugin-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-plugin-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-plugin-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-plugin-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-plugin-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-plugin-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2016-5547" }, { "category": "external", "summary": "RHBZ#1413764", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1413764" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2016-5547", "url": "https://www.cve.org/CVERecord?id=CVE-2016-5547" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-5547", "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-5547" } ], "release_date": "2017-01-17T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of IBM Java must be restarted for this update to take effect.", "product_ids": [ "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-plugin-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-plugin-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-plugin-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-plugin-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-plugin-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-plugin-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2017:0337" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "version": "3.0" }, "products": [ "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-plugin-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-plugin-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-plugin-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-plugin-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-plugin-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-plugin-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "OpenJDK: missing ObjectIdentifier length check (Libraries, 8168705)" }, { "cve": "CVE-2016-5548", "cwe": { "id": "CWE-385", "name": "Covert Timing Channel" }, "discovery_date": "2017-01-15T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1413920" } ], "notes": [ { "category": "description", "text": "A covert timing channel flaw was found in the DSA implementation in the Libraries component of OpenJDK. A remote attacker could possibly use this flaw to extract certain information about the used key via a timing side channel.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: DSA implementation timing attack (Libraries, 8168728)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-plugin-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-plugin-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-plugin-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-plugin-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-plugin-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-plugin-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2016-5548" }, { "category": "external", "summary": "RHBZ#1413920", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1413920" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2016-5548", "url": "https://www.cve.org/CVERecord?id=CVE-2016-5548" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-5548", "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-5548" } ], "release_date": "2017-01-17T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of IBM Java must be restarted for this update to take effect.", "product_ids": [ "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-plugin-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-plugin-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-plugin-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-plugin-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-plugin-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-plugin-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2017:0337" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", "version": "3.0" }, "products": [ "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-plugin-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-plugin-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-plugin-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-plugin-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-plugin-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-plugin-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "OpenJDK: DSA implementation timing attack (Libraries, 8168728)" }, { "cve": "CVE-2016-5549", "cwe": { "id": "CWE-385", "name": "Covert Timing Channel" }, "discovery_date": "2017-01-15T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1413923" } ], "notes": [ { "category": "description", "text": "Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Libraries). Supported versions that are affected are Java SE: 7u121 and 8u112; Java SE Embedded: 8u111. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Java SE, Java SE Embedded accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS v3.0 Base Score 6.5 (Confidentiality impacts).", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: ECDSA implementation timing attack (Libraries, 8168724)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-plugin-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-plugin-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-plugin-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-plugin-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-plugin-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-plugin-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2016-5549" }, { "category": "external", "summary": "RHBZ#1413923", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1413923" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2016-5549", "url": "https://www.cve.org/CVERecord?id=CVE-2016-5549" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-5549", "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-5549" } ], "release_date": "2017-01-17T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of IBM Java must be restarted for this update to take effect.", "product_ids": [ "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-plugin-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-plugin-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-plugin-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-plugin-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-plugin-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-plugin-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2017:0337" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", "version": "3.0" }, "products": [ "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-plugin-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-plugin-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-plugin-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-plugin-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-plugin-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-plugin-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "OpenJDK: ECDSA implementation timing attack (Libraries, 8168724)" }, { "cve": "CVE-2016-5552", "cwe": { "id": "CWE-20", "name": "Improper Input Validation" }, "discovery_date": "2017-01-15T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1413882" } ], "notes": [ { "category": "description", "text": "It was discovered that the Networking component of OpenJDK failed to properly parse user info from the URL. A remote attacker could cause a Java application to incorrectly parse an attacker supplied URL and interpret it differently from other applications processing the same URL.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: incorrect URL parsing in URLStreamHandler (Networking, 8167223)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-plugin-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-plugin-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-plugin-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-plugin-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-plugin-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-plugin-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2016-5552" }, { "category": "external", "summary": "RHBZ#1413882", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1413882" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2016-5552", "url": "https://www.cve.org/CVERecord?id=CVE-2016-5552" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-5552", "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-5552" } ], "release_date": "2017-01-17T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of IBM Java must be restarted for this update to take effect.", "product_ids": [ "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-plugin-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-plugin-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-plugin-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-plugin-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-plugin-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-plugin-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2017:0337" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", "version": "3.0" }, "products": [ "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-plugin-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-plugin-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-plugin-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-plugin-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-plugin-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-plugin-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "OpenJDK: incorrect URL parsing in URLStreamHandler (Networking, 8167223)" }, { "cve": "CVE-2017-3231", "discovery_date": "2017-01-15T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1413717" } ], "notes": [ { "category": "description", "text": "Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Networking). Supported versions that are affected are Java SE: 6u131, 7u121 and 8u112; Java SE Embedded: 8u111. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Java SE, Java SE Embedded accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS v3.0 Base Score 4.3 (Confidentiality impacts).", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: URLClassLoader insufficient access control checks (Networking, 8151934)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-plugin-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-plugin-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-plugin-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-plugin-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-plugin-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-plugin-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2017-3231" }, { "category": "external", "summary": "RHBZ#1413717", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1413717" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2017-3231", "url": "https://www.cve.org/CVERecord?id=CVE-2017-3231" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-3231", "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-3231" } ], "release_date": "2017-01-17T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of IBM Java must be restarted for this update to take effect.", "product_ids": [ "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-plugin-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-plugin-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-plugin-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-plugin-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-plugin-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-plugin-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2017:0337" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 4.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N", "version": "3.0" }, "products": [ "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-plugin-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-plugin-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-plugin-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-plugin-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-plugin-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-plugin-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "OpenJDK: URLClassLoader insufficient access control checks (Networking, 8151934)" }, { "cve": "CVE-2017-3241", "cwe": { "id": "CWE-502", "name": "Deserialization of Untrusted Data" }, "discovery_date": "2017-01-15T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1413955" } ], "notes": [ { "category": "description", "text": "It was discovered that the RMI registry and DCG implementations in the RMI component of OpenJDK performed deserialization of untrusted inputs. A remote attacker could possibly use this flaw to execute arbitrary code with the privileges of RMI registry or a Java RMI application.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: untrusted input deserialization in RMI registry and DCG (RMI, 8156802)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-plugin-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-plugin-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-plugin-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-plugin-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-plugin-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-plugin-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2017-3241" }, { "category": "external", "summary": "RHBZ#1413955", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1413955" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2017-3241", "url": "https://www.cve.org/CVERecord?id=CVE-2017-3241" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-3241", "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-3241" } ], "release_date": "2017-01-17T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of IBM Java must be restarted for this update to take effect.", "product_ids": [ "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-plugin-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-plugin-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-plugin-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-plugin-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-plugin-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-plugin-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2017:0337" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" }, "products": [ "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-plugin-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-plugin-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-plugin-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-plugin-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-plugin-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-plugin-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Critical" } ], "title": "OpenJDK: untrusted input deserialization in RMI registry and DCG (RMI, 8156802)" }, { "cve": "CVE-2017-3252", "cwe": { "id": "CWE-20", "name": "Improper Input Validation" }, "discovery_date": "2017-01-15T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1413906" } ], "notes": [ { "category": "description", "text": "It was discovered that the JAAS component of OpenJDK did not use the correct way to extract user DN from the result of the user search LDAP query. A specially crafted user LDAP entry could cause the application to use an incorrect DN.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: LdapLoginModule incorrect userDN extraction (JAAS, 8161743)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-plugin-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-plugin-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-plugin-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-plugin-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-plugin-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-plugin-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2017-3252" }, { "category": "external", "summary": "RHBZ#1413906", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1413906" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2017-3252", "url": "https://www.cve.org/CVERecord?id=CVE-2017-3252" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-3252", "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-3252" } ], "release_date": "2017-01-17T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of IBM Java must be restarted for this update to take effect.", "product_ids": [ "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-plugin-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-plugin-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-plugin-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-plugin-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-plugin-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-plugin-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2017:0337" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N", "version": "3.0" }, "products": [ "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-plugin-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-plugin-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-plugin-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-plugin-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-plugin-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-plugin-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "OpenJDK: LdapLoginModule incorrect userDN extraction (JAAS, 8161743)" }, { "cve": "CVE-2017-3253", "cwe": { "id": "CWE-770", "name": "Allocation of Resources Without Limits or Throttling" }, "discovery_date": "2017-01-15T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1413583" } ], "notes": [ { "category": "description", "text": "It was discovered that the 2D component of OpenJDK performed parsing of iTXt and zTXt PNG image chunks even when configured to ignore metadata. An attacker able to make a Java application parse a specially crafted PNG image could cause the application to consume an excessive amount of memory.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: imageio PNGImageReader failed to honor ignoreMetadata for iTXt and zTXt chunks (2D, 8166988)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-plugin-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-plugin-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-plugin-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-plugin-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-plugin-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-plugin-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2017-3253" }, { "category": "external", "summary": "RHBZ#1413583", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1413583" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2017-3253", "url": "https://www.cve.org/CVERecord?id=CVE-2017-3253" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-3253", "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-3253" } ], "release_date": "2017-01-17T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of IBM Java must be restarted for this update to take effect.", "product_ids": [ "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-plugin-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-plugin-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-plugin-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-plugin-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-plugin-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-plugin-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2017:0337" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0" }, "products": [ "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-plugin-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-plugin-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-plugin-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-plugin-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-plugin-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-plugin-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "OpenJDK: imageio PNGImageReader failed to honor ignoreMetadata for iTXt and zTXt chunks (2D, 8166988)" }, { "cve": "CVE-2017-3259", "discovery_date": "2017-01-17T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1414163" } ], "notes": [ { "category": "description", "text": "Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Deployment). Supported versions that are affected are Java SE: 6u131, 7u121 and 8u112. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Java SE accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS v3.0 Base Score 3.7 (Confidentiality impacts).", "title": "Vulnerability description" }, { "category": "summary", "text": "JDK: unspecified vulnerability fixed in 6u141, 7u131, and 8u121 (Deployment)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-plugin-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-plugin-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-plugin-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-plugin-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-plugin-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-plugin-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2017-3259" }, { "category": "external", "summary": "RHBZ#1414163", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1414163" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2017-3259", "url": "https://www.cve.org/CVERecord?id=CVE-2017-3259" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-3259", "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-3259" }, { "category": "external", "summary": "http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html#AppendixJAVA", "url": "http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html#AppendixJAVA" } ], "release_date": "2017-01-17T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of IBM Java must be restarted for this update to take effect.", "product_ids": [ "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-plugin-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-plugin-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-plugin-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-plugin-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-plugin-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-plugin-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2017:0337" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 3.7, "baseSeverity": "LOW", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N", "version": "3.0" }, "products": [ "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-plugin-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-plugin-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-plugin-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-plugin-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-plugin-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-plugin-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "JDK: unspecified vulnerability fixed in 6u141, 7u131, and 8u121 (Deployment)" }, { "cve": "CVE-2017-3261", "cwe": { "id": "CWE-125", "name": "Out-of-bounds Read" }, "discovery_date": "2017-01-15T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1413653" } ], "notes": [ { "category": "description", "text": "Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Networking). Supported versions that are affected are Java SE: 6u131, 7u121 and 8u112; Java SE Embedded: 8u111. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Java SE, Java SE Embedded accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS v3.0 Base Score 4.3 (Confidentiality impacts).", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: integer overflow in SocketOutputStream boundary check (Networking, 8164147)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-plugin-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-plugin-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-plugin-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-plugin-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-plugin-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-plugin-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2017-3261" }, { "category": "external", "summary": "RHBZ#1413653", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1413653" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2017-3261", "url": "https://www.cve.org/CVERecord?id=CVE-2017-3261" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-3261", "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-3261" } ], "release_date": "2017-01-17T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of IBM Java must be restarted for this update to take effect.", "product_ids": [ "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-plugin-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-plugin-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-plugin-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-plugin-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-plugin-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-plugin-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2017:0337" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 4.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N", "version": "3.0" }, "products": [ "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-plugin-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-plugin-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-plugin-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-plugin-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-plugin-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-plugin-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "OpenJDK: integer overflow in SocketOutputStream boundary check (Networking, 8164147)" }, { "cve": "CVE-2017-3272", "discovery_date": "2017-01-15T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1413554" } ], "notes": [ { "category": "description", "text": "Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Libraries). Supported versions that are affected are Java SE: 6u131, 7u121 and 8u112; Java SE Embedded: 8u111. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Java SE, Java SE Embedded, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Java SE, Java SE Embedded. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS v3.0 Base Score 9.6 (Confidentiality, Integrity and Availability impacts).", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: insufficient protected field access checks in atomic field updaters (Libraries, 8165344)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-plugin-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-plugin-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-plugin-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-plugin-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-plugin-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-plugin-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2017-3272" }, { "category": "external", "summary": "RHBZ#1413554", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1413554" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2017-3272", "url": "https://www.cve.org/CVERecord?id=CVE-2017-3272" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-3272", "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-3272" } ], "release_date": "2017-01-17T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of IBM Java must be restarted for this update to take effect.", "product_ids": [ "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-plugin-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-plugin-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-plugin-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-plugin-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-plugin-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-plugin-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2017:0337" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0" }, "products": [ "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-plugin-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-plugin-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-plugin-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-plugin-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-plugin-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-plugin-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Critical" } ], "title": "OpenJDK: insufficient protected field access checks in atomic field updaters (Libraries, 8165344)" }, { "cve": "CVE-2017-3289", "discovery_date": "2017-01-15T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1413562" } ], "notes": [ { "category": "description", "text": "Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Hotspot). Supported versions that are affected are Java SE: 7u121 and 8u112; Java SE Embedded: 8u111. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Java SE, Java SE Embedded, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Java SE, Java SE Embedded. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS v3.0 Base Score 9.6 (Confidentiality, Integrity and Availability impacts).", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: insecure class construction (Hotspot, 8167104)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-plugin-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-plugin-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-plugin-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-plugin-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-plugin-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-plugin-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2017-3289" }, { "category": "external", "summary": "RHBZ#1413562", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1413562" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2017-3289", "url": "https://www.cve.org/CVERecord?id=CVE-2017-3289" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-3289", "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-3289" } ], "release_date": "2017-01-17T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of IBM Java must be restarted for this update to take effect.", "product_ids": [ "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-plugin-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-plugin-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-plugin-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-plugin-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-plugin-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-plugin-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2017:0337" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0" }, "products": [ "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-plugin-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-plugin-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-plugin-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-demo-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-devel-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-jdbc-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-plugin-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-plugin-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-plugin-1:1.7.0.10.1-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.7.0-ibm-src-1:1.7.0.10.1-1jpp.1.el5_11.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Critical" } ], "title": "OpenJDK: insecure class construction (Hotspot, 8167104)" } ] }
rhsa-2017_3114
Vulnerability from csaf_redhat
Notes
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Important" }, "category": "csaf_vex", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "An update is now available for Red Hat JBoss Enterprise Web Server 2.1.2.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", "title": "Topic" }, { "category": "general", "text": "The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server.\n\nOpenSSL is a toolkit that implements the Secure Sockets Layer (SSL) and Transport Layer Security (TLS) protocols, as well as a full-strength general-purpose cryptography library.\n\nApache Tomcat is a servlet container for the Java Servlet and JavaServer Pages (JSP) technologies.\n\nThis release provides an update to httpd, OpenSSL and Tomcat 6/7 for Red Hat JBoss Web Server 2. The updates are documented in the Release Notes document linked to in the References.\n\nThis release of Red Hat JBoss Web Server 2.1.2 Service Pack 2 serves as a update for Red Hat JBoss Web Server 2, and includes bug fixes, which are documented in the Release Notes document linked to in the References.\n\nUsers of Red Hat JBoss Web Server 2 should upgrade to these updated packages, which resolve several security issues\n\nSecurity Fix(es):\n\n* It was discovered that the httpd\u0027s mod_auth_digest module did not properly initialize memory before using it when processing certain headers related to digest authentication. A remote attacker could possibly use this flaw to disclose potentially sensitive information or cause httpd child process to crash by sending specially crafted requests to a server. (CVE-2017-9788)\n\n* A vulnerability was discovered in Tomcat where if a servlet context was configured with readonly=false and HTTP PUT requests were allowed, an attacker could upload a JSP file to that context and achieve code execution. (CVE-2017-12615)\n\n* A vulnerability was discovered in Tomcat where if a servlet context was configured with readonly=false and HTTP PUT requests were allowed, an attacker could upload a JSP file to that context and achieve code execution. (CVE-2017-12617)\n\n* A flaw was found in the way the DES/3DES cipher was used as part of the TLS/SSL protocol. A man-in-the-middle attacker could use this flaw to recover some plaintext data by capturing large amounts of encrypted traffic between TLS/SSL server and client if the communication used a DES/3DES based ciphersuite. (CVE-2016-2183)\n\n* A use-after-free flaw was found in the way httpd handled invalid and previously unregistered HTTP methods specified in the Limit directive used in an .htaccess file. A remote attacker could possibly use this flaw to disclose portions of the server memory, or cause httpd child process to crash. (CVE-2017-9798)\n\nRed Hat would like to thank OpenVPN for reporting CVE-2016-2183 and Hanno B\u00f6ck for reporting CVE-2017-9798. Upstream acknowledges Karthikeyan Bhargavan (Inria) and Ga\u00ebtan Leurent (Inria) as the original reporters of CVE-2016-2183.\n\nBug Fix(es):\n\n* Corruption in nodestatsmem in multiple core dumps but in different functions of each core dump. (BZ#1338640)\n\n* mod_cluster segfaults in process_info() due to wrongly generated assembler instruction movslq (BZ#1448709)\n\n* CRL checking of very large CRLs fails with OpenSSL 1.0.2 (BZ#1493075)\n\n* The jboss-ews-application-servers zip README contains incomplete description of fixed CVEs (BZ#1497953)", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat offerings.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHSA-2017:3114", "url": "https://access.redhat.com/errata/RHSA-2017:3114" }, { "category": "external", "summary": "https://access.redhat.com/security/updates/classification/#important", "url": "https://access.redhat.com/security/updates/classification/#important" }, { "category": "external", "summary": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?product=webserver\u0026downloadType=securityPatches\u0026version=2.1.2", "url": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?product=webserver\u0026downloadType=securityPatches\u0026version=2.1.2" }, { "category": "external", "summary": "https://access.redhat.com/articles/3227901", "url": "https://access.redhat.com/articles/3227901" }, { "category": "external", "summary": "1369383", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1369383" }, { "category": "external", "summary": "1470748", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1470748" }, { "category": "external", "summary": "1490344", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1490344" }, { "category": "external", "summary": "1493075", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1493075" }, { "category": "external", "summary": "1493220", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1493220" }, { "category": "external", "summary": "1494283", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1494283" }, { "category": "external", "summary": "1497953", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1497953" }, { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/data/csaf/v2/advisories/2017/rhsa-2017_3114.json" } ], "title": "Red Hat Security Advisory: Red Hat JBoss Web Server security and bug fix update", "tracking": { "current_release_date": "2024-09-16T00:25:31+00:00", "generator": { "date": "2024-09-16T00:25:31+00:00", "engine": { "name": "Red Hat SDEngine", "version": "3.33.3" } }, "id": "RHSA-2017:3114", "initial_release_date": "2017-11-02T19:04:48+00:00", "revision_history": [ { "date": "2017-11-02T19:04:48+00:00", "number": "1", "summary": "Initial version" }, { "date": "2017-11-02T19:04:48+00:00", "number": "2", "summary": "Last updated version" }, { "date": "2024-09-16T00:25:31+00:00", "number": "3", "summary": "Last generated version" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "Red Hat JBoss Web Server 2.1", "product": { "name": "Red Hat JBoss Web Server 2.1", "product_id": "Red Hat JBoss Web Server 2.1", "product_identification_helper": { "cpe": "cpe:/a:redhat:jboss_enterprise_web_server:2.1" } } } ], "category": "product_family", "name": "Red Hat JBoss Web Server" } ], "category": "vendor", "name": "Red Hat" } ] }, "vulnerabilities": [ { "acknowledgments": [ { "names": [ "OpenVPN" ] }, { "names": [ "Karthikeyan Bhargavan", "Ga\u00ebtan Leurent" ], "organization": "Inria", "summary": "Acknowledged by upstream." } ], "cve": "CVE-2016-2183", "cwe": { "id": "CWE-327", "name": "Use of a Broken or Risky Cryptographic Algorithm" }, "discovery_date": "2016-08-18T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1369383" } ], "notes": [ { "category": "description", "text": "A flaw was found in the way the DES/3DES cipher was used as part of the TLS/SSL protocol. A man-in-the-middle attacker could use this flaw to recover some plaintext data by capturing large amounts of encrypted traffic between TLS/SSL server and client if the communication used a DES/3DES based ciphersuite.", "title": "Vulnerability description" }, { "category": "summary", "text": "SSL/TLS: Birthday attack against 64-bit block ciphers (SWEET32)", "title": "Vulnerability summary" }, { "category": "other", "text": "OpenSSL security update RHSA-2016:1940 mitigates this issue by lowering priority of DES cipher suites so they are not preferred over cipher suites using AES. For compatibility reasons, DES cipher suites remain enabled by default and included in the set of cipher suites identified by the HIGH cipher string. Future updates may move them to MEDIUM or not enable them by default.\n\nNSS addressed this issue by implementing limits on the amount of plain text which can be encrypted by using the same key. Once the limit is reached, the keys will need to be re-negotiated manually. This change will be available in nss-3.27.\n\nGnuTLS is not affected by this issue, since it prioritizes AES before 3DES in the cipher list.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red Hat JBoss Web Server 2.1" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2016-2183" }, { "category": "external", "summary": "RHBZ#1369383", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1369383" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2016-2183", "url": "https://www.cve.org/CVERecord?id=CVE-2016-2183" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-2183", "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-2183" }, { "category": "external", "summary": "https://access.redhat.com/articles/2548661", "url": "https://access.redhat.com/articles/2548661" }, { "category": "external", "summary": "https://access.redhat.com/errata/RHSA-2016:1940", "url": "https://access.redhat.com/errata/RHSA-2016:1940" }, { "category": "external", "summary": "https://sweet32.info/", "url": "https://sweet32.info/" } ], "release_date": "2016-08-24T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "details": "Before applying the update, back up your existing Red Hat JBoss Web Server installation (including all applications and configuration files).\n\nThe References section of this erratum contains a download link (you must log in to download the update).", "product_ids": [ "Red Hat JBoss Web Server 2.1" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2017:3114" }, { "category": "workaround", "details": "1.SSL/TLS configurations should prefer AES over DES. Versions of OpenSSL shipped with Red Hat Enterprise Linux 6 and 7 already do so. In the version of OpenSSL shipped with Red Hat Enterprise Linux 5, 3DES is listed below the AES-256 cipher and above the AES-128 cipher, therefore AES-256 based ciphersuite should not be disabled on the server.\n2. Servers using OpenSSL, should not disable AES-128 and AES-256 ciphersuites. Versions of Apache shipped with Red Hat Enterprise Linux use the default cipher string, in which AES is preferred over DES/3DES based ciphersuites.\n\nFor JBoss Middleware, and Java mitigations, please review this knowledge base article:\n\nhttps://access.redhat.com/articles/2598471\n\nThis can be mitigated on OpenShift Container Platform (OCP) by disabling the vulnerable TLS cipher suite in the applicable component. TLS configuration options for OCP are described here:\n\nhttps://access.redhat.com/articles/5348961", "product_ids": [ "Red Hat JBoss Web Server 2.1" ] } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0" }, "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.0" }, "products": [ "Red Hat JBoss Web Server 2.1" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "SSL/TLS: Birthday attack against 64-bit block ciphers (SWEET32)" }, { "cve": "CVE-2017-9788", "cwe": { "id": "CWE-456", "name": "Missing Initialization of a Variable" }, "discovery_date": "2017-07-13T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1470748" } ], "notes": [ { "category": "description", "text": "It was discovered that the httpd\u0027s mod_auth_digest module did not properly initialize memory before using it when processing certain headers related to digest authentication. A remote attacker could possibly use this flaw to disclose potentially sensitive information or cause httpd child process to crash by sending specially crafted requests to a server.", "title": "Vulnerability description" }, { "category": "summary", "text": "httpd: Uninitialized memory reflection in mod_auth_digest", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red Hat JBoss Web Server 2.1" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2017-9788" }, { "category": "external", "summary": "RHBZ#1470748", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1470748" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2017-9788", "url": "https://www.cve.org/CVERecord?id=CVE-2017-9788" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-9788", "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-9788" }, { "category": "external", "summary": "https://httpd.apache.org/security/vulnerabilities_22.html#2.2.34", "url": "https://httpd.apache.org/security/vulnerabilities_22.html#2.2.34" }, { "category": "external", "summary": "https://httpd.apache.org/security/vulnerabilities_24.html#2.4.27", "url": "https://httpd.apache.org/security/vulnerabilities_24.html#2.4.27" } ], "release_date": "2017-07-11T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "details": "Before applying the update, back up your existing Red Hat JBoss Web Server installation (including all applications and configuration files).\n\nThe References section of this erratum contains a download link (you must log in to download the update).", "product_ids": [ "Red Hat JBoss Web Server 2.1" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2017:3114" }, { "category": "workaround", "details": "If you do not use digest authentication, do not load the \"auth_digest_module\".\n\nFor example, on RHEL 7, this can be done by commenting out or removing the\n\"LoadModule auth_digest_module modules/mod_auth_digest.so\"\nline within the /etc/httpd/conf.modules.d/00-base.conf configuration file and restarting the service.\n\nYou can then use the \"httpd -t -D DUMP_MODULES\" command to verify that the module is no longer loaded.", "product_ids": [ "Red Hat JBoss Web Server 2.1" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 4.8, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:L", "version": "3.0" }, "products": [ "Red Hat JBoss Web Server 2.1" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "httpd: Uninitialized memory reflection in mod_auth_digest" }, { "acknowledgments": [ { "names": [ "Hanno B\u00f6ck" ] } ], "cve": "CVE-2017-9798", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "discovery_date": "2017-09-11T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1490344" } ], "notes": [ { "category": "description", "text": "A use-after-free flaw was found in the way httpd handled invalid and previously unregistered HTTP methods specified in the Limit directive used in an .htaccess file. A remote attacker could possibly use this flaw to disclose portions of the server memory, or cause httpd child process to crash.", "title": "Vulnerability description" }, { "category": "summary", "text": "httpd: Use-after-free by limiting unregistered HTTP method (Optionsbleed)", "title": "Vulnerability summary" }, { "category": "other", "text": "This issue affects the versions of httpd as shipped with Red Hat Enterprise Linux 5, 6, and 7. This issue affects the versions of httpd24-httpd as shipped with Red Hat Software Collections. Product Security has rated this issue as having Moderate security impact.\n\nIn order to be vulnerable, .htaccess files need to contain an invalid or not globally registered HTTP method in a \"Limit\" directive.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red Hat JBoss Web Server 2.1" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2017-9798" }, { "category": "external", "summary": "RHBZ#1490344", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1490344" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2017-9798", "url": "https://www.cve.org/CVERecord?id=CVE-2017-9798" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-9798", "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-9798" }, { "category": "external", "summary": "https://blog.fuzzing-project.org/60-Optionsbleed-HTTP-OPTIONS-method-can-leak-Apaches-server-memory.html", "url": "https://blog.fuzzing-project.org/60-Optionsbleed-HTTP-OPTIONS-method-can-leak-Apaches-server-memory.html" } ], "release_date": "2017-09-18T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "details": "Before applying the update, back up your existing Red Hat JBoss Web Server installation (including all applications and configuration files).\n\nThe References section of this erratum contains a download link (you must log in to download the update).", "product_ids": [ "Red Hat JBoss Web Server 2.1" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2017:3114" }, { "category": "workaround", "details": "This issue can be mitigated by configuring httpd to disallow the use of the \"Limit\" configuration directive in .htaccess files. The set of directives that can be used in .htaccess files is configured using the \"AllowOverride\" directive. Refer to Red Hat Bugzilla bug 1490344 for further details:\nhttps://bugzilla.redhat.com/show_bug.cgi?id=1490344#c18", "product_ids": [ "Red Hat JBoss Web Server 2.1" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.9, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.0" }, "products": [ "Red Hat JBoss Web Server 2.1" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "httpd: Use-after-free by limiting unregistered HTTP method (Optionsbleed)" }, { "cve": "CVE-2017-12615", "cwe": { "id": "CWE-20", "name": "Improper Input Validation" }, "discovery_date": "2017-09-19T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1493220" } ], "notes": [ { "category": "description", "text": "A vulnerability was discovered in Tomcat where if a servlet context was configured with readonly=false and HTTP PUT requests were allowed, an attacker could upload a JSP file to that context and achieve code execution.", "title": "Vulnerability description" }, { "category": "summary", "text": "tomcat: Remote Code Execution via JSP Upload", "title": "Vulnerability summary" }, { "category": "other", "text": "This flaw affects Tomcat on Red Hat Enterprise Linux only when a specific context is configured with readonly=false. The default configuration has a readonly context, so it is not affected.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red Hat JBoss Web Server 2.1" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2017-12615" }, { "category": "external", "summary": "RHBZ#1493220", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1493220" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2017-12615", "url": "https://www.cve.org/CVERecord?id=CVE-2017-12615" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-12615", "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-12615" }, { "category": "external", "summary": "https://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.81", "url": "https://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.81" }, { "category": "external", "summary": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog", "url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog" } ], "release_date": "2017-09-19T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "details": "Before applying the update, back up your existing Red Hat JBoss Web Server installation (including all applications and configuration files).\n\nThe References section of this erratum contains a download link (you must log in to download the update).", "product_ids": [ "Red Hat JBoss Web Server 2.1" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2017:3114" }, { "category": "workaround", "details": "Ensure that readonly is set to true (the default) for the DefaultServlet, WebDAV servlet or application context.\n\nBlock HTTP methods that permit resource modification for untrusted users.", "product_ids": [ "Red Hat JBoss Web Server 2.1" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" }, "products": [ "Red Hat JBoss Web Server 2.1" ] } ], "threats": [ { "category": "exploit_status", "date": "2022-03-25T00:00:00+00:00", "details": "CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog" }, { "category": "impact", "details": "Important" } ], "title": "tomcat: Remote Code Execution via JSP Upload" }, { "cve": "CVE-2017-12617", "cwe": { "id": "CWE-20", "name": "Improper Input Validation" }, "discovery_date": "2017-09-21T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1494283" } ], "notes": [ { "category": "description", "text": "A vulnerability was discovered in Tomcat where if a servlet context was configured with readonly=false and HTTP PUT requests were allowed, an attacker could upload a JSP file to that context and achieve code execution.", "title": "Vulnerability description" }, { "category": "summary", "text": "tomcat: Remote Code Execution bypass for CVE-2017-12615", "title": "Vulnerability summary" }, { "category": "other", "text": "This flaw affects Tomcat on Red Hat Enterprise Linux only when a specific context is configured with readonly=false. The default configuration has a readonly context, so it is not affected.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red Hat JBoss Web Server 2.1" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2017-12617" }, { "category": "external", "summary": "RHBZ#1494283", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1494283" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2017-12617", "url": "https://www.cve.org/CVERecord?id=CVE-2017-12617" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-12617", "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-12617" }, { "category": "external", "summary": "https://tomcat.apache.org/security-7.html", "url": "https://tomcat.apache.org/security-7.html" }, { "category": "external", "summary": "https://tomcat.apache.org/security-8.html", "url": "https://tomcat.apache.org/security-8.html" }, { "category": "external", "summary": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog", "url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog" } ], "release_date": "2017-09-21T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "details": "Before applying the update, back up your existing Red Hat JBoss Web Server installation (including all applications and configuration files).\n\nThe References section of this erratum contains a download link (you must log in to download the update).", "product_ids": [ "Red Hat JBoss Web Server 2.1" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2017:3114" }, { "category": "workaround", "details": "Ensure that readonly is set to true (the default) for the DefaultServlet, WebDAV servlet or application context.\n\nBlock HTTP methods that permit resource modification for untrusted users.", "product_ids": [ "Red Hat JBoss Web Server 2.1" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" }, "products": [ "Red Hat JBoss Web Server 2.1" ] } ], "threats": [ { "category": "exploit_status", "date": "2022-03-25T00:00:00+00:00", "details": "CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog" }, { "category": "impact", "details": "Important" } ], "title": "tomcat: Remote Code Execution bypass for CVE-2017-12615" } ] }
rhsa-2017_0462
Vulnerability from csaf_redhat
Notes
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Moderate" }, "category": "csaf_vex", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "An update for java-1.8.0-ibm is now available for Red Hat Enterprise Linux 6 Supplementary and Red Hat Enterprise Linux 7 Supplementary.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", "title": "Topic" }, { "category": "general", "text": "IBM Java SE version 8 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit.\n\nThis update upgrades IBM Java SE 8 to version 8 SR4-FP1.\n\nSecurity Fix(es):\n\n* This update fixes a vulnerability in the IBM Java Runtime Environment and the IBM Java Software Development Kit. Further information about this flaw can be found on the IBM Java Security alerts page, listed in the References section. (CVE-2016-2183)", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat offerings.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHSA-2017:0462", "url": "https://access.redhat.com/errata/RHSA-2017:0462" }, { "category": "external", "summary": "https://access.redhat.com/security/updates/classification/#moderate", "url": "https://access.redhat.com/security/updates/classification/#moderate" }, { "category": "external", "summary": "https://developer.ibm.com/javasdk/support/security-vulnerabilities/", "url": "https://developer.ibm.com/javasdk/support/security-vulnerabilities/" }, { "category": "external", "summary": "1369383", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1369383" }, { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/data/csaf/v2/advisories/2017/rhsa-2017_0462.json" } ], "title": "Red Hat Security Advisory: java-1.8.0-ibm security update", "tracking": { "current_release_date": "2024-09-13T11:33:46+00:00", "generator": { "date": "2024-09-13T11:33:46+00:00", "engine": { "name": "Red Hat SDEngine", "version": "3.33.3" } }, "id": "RHSA-2017:0462", "initial_release_date": "2017-03-08T13:22:53+00:00", "revision_history": [ { "date": "2017-03-08T13:22:53+00:00", "number": "1", "summary": "Initial version" }, { "date": "2017-03-08T13:22:53+00:00", "number": "2", "summary": "Last updated version" }, { "date": "2024-09-13T11:33:46+00:00", "number": "3", "summary": "Last generated version" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "Red Hat Enterprise Linux Desktop Supplementary (v. 6)", "product": { "name": "Red Hat Enterprise Linux Desktop Supplementary (v. 6)", "product_id": "6Client-Supplementary-6.8.z", "product_identification_helper": { "cpe": "cpe:/a:redhat:rhel_extras:6" } } }, { "category": "product_name", "name": "Red Hat Enterprise Linux HPC Node Supplementary (v. 6)", "product": { "name": "Red Hat Enterprise Linux HPC Node Supplementary (v. 6)", "product_id": "6ComputeNode-Supplementary-6.8.z", "product_identification_helper": { "cpe": "cpe:/a:redhat:rhel_extras:6" } } }, { "category": "product_name", "name": "Red Hat Enterprise Linux Server Supplementary (v. 6)", "product": { "name": "Red Hat Enterprise Linux Server Supplementary (v. 6)", "product_id": "6Server-Supplementary-6.8.z", "product_identification_helper": { "cpe": "cpe:/a:redhat:rhel_extras:6" } } }, { "category": "product_name", "name": "Red Hat Enterprise Linux Workstation Supplementary (v. 6)", "product": { "name": "Red Hat Enterprise Linux Workstation Supplementary (v. 6)", "product_id": "6Workstation-Supplementary-6.8.z", "product_identification_helper": { "cpe": "cpe:/a:redhat:rhel_extras:6" } } }, { "category": "product_name", "name": "Red Hat Enterprise Linux Client Supplementary (v. 7)", "product": { "name": "Red Hat Enterprise Linux Client Supplementary (v. 7)", "product_id": "7Client-7.3.Z-Client", "product_identification_helper": { "cpe": "cpe:/a:redhat:rhel_extras:7" } } }, { "category": "product_name", "name": "Red Hat Enterprise Linux ComputeNode Supplementary (v. 7)", "product": { "name": "Red Hat Enterprise Linux ComputeNode Supplementary (v. 7)", "product_id": "7ComputeNode-7.3.Z-ComputeNode", "product_identification_helper": { "cpe": "cpe:/a:redhat:rhel_extras:7" } } }, { "category": "product_name", "name": "Red Hat Enterprise Linux Server Supplementary (v. 7)", "product": { "name": "Red Hat Enterprise Linux Server Supplementary (v. 7)", "product_id": "7Server-7.3.Z-Server", "product_identification_helper": { "cpe": "cpe:/a:redhat:rhel_extras:7" } } }, { "category": "product_name", "name": "Red Hat Enterprise Linux Workstation Supplementary (v. 7)", "product": { "name": "Red Hat Enterprise Linux Workstation Supplementary (v. 7)", "product_id": "7Workstation-7.3.Z-Workstation", "product_identification_helper": { "cpe": "cpe:/a:redhat:rhel_extras:7" } } } ], "category": "product_family", "name": "Red Hat Enterprise Linux Supplementary" }, { "branches": [ { "category": "product_version", "name": "java-1.8.0-ibm-demo-1:1.8.0.4.1-1jpp.1.el6_8.x86_64", "product": { "name": "java-1.8.0-ibm-demo-1:1.8.0.4.1-1jpp.1.el6_8.x86_64", "product_id": "java-1.8.0-ibm-demo-1:1.8.0.4.1-1jpp.1.el6_8.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.8.0-ibm-demo@1.8.0.4.1-1jpp.1.el6_8?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.8.0-ibm-1:1.8.0.4.1-1jpp.1.el6_8.x86_64", "product": { "name": "java-1.8.0-ibm-1:1.8.0.4.1-1jpp.1.el6_8.x86_64", "product_id": "java-1.8.0-ibm-1:1.8.0.4.1-1jpp.1.el6_8.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.8.0-ibm@1.8.0.4.1-1jpp.1.el6_8?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.8.0-ibm-devel-1:1.8.0.4.1-1jpp.1.el6_8.x86_64", "product": { "name": "java-1.8.0-ibm-devel-1:1.8.0.4.1-1jpp.1.el6_8.x86_64", "product_id": "java-1.8.0-ibm-devel-1:1.8.0.4.1-1jpp.1.el6_8.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.8.0-ibm-devel@1.8.0.4.1-1jpp.1.el6_8?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.8.0-ibm-plugin-1:1.8.0.4.1-1jpp.1.el6_8.x86_64", "product": { "name": "java-1.8.0-ibm-plugin-1:1.8.0.4.1-1jpp.1.el6_8.x86_64", "product_id": "java-1.8.0-ibm-plugin-1:1.8.0.4.1-1jpp.1.el6_8.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.8.0-ibm-plugin@1.8.0.4.1-1jpp.1.el6_8?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.8.0-ibm-jdbc-1:1.8.0.4.1-1jpp.1.el6_8.x86_64", "product": { "name": "java-1.8.0-ibm-jdbc-1:1.8.0.4.1-1jpp.1.el6_8.x86_64", "product_id": "java-1.8.0-ibm-jdbc-1:1.8.0.4.1-1jpp.1.el6_8.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.8.0-ibm-jdbc@1.8.0.4.1-1jpp.1.el6_8?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.8.0-ibm-src-1:1.8.0.4.1-1jpp.1.el6_8.x86_64", "product": { "name": "java-1.8.0-ibm-src-1:1.8.0.4.1-1jpp.1.el6_8.x86_64", "product_id": "java-1.8.0-ibm-src-1:1.8.0.4.1-1jpp.1.el6_8.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.8.0-ibm-src@1.8.0.4.1-1jpp.1.el6_8?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.8.0-ibm-devel-1:1.8.0.4.1-1jpp.2.el7.x86_64", "product": { "name": "java-1.8.0-ibm-devel-1:1.8.0.4.1-1jpp.2.el7.x86_64", "product_id": "java-1.8.0-ibm-devel-1:1.8.0.4.1-1jpp.2.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.8.0-ibm-devel@1.8.0.4.1-1jpp.2.el7?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.8.0-ibm-src-1:1.8.0.4.1-1jpp.2.el7.x86_64", "product": { "name": "java-1.8.0-ibm-src-1:1.8.0.4.1-1jpp.2.el7.x86_64", "product_id": "java-1.8.0-ibm-src-1:1.8.0.4.1-1jpp.2.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.8.0-ibm-src@1.8.0.4.1-1jpp.2.el7?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.8.0-ibm-jdbc-1:1.8.0.4.1-1jpp.2.el7.x86_64", "product": { "name": "java-1.8.0-ibm-jdbc-1:1.8.0.4.1-1jpp.2.el7.x86_64", "product_id": "java-1.8.0-ibm-jdbc-1:1.8.0.4.1-1jpp.2.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.8.0-ibm-jdbc@1.8.0.4.1-1jpp.2.el7?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.8.0-ibm-1:1.8.0.4.1-1jpp.2.el7.x86_64", "product": { "name": "java-1.8.0-ibm-1:1.8.0.4.1-1jpp.2.el7.x86_64", "product_id": "java-1.8.0-ibm-1:1.8.0.4.1-1jpp.2.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.8.0-ibm@1.8.0.4.1-1jpp.2.el7?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.8.0-ibm-demo-1:1.8.0.4.1-1jpp.2.el7.x86_64", "product": { "name": "java-1.8.0-ibm-demo-1:1.8.0.4.1-1jpp.2.el7.x86_64", "product_id": "java-1.8.0-ibm-demo-1:1.8.0.4.1-1jpp.2.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.8.0-ibm-demo@1.8.0.4.1-1jpp.2.el7?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.8.0-ibm-plugin-1:1.8.0.4.1-1jpp.2.el7.x86_64", "product": { "name": "java-1.8.0-ibm-plugin-1:1.8.0.4.1-1jpp.2.el7.x86_64", "product_id": "java-1.8.0-ibm-plugin-1:1.8.0.4.1-1jpp.2.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.8.0-ibm-plugin@1.8.0.4.1-1jpp.2.el7?arch=x86_64\u0026epoch=1" } } } ], "category": "architecture", "name": "x86_64" }, { "branches": [ { "category": "product_version", "name": "java-1.8.0-ibm-demo-1:1.8.0.4.1-1jpp.1.el6_8.i686", "product": { "name": "java-1.8.0-ibm-demo-1:1.8.0.4.1-1jpp.1.el6_8.i686", "product_id": "java-1.8.0-ibm-demo-1:1.8.0.4.1-1jpp.1.el6_8.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.8.0-ibm-demo@1.8.0.4.1-1jpp.1.el6_8?arch=i686\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.8.0-ibm-1:1.8.0.4.1-1jpp.1.el6_8.i686", "product": { "name": "java-1.8.0-ibm-1:1.8.0.4.1-1jpp.1.el6_8.i686", "product_id": "java-1.8.0-ibm-1:1.8.0.4.1-1jpp.1.el6_8.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.8.0-ibm@1.8.0.4.1-1jpp.1.el6_8?arch=i686\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.8.0-ibm-devel-1:1.8.0.4.1-1jpp.1.el6_8.i686", "product": { "name": "java-1.8.0-ibm-devel-1:1.8.0.4.1-1jpp.1.el6_8.i686", "product_id": "java-1.8.0-ibm-devel-1:1.8.0.4.1-1jpp.1.el6_8.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.8.0-ibm-devel@1.8.0.4.1-1jpp.1.el6_8?arch=i686\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.8.0-ibm-plugin-1:1.8.0.4.1-1jpp.1.el6_8.i686", "product": { "name": "java-1.8.0-ibm-plugin-1:1.8.0.4.1-1jpp.1.el6_8.i686", "product_id": "java-1.8.0-ibm-plugin-1:1.8.0.4.1-1jpp.1.el6_8.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.8.0-ibm-plugin@1.8.0.4.1-1jpp.1.el6_8?arch=i686\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.8.0-ibm-jdbc-1:1.8.0.4.1-1jpp.1.el6_8.i686", "product": { "name": "java-1.8.0-ibm-jdbc-1:1.8.0.4.1-1jpp.1.el6_8.i686", "product_id": "java-1.8.0-ibm-jdbc-1:1.8.0.4.1-1jpp.1.el6_8.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.8.0-ibm-jdbc@1.8.0.4.1-1jpp.1.el6_8?arch=i686\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.8.0-ibm-src-1:1.8.0.4.1-1jpp.1.el6_8.i686", "product": { "name": "java-1.8.0-ibm-src-1:1.8.0.4.1-1jpp.1.el6_8.i686", "product_id": "java-1.8.0-ibm-src-1:1.8.0.4.1-1jpp.1.el6_8.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.8.0-ibm-src@1.8.0.4.1-1jpp.1.el6_8?arch=i686\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.8.0-ibm-devel-1:1.8.0.4.1-1jpp.2.el7.i686", "product": { "name": "java-1.8.0-ibm-devel-1:1.8.0.4.1-1jpp.2.el7.i686", "product_id": "java-1.8.0-ibm-devel-1:1.8.0.4.1-1jpp.2.el7.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.8.0-ibm-devel@1.8.0.4.1-1jpp.2.el7?arch=i686\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.8.0-ibm-1:1.8.0.4.1-1jpp.2.el7.i686", "product": { "name": "java-1.8.0-ibm-1:1.8.0.4.1-1jpp.2.el7.i686", "product_id": "java-1.8.0-ibm-1:1.8.0.4.1-1jpp.2.el7.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.8.0-ibm@1.8.0.4.1-1jpp.2.el7?arch=i686\u0026epoch=1" } } } ], "category": "architecture", "name": "i686" }, { "branches": [ { "category": "product_version", "name": "java-1.8.0-ibm-demo-1:1.8.0.4.1-1jpp.1.el6_8.s390x", "product": { "name": "java-1.8.0-ibm-demo-1:1.8.0.4.1-1jpp.1.el6_8.s390x", "product_id": "java-1.8.0-ibm-demo-1:1.8.0.4.1-1jpp.1.el6_8.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.8.0-ibm-demo@1.8.0.4.1-1jpp.1.el6_8?arch=s390x\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.8.0-ibm-1:1.8.0.4.1-1jpp.1.el6_8.s390x", "product": { "name": "java-1.8.0-ibm-1:1.8.0.4.1-1jpp.1.el6_8.s390x", "product_id": "java-1.8.0-ibm-1:1.8.0.4.1-1jpp.1.el6_8.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.8.0-ibm@1.8.0.4.1-1jpp.1.el6_8?arch=s390x\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.8.0-ibm-devel-1:1.8.0.4.1-1jpp.1.el6_8.s390x", "product": { "name": "java-1.8.0-ibm-devel-1:1.8.0.4.1-1jpp.1.el6_8.s390x", "product_id": "java-1.8.0-ibm-devel-1:1.8.0.4.1-1jpp.1.el6_8.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.8.0-ibm-devel@1.8.0.4.1-1jpp.1.el6_8?arch=s390x\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.8.0-ibm-jdbc-1:1.8.0.4.1-1jpp.1.el6_8.s390x", "product": { "name": "java-1.8.0-ibm-jdbc-1:1.8.0.4.1-1jpp.1.el6_8.s390x", "product_id": "java-1.8.0-ibm-jdbc-1:1.8.0.4.1-1jpp.1.el6_8.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.8.0-ibm-jdbc@1.8.0.4.1-1jpp.1.el6_8?arch=s390x\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.8.0-ibm-src-1:1.8.0.4.1-1jpp.1.el6_8.s390x", "product": { "name": "java-1.8.0-ibm-src-1:1.8.0.4.1-1jpp.1.el6_8.s390x", "product_id": "java-1.8.0-ibm-src-1:1.8.0.4.1-1jpp.1.el6_8.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.8.0-ibm-src@1.8.0.4.1-1jpp.1.el6_8?arch=s390x\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.8.0-ibm-devel-1:1.8.0.4.1-1jpp.2.el7.s390x", "product": { "name": "java-1.8.0-ibm-devel-1:1.8.0.4.1-1jpp.2.el7.s390x", "product_id": "java-1.8.0-ibm-devel-1:1.8.0.4.1-1jpp.2.el7.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.8.0-ibm-devel@1.8.0.4.1-1jpp.2.el7?arch=s390x\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.8.0-ibm-src-1:1.8.0.4.1-1jpp.2.el7.s390x", "product": { "name": "java-1.8.0-ibm-src-1:1.8.0.4.1-1jpp.2.el7.s390x", "product_id": "java-1.8.0-ibm-src-1:1.8.0.4.1-1jpp.2.el7.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.8.0-ibm-src@1.8.0.4.1-1jpp.2.el7?arch=s390x\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.8.0-ibm-jdbc-1:1.8.0.4.1-1jpp.2.el7.s390x", "product": { "name": "java-1.8.0-ibm-jdbc-1:1.8.0.4.1-1jpp.2.el7.s390x", "product_id": "java-1.8.0-ibm-jdbc-1:1.8.0.4.1-1jpp.2.el7.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.8.0-ibm-jdbc@1.8.0.4.1-1jpp.2.el7?arch=s390x\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.8.0-ibm-1:1.8.0.4.1-1jpp.2.el7.s390x", "product": { "name": "java-1.8.0-ibm-1:1.8.0.4.1-1jpp.2.el7.s390x", "product_id": "java-1.8.0-ibm-1:1.8.0.4.1-1jpp.2.el7.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.8.0-ibm@1.8.0.4.1-1jpp.2.el7?arch=s390x\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.8.0-ibm-demo-1:1.8.0.4.1-1jpp.2.el7.s390x", "product": { "name": "java-1.8.0-ibm-demo-1:1.8.0.4.1-1jpp.2.el7.s390x", "product_id": "java-1.8.0-ibm-demo-1:1.8.0.4.1-1jpp.2.el7.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.8.0-ibm-demo@1.8.0.4.1-1jpp.2.el7?arch=s390x\u0026epoch=1" } } } ], "category": "architecture", "name": "s390x" }, { "branches": [ { "category": "product_version", "name": "java-1.8.0-ibm-demo-1:1.8.0.4.1-1jpp.1.el6_8.ppc64", "product": { "name": "java-1.8.0-ibm-demo-1:1.8.0.4.1-1jpp.1.el6_8.ppc64", "product_id": "java-1.8.0-ibm-demo-1:1.8.0.4.1-1jpp.1.el6_8.ppc64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.8.0-ibm-demo@1.8.0.4.1-1jpp.1.el6_8?arch=ppc64\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.8.0-ibm-1:1.8.0.4.1-1jpp.1.el6_8.ppc64", "product": { "name": "java-1.8.0-ibm-1:1.8.0.4.1-1jpp.1.el6_8.ppc64", "product_id": "java-1.8.0-ibm-1:1.8.0.4.1-1jpp.1.el6_8.ppc64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.8.0-ibm@1.8.0.4.1-1jpp.1.el6_8?arch=ppc64\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.8.0-ibm-devel-1:1.8.0.4.1-1jpp.1.el6_8.ppc64", "product": { "name": "java-1.8.0-ibm-devel-1:1.8.0.4.1-1jpp.1.el6_8.ppc64", "product_id": "java-1.8.0-ibm-devel-1:1.8.0.4.1-1jpp.1.el6_8.ppc64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.8.0-ibm-devel@1.8.0.4.1-1jpp.1.el6_8?arch=ppc64\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.8.0-ibm-jdbc-1:1.8.0.4.1-1jpp.1.el6_8.ppc64", "product": { "name": "java-1.8.0-ibm-jdbc-1:1.8.0.4.1-1jpp.1.el6_8.ppc64", "product_id": "java-1.8.0-ibm-jdbc-1:1.8.0.4.1-1jpp.1.el6_8.ppc64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.8.0-ibm-jdbc@1.8.0.4.1-1jpp.1.el6_8?arch=ppc64\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.8.0-ibm-src-1:1.8.0.4.1-1jpp.1.el6_8.ppc64", "product": { "name": "java-1.8.0-ibm-src-1:1.8.0.4.1-1jpp.1.el6_8.ppc64", "product_id": "java-1.8.0-ibm-src-1:1.8.0.4.1-1jpp.1.el6_8.ppc64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.8.0-ibm-src@1.8.0.4.1-1jpp.1.el6_8?arch=ppc64\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.8.0-ibm-devel-1:1.8.0.4.1-1jpp.2.el7.ppc64", "product": { "name": "java-1.8.0-ibm-devel-1:1.8.0.4.1-1jpp.2.el7.ppc64", "product_id": "java-1.8.0-ibm-devel-1:1.8.0.4.1-1jpp.2.el7.ppc64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.8.0-ibm-devel@1.8.0.4.1-1jpp.2.el7?arch=ppc64\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.8.0-ibm-src-1:1.8.0.4.1-1jpp.2.el7.ppc64", "product": { "name": "java-1.8.0-ibm-src-1:1.8.0.4.1-1jpp.2.el7.ppc64", "product_id": "java-1.8.0-ibm-src-1:1.8.0.4.1-1jpp.2.el7.ppc64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.8.0-ibm-src@1.8.0.4.1-1jpp.2.el7?arch=ppc64\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.8.0-ibm-jdbc-1:1.8.0.4.1-1jpp.2.el7.ppc64", "product": { "name": "java-1.8.0-ibm-jdbc-1:1.8.0.4.1-1jpp.2.el7.ppc64", "product_id": "java-1.8.0-ibm-jdbc-1:1.8.0.4.1-1jpp.2.el7.ppc64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.8.0-ibm-jdbc@1.8.0.4.1-1jpp.2.el7?arch=ppc64\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.8.0-ibm-1:1.8.0.4.1-1jpp.2.el7.ppc64", "product": { "name": "java-1.8.0-ibm-1:1.8.0.4.1-1jpp.2.el7.ppc64", "product_id": "java-1.8.0-ibm-1:1.8.0.4.1-1jpp.2.el7.ppc64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.8.0-ibm@1.8.0.4.1-1jpp.2.el7?arch=ppc64\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.8.0-ibm-demo-1:1.8.0.4.1-1jpp.2.el7.ppc64", "product": { "name": "java-1.8.0-ibm-demo-1:1.8.0.4.1-1jpp.2.el7.ppc64", "product_id": "java-1.8.0-ibm-demo-1:1.8.0.4.1-1jpp.2.el7.ppc64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.8.0-ibm-demo@1.8.0.4.1-1jpp.2.el7?arch=ppc64\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.8.0-ibm-plugin-1:1.8.0.4.1-1jpp.2.el7.ppc64", "product": { "name": "java-1.8.0-ibm-plugin-1:1.8.0.4.1-1jpp.2.el7.ppc64", "product_id": "java-1.8.0-ibm-plugin-1:1.8.0.4.1-1jpp.2.el7.ppc64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.8.0-ibm-plugin@1.8.0.4.1-1jpp.2.el7?arch=ppc64\u0026epoch=1" } } } ], "category": "architecture", "name": "ppc64" }, { "branches": [ { "category": "product_version", "name": "java-1.8.0-ibm-devel-1:1.8.0.4.1-1jpp.2.el7.ppc", "product": { "name": "java-1.8.0-ibm-devel-1:1.8.0.4.1-1jpp.2.el7.ppc", "product_id": "java-1.8.0-ibm-devel-1:1.8.0.4.1-1jpp.2.el7.ppc", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.8.0-ibm-devel@1.8.0.4.1-1jpp.2.el7?arch=ppc\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.8.0-ibm-1:1.8.0.4.1-1jpp.2.el7.ppc", "product": { "name": "java-1.8.0-ibm-1:1.8.0.4.1-1jpp.2.el7.ppc", "product_id": "java-1.8.0-ibm-1:1.8.0.4.1-1jpp.2.el7.ppc", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.8.0-ibm@1.8.0.4.1-1jpp.2.el7?arch=ppc\u0026epoch=1" } } } ], "category": "architecture", "name": "ppc" }, { "branches": [ { "category": "product_version", "name": "java-1.8.0-ibm-devel-1:1.8.0.4.1-1jpp.2.el7.s390", "product": { "name": "java-1.8.0-ibm-devel-1:1.8.0.4.1-1jpp.2.el7.s390", "product_id": "java-1.8.0-ibm-devel-1:1.8.0.4.1-1jpp.2.el7.s390", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.8.0-ibm-devel@1.8.0.4.1-1jpp.2.el7?arch=s390\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.8.0-ibm-1:1.8.0.4.1-1jpp.2.el7.s390", "product": { "name": "java-1.8.0-ibm-1:1.8.0.4.1-1jpp.2.el7.s390", "product_id": "java-1.8.0-ibm-1:1.8.0.4.1-1jpp.2.el7.s390", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.8.0-ibm@1.8.0.4.1-1jpp.2.el7?arch=s390\u0026epoch=1" } } } ], "category": "architecture", "name": "s390" }, { "branches": [ { "category": "product_version", "name": "java-1.8.0-ibm-devel-1:1.8.0.4.1-1jpp.2.el7.ppc64le", "product": { "name": "java-1.8.0-ibm-devel-1:1.8.0.4.1-1jpp.2.el7.ppc64le", "product_id": "java-1.8.0-ibm-devel-1:1.8.0.4.1-1jpp.2.el7.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.8.0-ibm-devel@1.8.0.4.1-1jpp.2.el7?arch=ppc64le\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.8.0-ibm-src-1:1.8.0.4.1-1jpp.2.el7.ppc64le", "product": { "name": "java-1.8.0-ibm-src-1:1.8.0.4.1-1jpp.2.el7.ppc64le", "product_id": "java-1.8.0-ibm-src-1:1.8.0.4.1-1jpp.2.el7.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.8.0-ibm-src@1.8.0.4.1-1jpp.2.el7?arch=ppc64le\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.8.0-ibm-jdbc-1:1.8.0.4.1-1jpp.2.el7.ppc64le", "product": { "name": "java-1.8.0-ibm-jdbc-1:1.8.0.4.1-1jpp.2.el7.ppc64le", "product_id": "java-1.8.0-ibm-jdbc-1:1.8.0.4.1-1jpp.2.el7.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.8.0-ibm-jdbc@1.8.0.4.1-1jpp.2.el7?arch=ppc64le\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.8.0-ibm-1:1.8.0.4.1-1jpp.2.el7.ppc64le", "product": { "name": "java-1.8.0-ibm-1:1.8.0.4.1-1jpp.2.el7.ppc64le", "product_id": "java-1.8.0-ibm-1:1.8.0.4.1-1jpp.2.el7.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.8.0-ibm@1.8.0.4.1-1jpp.2.el7?arch=ppc64le\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.8.0-ibm-demo-1:1.8.0.4.1-1jpp.2.el7.ppc64le", "product": { "name": "java-1.8.0-ibm-demo-1:1.8.0.4.1-1jpp.2.el7.ppc64le", "product_id": "java-1.8.0-ibm-demo-1:1.8.0.4.1-1jpp.2.el7.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.8.0-ibm-demo@1.8.0.4.1-1jpp.2.el7?arch=ppc64le\u0026epoch=1" } } } ], "category": "architecture", "name": "ppc64le" } ], "category": "vendor", "name": "Red Hat" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-1:1.8.0.4.1-1jpp.1.el6_8.i686 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 6)", "product_id": "6Client-Supplementary-6.8.z:java-1.8.0-ibm-1:1.8.0.4.1-1jpp.1.el6_8.i686" }, "product_reference": "java-1.8.0-ibm-1:1.8.0.4.1-1jpp.1.el6_8.i686", "relates_to_product_reference": "6Client-Supplementary-6.8.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-1:1.8.0.4.1-1jpp.1.el6_8.ppc64 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 6)", "product_id": "6Client-Supplementary-6.8.z:java-1.8.0-ibm-1:1.8.0.4.1-1jpp.1.el6_8.ppc64" }, "product_reference": "java-1.8.0-ibm-1:1.8.0.4.1-1jpp.1.el6_8.ppc64", "relates_to_product_reference": "6Client-Supplementary-6.8.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-1:1.8.0.4.1-1jpp.1.el6_8.s390x as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 6)", "product_id": "6Client-Supplementary-6.8.z:java-1.8.0-ibm-1:1.8.0.4.1-1jpp.1.el6_8.s390x" }, "product_reference": "java-1.8.0-ibm-1:1.8.0.4.1-1jpp.1.el6_8.s390x", "relates_to_product_reference": "6Client-Supplementary-6.8.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-1:1.8.0.4.1-1jpp.1.el6_8.x86_64 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 6)", "product_id": "6Client-Supplementary-6.8.z:java-1.8.0-ibm-1:1.8.0.4.1-1jpp.1.el6_8.x86_64" }, "product_reference": "java-1.8.0-ibm-1:1.8.0.4.1-1jpp.1.el6_8.x86_64", "relates_to_product_reference": "6Client-Supplementary-6.8.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-demo-1:1.8.0.4.1-1jpp.1.el6_8.i686 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 6)", "product_id": "6Client-Supplementary-6.8.z:java-1.8.0-ibm-demo-1:1.8.0.4.1-1jpp.1.el6_8.i686" }, "product_reference": "java-1.8.0-ibm-demo-1:1.8.0.4.1-1jpp.1.el6_8.i686", "relates_to_product_reference": "6Client-Supplementary-6.8.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-demo-1:1.8.0.4.1-1jpp.1.el6_8.ppc64 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 6)", "product_id": "6Client-Supplementary-6.8.z:java-1.8.0-ibm-demo-1:1.8.0.4.1-1jpp.1.el6_8.ppc64" }, "product_reference": "java-1.8.0-ibm-demo-1:1.8.0.4.1-1jpp.1.el6_8.ppc64", "relates_to_product_reference": "6Client-Supplementary-6.8.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-demo-1:1.8.0.4.1-1jpp.1.el6_8.s390x as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 6)", "product_id": "6Client-Supplementary-6.8.z:java-1.8.0-ibm-demo-1:1.8.0.4.1-1jpp.1.el6_8.s390x" }, "product_reference": "java-1.8.0-ibm-demo-1:1.8.0.4.1-1jpp.1.el6_8.s390x", "relates_to_product_reference": "6Client-Supplementary-6.8.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-demo-1:1.8.0.4.1-1jpp.1.el6_8.x86_64 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 6)", "product_id": "6Client-Supplementary-6.8.z:java-1.8.0-ibm-demo-1:1.8.0.4.1-1jpp.1.el6_8.x86_64" }, "product_reference": "java-1.8.0-ibm-demo-1:1.8.0.4.1-1jpp.1.el6_8.x86_64", "relates_to_product_reference": "6Client-Supplementary-6.8.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-devel-1:1.8.0.4.1-1jpp.1.el6_8.i686 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 6)", "product_id": "6Client-Supplementary-6.8.z:java-1.8.0-ibm-devel-1:1.8.0.4.1-1jpp.1.el6_8.i686" }, "product_reference": "java-1.8.0-ibm-devel-1:1.8.0.4.1-1jpp.1.el6_8.i686", "relates_to_product_reference": "6Client-Supplementary-6.8.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-devel-1:1.8.0.4.1-1jpp.1.el6_8.ppc64 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 6)", "product_id": "6Client-Supplementary-6.8.z:java-1.8.0-ibm-devel-1:1.8.0.4.1-1jpp.1.el6_8.ppc64" }, "product_reference": "java-1.8.0-ibm-devel-1:1.8.0.4.1-1jpp.1.el6_8.ppc64", "relates_to_product_reference": "6Client-Supplementary-6.8.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-devel-1:1.8.0.4.1-1jpp.1.el6_8.s390x as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 6)", "product_id": "6Client-Supplementary-6.8.z:java-1.8.0-ibm-devel-1:1.8.0.4.1-1jpp.1.el6_8.s390x" }, "product_reference": "java-1.8.0-ibm-devel-1:1.8.0.4.1-1jpp.1.el6_8.s390x", "relates_to_product_reference": "6Client-Supplementary-6.8.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-devel-1:1.8.0.4.1-1jpp.1.el6_8.x86_64 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 6)", "product_id": "6Client-Supplementary-6.8.z:java-1.8.0-ibm-devel-1:1.8.0.4.1-1jpp.1.el6_8.x86_64" }, "product_reference": "java-1.8.0-ibm-devel-1:1.8.0.4.1-1jpp.1.el6_8.x86_64", "relates_to_product_reference": "6Client-Supplementary-6.8.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-jdbc-1:1.8.0.4.1-1jpp.1.el6_8.i686 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 6)", "product_id": "6Client-Supplementary-6.8.z:java-1.8.0-ibm-jdbc-1:1.8.0.4.1-1jpp.1.el6_8.i686" }, "product_reference": "java-1.8.0-ibm-jdbc-1:1.8.0.4.1-1jpp.1.el6_8.i686", "relates_to_product_reference": "6Client-Supplementary-6.8.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-jdbc-1:1.8.0.4.1-1jpp.1.el6_8.ppc64 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 6)", "product_id": "6Client-Supplementary-6.8.z:java-1.8.0-ibm-jdbc-1:1.8.0.4.1-1jpp.1.el6_8.ppc64" }, "product_reference": "java-1.8.0-ibm-jdbc-1:1.8.0.4.1-1jpp.1.el6_8.ppc64", "relates_to_product_reference": "6Client-Supplementary-6.8.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-jdbc-1:1.8.0.4.1-1jpp.1.el6_8.s390x as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 6)", "product_id": "6Client-Supplementary-6.8.z:java-1.8.0-ibm-jdbc-1:1.8.0.4.1-1jpp.1.el6_8.s390x" }, "product_reference": "java-1.8.0-ibm-jdbc-1:1.8.0.4.1-1jpp.1.el6_8.s390x", "relates_to_product_reference": "6Client-Supplementary-6.8.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-jdbc-1:1.8.0.4.1-1jpp.1.el6_8.x86_64 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 6)", "product_id": "6Client-Supplementary-6.8.z:java-1.8.0-ibm-jdbc-1:1.8.0.4.1-1jpp.1.el6_8.x86_64" }, "product_reference": "java-1.8.0-ibm-jdbc-1:1.8.0.4.1-1jpp.1.el6_8.x86_64", "relates_to_product_reference": "6Client-Supplementary-6.8.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-plugin-1:1.8.0.4.1-1jpp.1.el6_8.i686 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 6)", "product_id": "6Client-Supplementary-6.8.z:java-1.8.0-ibm-plugin-1:1.8.0.4.1-1jpp.1.el6_8.i686" }, "product_reference": "java-1.8.0-ibm-plugin-1:1.8.0.4.1-1jpp.1.el6_8.i686", "relates_to_product_reference": "6Client-Supplementary-6.8.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-plugin-1:1.8.0.4.1-1jpp.1.el6_8.x86_64 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 6)", "product_id": "6Client-Supplementary-6.8.z:java-1.8.0-ibm-plugin-1:1.8.0.4.1-1jpp.1.el6_8.x86_64" }, "product_reference": "java-1.8.0-ibm-plugin-1:1.8.0.4.1-1jpp.1.el6_8.x86_64", "relates_to_product_reference": "6Client-Supplementary-6.8.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-src-1:1.8.0.4.1-1jpp.1.el6_8.i686 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 6)", "product_id": "6Client-Supplementary-6.8.z:java-1.8.0-ibm-src-1:1.8.0.4.1-1jpp.1.el6_8.i686" }, "product_reference": "java-1.8.0-ibm-src-1:1.8.0.4.1-1jpp.1.el6_8.i686", "relates_to_product_reference": "6Client-Supplementary-6.8.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-src-1:1.8.0.4.1-1jpp.1.el6_8.ppc64 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 6)", "product_id": "6Client-Supplementary-6.8.z:java-1.8.0-ibm-src-1:1.8.0.4.1-1jpp.1.el6_8.ppc64" }, "product_reference": "java-1.8.0-ibm-src-1:1.8.0.4.1-1jpp.1.el6_8.ppc64", "relates_to_product_reference": "6Client-Supplementary-6.8.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-src-1:1.8.0.4.1-1jpp.1.el6_8.s390x as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 6)", "product_id": "6Client-Supplementary-6.8.z:java-1.8.0-ibm-src-1:1.8.0.4.1-1jpp.1.el6_8.s390x" }, "product_reference": "java-1.8.0-ibm-src-1:1.8.0.4.1-1jpp.1.el6_8.s390x", "relates_to_product_reference": "6Client-Supplementary-6.8.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-src-1:1.8.0.4.1-1jpp.1.el6_8.x86_64 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 6)", "product_id": "6Client-Supplementary-6.8.z:java-1.8.0-ibm-src-1:1.8.0.4.1-1jpp.1.el6_8.x86_64" }, "product_reference": "java-1.8.0-ibm-src-1:1.8.0.4.1-1jpp.1.el6_8.x86_64", "relates_to_product_reference": "6Client-Supplementary-6.8.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-1:1.8.0.4.1-1jpp.1.el6_8.i686 as a component of Red Hat Enterprise Linux HPC Node Supplementary (v. 6)", "product_id": "6ComputeNode-Supplementary-6.8.z:java-1.8.0-ibm-1:1.8.0.4.1-1jpp.1.el6_8.i686" }, "product_reference": "java-1.8.0-ibm-1:1.8.0.4.1-1jpp.1.el6_8.i686", "relates_to_product_reference": "6ComputeNode-Supplementary-6.8.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-1:1.8.0.4.1-1jpp.1.el6_8.ppc64 as a component of Red Hat Enterprise Linux HPC Node Supplementary (v. 6)", "product_id": "6ComputeNode-Supplementary-6.8.z:java-1.8.0-ibm-1:1.8.0.4.1-1jpp.1.el6_8.ppc64" }, "product_reference": "java-1.8.0-ibm-1:1.8.0.4.1-1jpp.1.el6_8.ppc64", "relates_to_product_reference": "6ComputeNode-Supplementary-6.8.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-1:1.8.0.4.1-1jpp.1.el6_8.s390x as a component of Red Hat Enterprise Linux HPC Node Supplementary (v. 6)", "product_id": "6ComputeNode-Supplementary-6.8.z:java-1.8.0-ibm-1:1.8.0.4.1-1jpp.1.el6_8.s390x" }, "product_reference": "java-1.8.0-ibm-1:1.8.0.4.1-1jpp.1.el6_8.s390x", "relates_to_product_reference": "6ComputeNode-Supplementary-6.8.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-1:1.8.0.4.1-1jpp.1.el6_8.x86_64 as a component of Red Hat Enterprise Linux HPC Node Supplementary (v. 6)", "product_id": "6ComputeNode-Supplementary-6.8.z:java-1.8.0-ibm-1:1.8.0.4.1-1jpp.1.el6_8.x86_64" }, "product_reference": "java-1.8.0-ibm-1:1.8.0.4.1-1jpp.1.el6_8.x86_64", "relates_to_product_reference": "6ComputeNode-Supplementary-6.8.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-demo-1:1.8.0.4.1-1jpp.1.el6_8.i686 as a component of Red Hat Enterprise Linux HPC Node Supplementary (v. 6)", "product_id": "6ComputeNode-Supplementary-6.8.z:java-1.8.0-ibm-demo-1:1.8.0.4.1-1jpp.1.el6_8.i686" }, "product_reference": "java-1.8.0-ibm-demo-1:1.8.0.4.1-1jpp.1.el6_8.i686", "relates_to_product_reference": "6ComputeNode-Supplementary-6.8.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-demo-1:1.8.0.4.1-1jpp.1.el6_8.ppc64 as a component of Red Hat Enterprise Linux HPC Node Supplementary (v. 6)", "product_id": "6ComputeNode-Supplementary-6.8.z:java-1.8.0-ibm-demo-1:1.8.0.4.1-1jpp.1.el6_8.ppc64" }, "product_reference": "java-1.8.0-ibm-demo-1:1.8.0.4.1-1jpp.1.el6_8.ppc64", "relates_to_product_reference": "6ComputeNode-Supplementary-6.8.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-demo-1:1.8.0.4.1-1jpp.1.el6_8.s390x as a component of Red Hat Enterprise Linux HPC Node Supplementary (v. 6)", "product_id": "6ComputeNode-Supplementary-6.8.z:java-1.8.0-ibm-demo-1:1.8.0.4.1-1jpp.1.el6_8.s390x" }, "product_reference": "java-1.8.0-ibm-demo-1:1.8.0.4.1-1jpp.1.el6_8.s390x", "relates_to_product_reference": "6ComputeNode-Supplementary-6.8.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-demo-1:1.8.0.4.1-1jpp.1.el6_8.x86_64 as a component of Red Hat Enterprise Linux HPC Node Supplementary (v. 6)", "product_id": "6ComputeNode-Supplementary-6.8.z:java-1.8.0-ibm-demo-1:1.8.0.4.1-1jpp.1.el6_8.x86_64" }, "product_reference": "java-1.8.0-ibm-demo-1:1.8.0.4.1-1jpp.1.el6_8.x86_64", "relates_to_product_reference": "6ComputeNode-Supplementary-6.8.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-devel-1:1.8.0.4.1-1jpp.1.el6_8.i686 as a component of Red Hat Enterprise Linux HPC Node Supplementary (v. 6)", "product_id": "6ComputeNode-Supplementary-6.8.z:java-1.8.0-ibm-devel-1:1.8.0.4.1-1jpp.1.el6_8.i686" }, "product_reference": "java-1.8.0-ibm-devel-1:1.8.0.4.1-1jpp.1.el6_8.i686", "relates_to_product_reference": "6ComputeNode-Supplementary-6.8.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-devel-1:1.8.0.4.1-1jpp.1.el6_8.ppc64 as a component of Red Hat Enterprise Linux HPC Node Supplementary (v. 6)", "product_id": "6ComputeNode-Supplementary-6.8.z:java-1.8.0-ibm-devel-1:1.8.0.4.1-1jpp.1.el6_8.ppc64" }, "product_reference": "java-1.8.0-ibm-devel-1:1.8.0.4.1-1jpp.1.el6_8.ppc64", "relates_to_product_reference": "6ComputeNode-Supplementary-6.8.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-devel-1:1.8.0.4.1-1jpp.1.el6_8.s390x as a component of Red Hat Enterprise Linux HPC Node Supplementary (v. 6)", "product_id": "6ComputeNode-Supplementary-6.8.z:java-1.8.0-ibm-devel-1:1.8.0.4.1-1jpp.1.el6_8.s390x" }, "product_reference": "java-1.8.0-ibm-devel-1:1.8.0.4.1-1jpp.1.el6_8.s390x", "relates_to_product_reference": "6ComputeNode-Supplementary-6.8.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-devel-1:1.8.0.4.1-1jpp.1.el6_8.x86_64 as a component of Red Hat Enterprise Linux HPC Node Supplementary (v. 6)", "product_id": "6ComputeNode-Supplementary-6.8.z:java-1.8.0-ibm-devel-1:1.8.0.4.1-1jpp.1.el6_8.x86_64" }, "product_reference": "java-1.8.0-ibm-devel-1:1.8.0.4.1-1jpp.1.el6_8.x86_64", "relates_to_product_reference": "6ComputeNode-Supplementary-6.8.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-jdbc-1:1.8.0.4.1-1jpp.1.el6_8.i686 as a component of Red Hat Enterprise Linux HPC Node Supplementary (v. 6)", "product_id": "6ComputeNode-Supplementary-6.8.z:java-1.8.0-ibm-jdbc-1:1.8.0.4.1-1jpp.1.el6_8.i686" }, "product_reference": "java-1.8.0-ibm-jdbc-1:1.8.0.4.1-1jpp.1.el6_8.i686", "relates_to_product_reference": "6ComputeNode-Supplementary-6.8.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-jdbc-1:1.8.0.4.1-1jpp.1.el6_8.ppc64 as a component of Red Hat Enterprise Linux HPC Node Supplementary (v. 6)", "product_id": "6ComputeNode-Supplementary-6.8.z:java-1.8.0-ibm-jdbc-1:1.8.0.4.1-1jpp.1.el6_8.ppc64" }, "product_reference": "java-1.8.0-ibm-jdbc-1:1.8.0.4.1-1jpp.1.el6_8.ppc64", "relates_to_product_reference": "6ComputeNode-Supplementary-6.8.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-jdbc-1:1.8.0.4.1-1jpp.1.el6_8.s390x as a component of Red Hat Enterprise Linux HPC Node Supplementary (v. 6)", "product_id": "6ComputeNode-Supplementary-6.8.z:java-1.8.0-ibm-jdbc-1:1.8.0.4.1-1jpp.1.el6_8.s390x" }, "product_reference": "java-1.8.0-ibm-jdbc-1:1.8.0.4.1-1jpp.1.el6_8.s390x", "relates_to_product_reference": "6ComputeNode-Supplementary-6.8.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-jdbc-1:1.8.0.4.1-1jpp.1.el6_8.x86_64 as a component of Red Hat Enterprise Linux HPC Node Supplementary (v. 6)", "product_id": "6ComputeNode-Supplementary-6.8.z:java-1.8.0-ibm-jdbc-1:1.8.0.4.1-1jpp.1.el6_8.x86_64" }, "product_reference": "java-1.8.0-ibm-jdbc-1:1.8.0.4.1-1jpp.1.el6_8.x86_64", "relates_to_product_reference": "6ComputeNode-Supplementary-6.8.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-plugin-1:1.8.0.4.1-1jpp.1.el6_8.i686 as a component of Red Hat Enterprise Linux HPC Node Supplementary (v. 6)", "product_id": "6ComputeNode-Supplementary-6.8.z:java-1.8.0-ibm-plugin-1:1.8.0.4.1-1jpp.1.el6_8.i686" }, "product_reference": "java-1.8.0-ibm-plugin-1:1.8.0.4.1-1jpp.1.el6_8.i686", "relates_to_product_reference": "6ComputeNode-Supplementary-6.8.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-plugin-1:1.8.0.4.1-1jpp.1.el6_8.x86_64 as a component of Red Hat Enterprise Linux HPC Node Supplementary (v. 6)", "product_id": "6ComputeNode-Supplementary-6.8.z:java-1.8.0-ibm-plugin-1:1.8.0.4.1-1jpp.1.el6_8.x86_64" }, "product_reference": "java-1.8.0-ibm-plugin-1:1.8.0.4.1-1jpp.1.el6_8.x86_64", "relates_to_product_reference": "6ComputeNode-Supplementary-6.8.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-src-1:1.8.0.4.1-1jpp.1.el6_8.i686 as a component of Red Hat Enterprise Linux HPC Node Supplementary (v. 6)", "product_id": "6ComputeNode-Supplementary-6.8.z:java-1.8.0-ibm-src-1:1.8.0.4.1-1jpp.1.el6_8.i686" }, "product_reference": "java-1.8.0-ibm-src-1:1.8.0.4.1-1jpp.1.el6_8.i686", "relates_to_product_reference": "6ComputeNode-Supplementary-6.8.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-src-1:1.8.0.4.1-1jpp.1.el6_8.ppc64 as a component of Red Hat Enterprise Linux HPC Node Supplementary (v. 6)", "product_id": "6ComputeNode-Supplementary-6.8.z:java-1.8.0-ibm-src-1:1.8.0.4.1-1jpp.1.el6_8.ppc64" }, "product_reference": "java-1.8.0-ibm-src-1:1.8.0.4.1-1jpp.1.el6_8.ppc64", "relates_to_product_reference": "6ComputeNode-Supplementary-6.8.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-src-1:1.8.0.4.1-1jpp.1.el6_8.s390x as a component of Red Hat Enterprise Linux HPC Node Supplementary (v. 6)", "product_id": "6ComputeNode-Supplementary-6.8.z:java-1.8.0-ibm-src-1:1.8.0.4.1-1jpp.1.el6_8.s390x" }, "product_reference": "java-1.8.0-ibm-src-1:1.8.0.4.1-1jpp.1.el6_8.s390x", "relates_to_product_reference": "6ComputeNode-Supplementary-6.8.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-src-1:1.8.0.4.1-1jpp.1.el6_8.x86_64 as a component of Red Hat Enterprise Linux HPC Node Supplementary (v. 6)", "product_id": "6ComputeNode-Supplementary-6.8.z:java-1.8.0-ibm-src-1:1.8.0.4.1-1jpp.1.el6_8.x86_64" }, "product_reference": "java-1.8.0-ibm-src-1:1.8.0.4.1-1jpp.1.el6_8.x86_64", "relates_to_product_reference": "6ComputeNode-Supplementary-6.8.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-1:1.8.0.4.1-1jpp.1.el6_8.i686 as a component of Red Hat Enterprise Linux Server Supplementary (v. 6)", "product_id": "6Server-Supplementary-6.8.z:java-1.8.0-ibm-1:1.8.0.4.1-1jpp.1.el6_8.i686" }, "product_reference": "java-1.8.0-ibm-1:1.8.0.4.1-1jpp.1.el6_8.i686", "relates_to_product_reference": "6Server-Supplementary-6.8.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-1:1.8.0.4.1-1jpp.1.el6_8.ppc64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 6)", "product_id": "6Server-Supplementary-6.8.z:java-1.8.0-ibm-1:1.8.0.4.1-1jpp.1.el6_8.ppc64" }, "product_reference": "java-1.8.0-ibm-1:1.8.0.4.1-1jpp.1.el6_8.ppc64", "relates_to_product_reference": "6Server-Supplementary-6.8.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-1:1.8.0.4.1-1jpp.1.el6_8.s390x as a component of Red Hat Enterprise Linux Server Supplementary (v. 6)", "product_id": "6Server-Supplementary-6.8.z:java-1.8.0-ibm-1:1.8.0.4.1-1jpp.1.el6_8.s390x" }, "product_reference": "java-1.8.0-ibm-1:1.8.0.4.1-1jpp.1.el6_8.s390x", "relates_to_product_reference": "6Server-Supplementary-6.8.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-1:1.8.0.4.1-1jpp.1.el6_8.x86_64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 6)", "product_id": "6Server-Supplementary-6.8.z:java-1.8.0-ibm-1:1.8.0.4.1-1jpp.1.el6_8.x86_64" }, "product_reference": "java-1.8.0-ibm-1:1.8.0.4.1-1jpp.1.el6_8.x86_64", "relates_to_product_reference": "6Server-Supplementary-6.8.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-demo-1:1.8.0.4.1-1jpp.1.el6_8.i686 as a component of Red Hat Enterprise Linux Server Supplementary (v. 6)", "product_id": "6Server-Supplementary-6.8.z:java-1.8.0-ibm-demo-1:1.8.0.4.1-1jpp.1.el6_8.i686" }, "product_reference": "java-1.8.0-ibm-demo-1:1.8.0.4.1-1jpp.1.el6_8.i686", "relates_to_product_reference": "6Server-Supplementary-6.8.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-demo-1:1.8.0.4.1-1jpp.1.el6_8.ppc64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 6)", "product_id": "6Server-Supplementary-6.8.z:java-1.8.0-ibm-demo-1:1.8.0.4.1-1jpp.1.el6_8.ppc64" }, "product_reference": "java-1.8.0-ibm-demo-1:1.8.0.4.1-1jpp.1.el6_8.ppc64", "relates_to_product_reference": "6Server-Supplementary-6.8.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-demo-1:1.8.0.4.1-1jpp.1.el6_8.s390x as a component of Red Hat Enterprise Linux Server Supplementary (v. 6)", "product_id": "6Server-Supplementary-6.8.z:java-1.8.0-ibm-demo-1:1.8.0.4.1-1jpp.1.el6_8.s390x" }, "product_reference": "java-1.8.0-ibm-demo-1:1.8.0.4.1-1jpp.1.el6_8.s390x", "relates_to_product_reference": "6Server-Supplementary-6.8.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-demo-1:1.8.0.4.1-1jpp.1.el6_8.x86_64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 6)", "product_id": "6Server-Supplementary-6.8.z:java-1.8.0-ibm-demo-1:1.8.0.4.1-1jpp.1.el6_8.x86_64" }, "product_reference": "java-1.8.0-ibm-demo-1:1.8.0.4.1-1jpp.1.el6_8.x86_64", "relates_to_product_reference": "6Server-Supplementary-6.8.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-devel-1:1.8.0.4.1-1jpp.1.el6_8.i686 as a component of Red Hat Enterprise Linux Server Supplementary (v. 6)", "product_id": "6Server-Supplementary-6.8.z:java-1.8.0-ibm-devel-1:1.8.0.4.1-1jpp.1.el6_8.i686" }, "product_reference": "java-1.8.0-ibm-devel-1:1.8.0.4.1-1jpp.1.el6_8.i686", "relates_to_product_reference": "6Server-Supplementary-6.8.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-devel-1:1.8.0.4.1-1jpp.1.el6_8.ppc64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 6)", "product_id": "6Server-Supplementary-6.8.z:java-1.8.0-ibm-devel-1:1.8.0.4.1-1jpp.1.el6_8.ppc64" }, "product_reference": "java-1.8.0-ibm-devel-1:1.8.0.4.1-1jpp.1.el6_8.ppc64", "relates_to_product_reference": "6Server-Supplementary-6.8.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-devel-1:1.8.0.4.1-1jpp.1.el6_8.s390x as a component of Red Hat Enterprise Linux Server Supplementary (v. 6)", "product_id": "6Server-Supplementary-6.8.z:java-1.8.0-ibm-devel-1:1.8.0.4.1-1jpp.1.el6_8.s390x" }, "product_reference": "java-1.8.0-ibm-devel-1:1.8.0.4.1-1jpp.1.el6_8.s390x", "relates_to_product_reference": "6Server-Supplementary-6.8.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-devel-1:1.8.0.4.1-1jpp.1.el6_8.x86_64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 6)", "product_id": "6Server-Supplementary-6.8.z:java-1.8.0-ibm-devel-1:1.8.0.4.1-1jpp.1.el6_8.x86_64" }, "product_reference": "java-1.8.0-ibm-devel-1:1.8.0.4.1-1jpp.1.el6_8.x86_64", "relates_to_product_reference": "6Server-Supplementary-6.8.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-jdbc-1:1.8.0.4.1-1jpp.1.el6_8.i686 as a component of Red Hat Enterprise Linux Server Supplementary (v. 6)", "product_id": "6Server-Supplementary-6.8.z:java-1.8.0-ibm-jdbc-1:1.8.0.4.1-1jpp.1.el6_8.i686" }, "product_reference": "java-1.8.0-ibm-jdbc-1:1.8.0.4.1-1jpp.1.el6_8.i686", "relates_to_product_reference": "6Server-Supplementary-6.8.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-jdbc-1:1.8.0.4.1-1jpp.1.el6_8.ppc64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 6)", "product_id": "6Server-Supplementary-6.8.z:java-1.8.0-ibm-jdbc-1:1.8.0.4.1-1jpp.1.el6_8.ppc64" }, "product_reference": "java-1.8.0-ibm-jdbc-1:1.8.0.4.1-1jpp.1.el6_8.ppc64", "relates_to_product_reference": "6Server-Supplementary-6.8.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-jdbc-1:1.8.0.4.1-1jpp.1.el6_8.s390x as a component of Red Hat Enterprise Linux Server Supplementary (v. 6)", "product_id": "6Server-Supplementary-6.8.z:java-1.8.0-ibm-jdbc-1:1.8.0.4.1-1jpp.1.el6_8.s390x" }, "product_reference": "java-1.8.0-ibm-jdbc-1:1.8.0.4.1-1jpp.1.el6_8.s390x", "relates_to_product_reference": "6Server-Supplementary-6.8.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-jdbc-1:1.8.0.4.1-1jpp.1.el6_8.x86_64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 6)", "product_id": "6Server-Supplementary-6.8.z:java-1.8.0-ibm-jdbc-1:1.8.0.4.1-1jpp.1.el6_8.x86_64" }, "product_reference": "java-1.8.0-ibm-jdbc-1:1.8.0.4.1-1jpp.1.el6_8.x86_64", "relates_to_product_reference": "6Server-Supplementary-6.8.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-plugin-1:1.8.0.4.1-1jpp.1.el6_8.i686 as a component of Red Hat Enterprise Linux Server Supplementary (v. 6)", "product_id": "6Server-Supplementary-6.8.z:java-1.8.0-ibm-plugin-1:1.8.0.4.1-1jpp.1.el6_8.i686" }, "product_reference": "java-1.8.0-ibm-plugin-1:1.8.0.4.1-1jpp.1.el6_8.i686", "relates_to_product_reference": "6Server-Supplementary-6.8.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-plugin-1:1.8.0.4.1-1jpp.1.el6_8.x86_64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 6)", "product_id": "6Server-Supplementary-6.8.z:java-1.8.0-ibm-plugin-1:1.8.0.4.1-1jpp.1.el6_8.x86_64" }, "product_reference": "java-1.8.0-ibm-plugin-1:1.8.0.4.1-1jpp.1.el6_8.x86_64", "relates_to_product_reference": "6Server-Supplementary-6.8.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-src-1:1.8.0.4.1-1jpp.1.el6_8.i686 as a component of Red Hat Enterprise Linux Server Supplementary (v. 6)", "product_id": "6Server-Supplementary-6.8.z:java-1.8.0-ibm-src-1:1.8.0.4.1-1jpp.1.el6_8.i686" }, "product_reference": "java-1.8.0-ibm-src-1:1.8.0.4.1-1jpp.1.el6_8.i686", "relates_to_product_reference": "6Server-Supplementary-6.8.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-src-1:1.8.0.4.1-1jpp.1.el6_8.ppc64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 6)", "product_id": "6Server-Supplementary-6.8.z:java-1.8.0-ibm-src-1:1.8.0.4.1-1jpp.1.el6_8.ppc64" }, "product_reference": "java-1.8.0-ibm-src-1:1.8.0.4.1-1jpp.1.el6_8.ppc64", "relates_to_product_reference": "6Server-Supplementary-6.8.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-src-1:1.8.0.4.1-1jpp.1.el6_8.s390x as a component of Red Hat Enterprise Linux Server Supplementary (v. 6)", "product_id": "6Server-Supplementary-6.8.z:java-1.8.0-ibm-src-1:1.8.0.4.1-1jpp.1.el6_8.s390x" }, "product_reference": "java-1.8.0-ibm-src-1:1.8.0.4.1-1jpp.1.el6_8.s390x", "relates_to_product_reference": "6Server-Supplementary-6.8.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-src-1:1.8.0.4.1-1jpp.1.el6_8.x86_64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 6)", "product_id": "6Server-Supplementary-6.8.z:java-1.8.0-ibm-src-1:1.8.0.4.1-1jpp.1.el6_8.x86_64" }, "product_reference": "java-1.8.0-ibm-src-1:1.8.0.4.1-1jpp.1.el6_8.x86_64", "relates_to_product_reference": "6Server-Supplementary-6.8.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-1:1.8.0.4.1-1jpp.1.el6_8.i686 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 6)", "product_id": "6Workstation-Supplementary-6.8.z:java-1.8.0-ibm-1:1.8.0.4.1-1jpp.1.el6_8.i686" }, "product_reference": "java-1.8.0-ibm-1:1.8.0.4.1-1jpp.1.el6_8.i686", "relates_to_product_reference": "6Workstation-Supplementary-6.8.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-1:1.8.0.4.1-1jpp.1.el6_8.ppc64 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 6)", "product_id": "6Workstation-Supplementary-6.8.z:java-1.8.0-ibm-1:1.8.0.4.1-1jpp.1.el6_8.ppc64" }, "product_reference": "java-1.8.0-ibm-1:1.8.0.4.1-1jpp.1.el6_8.ppc64", "relates_to_product_reference": "6Workstation-Supplementary-6.8.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-1:1.8.0.4.1-1jpp.1.el6_8.s390x as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 6)", "product_id": "6Workstation-Supplementary-6.8.z:java-1.8.0-ibm-1:1.8.0.4.1-1jpp.1.el6_8.s390x" }, "product_reference": "java-1.8.0-ibm-1:1.8.0.4.1-1jpp.1.el6_8.s390x", "relates_to_product_reference": "6Workstation-Supplementary-6.8.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-1:1.8.0.4.1-1jpp.1.el6_8.x86_64 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 6)", "product_id": "6Workstation-Supplementary-6.8.z:java-1.8.0-ibm-1:1.8.0.4.1-1jpp.1.el6_8.x86_64" }, "product_reference": "java-1.8.0-ibm-1:1.8.0.4.1-1jpp.1.el6_8.x86_64", "relates_to_product_reference": "6Workstation-Supplementary-6.8.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-demo-1:1.8.0.4.1-1jpp.1.el6_8.i686 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 6)", "product_id": "6Workstation-Supplementary-6.8.z:java-1.8.0-ibm-demo-1:1.8.0.4.1-1jpp.1.el6_8.i686" }, "product_reference": "java-1.8.0-ibm-demo-1:1.8.0.4.1-1jpp.1.el6_8.i686", "relates_to_product_reference": "6Workstation-Supplementary-6.8.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-demo-1:1.8.0.4.1-1jpp.1.el6_8.ppc64 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 6)", "product_id": "6Workstation-Supplementary-6.8.z:java-1.8.0-ibm-demo-1:1.8.0.4.1-1jpp.1.el6_8.ppc64" }, "product_reference": "java-1.8.0-ibm-demo-1:1.8.0.4.1-1jpp.1.el6_8.ppc64", "relates_to_product_reference": "6Workstation-Supplementary-6.8.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-demo-1:1.8.0.4.1-1jpp.1.el6_8.s390x as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 6)", "product_id": "6Workstation-Supplementary-6.8.z:java-1.8.0-ibm-demo-1:1.8.0.4.1-1jpp.1.el6_8.s390x" }, "product_reference": "java-1.8.0-ibm-demo-1:1.8.0.4.1-1jpp.1.el6_8.s390x", "relates_to_product_reference": "6Workstation-Supplementary-6.8.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-demo-1:1.8.0.4.1-1jpp.1.el6_8.x86_64 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 6)", "product_id": "6Workstation-Supplementary-6.8.z:java-1.8.0-ibm-demo-1:1.8.0.4.1-1jpp.1.el6_8.x86_64" }, "product_reference": "java-1.8.0-ibm-demo-1:1.8.0.4.1-1jpp.1.el6_8.x86_64", "relates_to_product_reference": "6Workstation-Supplementary-6.8.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-devel-1:1.8.0.4.1-1jpp.1.el6_8.i686 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 6)", "product_id": "6Workstation-Supplementary-6.8.z:java-1.8.0-ibm-devel-1:1.8.0.4.1-1jpp.1.el6_8.i686" }, "product_reference": "java-1.8.0-ibm-devel-1:1.8.0.4.1-1jpp.1.el6_8.i686", "relates_to_product_reference": "6Workstation-Supplementary-6.8.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-devel-1:1.8.0.4.1-1jpp.1.el6_8.ppc64 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 6)", "product_id": "6Workstation-Supplementary-6.8.z:java-1.8.0-ibm-devel-1:1.8.0.4.1-1jpp.1.el6_8.ppc64" }, "product_reference": "java-1.8.0-ibm-devel-1:1.8.0.4.1-1jpp.1.el6_8.ppc64", "relates_to_product_reference": "6Workstation-Supplementary-6.8.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-devel-1:1.8.0.4.1-1jpp.1.el6_8.s390x as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 6)", "product_id": "6Workstation-Supplementary-6.8.z:java-1.8.0-ibm-devel-1:1.8.0.4.1-1jpp.1.el6_8.s390x" }, "product_reference": "java-1.8.0-ibm-devel-1:1.8.0.4.1-1jpp.1.el6_8.s390x", "relates_to_product_reference": "6Workstation-Supplementary-6.8.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-devel-1:1.8.0.4.1-1jpp.1.el6_8.x86_64 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 6)", "product_id": "6Workstation-Supplementary-6.8.z:java-1.8.0-ibm-devel-1:1.8.0.4.1-1jpp.1.el6_8.x86_64" }, "product_reference": "java-1.8.0-ibm-devel-1:1.8.0.4.1-1jpp.1.el6_8.x86_64", "relates_to_product_reference": "6Workstation-Supplementary-6.8.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-jdbc-1:1.8.0.4.1-1jpp.1.el6_8.i686 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 6)", "product_id": "6Workstation-Supplementary-6.8.z:java-1.8.0-ibm-jdbc-1:1.8.0.4.1-1jpp.1.el6_8.i686" }, "product_reference": "java-1.8.0-ibm-jdbc-1:1.8.0.4.1-1jpp.1.el6_8.i686", "relates_to_product_reference": "6Workstation-Supplementary-6.8.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-jdbc-1:1.8.0.4.1-1jpp.1.el6_8.ppc64 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 6)", "product_id": "6Workstation-Supplementary-6.8.z:java-1.8.0-ibm-jdbc-1:1.8.0.4.1-1jpp.1.el6_8.ppc64" }, "product_reference": "java-1.8.0-ibm-jdbc-1:1.8.0.4.1-1jpp.1.el6_8.ppc64", "relates_to_product_reference": "6Workstation-Supplementary-6.8.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-jdbc-1:1.8.0.4.1-1jpp.1.el6_8.s390x as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 6)", "product_id": "6Workstation-Supplementary-6.8.z:java-1.8.0-ibm-jdbc-1:1.8.0.4.1-1jpp.1.el6_8.s390x" }, "product_reference": "java-1.8.0-ibm-jdbc-1:1.8.0.4.1-1jpp.1.el6_8.s390x", "relates_to_product_reference": "6Workstation-Supplementary-6.8.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-jdbc-1:1.8.0.4.1-1jpp.1.el6_8.x86_64 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 6)", "product_id": "6Workstation-Supplementary-6.8.z:java-1.8.0-ibm-jdbc-1:1.8.0.4.1-1jpp.1.el6_8.x86_64" }, "product_reference": "java-1.8.0-ibm-jdbc-1:1.8.0.4.1-1jpp.1.el6_8.x86_64", "relates_to_product_reference": "6Workstation-Supplementary-6.8.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-plugin-1:1.8.0.4.1-1jpp.1.el6_8.i686 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 6)", "product_id": "6Workstation-Supplementary-6.8.z:java-1.8.0-ibm-plugin-1:1.8.0.4.1-1jpp.1.el6_8.i686" }, "product_reference": "java-1.8.0-ibm-plugin-1:1.8.0.4.1-1jpp.1.el6_8.i686", "relates_to_product_reference": "6Workstation-Supplementary-6.8.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-plugin-1:1.8.0.4.1-1jpp.1.el6_8.x86_64 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 6)", "product_id": "6Workstation-Supplementary-6.8.z:java-1.8.0-ibm-plugin-1:1.8.0.4.1-1jpp.1.el6_8.x86_64" }, "product_reference": "java-1.8.0-ibm-plugin-1:1.8.0.4.1-1jpp.1.el6_8.x86_64", "relates_to_product_reference": "6Workstation-Supplementary-6.8.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-src-1:1.8.0.4.1-1jpp.1.el6_8.i686 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 6)", "product_id": "6Workstation-Supplementary-6.8.z:java-1.8.0-ibm-src-1:1.8.0.4.1-1jpp.1.el6_8.i686" }, "product_reference": "java-1.8.0-ibm-src-1:1.8.0.4.1-1jpp.1.el6_8.i686", "relates_to_product_reference": "6Workstation-Supplementary-6.8.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-src-1:1.8.0.4.1-1jpp.1.el6_8.ppc64 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 6)", "product_id": "6Workstation-Supplementary-6.8.z:java-1.8.0-ibm-src-1:1.8.0.4.1-1jpp.1.el6_8.ppc64" }, "product_reference": "java-1.8.0-ibm-src-1:1.8.0.4.1-1jpp.1.el6_8.ppc64", "relates_to_product_reference": "6Workstation-Supplementary-6.8.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-src-1:1.8.0.4.1-1jpp.1.el6_8.s390x as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 6)", "product_id": "6Workstation-Supplementary-6.8.z:java-1.8.0-ibm-src-1:1.8.0.4.1-1jpp.1.el6_8.s390x" }, "product_reference": "java-1.8.0-ibm-src-1:1.8.0.4.1-1jpp.1.el6_8.s390x", "relates_to_product_reference": "6Workstation-Supplementary-6.8.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-src-1:1.8.0.4.1-1jpp.1.el6_8.x86_64 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 6)", "product_id": "6Workstation-Supplementary-6.8.z:java-1.8.0-ibm-src-1:1.8.0.4.1-1jpp.1.el6_8.x86_64" }, "product_reference": "java-1.8.0-ibm-src-1:1.8.0.4.1-1jpp.1.el6_8.x86_64", "relates_to_product_reference": "6Workstation-Supplementary-6.8.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-1:1.8.0.4.1-1jpp.2.el7.i686 as a component of Red Hat Enterprise Linux Client Supplementary (v. 7)", "product_id": "7Client-7.3.Z-Client:java-1.8.0-ibm-1:1.8.0.4.1-1jpp.2.el7.i686" }, "product_reference": "java-1.8.0-ibm-1:1.8.0.4.1-1jpp.2.el7.i686", "relates_to_product_reference": "7Client-7.3.Z-Client" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-1:1.8.0.4.1-1jpp.2.el7.ppc as a component of Red Hat Enterprise Linux Client Supplementary (v. 7)", "product_id": "7Client-7.3.Z-Client:java-1.8.0-ibm-1:1.8.0.4.1-1jpp.2.el7.ppc" }, "product_reference": "java-1.8.0-ibm-1:1.8.0.4.1-1jpp.2.el7.ppc", "relates_to_product_reference": "7Client-7.3.Z-Client" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-1:1.8.0.4.1-1jpp.2.el7.ppc64 as a component of Red Hat Enterprise Linux Client Supplementary (v. 7)", "product_id": "7Client-7.3.Z-Client:java-1.8.0-ibm-1:1.8.0.4.1-1jpp.2.el7.ppc64" }, "product_reference": "java-1.8.0-ibm-1:1.8.0.4.1-1jpp.2.el7.ppc64", "relates_to_product_reference": "7Client-7.3.Z-Client" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-1:1.8.0.4.1-1jpp.2.el7.ppc64le as a component of Red Hat Enterprise Linux Client Supplementary (v. 7)", "product_id": "7Client-7.3.Z-Client:java-1.8.0-ibm-1:1.8.0.4.1-1jpp.2.el7.ppc64le" }, "product_reference": "java-1.8.0-ibm-1:1.8.0.4.1-1jpp.2.el7.ppc64le", "relates_to_product_reference": "7Client-7.3.Z-Client" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-1:1.8.0.4.1-1jpp.2.el7.s390 as a component of Red Hat Enterprise Linux Client Supplementary (v. 7)", "product_id": "7Client-7.3.Z-Client:java-1.8.0-ibm-1:1.8.0.4.1-1jpp.2.el7.s390" }, "product_reference": "java-1.8.0-ibm-1:1.8.0.4.1-1jpp.2.el7.s390", "relates_to_product_reference": "7Client-7.3.Z-Client" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-1:1.8.0.4.1-1jpp.2.el7.s390x as a component of Red Hat Enterprise Linux Client Supplementary (v. 7)", "product_id": "7Client-7.3.Z-Client:java-1.8.0-ibm-1:1.8.0.4.1-1jpp.2.el7.s390x" }, "product_reference": "java-1.8.0-ibm-1:1.8.0.4.1-1jpp.2.el7.s390x", "relates_to_product_reference": "7Client-7.3.Z-Client" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-1:1.8.0.4.1-1jpp.2.el7.x86_64 as a component of Red Hat Enterprise Linux Client Supplementary (v. 7)", "product_id": "7Client-7.3.Z-Client:java-1.8.0-ibm-1:1.8.0.4.1-1jpp.2.el7.x86_64" }, "product_reference": "java-1.8.0-ibm-1:1.8.0.4.1-1jpp.2.el7.x86_64", "relates_to_product_reference": "7Client-7.3.Z-Client" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-demo-1:1.8.0.4.1-1jpp.2.el7.ppc64 as a component of Red Hat Enterprise Linux Client Supplementary (v. 7)", "product_id": "7Client-7.3.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.4.1-1jpp.2.el7.ppc64" }, "product_reference": "java-1.8.0-ibm-demo-1:1.8.0.4.1-1jpp.2.el7.ppc64", "relates_to_product_reference": "7Client-7.3.Z-Client" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-demo-1:1.8.0.4.1-1jpp.2.el7.ppc64le as a component of Red Hat Enterprise Linux Client Supplementary (v. 7)", "product_id": "7Client-7.3.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.4.1-1jpp.2.el7.ppc64le" }, "product_reference": "java-1.8.0-ibm-demo-1:1.8.0.4.1-1jpp.2.el7.ppc64le", "relates_to_product_reference": "7Client-7.3.Z-Client" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-demo-1:1.8.0.4.1-1jpp.2.el7.s390x as a component of Red Hat Enterprise Linux Client Supplementary (v. 7)", "product_id": "7Client-7.3.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.4.1-1jpp.2.el7.s390x" }, "product_reference": "java-1.8.0-ibm-demo-1:1.8.0.4.1-1jpp.2.el7.s390x", "relates_to_product_reference": "7Client-7.3.Z-Client" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-demo-1:1.8.0.4.1-1jpp.2.el7.x86_64 as a component of Red Hat Enterprise Linux Client Supplementary (v. 7)", "product_id": "7Client-7.3.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.4.1-1jpp.2.el7.x86_64" }, "product_reference": "java-1.8.0-ibm-demo-1:1.8.0.4.1-1jpp.2.el7.x86_64", "relates_to_product_reference": "7Client-7.3.Z-Client" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-devel-1:1.8.0.4.1-1jpp.2.el7.i686 as a component of Red Hat Enterprise Linux Client Supplementary (v. 7)", "product_id": "7Client-7.3.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.4.1-1jpp.2.el7.i686" }, "product_reference": "java-1.8.0-ibm-devel-1:1.8.0.4.1-1jpp.2.el7.i686", "relates_to_product_reference": "7Client-7.3.Z-Client" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-devel-1:1.8.0.4.1-1jpp.2.el7.ppc as a component of Red Hat Enterprise Linux Client Supplementary (v. 7)", "product_id": "7Client-7.3.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.4.1-1jpp.2.el7.ppc" }, "product_reference": "java-1.8.0-ibm-devel-1:1.8.0.4.1-1jpp.2.el7.ppc", "relates_to_product_reference": "7Client-7.3.Z-Client" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-devel-1:1.8.0.4.1-1jpp.2.el7.ppc64 as a component of Red Hat Enterprise Linux Client Supplementary (v. 7)", "product_id": "7Client-7.3.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.4.1-1jpp.2.el7.ppc64" }, "product_reference": "java-1.8.0-ibm-devel-1:1.8.0.4.1-1jpp.2.el7.ppc64", "relates_to_product_reference": "7Client-7.3.Z-Client" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-devel-1:1.8.0.4.1-1jpp.2.el7.ppc64le as a component of Red Hat Enterprise Linux Client Supplementary (v. 7)", "product_id": "7Client-7.3.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.4.1-1jpp.2.el7.ppc64le" }, "product_reference": "java-1.8.0-ibm-devel-1:1.8.0.4.1-1jpp.2.el7.ppc64le", "relates_to_product_reference": "7Client-7.3.Z-Client" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-devel-1:1.8.0.4.1-1jpp.2.el7.s390 as a component of Red Hat Enterprise Linux Client Supplementary (v. 7)", "product_id": "7Client-7.3.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.4.1-1jpp.2.el7.s390" }, "product_reference": "java-1.8.0-ibm-devel-1:1.8.0.4.1-1jpp.2.el7.s390", "relates_to_product_reference": "7Client-7.3.Z-Client" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-devel-1:1.8.0.4.1-1jpp.2.el7.s390x as a component of Red Hat Enterprise Linux Client Supplementary (v. 7)", "product_id": "7Client-7.3.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.4.1-1jpp.2.el7.s390x" }, "product_reference": "java-1.8.0-ibm-devel-1:1.8.0.4.1-1jpp.2.el7.s390x", "relates_to_product_reference": "7Client-7.3.Z-Client" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-devel-1:1.8.0.4.1-1jpp.2.el7.x86_64 as a component of Red Hat Enterprise Linux Client Supplementary (v. 7)", "product_id": "7Client-7.3.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.4.1-1jpp.2.el7.x86_64" }, "product_reference": "java-1.8.0-ibm-devel-1:1.8.0.4.1-1jpp.2.el7.x86_64", "relates_to_product_reference": "7Client-7.3.Z-Client" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-jdbc-1:1.8.0.4.1-1jpp.2.el7.ppc64 as a component of Red Hat Enterprise Linux Client Supplementary (v. 7)", "product_id": "7Client-7.3.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.4.1-1jpp.2.el7.ppc64" }, "product_reference": "java-1.8.0-ibm-jdbc-1:1.8.0.4.1-1jpp.2.el7.ppc64", "relates_to_product_reference": "7Client-7.3.Z-Client" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-jdbc-1:1.8.0.4.1-1jpp.2.el7.ppc64le as a component of Red Hat Enterprise Linux Client Supplementary (v. 7)", "product_id": "7Client-7.3.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.4.1-1jpp.2.el7.ppc64le" }, "product_reference": "java-1.8.0-ibm-jdbc-1:1.8.0.4.1-1jpp.2.el7.ppc64le", "relates_to_product_reference": "7Client-7.3.Z-Client" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-jdbc-1:1.8.0.4.1-1jpp.2.el7.s390x as a component of Red Hat Enterprise Linux Client Supplementary (v. 7)", "product_id": "7Client-7.3.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.4.1-1jpp.2.el7.s390x" }, "product_reference": "java-1.8.0-ibm-jdbc-1:1.8.0.4.1-1jpp.2.el7.s390x", "relates_to_product_reference": "7Client-7.3.Z-Client" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-jdbc-1:1.8.0.4.1-1jpp.2.el7.x86_64 as a component of Red Hat Enterprise Linux Client Supplementary (v. 7)", "product_id": "7Client-7.3.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.4.1-1jpp.2.el7.x86_64" }, "product_reference": "java-1.8.0-ibm-jdbc-1:1.8.0.4.1-1jpp.2.el7.x86_64", "relates_to_product_reference": "7Client-7.3.Z-Client" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-plugin-1:1.8.0.4.1-1jpp.2.el7.ppc64 as a component of Red Hat Enterprise Linux Client Supplementary (v. 7)", "product_id": "7Client-7.3.Z-Client:java-1.8.0-ibm-plugin-1:1.8.0.4.1-1jpp.2.el7.ppc64" }, "product_reference": "java-1.8.0-ibm-plugin-1:1.8.0.4.1-1jpp.2.el7.ppc64", "relates_to_product_reference": "7Client-7.3.Z-Client" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-plugin-1:1.8.0.4.1-1jpp.2.el7.x86_64 as a component of Red Hat Enterprise Linux Client Supplementary (v. 7)", "product_id": "7Client-7.3.Z-Client:java-1.8.0-ibm-plugin-1:1.8.0.4.1-1jpp.2.el7.x86_64" }, "product_reference": "java-1.8.0-ibm-plugin-1:1.8.0.4.1-1jpp.2.el7.x86_64", "relates_to_product_reference": "7Client-7.3.Z-Client" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-src-1:1.8.0.4.1-1jpp.2.el7.ppc64 as a component of Red Hat Enterprise Linux Client Supplementary (v. 7)", "product_id": "7Client-7.3.Z-Client:java-1.8.0-ibm-src-1:1.8.0.4.1-1jpp.2.el7.ppc64" }, "product_reference": "java-1.8.0-ibm-src-1:1.8.0.4.1-1jpp.2.el7.ppc64", "relates_to_product_reference": "7Client-7.3.Z-Client" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-src-1:1.8.0.4.1-1jpp.2.el7.ppc64le as a component of Red Hat Enterprise Linux Client Supplementary (v. 7)", "product_id": "7Client-7.3.Z-Client:java-1.8.0-ibm-src-1:1.8.0.4.1-1jpp.2.el7.ppc64le" }, "product_reference": "java-1.8.0-ibm-src-1:1.8.0.4.1-1jpp.2.el7.ppc64le", "relates_to_product_reference": "7Client-7.3.Z-Client" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-src-1:1.8.0.4.1-1jpp.2.el7.s390x as a component of Red Hat Enterprise Linux Client Supplementary (v. 7)", "product_id": "7Client-7.3.Z-Client:java-1.8.0-ibm-src-1:1.8.0.4.1-1jpp.2.el7.s390x" }, "product_reference": "java-1.8.0-ibm-src-1:1.8.0.4.1-1jpp.2.el7.s390x", "relates_to_product_reference": "7Client-7.3.Z-Client" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-src-1:1.8.0.4.1-1jpp.2.el7.x86_64 as a component of Red Hat Enterprise Linux Client Supplementary (v. 7)", "product_id": "7Client-7.3.Z-Client:java-1.8.0-ibm-src-1:1.8.0.4.1-1jpp.2.el7.x86_64" }, "product_reference": "java-1.8.0-ibm-src-1:1.8.0.4.1-1jpp.2.el7.x86_64", "relates_to_product_reference": "7Client-7.3.Z-Client" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-1:1.8.0.4.1-1jpp.2.el7.i686 as a component of Red Hat Enterprise Linux ComputeNode Supplementary (v. 7)", "product_id": "7ComputeNode-7.3.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.4.1-1jpp.2.el7.i686" }, "product_reference": "java-1.8.0-ibm-1:1.8.0.4.1-1jpp.2.el7.i686", "relates_to_product_reference": "7ComputeNode-7.3.Z-ComputeNode" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-1:1.8.0.4.1-1jpp.2.el7.ppc as a component of Red Hat Enterprise Linux ComputeNode Supplementary (v. 7)", "product_id": "7ComputeNode-7.3.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.4.1-1jpp.2.el7.ppc" }, "product_reference": "java-1.8.0-ibm-1:1.8.0.4.1-1jpp.2.el7.ppc", "relates_to_product_reference": "7ComputeNode-7.3.Z-ComputeNode" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-1:1.8.0.4.1-1jpp.2.el7.ppc64 as a component of Red Hat Enterprise Linux ComputeNode Supplementary (v. 7)", "product_id": "7ComputeNode-7.3.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.4.1-1jpp.2.el7.ppc64" }, "product_reference": "java-1.8.0-ibm-1:1.8.0.4.1-1jpp.2.el7.ppc64", "relates_to_product_reference": "7ComputeNode-7.3.Z-ComputeNode" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-1:1.8.0.4.1-1jpp.2.el7.ppc64le as a component of Red Hat Enterprise Linux ComputeNode Supplementary (v. 7)", "product_id": "7ComputeNode-7.3.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.4.1-1jpp.2.el7.ppc64le" }, "product_reference": "java-1.8.0-ibm-1:1.8.0.4.1-1jpp.2.el7.ppc64le", "relates_to_product_reference": "7ComputeNode-7.3.Z-ComputeNode" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-1:1.8.0.4.1-1jpp.2.el7.s390 as a component of Red Hat Enterprise Linux ComputeNode Supplementary (v. 7)", "product_id": "7ComputeNode-7.3.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.4.1-1jpp.2.el7.s390" }, "product_reference": "java-1.8.0-ibm-1:1.8.0.4.1-1jpp.2.el7.s390", "relates_to_product_reference": "7ComputeNode-7.3.Z-ComputeNode" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-1:1.8.0.4.1-1jpp.2.el7.s390x as a component of Red Hat Enterprise Linux ComputeNode Supplementary (v. 7)", "product_id": "7ComputeNode-7.3.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.4.1-1jpp.2.el7.s390x" }, "product_reference": "java-1.8.0-ibm-1:1.8.0.4.1-1jpp.2.el7.s390x", "relates_to_product_reference": "7ComputeNode-7.3.Z-ComputeNode" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-1:1.8.0.4.1-1jpp.2.el7.x86_64 as a component of Red Hat Enterprise Linux ComputeNode Supplementary (v. 7)", "product_id": "7ComputeNode-7.3.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.4.1-1jpp.2.el7.x86_64" }, "product_reference": "java-1.8.0-ibm-1:1.8.0.4.1-1jpp.2.el7.x86_64", "relates_to_product_reference": "7ComputeNode-7.3.Z-ComputeNode" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-demo-1:1.8.0.4.1-1jpp.2.el7.ppc64 as a component of Red Hat Enterprise Linux ComputeNode Supplementary (v. 7)", "product_id": "7ComputeNode-7.3.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.4.1-1jpp.2.el7.ppc64" }, "product_reference": "java-1.8.0-ibm-demo-1:1.8.0.4.1-1jpp.2.el7.ppc64", "relates_to_product_reference": "7ComputeNode-7.3.Z-ComputeNode" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-demo-1:1.8.0.4.1-1jpp.2.el7.ppc64le as a component of Red Hat Enterprise Linux ComputeNode Supplementary (v. 7)", "product_id": "7ComputeNode-7.3.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.4.1-1jpp.2.el7.ppc64le" }, "product_reference": "java-1.8.0-ibm-demo-1:1.8.0.4.1-1jpp.2.el7.ppc64le", "relates_to_product_reference": "7ComputeNode-7.3.Z-ComputeNode" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-demo-1:1.8.0.4.1-1jpp.2.el7.s390x as a component of Red Hat Enterprise Linux ComputeNode Supplementary (v. 7)", "product_id": "7ComputeNode-7.3.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.4.1-1jpp.2.el7.s390x" }, "product_reference": "java-1.8.0-ibm-demo-1:1.8.0.4.1-1jpp.2.el7.s390x", "relates_to_product_reference": "7ComputeNode-7.3.Z-ComputeNode" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-demo-1:1.8.0.4.1-1jpp.2.el7.x86_64 as a component of Red Hat Enterprise Linux ComputeNode Supplementary (v. 7)", "product_id": "7ComputeNode-7.3.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.4.1-1jpp.2.el7.x86_64" }, "product_reference": "java-1.8.0-ibm-demo-1:1.8.0.4.1-1jpp.2.el7.x86_64", "relates_to_product_reference": "7ComputeNode-7.3.Z-ComputeNode" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-devel-1:1.8.0.4.1-1jpp.2.el7.i686 as a component of Red Hat Enterprise Linux ComputeNode Supplementary (v. 7)", "product_id": "7ComputeNode-7.3.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.4.1-1jpp.2.el7.i686" }, "product_reference": "java-1.8.0-ibm-devel-1:1.8.0.4.1-1jpp.2.el7.i686", "relates_to_product_reference": "7ComputeNode-7.3.Z-ComputeNode" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-devel-1:1.8.0.4.1-1jpp.2.el7.ppc as a component of Red Hat Enterprise Linux ComputeNode Supplementary (v. 7)", "product_id": "7ComputeNode-7.3.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.4.1-1jpp.2.el7.ppc" }, "product_reference": "java-1.8.0-ibm-devel-1:1.8.0.4.1-1jpp.2.el7.ppc", "relates_to_product_reference": "7ComputeNode-7.3.Z-ComputeNode" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-devel-1:1.8.0.4.1-1jpp.2.el7.ppc64 as a component of Red Hat Enterprise Linux ComputeNode Supplementary (v. 7)", "product_id": "7ComputeNode-7.3.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.4.1-1jpp.2.el7.ppc64" }, "product_reference": "java-1.8.0-ibm-devel-1:1.8.0.4.1-1jpp.2.el7.ppc64", "relates_to_product_reference": "7ComputeNode-7.3.Z-ComputeNode" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-devel-1:1.8.0.4.1-1jpp.2.el7.ppc64le as a component of Red Hat Enterprise Linux ComputeNode Supplementary (v. 7)", "product_id": "7ComputeNode-7.3.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.4.1-1jpp.2.el7.ppc64le" }, "product_reference": "java-1.8.0-ibm-devel-1:1.8.0.4.1-1jpp.2.el7.ppc64le", "relates_to_product_reference": "7ComputeNode-7.3.Z-ComputeNode" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-devel-1:1.8.0.4.1-1jpp.2.el7.s390 as a component of Red Hat Enterprise Linux ComputeNode Supplementary (v. 7)", "product_id": "7ComputeNode-7.3.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.4.1-1jpp.2.el7.s390" }, "product_reference": "java-1.8.0-ibm-devel-1:1.8.0.4.1-1jpp.2.el7.s390", "relates_to_product_reference": "7ComputeNode-7.3.Z-ComputeNode" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-devel-1:1.8.0.4.1-1jpp.2.el7.s390x as a component of Red Hat Enterprise Linux ComputeNode Supplementary (v. 7)", "product_id": "7ComputeNode-7.3.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.4.1-1jpp.2.el7.s390x" }, "product_reference": "java-1.8.0-ibm-devel-1:1.8.0.4.1-1jpp.2.el7.s390x", "relates_to_product_reference": "7ComputeNode-7.3.Z-ComputeNode" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-devel-1:1.8.0.4.1-1jpp.2.el7.x86_64 as a component of Red Hat Enterprise Linux ComputeNode Supplementary (v. 7)", "product_id": "7ComputeNode-7.3.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.4.1-1jpp.2.el7.x86_64" }, "product_reference": "java-1.8.0-ibm-devel-1:1.8.0.4.1-1jpp.2.el7.x86_64", "relates_to_product_reference": "7ComputeNode-7.3.Z-ComputeNode" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-jdbc-1:1.8.0.4.1-1jpp.2.el7.ppc64 as a component of Red Hat Enterprise Linux ComputeNode Supplementary (v. 7)", "product_id": "7ComputeNode-7.3.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.4.1-1jpp.2.el7.ppc64" }, "product_reference": "java-1.8.0-ibm-jdbc-1:1.8.0.4.1-1jpp.2.el7.ppc64", "relates_to_product_reference": "7ComputeNode-7.3.Z-ComputeNode" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-jdbc-1:1.8.0.4.1-1jpp.2.el7.ppc64le as a component of Red Hat Enterprise Linux ComputeNode Supplementary (v. 7)", "product_id": "7ComputeNode-7.3.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.4.1-1jpp.2.el7.ppc64le" }, "product_reference": "java-1.8.0-ibm-jdbc-1:1.8.0.4.1-1jpp.2.el7.ppc64le", "relates_to_product_reference": "7ComputeNode-7.3.Z-ComputeNode" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-jdbc-1:1.8.0.4.1-1jpp.2.el7.s390x as a component of Red Hat Enterprise Linux ComputeNode Supplementary (v. 7)", "product_id": "7ComputeNode-7.3.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.4.1-1jpp.2.el7.s390x" }, "product_reference": "java-1.8.0-ibm-jdbc-1:1.8.0.4.1-1jpp.2.el7.s390x", "relates_to_product_reference": "7ComputeNode-7.3.Z-ComputeNode" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-jdbc-1:1.8.0.4.1-1jpp.2.el7.x86_64 as a component of Red Hat Enterprise Linux ComputeNode Supplementary (v. 7)", "product_id": "7ComputeNode-7.3.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.4.1-1jpp.2.el7.x86_64" }, "product_reference": "java-1.8.0-ibm-jdbc-1:1.8.0.4.1-1jpp.2.el7.x86_64", "relates_to_product_reference": "7ComputeNode-7.3.Z-ComputeNode" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-plugin-1:1.8.0.4.1-1jpp.2.el7.ppc64 as a component of Red Hat Enterprise Linux ComputeNode Supplementary (v. 7)", "product_id": "7ComputeNode-7.3.Z-ComputeNode:java-1.8.0-ibm-plugin-1:1.8.0.4.1-1jpp.2.el7.ppc64" }, "product_reference": "java-1.8.0-ibm-plugin-1:1.8.0.4.1-1jpp.2.el7.ppc64", "relates_to_product_reference": "7ComputeNode-7.3.Z-ComputeNode" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-plugin-1:1.8.0.4.1-1jpp.2.el7.x86_64 as a component of Red Hat Enterprise Linux ComputeNode Supplementary (v. 7)", "product_id": "7ComputeNode-7.3.Z-ComputeNode:java-1.8.0-ibm-plugin-1:1.8.0.4.1-1jpp.2.el7.x86_64" }, "product_reference": "java-1.8.0-ibm-plugin-1:1.8.0.4.1-1jpp.2.el7.x86_64", "relates_to_product_reference": "7ComputeNode-7.3.Z-ComputeNode" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-src-1:1.8.0.4.1-1jpp.2.el7.ppc64 as a component of Red Hat Enterprise Linux ComputeNode Supplementary (v. 7)", "product_id": "7ComputeNode-7.3.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.4.1-1jpp.2.el7.ppc64" }, "product_reference": "java-1.8.0-ibm-src-1:1.8.0.4.1-1jpp.2.el7.ppc64", "relates_to_product_reference": "7ComputeNode-7.3.Z-ComputeNode" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-src-1:1.8.0.4.1-1jpp.2.el7.ppc64le as a component of Red Hat Enterprise Linux ComputeNode Supplementary (v. 7)", "product_id": "7ComputeNode-7.3.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.4.1-1jpp.2.el7.ppc64le" }, "product_reference": "java-1.8.0-ibm-src-1:1.8.0.4.1-1jpp.2.el7.ppc64le", "relates_to_product_reference": "7ComputeNode-7.3.Z-ComputeNode" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-src-1:1.8.0.4.1-1jpp.2.el7.s390x as a component of Red Hat Enterprise Linux ComputeNode Supplementary (v. 7)", "product_id": "7ComputeNode-7.3.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.4.1-1jpp.2.el7.s390x" }, "product_reference": "java-1.8.0-ibm-src-1:1.8.0.4.1-1jpp.2.el7.s390x", "relates_to_product_reference": "7ComputeNode-7.3.Z-ComputeNode" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-src-1:1.8.0.4.1-1jpp.2.el7.x86_64 as a component of Red Hat Enterprise Linux ComputeNode Supplementary (v. 7)", "product_id": "7ComputeNode-7.3.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.4.1-1jpp.2.el7.x86_64" }, "product_reference": "java-1.8.0-ibm-src-1:1.8.0.4.1-1jpp.2.el7.x86_64", "relates_to_product_reference": "7ComputeNode-7.3.Z-ComputeNode" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-1:1.8.0.4.1-1jpp.2.el7.i686 as a component of Red Hat Enterprise Linux Server Supplementary (v. 7)", "product_id": "7Server-7.3.Z-Server:java-1.8.0-ibm-1:1.8.0.4.1-1jpp.2.el7.i686" }, "product_reference": "java-1.8.0-ibm-1:1.8.0.4.1-1jpp.2.el7.i686", "relates_to_product_reference": "7Server-7.3.Z-Server" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-1:1.8.0.4.1-1jpp.2.el7.ppc as a component of Red Hat Enterprise Linux Server Supplementary (v. 7)", "product_id": "7Server-7.3.Z-Server:java-1.8.0-ibm-1:1.8.0.4.1-1jpp.2.el7.ppc" }, "product_reference": "java-1.8.0-ibm-1:1.8.0.4.1-1jpp.2.el7.ppc", "relates_to_product_reference": "7Server-7.3.Z-Server" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-1:1.8.0.4.1-1jpp.2.el7.ppc64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 7)", "product_id": "7Server-7.3.Z-Server:java-1.8.0-ibm-1:1.8.0.4.1-1jpp.2.el7.ppc64" }, "product_reference": "java-1.8.0-ibm-1:1.8.0.4.1-1jpp.2.el7.ppc64", "relates_to_product_reference": "7Server-7.3.Z-Server" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-1:1.8.0.4.1-1jpp.2.el7.ppc64le as a component of Red Hat Enterprise Linux Server Supplementary (v. 7)", "product_id": "7Server-7.3.Z-Server:java-1.8.0-ibm-1:1.8.0.4.1-1jpp.2.el7.ppc64le" }, "product_reference": "java-1.8.0-ibm-1:1.8.0.4.1-1jpp.2.el7.ppc64le", "relates_to_product_reference": "7Server-7.3.Z-Server" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-1:1.8.0.4.1-1jpp.2.el7.s390 as a component of Red Hat Enterprise Linux Server Supplementary (v. 7)", "product_id": "7Server-7.3.Z-Server:java-1.8.0-ibm-1:1.8.0.4.1-1jpp.2.el7.s390" }, "product_reference": "java-1.8.0-ibm-1:1.8.0.4.1-1jpp.2.el7.s390", "relates_to_product_reference": "7Server-7.3.Z-Server" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-1:1.8.0.4.1-1jpp.2.el7.s390x as a component of Red Hat Enterprise Linux Server Supplementary (v. 7)", "product_id": "7Server-7.3.Z-Server:java-1.8.0-ibm-1:1.8.0.4.1-1jpp.2.el7.s390x" }, "product_reference": "java-1.8.0-ibm-1:1.8.0.4.1-1jpp.2.el7.s390x", "relates_to_product_reference": "7Server-7.3.Z-Server" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-1:1.8.0.4.1-1jpp.2.el7.x86_64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 7)", "product_id": "7Server-7.3.Z-Server:java-1.8.0-ibm-1:1.8.0.4.1-1jpp.2.el7.x86_64" }, "product_reference": "java-1.8.0-ibm-1:1.8.0.4.1-1jpp.2.el7.x86_64", "relates_to_product_reference": "7Server-7.3.Z-Server" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-demo-1:1.8.0.4.1-1jpp.2.el7.ppc64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 7)", "product_id": "7Server-7.3.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.4.1-1jpp.2.el7.ppc64" }, "product_reference": "java-1.8.0-ibm-demo-1:1.8.0.4.1-1jpp.2.el7.ppc64", "relates_to_product_reference": "7Server-7.3.Z-Server" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-demo-1:1.8.0.4.1-1jpp.2.el7.ppc64le as a component of Red Hat Enterprise Linux Server Supplementary (v. 7)", "product_id": "7Server-7.3.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.4.1-1jpp.2.el7.ppc64le" }, "product_reference": "java-1.8.0-ibm-demo-1:1.8.0.4.1-1jpp.2.el7.ppc64le", "relates_to_product_reference": "7Server-7.3.Z-Server" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-demo-1:1.8.0.4.1-1jpp.2.el7.s390x as a component of Red Hat Enterprise Linux Server Supplementary (v. 7)", "product_id": "7Server-7.3.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.4.1-1jpp.2.el7.s390x" }, "product_reference": "java-1.8.0-ibm-demo-1:1.8.0.4.1-1jpp.2.el7.s390x", "relates_to_product_reference": "7Server-7.3.Z-Server" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-demo-1:1.8.0.4.1-1jpp.2.el7.x86_64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 7)", "product_id": "7Server-7.3.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.4.1-1jpp.2.el7.x86_64" }, "product_reference": "java-1.8.0-ibm-demo-1:1.8.0.4.1-1jpp.2.el7.x86_64", "relates_to_product_reference": "7Server-7.3.Z-Server" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-devel-1:1.8.0.4.1-1jpp.2.el7.i686 as a component of Red Hat Enterprise Linux Server Supplementary (v. 7)", "product_id": "7Server-7.3.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.4.1-1jpp.2.el7.i686" }, "product_reference": "java-1.8.0-ibm-devel-1:1.8.0.4.1-1jpp.2.el7.i686", "relates_to_product_reference": "7Server-7.3.Z-Server" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-devel-1:1.8.0.4.1-1jpp.2.el7.ppc as a component of Red Hat Enterprise Linux Server Supplementary (v. 7)", "product_id": "7Server-7.3.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.4.1-1jpp.2.el7.ppc" }, "product_reference": "java-1.8.0-ibm-devel-1:1.8.0.4.1-1jpp.2.el7.ppc", "relates_to_product_reference": "7Server-7.3.Z-Server" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-devel-1:1.8.0.4.1-1jpp.2.el7.ppc64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 7)", "product_id": "7Server-7.3.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.4.1-1jpp.2.el7.ppc64" }, "product_reference": "java-1.8.0-ibm-devel-1:1.8.0.4.1-1jpp.2.el7.ppc64", "relates_to_product_reference": "7Server-7.3.Z-Server" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-devel-1:1.8.0.4.1-1jpp.2.el7.ppc64le as a component of Red Hat Enterprise Linux Server Supplementary (v. 7)", "product_id": "7Server-7.3.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.4.1-1jpp.2.el7.ppc64le" }, "product_reference": "java-1.8.0-ibm-devel-1:1.8.0.4.1-1jpp.2.el7.ppc64le", "relates_to_product_reference": "7Server-7.3.Z-Server" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-devel-1:1.8.0.4.1-1jpp.2.el7.s390 as a component of Red Hat Enterprise Linux Server Supplementary (v. 7)", "product_id": "7Server-7.3.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.4.1-1jpp.2.el7.s390" }, "product_reference": "java-1.8.0-ibm-devel-1:1.8.0.4.1-1jpp.2.el7.s390", "relates_to_product_reference": "7Server-7.3.Z-Server" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-devel-1:1.8.0.4.1-1jpp.2.el7.s390x as a component of Red Hat Enterprise Linux Server Supplementary (v. 7)", "product_id": "7Server-7.3.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.4.1-1jpp.2.el7.s390x" }, "product_reference": "java-1.8.0-ibm-devel-1:1.8.0.4.1-1jpp.2.el7.s390x", "relates_to_product_reference": "7Server-7.3.Z-Server" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-devel-1:1.8.0.4.1-1jpp.2.el7.x86_64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 7)", "product_id": "7Server-7.3.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.4.1-1jpp.2.el7.x86_64" }, "product_reference": "java-1.8.0-ibm-devel-1:1.8.0.4.1-1jpp.2.el7.x86_64", "relates_to_product_reference": "7Server-7.3.Z-Server" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-jdbc-1:1.8.0.4.1-1jpp.2.el7.ppc64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 7)", "product_id": "7Server-7.3.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.4.1-1jpp.2.el7.ppc64" }, "product_reference": "java-1.8.0-ibm-jdbc-1:1.8.0.4.1-1jpp.2.el7.ppc64", "relates_to_product_reference": "7Server-7.3.Z-Server" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-jdbc-1:1.8.0.4.1-1jpp.2.el7.ppc64le as a component of Red Hat Enterprise Linux Server Supplementary (v. 7)", "product_id": "7Server-7.3.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.4.1-1jpp.2.el7.ppc64le" }, "product_reference": "java-1.8.0-ibm-jdbc-1:1.8.0.4.1-1jpp.2.el7.ppc64le", "relates_to_product_reference": "7Server-7.3.Z-Server" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-jdbc-1:1.8.0.4.1-1jpp.2.el7.s390x as a component of Red Hat Enterprise Linux Server Supplementary (v. 7)", "product_id": "7Server-7.3.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.4.1-1jpp.2.el7.s390x" }, "product_reference": "java-1.8.0-ibm-jdbc-1:1.8.0.4.1-1jpp.2.el7.s390x", "relates_to_product_reference": "7Server-7.3.Z-Server" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-jdbc-1:1.8.0.4.1-1jpp.2.el7.x86_64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 7)", "product_id": "7Server-7.3.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.4.1-1jpp.2.el7.x86_64" }, "product_reference": "java-1.8.0-ibm-jdbc-1:1.8.0.4.1-1jpp.2.el7.x86_64", "relates_to_product_reference": "7Server-7.3.Z-Server" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-plugin-1:1.8.0.4.1-1jpp.2.el7.ppc64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 7)", "product_id": "7Server-7.3.Z-Server:java-1.8.0-ibm-plugin-1:1.8.0.4.1-1jpp.2.el7.ppc64" }, "product_reference": "java-1.8.0-ibm-plugin-1:1.8.0.4.1-1jpp.2.el7.ppc64", "relates_to_product_reference": "7Server-7.3.Z-Server" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-plugin-1:1.8.0.4.1-1jpp.2.el7.x86_64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 7)", "product_id": "7Server-7.3.Z-Server:java-1.8.0-ibm-plugin-1:1.8.0.4.1-1jpp.2.el7.x86_64" }, "product_reference": "java-1.8.0-ibm-plugin-1:1.8.0.4.1-1jpp.2.el7.x86_64", "relates_to_product_reference": "7Server-7.3.Z-Server" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-src-1:1.8.0.4.1-1jpp.2.el7.ppc64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 7)", "product_id": "7Server-7.3.Z-Server:java-1.8.0-ibm-src-1:1.8.0.4.1-1jpp.2.el7.ppc64" }, "product_reference": "java-1.8.0-ibm-src-1:1.8.0.4.1-1jpp.2.el7.ppc64", "relates_to_product_reference": "7Server-7.3.Z-Server" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-src-1:1.8.0.4.1-1jpp.2.el7.ppc64le as a component of Red Hat Enterprise Linux Server Supplementary (v. 7)", "product_id": "7Server-7.3.Z-Server:java-1.8.0-ibm-src-1:1.8.0.4.1-1jpp.2.el7.ppc64le" }, "product_reference": "java-1.8.0-ibm-src-1:1.8.0.4.1-1jpp.2.el7.ppc64le", "relates_to_product_reference": "7Server-7.3.Z-Server" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-src-1:1.8.0.4.1-1jpp.2.el7.s390x as a component of Red Hat Enterprise Linux Server Supplementary (v. 7)", "product_id": "7Server-7.3.Z-Server:java-1.8.0-ibm-src-1:1.8.0.4.1-1jpp.2.el7.s390x" }, "product_reference": "java-1.8.0-ibm-src-1:1.8.0.4.1-1jpp.2.el7.s390x", "relates_to_product_reference": "7Server-7.3.Z-Server" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-src-1:1.8.0.4.1-1jpp.2.el7.x86_64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 7)", "product_id": "7Server-7.3.Z-Server:java-1.8.0-ibm-src-1:1.8.0.4.1-1jpp.2.el7.x86_64" }, "product_reference": "java-1.8.0-ibm-src-1:1.8.0.4.1-1jpp.2.el7.x86_64", "relates_to_product_reference": "7Server-7.3.Z-Server" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-1:1.8.0.4.1-1jpp.2.el7.i686 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 7)", "product_id": "7Workstation-7.3.Z-Workstation:java-1.8.0-ibm-1:1.8.0.4.1-1jpp.2.el7.i686" }, "product_reference": "java-1.8.0-ibm-1:1.8.0.4.1-1jpp.2.el7.i686", "relates_to_product_reference": "7Workstation-7.3.Z-Workstation" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-1:1.8.0.4.1-1jpp.2.el7.ppc as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 7)", "product_id": "7Workstation-7.3.Z-Workstation:java-1.8.0-ibm-1:1.8.0.4.1-1jpp.2.el7.ppc" }, "product_reference": "java-1.8.0-ibm-1:1.8.0.4.1-1jpp.2.el7.ppc", "relates_to_product_reference": "7Workstation-7.3.Z-Workstation" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-1:1.8.0.4.1-1jpp.2.el7.ppc64 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 7)", "product_id": "7Workstation-7.3.Z-Workstation:java-1.8.0-ibm-1:1.8.0.4.1-1jpp.2.el7.ppc64" }, "product_reference": "java-1.8.0-ibm-1:1.8.0.4.1-1jpp.2.el7.ppc64", "relates_to_product_reference": "7Workstation-7.3.Z-Workstation" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-1:1.8.0.4.1-1jpp.2.el7.ppc64le as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 7)", "product_id": "7Workstation-7.3.Z-Workstation:java-1.8.0-ibm-1:1.8.0.4.1-1jpp.2.el7.ppc64le" }, "product_reference": "java-1.8.0-ibm-1:1.8.0.4.1-1jpp.2.el7.ppc64le", "relates_to_product_reference": "7Workstation-7.3.Z-Workstation" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-1:1.8.0.4.1-1jpp.2.el7.s390 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 7)", "product_id": "7Workstation-7.3.Z-Workstation:java-1.8.0-ibm-1:1.8.0.4.1-1jpp.2.el7.s390" }, "product_reference": "java-1.8.0-ibm-1:1.8.0.4.1-1jpp.2.el7.s390", "relates_to_product_reference": "7Workstation-7.3.Z-Workstation" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-1:1.8.0.4.1-1jpp.2.el7.s390x as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 7)", "product_id": "7Workstation-7.3.Z-Workstation:java-1.8.0-ibm-1:1.8.0.4.1-1jpp.2.el7.s390x" }, "product_reference": "java-1.8.0-ibm-1:1.8.0.4.1-1jpp.2.el7.s390x", "relates_to_product_reference": "7Workstation-7.3.Z-Workstation" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-1:1.8.0.4.1-1jpp.2.el7.x86_64 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 7)", "product_id": "7Workstation-7.3.Z-Workstation:java-1.8.0-ibm-1:1.8.0.4.1-1jpp.2.el7.x86_64" }, "product_reference": "java-1.8.0-ibm-1:1.8.0.4.1-1jpp.2.el7.x86_64", "relates_to_product_reference": "7Workstation-7.3.Z-Workstation" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-demo-1:1.8.0.4.1-1jpp.2.el7.ppc64 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 7)", "product_id": "7Workstation-7.3.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.4.1-1jpp.2.el7.ppc64" }, "product_reference": "java-1.8.0-ibm-demo-1:1.8.0.4.1-1jpp.2.el7.ppc64", "relates_to_product_reference": "7Workstation-7.3.Z-Workstation" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-demo-1:1.8.0.4.1-1jpp.2.el7.ppc64le as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 7)", "product_id": "7Workstation-7.3.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.4.1-1jpp.2.el7.ppc64le" }, "product_reference": "java-1.8.0-ibm-demo-1:1.8.0.4.1-1jpp.2.el7.ppc64le", "relates_to_product_reference": "7Workstation-7.3.Z-Workstation" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-demo-1:1.8.0.4.1-1jpp.2.el7.s390x as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 7)", "product_id": "7Workstation-7.3.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.4.1-1jpp.2.el7.s390x" }, "product_reference": "java-1.8.0-ibm-demo-1:1.8.0.4.1-1jpp.2.el7.s390x", "relates_to_product_reference": "7Workstation-7.3.Z-Workstation" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-demo-1:1.8.0.4.1-1jpp.2.el7.x86_64 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 7)", "product_id": "7Workstation-7.3.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.4.1-1jpp.2.el7.x86_64" }, "product_reference": "java-1.8.0-ibm-demo-1:1.8.0.4.1-1jpp.2.el7.x86_64", "relates_to_product_reference": "7Workstation-7.3.Z-Workstation" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-devel-1:1.8.0.4.1-1jpp.2.el7.i686 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 7)", "product_id": "7Workstation-7.3.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.4.1-1jpp.2.el7.i686" }, "product_reference": "java-1.8.0-ibm-devel-1:1.8.0.4.1-1jpp.2.el7.i686", "relates_to_product_reference": "7Workstation-7.3.Z-Workstation" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-devel-1:1.8.0.4.1-1jpp.2.el7.ppc as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 7)", "product_id": "7Workstation-7.3.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.4.1-1jpp.2.el7.ppc" }, "product_reference": "java-1.8.0-ibm-devel-1:1.8.0.4.1-1jpp.2.el7.ppc", "relates_to_product_reference": "7Workstation-7.3.Z-Workstation" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-devel-1:1.8.0.4.1-1jpp.2.el7.ppc64 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 7)", "product_id": "7Workstation-7.3.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.4.1-1jpp.2.el7.ppc64" }, "product_reference": "java-1.8.0-ibm-devel-1:1.8.0.4.1-1jpp.2.el7.ppc64", "relates_to_product_reference": "7Workstation-7.3.Z-Workstation" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-devel-1:1.8.0.4.1-1jpp.2.el7.ppc64le as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 7)", "product_id": "7Workstation-7.3.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.4.1-1jpp.2.el7.ppc64le" }, "product_reference": "java-1.8.0-ibm-devel-1:1.8.0.4.1-1jpp.2.el7.ppc64le", "relates_to_product_reference": "7Workstation-7.3.Z-Workstation" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-devel-1:1.8.0.4.1-1jpp.2.el7.s390 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 7)", "product_id": "7Workstation-7.3.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.4.1-1jpp.2.el7.s390" }, "product_reference": "java-1.8.0-ibm-devel-1:1.8.0.4.1-1jpp.2.el7.s390", "relates_to_product_reference": "7Workstation-7.3.Z-Workstation" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-devel-1:1.8.0.4.1-1jpp.2.el7.s390x as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 7)", "product_id": "7Workstation-7.3.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.4.1-1jpp.2.el7.s390x" }, "product_reference": "java-1.8.0-ibm-devel-1:1.8.0.4.1-1jpp.2.el7.s390x", "relates_to_product_reference": "7Workstation-7.3.Z-Workstation" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-devel-1:1.8.0.4.1-1jpp.2.el7.x86_64 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 7)", "product_id": "7Workstation-7.3.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.4.1-1jpp.2.el7.x86_64" }, "product_reference": "java-1.8.0-ibm-devel-1:1.8.0.4.1-1jpp.2.el7.x86_64", "relates_to_product_reference": "7Workstation-7.3.Z-Workstation" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-jdbc-1:1.8.0.4.1-1jpp.2.el7.ppc64 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 7)", "product_id": "7Workstation-7.3.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.4.1-1jpp.2.el7.ppc64" }, "product_reference": "java-1.8.0-ibm-jdbc-1:1.8.0.4.1-1jpp.2.el7.ppc64", "relates_to_product_reference": "7Workstation-7.3.Z-Workstation" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-jdbc-1:1.8.0.4.1-1jpp.2.el7.ppc64le as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 7)", "product_id": "7Workstation-7.3.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.4.1-1jpp.2.el7.ppc64le" }, "product_reference": "java-1.8.0-ibm-jdbc-1:1.8.0.4.1-1jpp.2.el7.ppc64le", "relates_to_product_reference": "7Workstation-7.3.Z-Workstation" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-jdbc-1:1.8.0.4.1-1jpp.2.el7.s390x as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 7)", "product_id": "7Workstation-7.3.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.4.1-1jpp.2.el7.s390x" }, "product_reference": "java-1.8.0-ibm-jdbc-1:1.8.0.4.1-1jpp.2.el7.s390x", "relates_to_product_reference": "7Workstation-7.3.Z-Workstation" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-jdbc-1:1.8.0.4.1-1jpp.2.el7.x86_64 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 7)", "product_id": "7Workstation-7.3.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.4.1-1jpp.2.el7.x86_64" }, "product_reference": "java-1.8.0-ibm-jdbc-1:1.8.0.4.1-1jpp.2.el7.x86_64", "relates_to_product_reference": "7Workstation-7.3.Z-Workstation" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-plugin-1:1.8.0.4.1-1jpp.2.el7.ppc64 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 7)", "product_id": "7Workstation-7.3.Z-Workstation:java-1.8.0-ibm-plugin-1:1.8.0.4.1-1jpp.2.el7.ppc64" }, "product_reference": "java-1.8.0-ibm-plugin-1:1.8.0.4.1-1jpp.2.el7.ppc64", "relates_to_product_reference": "7Workstation-7.3.Z-Workstation" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-plugin-1:1.8.0.4.1-1jpp.2.el7.x86_64 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 7)", "product_id": "7Workstation-7.3.Z-Workstation:java-1.8.0-ibm-plugin-1:1.8.0.4.1-1jpp.2.el7.x86_64" }, "product_reference": "java-1.8.0-ibm-plugin-1:1.8.0.4.1-1jpp.2.el7.x86_64", "relates_to_product_reference": "7Workstation-7.3.Z-Workstation" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-src-1:1.8.0.4.1-1jpp.2.el7.ppc64 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 7)", "product_id": "7Workstation-7.3.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.4.1-1jpp.2.el7.ppc64" }, "product_reference": "java-1.8.0-ibm-src-1:1.8.0.4.1-1jpp.2.el7.ppc64", "relates_to_product_reference": "7Workstation-7.3.Z-Workstation" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-src-1:1.8.0.4.1-1jpp.2.el7.ppc64le as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 7)", "product_id": "7Workstation-7.3.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.4.1-1jpp.2.el7.ppc64le" }, "product_reference": "java-1.8.0-ibm-src-1:1.8.0.4.1-1jpp.2.el7.ppc64le", "relates_to_product_reference": "7Workstation-7.3.Z-Workstation" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-src-1:1.8.0.4.1-1jpp.2.el7.s390x as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 7)", "product_id": "7Workstation-7.3.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.4.1-1jpp.2.el7.s390x" }, "product_reference": "java-1.8.0-ibm-src-1:1.8.0.4.1-1jpp.2.el7.s390x", "relates_to_product_reference": "7Workstation-7.3.Z-Workstation" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.8.0-ibm-src-1:1.8.0.4.1-1jpp.2.el7.x86_64 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 7)", "product_id": "7Workstation-7.3.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.4.1-1jpp.2.el7.x86_64" }, "product_reference": "java-1.8.0-ibm-src-1:1.8.0.4.1-1jpp.2.el7.x86_64", "relates_to_product_reference": "7Workstation-7.3.Z-Workstation" } ] }, "vulnerabilities": [ { "acknowledgments": [ { "names": [ "OpenVPN" ] }, { "names": [ "Karthikeyan Bhargavan", "Ga\u00ebtan Leurent" ], "organization": "Inria", "summary": "Acknowledged by upstream." } ], "cve": "CVE-2016-2183", "cwe": { "id": "CWE-327", "name": "Use of a Broken or Risky Cryptographic Algorithm" }, "discovery_date": "2016-08-18T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1369383" } ], "notes": [ { "category": "description", "text": "A flaw was found in the way the DES/3DES cipher was used as part of the TLS/SSL protocol. A man-in-the-middle attacker could use this flaw to recover some plaintext data by capturing large amounts of encrypted traffic between TLS/SSL server and client if the communication used a DES/3DES based ciphersuite.", "title": "Vulnerability description" }, { "category": "summary", "text": "SSL/TLS: Birthday attack against 64-bit block ciphers (SWEET32)", "title": "Vulnerability summary" }, { "category": "other", "text": "OpenSSL security update RHSA-2016:1940 mitigates this issue by lowering priority of DES cipher suites so they are not preferred over cipher suites using AES. For compatibility reasons, DES cipher suites remain enabled by default and included in the set of cipher suites identified by the HIGH cipher string. Future updates may move them to MEDIUM or not enable them by default.\n\nNSS addressed this issue by implementing limits on the amount of plain text which can be encrypted by using the same key. Once the limit is reached, the keys will need to be re-negotiated manually. This change will be available in nss-3.27.\n\nGnuTLS is not affected by this issue, since it prioritizes AES before 3DES in the cipher list.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Client-Supplementary-6.8.z:java-1.8.0-ibm-1:1.8.0.4.1-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.8.0-ibm-1:1.8.0.4.1-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.8.0-ibm-1:1.8.0.4.1-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.8.0-ibm-1:1.8.0.4.1-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.8.0-ibm-demo-1:1.8.0.4.1-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.8.0-ibm-demo-1:1.8.0.4.1-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.8.0-ibm-demo-1:1.8.0.4.1-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.8.0-ibm-demo-1:1.8.0.4.1-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.8.0-ibm-devel-1:1.8.0.4.1-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.8.0-ibm-devel-1:1.8.0.4.1-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.8.0-ibm-devel-1:1.8.0.4.1-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.8.0-ibm-devel-1:1.8.0.4.1-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.8.0-ibm-jdbc-1:1.8.0.4.1-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.8.0-ibm-jdbc-1:1.8.0.4.1-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.8.0-ibm-jdbc-1:1.8.0.4.1-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.8.0-ibm-jdbc-1:1.8.0.4.1-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.8.0-ibm-plugin-1:1.8.0.4.1-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.8.0-ibm-plugin-1:1.8.0.4.1-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.8.0-ibm-src-1:1.8.0.4.1-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.8.0-ibm-src-1:1.8.0.4.1-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.8.0-ibm-src-1:1.8.0.4.1-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.8.0-ibm-src-1:1.8.0.4.1-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.8.0-ibm-1:1.8.0.4.1-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.8.0-ibm-1:1.8.0.4.1-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.8.0-ibm-1:1.8.0.4.1-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.8.0-ibm-1:1.8.0.4.1-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.8.0-ibm-demo-1:1.8.0.4.1-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.8.0-ibm-demo-1:1.8.0.4.1-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.8.0-ibm-demo-1:1.8.0.4.1-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.8.0-ibm-demo-1:1.8.0.4.1-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.8.0-ibm-devel-1:1.8.0.4.1-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.8.0-ibm-devel-1:1.8.0.4.1-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.8.0-ibm-devel-1:1.8.0.4.1-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.8.0-ibm-devel-1:1.8.0.4.1-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.8.0-ibm-jdbc-1:1.8.0.4.1-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.8.0-ibm-jdbc-1:1.8.0.4.1-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.8.0-ibm-jdbc-1:1.8.0.4.1-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.8.0-ibm-jdbc-1:1.8.0.4.1-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.8.0-ibm-plugin-1:1.8.0.4.1-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.8.0-ibm-plugin-1:1.8.0.4.1-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.8.0-ibm-src-1:1.8.0.4.1-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.8.0-ibm-src-1:1.8.0.4.1-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.8.0-ibm-src-1:1.8.0.4.1-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.8.0-ibm-src-1:1.8.0.4.1-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.8.0-ibm-1:1.8.0.4.1-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.8.0-ibm-1:1.8.0.4.1-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.8.0-ibm-1:1.8.0.4.1-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.8.0-ibm-1:1.8.0.4.1-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.8.0-ibm-demo-1:1.8.0.4.1-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.8.0-ibm-demo-1:1.8.0.4.1-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.8.0-ibm-demo-1:1.8.0.4.1-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.8.0-ibm-demo-1:1.8.0.4.1-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.8.0-ibm-devel-1:1.8.0.4.1-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.8.0-ibm-devel-1:1.8.0.4.1-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.8.0-ibm-devel-1:1.8.0.4.1-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.8.0-ibm-devel-1:1.8.0.4.1-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.8.0-ibm-jdbc-1:1.8.0.4.1-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.8.0-ibm-jdbc-1:1.8.0.4.1-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.8.0-ibm-jdbc-1:1.8.0.4.1-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.8.0-ibm-jdbc-1:1.8.0.4.1-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.8.0-ibm-plugin-1:1.8.0.4.1-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.8.0-ibm-plugin-1:1.8.0.4.1-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.8.0-ibm-src-1:1.8.0.4.1-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.8.0-ibm-src-1:1.8.0.4.1-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.8.0-ibm-src-1:1.8.0.4.1-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.8.0-ibm-src-1:1.8.0.4.1-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.8.0-ibm-1:1.8.0.4.1-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.8.0-ibm-1:1.8.0.4.1-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.8.0-ibm-1:1.8.0.4.1-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.8.0-ibm-1:1.8.0.4.1-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.8.0-ibm-demo-1:1.8.0.4.1-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.8.0-ibm-demo-1:1.8.0.4.1-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.8.0-ibm-demo-1:1.8.0.4.1-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.8.0-ibm-demo-1:1.8.0.4.1-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.8.0-ibm-devel-1:1.8.0.4.1-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.8.0-ibm-devel-1:1.8.0.4.1-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.8.0-ibm-devel-1:1.8.0.4.1-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.8.0-ibm-devel-1:1.8.0.4.1-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.8.0-ibm-jdbc-1:1.8.0.4.1-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.8.0-ibm-jdbc-1:1.8.0.4.1-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.8.0-ibm-jdbc-1:1.8.0.4.1-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.8.0-ibm-jdbc-1:1.8.0.4.1-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.8.0-ibm-plugin-1:1.8.0.4.1-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.8.0-ibm-plugin-1:1.8.0.4.1-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.8.0-ibm-src-1:1.8.0.4.1-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.8.0-ibm-src-1:1.8.0.4.1-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.8.0-ibm-src-1:1.8.0.4.1-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.8.0-ibm-src-1:1.8.0.4.1-1jpp.1.el6_8.x86_64", "7Client-7.3.Z-Client:java-1.8.0-ibm-1:1.8.0.4.1-1jpp.2.el7.i686", "7Client-7.3.Z-Client:java-1.8.0-ibm-1:1.8.0.4.1-1jpp.2.el7.ppc", "7Client-7.3.Z-Client:java-1.8.0-ibm-1:1.8.0.4.1-1jpp.2.el7.ppc64", "7Client-7.3.Z-Client:java-1.8.0-ibm-1:1.8.0.4.1-1jpp.2.el7.ppc64le", "7Client-7.3.Z-Client:java-1.8.0-ibm-1:1.8.0.4.1-1jpp.2.el7.s390", "7Client-7.3.Z-Client:java-1.8.0-ibm-1:1.8.0.4.1-1jpp.2.el7.s390x", "7Client-7.3.Z-Client:java-1.8.0-ibm-1:1.8.0.4.1-1jpp.2.el7.x86_64", "7Client-7.3.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.4.1-1jpp.2.el7.ppc64", "7Client-7.3.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.4.1-1jpp.2.el7.ppc64le", "7Client-7.3.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.4.1-1jpp.2.el7.s390x", "7Client-7.3.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.4.1-1jpp.2.el7.x86_64", "7Client-7.3.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.4.1-1jpp.2.el7.i686", "7Client-7.3.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.4.1-1jpp.2.el7.ppc", "7Client-7.3.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.4.1-1jpp.2.el7.ppc64", "7Client-7.3.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.4.1-1jpp.2.el7.ppc64le", "7Client-7.3.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.4.1-1jpp.2.el7.s390", "7Client-7.3.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.4.1-1jpp.2.el7.s390x", "7Client-7.3.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.4.1-1jpp.2.el7.x86_64", "7Client-7.3.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.4.1-1jpp.2.el7.ppc64", "7Client-7.3.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.4.1-1jpp.2.el7.ppc64le", "7Client-7.3.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.4.1-1jpp.2.el7.s390x", "7Client-7.3.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.4.1-1jpp.2.el7.x86_64", "7Client-7.3.Z-Client:java-1.8.0-ibm-plugin-1:1.8.0.4.1-1jpp.2.el7.ppc64", "7Client-7.3.Z-Client:java-1.8.0-ibm-plugin-1:1.8.0.4.1-1jpp.2.el7.x86_64", "7Client-7.3.Z-Client:java-1.8.0-ibm-src-1:1.8.0.4.1-1jpp.2.el7.ppc64", "7Client-7.3.Z-Client:java-1.8.0-ibm-src-1:1.8.0.4.1-1jpp.2.el7.ppc64le", "7Client-7.3.Z-Client:java-1.8.0-ibm-src-1:1.8.0.4.1-1jpp.2.el7.s390x", "7Client-7.3.Z-Client:java-1.8.0-ibm-src-1:1.8.0.4.1-1jpp.2.el7.x86_64", "7ComputeNode-7.3.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.4.1-1jpp.2.el7.i686", "7ComputeNode-7.3.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.4.1-1jpp.2.el7.ppc", "7ComputeNode-7.3.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.4.1-1jpp.2.el7.ppc64", "7ComputeNode-7.3.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.4.1-1jpp.2.el7.ppc64le", "7ComputeNode-7.3.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.4.1-1jpp.2.el7.s390", "7ComputeNode-7.3.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.4.1-1jpp.2.el7.s390x", "7ComputeNode-7.3.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.4.1-1jpp.2.el7.x86_64", "7ComputeNode-7.3.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.4.1-1jpp.2.el7.ppc64", "7ComputeNode-7.3.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.4.1-1jpp.2.el7.ppc64le", "7ComputeNode-7.3.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.4.1-1jpp.2.el7.s390x", "7ComputeNode-7.3.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.4.1-1jpp.2.el7.x86_64", "7ComputeNode-7.3.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.4.1-1jpp.2.el7.i686", "7ComputeNode-7.3.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.4.1-1jpp.2.el7.ppc", "7ComputeNode-7.3.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.4.1-1jpp.2.el7.ppc64", "7ComputeNode-7.3.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.4.1-1jpp.2.el7.ppc64le", "7ComputeNode-7.3.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.4.1-1jpp.2.el7.s390", "7ComputeNode-7.3.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.4.1-1jpp.2.el7.s390x", "7ComputeNode-7.3.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.4.1-1jpp.2.el7.x86_64", "7ComputeNode-7.3.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.4.1-1jpp.2.el7.ppc64", "7ComputeNode-7.3.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.4.1-1jpp.2.el7.ppc64le", "7ComputeNode-7.3.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.4.1-1jpp.2.el7.s390x", "7ComputeNode-7.3.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.4.1-1jpp.2.el7.x86_64", "7ComputeNode-7.3.Z-ComputeNode:java-1.8.0-ibm-plugin-1:1.8.0.4.1-1jpp.2.el7.ppc64", "7ComputeNode-7.3.Z-ComputeNode:java-1.8.0-ibm-plugin-1:1.8.0.4.1-1jpp.2.el7.x86_64", "7ComputeNode-7.3.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.4.1-1jpp.2.el7.ppc64", "7ComputeNode-7.3.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.4.1-1jpp.2.el7.ppc64le", "7ComputeNode-7.3.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.4.1-1jpp.2.el7.s390x", "7ComputeNode-7.3.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.4.1-1jpp.2.el7.x86_64", "7Server-7.3.Z-Server:java-1.8.0-ibm-1:1.8.0.4.1-1jpp.2.el7.i686", "7Server-7.3.Z-Server:java-1.8.0-ibm-1:1.8.0.4.1-1jpp.2.el7.ppc", "7Server-7.3.Z-Server:java-1.8.0-ibm-1:1.8.0.4.1-1jpp.2.el7.ppc64", "7Server-7.3.Z-Server:java-1.8.0-ibm-1:1.8.0.4.1-1jpp.2.el7.ppc64le", "7Server-7.3.Z-Server:java-1.8.0-ibm-1:1.8.0.4.1-1jpp.2.el7.s390", "7Server-7.3.Z-Server:java-1.8.0-ibm-1:1.8.0.4.1-1jpp.2.el7.s390x", "7Server-7.3.Z-Server:java-1.8.0-ibm-1:1.8.0.4.1-1jpp.2.el7.x86_64", "7Server-7.3.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.4.1-1jpp.2.el7.ppc64", "7Server-7.3.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.4.1-1jpp.2.el7.ppc64le", "7Server-7.3.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.4.1-1jpp.2.el7.s390x", "7Server-7.3.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.4.1-1jpp.2.el7.x86_64", "7Server-7.3.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.4.1-1jpp.2.el7.i686", "7Server-7.3.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.4.1-1jpp.2.el7.ppc", "7Server-7.3.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.4.1-1jpp.2.el7.ppc64", "7Server-7.3.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.4.1-1jpp.2.el7.ppc64le", "7Server-7.3.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.4.1-1jpp.2.el7.s390", "7Server-7.3.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.4.1-1jpp.2.el7.s390x", "7Server-7.3.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.4.1-1jpp.2.el7.x86_64", "7Server-7.3.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.4.1-1jpp.2.el7.ppc64", "7Server-7.3.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.4.1-1jpp.2.el7.ppc64le", "7Server-7.3.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.4.1-1jpp.2.el7.s390x", "7Server-7.3.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.4.1-1jpp.2.el7.x86_64", "7Server-7.3.Z-Server:java-1.8.0-ibm-plugin-1:1.8.0.4.1-1jpp.2.el7.ppc64", "7Server-7.3.Z-Server:java-1.8.0-ibm-plugin-1:1.8.0.4.1-1jpp.2.el7.x86_64", "7Server-7.3.Z-Server:java-1.8.0-ibm-src-1:1.8.0.4.1-1jpp.2.el7.ppc64", "7Server-7.3.Z-Server:java-1.8.0-ibm-src-1:1.8.0.4.1-1jpp.2.el7.ppc64le", "7Server-7.3.Z-Server:java-1.8.0-ibm-src-1:1.8.0.4.1-1jpp.2.el7.s390x", "7Server-7.3.Z-Server:java-1.8.0-ibm-src-1:1.8.0.4.1-1jpp.2.el7.x86_64", "7Workstation-7.3.Z-Workstation:java-1.8.0-ibm-1:1.8.0.4.1-1jpp.2.el7.i686", "7Workstation-7.3.Z-Workstation:java-1.8.0-ibm-1:1.8.0.4.1-1jpp.2.el7.ppc", "7Workstation-7.3.Z-Workstation:java-1.8.0-ibm-1:1.8.0.4.1-1jpp.2.el7.ppc64", "7Workstation-7.3.Z-Workstation:java-1.8.0-ibm-1:1.8.0.4.1-1jpp.2.el7.ppc64le", "7Workstation-7.3.Z-Workstation:java-1.8.0-ibm-1:1.8.0.4.1-1jpp.2.el7.s390", "7Workstation-7.3.Z-Workstation:java-1.8.0-ibm-1:1.8.0.4.1-1jpp.2.el7.s390x", "7Workstation-7.3.Z-Workstation:java-1.8.0-ibm-1:1.8.0.4.1-1jpp.2.el7.x86_64", "7Workstation-7.3.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.4.1-1jpp.2.el7.ppc64", "7Workstation-7.3.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.4.1-1jpp.2.el7.ppc64le", "7Workstation-7.3.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.4.1-1jpp.2.el7.s390x", "7Workstation-7.3.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.4.1-1jpp.2.el7.x86_64", "7Workstation-7.3.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.4.1-1jpp.2.el7.i686", "7Workstation-7.3.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.4.1-1jpp.2.el7.ppc", "7Workstation-7.3.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.4.1-1jpp.2.el7.ppc64", "7Workstation-7.3.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.4.1-1jpp.2.el7.ppc64le", "7Workstation-7.3.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.4.1-1jpp.2.el7.s390", "7Workstation-7.3.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.4.1-1jpp.2.el7.s390x", "7Workstation-7.3.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.4.1-1jpp.2.el7.x86_64", "7Workstation-7.3.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.4.1-1jpp.2.el7.ppc64", "7Workstation-7.3.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.4.1-1jpp.2.el7.ppc64le", "7Workstation-7.3.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.4.1-1jpp.2.el7.s390x", "7Workstation-7.3.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.4.1-1jpp.2.el7.x86_64", "7Workstation-7.3.Z-Workstation:java-1.8.0-ibm-plugin-1:1.8.0.4.1-1jpp.2.el7.ppc64", "7Workstation-7.3.Z-Workstation:java-1.8.0-ibm-plugin-1:1.8.0.4.1-1jpp.2.el7.x86_64", "7Workstation-7.3.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.4.1-1jpp.2.el7.ppc64", "7Workstation-7.3.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.4.1-1jpp.2.el7.ppc64le", "7Workstation-7.3.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.4.1-1jpp.2.el7.s390x", "7Workstation-7.3.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.4.1-1jpp.2.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2016-2183" }, { "category": "external", "summary": "RHBZ#1369383", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1369383" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2016-2183", "url": "https://www.cve.org/CVERecord?id=CVE-2016-2183" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-2183", "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-2183" }, { "category": "external", "summary": "https://access.redhat.com/articles/2548661", "url": "https://access.redhat.com/articles/2548661" }, { "category": "external", "summary": "https://access.redhat.com/errata/RHSA-2016:1940", "url": "https://access.redhat.com/errata/RHSA-2016:1940" }, { "category": "external", "summary": "https://sweet32.info/", "url": "https://sweet32.info/" } ], "release_date": "2016-08-24T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of IBM Java must be restarted for this update to take effect.", "product_ids": [ "6Client-Supplementary-6.8.z:java-1.8.0-ibm-1:1.8.0.4.1-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.8.0-ibm-1:1.8.0.4.1-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.8.0-ibm-1:1.8.0.4.1-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.8.0-ibm-1:1.8.0.4.1-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.8.0-ibm-demo-1:1.8.0.4.1-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.8.0-ibm-demo-1:1.8.0.4.1-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.8.0-ibm-demo-1:1.8.0.4.1-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.8.0-ibm-demo-1:1.8.0.4.1-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.8.0-ibm-devel-1:1.8.0.4.1-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.8.0-ibm-devel-1:1.8.0.4.1-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.8.0-ibm-devel-1:1.8.0.4.1-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.8.0-ibm-devel-1:1.8.0.4.1-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.8.0-ibm-jdbc-1:1.8.0.4.1-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.8.0-ibm-jdbc-1:1.8.0.4.1-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.8.0-ibm-jdbc-1:1.8.0.4.1-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.8.0-ibm-jdbc-1:1.8.0.4.1-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.8.0-ibm-plugin-1:1.8.0.4.1-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.8.0-ibm-plugin-1:1.8.0.4.1-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.8.0-ibm-src-1:1.8.0.4.1-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.8.0-ibm-src-1:1.8.0.4.1-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.8.0-ibm-src-1:1.8.0.4.1-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.8.0-ibm-src-1:1.8.0.4.1-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.8.0-ibm-1:1.8.0.4.1-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.8.0-ibm-1:1.8.0.4.1-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.8.0-ibm-1:1.8.0.4.1-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.8.0-ibm-1:1.8.0.4.1-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.8.0-ibm-demo-1:1.8.0.4.1-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.8.0-ibm-demo-1:1.8.0.4.1-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.8.0-ibm-demo-1:1.8.0.4.1-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.8.0-ibm-demo-1:1.8.0.4.1-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.8.0-ibm-devel-1:1.8.0.4.1-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.8.0-ibm-devel-1:1.8.0.4.1-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.8.0-ibm-devel-1:1.8.0.4.1-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.8.0-ibm-devel-1:1.8.0.4.1-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.8.0-ibm-jdbc-1:1.8.0.4.1-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.8.0-ibm-jdbc-1:1.8.0.4.1-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.8.0-ibm-jdbc-1:1.8.0.4.1-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.8.0-ibm-jdbc-1:1.8.0.4.1-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.8.0-ibm-plugin-1:1.8.0.4.1-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.8.0-ibm-plugin-1:1.8.0.4.1-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.8.0-ibm-src-1:1.8.0.4.1-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.8.0-ibm-src-1:1.8.0.4.1-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.8.0-ibm-src-1:1.8.0.4.1-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.8.0-ibm-src-1:1.8.0.4.1-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.8.0-ibm-1:1.8.0.4.1-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.8.0-ibm-1:1.8.0.4.1-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.8.0-ibm-1:1.8.0.4.1-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.8.0-ibm-1:1.8.0.4.1-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.8.0-ibm-demo-1:1.8.0.4.1-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.8.0-ibm-demo-1:1.8.0.4.1-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.8.0-ibm-demo-1:1.8.0.4.1-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.8.0-ibm-demo-1:1.8.0.4.1-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.8.0-ibm-devel-1:1.8.0.4.1-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.8.0-ibm-devel-1:1.8.0.4.1-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.8.0-ibm-devel-1:1.8.0.4.1-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.8.0-ibm-devel-1:1.8.0.4.1-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.8.0-ibm-jdbc-1:1.8.0.4.1-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.8.0-ibm-jdbc-1:1.8.0.4.1-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.8.0-ibm-jdbc-1:1.8.0.4.1-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.8.0-ibm-jdbc-1:1.8.0.4.1-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.8.0-ibm-plugin-1:1.8.0.4.1-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.8.0-ibm-plugin-1:1.8.0.4.1-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.8.0-ibm-src-1:1.8.0.4.1-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.8.0-ibm-src-1:1.8.0.4.1-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.8.0-ibm-src-1:1.8.0.4.1-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.8.0-ibm-src-1:1.8.0.4.1-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.8.0-ibm-1:1.8.0.4.1-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.8.0-ibm-1:1.8.0.4.1-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.8.0-ibm-1:1.8.0.4.1-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.8.0-ibm-1:1.8.0.4.1-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.8.0-ibm-demo-1:1.8.0.4.1-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.8.0-ibm-demo-1:1.8.0.4.1-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.8.0-ibm-demo-1:1.8.0.4.1-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.8.0-ibm-demo-1:1.8.0.4.1-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.8.0-ibm-devel-1:1.8.0.4.1-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.8.0-ibm-devel-1:1.8.0.4.1-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.8.0-ibm-devel-1:1.8.0.4.1-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.8.0-ibm-devel-1:1.8.0.4.1-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.8.0-ibm-jdbc-1:1.8.0.4.1-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.8.0-ibm-jdbc-1:1.8.0.4.1-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.8.0-ibm-jdbc-1:1.8.0.4.1-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.8.0-ibm-jdbc-1:1.8.0.4.1-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.8.0-ibm-plugin-1:1.8.0.4.1-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.8.0-ibm-plugin-1:1.8.0.4.1-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.8.0-ibm-src-1:1.8.0.4.1-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.8.0-ibm-src-1:1.8.0.4.1-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.8.0-ibm-src-1:1.8.0.4.1-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.8.0-ibm-src-1:1.8.0.4.1-1jpp.1.el6_8.x86_64", "7Client-7.3.Z-Client:java-1.8.0-ibm-1:1.8.0.4.1-1jpp.2.el7.i686", "7Client-7.3.Z-Client:java-1.8.0-ibm-1:1.8.0.4.1-1jpp.2.el7.ppc", "7Client-7.3.Z-Client:java-1.8.0-ibm-1:1.8.0.4.1-1jpp.2.el7.ppc64", "7Client-7.3.Z-Client:java-1.8.0-ibm-1:1.8.0.4.1-1jpp.2.el7.ppc64le", "7Client-7.3.Z-Client:java-1.8.0-ibm-1:1.8.0.4.1-1jpp.2.el7.s390", "7Client-7.3.Z-Client:java-1.8.0-ibm-1:1.8.0.4.1-1jpp.2.el7.s390x", "7Client-7.3.Z-Client:java-1.8.0-ibm-1:1.8.0.4.1-1jpp.2.el7.x86_64", "7Client-7.3.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.4.1-1jpp.2.el7.ppc64", "7Client-7.3.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.4.1-1jpp.2.el7.ppc64le", "7Client-7.3.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.4.1-1jpp.2.el7.s390x", "7Client-7.3.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.4.1-1jpp.2.el7.x86_64", "7Client-7.3.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.4.1-1jpp.2.el7.i686", "7Client-7.3.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.4.1-1jpp.2.el7.ppc", "7Client-7.3.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.4.1-1jpp.2.el7.ppc64", "7Client-7.3.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.4.1-1jpp.2.el7.ppc64le", "7Client-7.3.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.4.1-1jpp.2.el7.s390", "7Client-7.3.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.4.1-1jpp.2.el7.s390x", "7Client-7.3.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.4.1-1jpp.2.el7.x86_64", "7Client-7.3.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.4.1-1jpp.2.el7.ppc64", "7Client-7.3.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.4.1-1jpp.2.el7.ppc64le", "7Client-7.3.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.4.1-1jpp.2.el7.s390x", "7Client-7.3.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.4.1-1jpp.2.el7.x86_64", "7Client-7.3.Z-Client:java-1.8.0-ibm-plugin-1:1.8.0.4.1-1jpp.2.el7.ppc64", "7Client-7.3.Z-Client:java-1.8.0-ibm-plugin-1:1.8.0.4.1-1jpp.2.el7.x86_64", "7Client-7.3.Z-Client:java-1.8.0-ibm-src-1:1.8.0.4.1-1jpp.2.el7.ppc64", "7Client-7.3.Z-Client:java-1.8.0-ibm-src-1:1.8.0.4.1-1jpp.2.el7.ppc64le", "7Client-7.3.Z-Client:java-1.8.0-ibm-src-1:1.8.0.4.1-1jpp.2.el7.s390x", "7Client-7.3.Z-Client:java-1.8.0-ibm-src-1:1.8.0.4.1-1jpp.2.el7.x86_64", "7ComputeNode-7.3.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.4.1-1jpp.2.el7.i686", "7ComputeNode-7.3.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.4.1-1jpp.2.el7.ppc", "7ComputeNode-7.3.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.4.1-1jpp.2.el7.ppc64", "7ComputeNode-7.3.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.4.1-1jpp.2.el7.ppc64le", "7ComputeNode-7.3.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.4.1-1jpp.2.el7.s390", "7ComputeNode-7.3.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.4.1-1jpp.2.el7.s390x", "7ComputeNode-7.3.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.4.1-1jpp.2.el7.x86_64", "7ComputeNode-7.3.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.4.1-1jpp.2.el7.ppc64", "7ComputeNode-7.3.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.4.1-1jpp.2.el7.ppc64le", "7ComputeNode-7.3.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.4.1-1jpp.2.el7.s390x", "7ComputeNode-7.3.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.4.1-1jpp.2.el7.x86_64", "7ComputeNode-7.3.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.4.1-1jpp.2.el7.i686", "7ComputeNode-7.3.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.4.1-1jpp.2.el7.ppc", "7ComputeNode-7.3.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.4.1-1jpp.2.el7.ppc64", "7ComputeNode-7.3.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.4.1-1jpp.2.el7.ppc64le", "7ComputeNode-7.3.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.4.1-1jpp.2.el7.s390", "7ComputeNode-7.3.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.4.1-1jpp.2.el7.s390x", "7ComputeNode-7.3.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.4.1-1jpp.2.el7.x86_64", "7ComputeNode-7.3.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.4.1-1jpp.2.el7.ppc64", "7ComputeNode-7.3.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.4.1-1jpp.2.el7.ppc64le", "7ComputeNode-7.3.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.4.1-1jpp.2.el7.s390x", "7ComputeNode-7.3.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.4.1-1jpp.2.el7.x86_64", "7ComputeNode-7.3.Z-ComputeNode:java-1.8.0-ibm-plugin-1:1.8.0.4.1-1jpp.2.el7.ppc64", "7ComputeNode-7.3.Z-ComputeNode:java-1.8.0-ibm-plugin-1:1.8.0.4.1-1jpp.2.el7.x86_64", "7ComputeNode-7.3.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.4.1-1jpp.2.el7.ppc64", "7ComputeNode-7.3.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.4.1-1jpp.2.el7.ppc64le", "7ComputeNode-7.3.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.4.1-1jpp.2.el7.s390x", "7ComputeNode-7.3.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.4.1-1jpp.2.el7.x86_64", "7Server-7.3.Z-Server:java-1.8.0-ibm-1:1.8.0.4.1-1jpp.2.el7.i686", "7Server-7.3.Z-Server:java-1.8.0-ibm-1:1.8.0.4.1-1jpp.2.el7.ppc", "7Server-7.3.Z-Server:java-1.8.0-ibm-1:1.8.0.4.1-1jpp.2.el7.ppc64", "7Server-7.3.Z-Server:java-1.8.0-ibm-1:1.8.0.4.1-1jpp.2.el7.ppc64le", "7Server-7.3.Z-Server:java-1.8.0-ibm-1:1.8.0.4.1-1jpp.2.el7.s390", "7Server-7.3.Z-Server:java-1.8.0-ibm-1:1.8.0.4.1-1jpp.2.el7.s390x", "7Server-7.3.Z-Server:java-1.8.0-ibm-1:1.8.0.4.1-1jpp.2.el7.x86_64", "7Server-7.3.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.4.1-1jpp.2.el7.ppc64", "7Server-7.3.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.4.1-1jpp.2.el7.ppc64le", "7Server-7.3.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.4.1-1jpp.2.el7.s390x", "7Server-7.3.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.4.1-1jpp.2.el7.x86_64", "7Server-7.3.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.4.1-1jpp.2.el7.i686", "7Server-7.3.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.4.1-1jpp.2.el7.ppc", "7Server-7.3.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.4.1-1jpp.2.el7.ppc64", "7Server-7.3.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.4.1-1jpp.2.el7.ppc64le", "7Server-7.3.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.4.1-1jpp.2.el7.s390", "7Server-7.3.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.4.1-1jpp.2.el7.s390x", "7Server-7.3.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.4.1-1jpp.2.el7.x86_64", "7Server-7.3.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.4.1-1jpp.2.el7.ppc64", "7Server-7.3.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.4.1-1jpp.2.el7.ppc64le", "7Server-7.3.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.4.1-1jpp.2.el7.s390x", "7Server-7.3.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.4.1-1jpp.2.el7.x86_64", "7Server-7.3.Z-Server:java-1.8.0-ibm-plugin-1:1.8.0.4.1-1jpp.2.el7.ppc64", "7Server-7.3.Z-Server:java-1.8.0-ibm-plugin-1:1.8.0.4.1-1jpp.2.el7.x86_64", "7Server-7.3.Z-Server:java-1.8.0-ibm-src-1:1.8.0.4.1-1jpp.2.el7.ppc64", "7Server-7.3.Z-Server:java-1.8.0-ibm-src-1:1.8.0.4.1-1jpp.2.el7.ppc64le", "7Server-7.3.Z-Server:java-1.8.0-ibm-src-1:1.8.0.4.1-1jpp.2.el7.s390x", "7Server-7.3.Z-Server:java-1.8.0-ibm-src-1:1.8.0.4.1-1jpp.2.el7.x86_64", "7Workstation-7.3.Z-Workstation:java-1.8.0-ibm-1:1.8.0.4.1-1jpp.2.el7.i686", "7Workstation-7.3.Z-Workstation:java-1.8.0-ibm-1:1.8.0.4.1-1jpp.2.el7.ppc", "7Workstation-7.3.Z-Workstation:java-1.8.0-ibm-1:1.8.0.4.1-1jpp.2.el7.ppc64", "7Workstation-7.3.Z-Workstation:java-1.8.0-ibm-1:1.8.0.4.1-1jpp.2.el7.ppc64le", "7Workstation-7.3.Z-Workstation:java-1.8.0-ibm-1:1.8.0.4.1-1jpp.2.el7.s390", "7Workstation-7.3.Z-Workstation:java-1.8.0-ibm-1:1.8.0.4.1-1jpp.2.el7.s390x", "7Workstation-7.3.Z-Workstation:java-1.8.0-ibm-1:1.8.0.4.1-1jpp.2.el7.x86_64", "7Workstation-7.3.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.4.1-1jpp.2.el7.ppc64", "7Workstation-7.3.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.4.1-1jpp.2.el7.ppc64le", "7Workstation-7.3.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.4.1-1jpp.2.el7.s390x", "7Workstation-7.3.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.4.1-1jpp.2.el7.x86_64", "7Workstation-7.3.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.4.1-1jpp.2.el7.i686", "7Workstation-7.3.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.4.1-1jpp.2.el7.ppc", "7Workstation-7.3.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.4.1-1jpp.2.el7.ppc64", "7Workstation-7.3.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.4.1-1jpp.2.el7.ppc64le", "7Workstation-7.3.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.4.1-1jpp.2.el7.s390", "7Workstation-7.3.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.4.1-1jpp.2.el7.s390x", "7Workstation-7.3.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.4.1-1jpp.2.el7.x86_64", "7Workstation-7.3.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.4.1-1jpp.2.el7.ppc64", "7Workstation-7.3.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.4.1-1jpp.2.el7.ppc64le", "7Workstation-7.3.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.4.1-1jpp.2.el7.s390x", "7Workstation-7.3.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.4.1-1jpp.2.el7.x86_64", "7Workstation-7.3.Z-Workstation:java-1.8.0-ibm-plugin-1:1.8.0.4.1-1jpp.2.el7.ppc64", "7Workstation-7.3.Z-Workstation:java-1.8.0-ibm-plugin-1:1.8.0.4.1-1jpp.2.el7.x86_64", "7Workstation-7.3.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.4.1-1jpp.2.el7.ppc64", "7Workstation-7.3.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.4.1-1jpp.2.el7.ppc64le", "7Workstation-7.3.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.4.1-1jpp.2.el7.s390x", "7Workstation-7.3.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.4.1-1jpp.2.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2017:0462" }, { "category": "workaround", "details": "1.SSL/TLS configurations should prefer AES over DES. Versions of OpenSSL shipped with Red Hat Enterprise Linux 6 and 7 already do so. In the version of OpenSSL shipped with Red Hat Enterprise Linux 5, 3DES is listed below the AES-256 cipher and above the AES-128 cipher, therefore AES-256 based ciphersuite should not be disabled on the server.\n2. Servers using OpenSSL, should not disable AES-128 and AES-256 ciphersuites. Versions of Apache shipped with Red Hat Enterprise Linux use the default cipher string, in which AES is preferred over DES/3DES based ciphersuites.\n\nFor JBoss Middleware, and Java mitigations, please review this knowledge base article:\n\nhttps://access.redhat.com/articles/2598471\n\nThis can be mitigated on OpenShift Container Platform (OCP) by disabling the vulnerable TLS cipher suite in the applicable component. TLS configuration options for OCP are described here:\n\nhttps://access.redhat.com/articles/5348961", "product_ids": [ "6Client-Supplementary-6.8.z:java-1.8.0-ibm-1:1.8.0.4.1-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.8.0-ibm-1:1.8.0.4.1-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.8.0-ibm-1:1.8.0.4.1-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.8.0-ibm-1:1.8.0.4.1-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.8.0-ibm-demo-1:1.8.0.4.1-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.8.0-ibm-demo-1:1.8.0.4.1-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.8.0-ibm-demo-1:1.8.0.4.1-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.8.0-ibm-demo-1:1.8.0.4.1-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.8.0-ibm-devel-1:1.8.0.4.1-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.8.0-ibm-devel-1:1.8.0.4.1-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.8.0-ibm-devel-1:1.8.0.4.1-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.8.0-ibm-devel-1:1.8.0.4.1-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.8.0-ibm-jdbc-1:1.8.0.4.1-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.8.0-ibm-jdbc-1:1.8.0.4.1-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.8.0-ibm-jdbc-1:1.8.0.4.1-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.8.0-ibm-jdbc-1:1.8.0.4.1-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.8.0-ibm-plugin-1:1.8.0.4.1-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.8.0-ibm-plugin-1:1.8.0.4.1-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.8.0-ibm-src-1:1.8.0.4.1-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.8.0-ibm-src-1:1.8.0.4.1-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.8.0-ibm-src-1:1.8.0.4.1-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.8.0-ibm-src-1:1.8.0.4.1-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.8.0-ibm-1:1.8.0.4.1-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.8.0-ibm-1:1.8.0.4.1-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.8.0-ibm-1:1.8.0.4.1-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.8.0-ibm-1:1.8.0.4.1-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.8.0-ibm-demo-1:1.8.0.4.1-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.8.0-ibm-demo-1:1.8.0.4.1-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.8.0-ibm-demo-1:1.8.0.4.1-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.8.0-ibm-demo-1:1.8.0.4.1-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.8.0-ibm-devel-1:1.8.0.4.1-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.8.0-ibm-devel-1:1.8.0.4.1-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.8.0-ibm-devel-1:1.8.0.4.1-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.8.0-ibm-devel-1:1.8.0.4.1-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.8.0-ibm-jdbc-1:1.8.0.4.1-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.8.0-ibm-jdbc-1:1.8.0.4.1-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.8.0-ibm-jdbc-1:1.8.0.4.1-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.8.0-ibm-jdbc-1:1.8.0.4.1-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.8.0-ibm-plugin-1:1.8.0.4.1-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.8.0-ibm-plugin-1:1.8.0.4.1-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.8.0-ibm-src-1:1.8.0.4.1-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.8.0-ibm-src-1:1.8.0.4.1-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.8.0-ibm-src-1:1.8.0.4.1-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.8.0-ibm-src-1:1.8.0.4.1-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.8.0-ibm-1:1.8.0.4.1-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.8.0-ibm-1:1.8.0.4.1-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.8.0-ibm-1:1.8.0.4.1-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.8.0-ibm-1:1.8.0.4.1-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.8.0-ibm-demo-1:1.8.0.4.1-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.8.0-ibm-demo-1:1.8.0.4.1-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.8.0-ibm-demo-1:1.8.0.4.1-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.8.0-ibm-demo-1:1.8.0.4.1-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.8.0-ibm-devel-1:1.8.0.4.1-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.8.0-ibm-devel-1:1.8.0.4.1-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.8.0-ibm-devel-1:1.8.0.4.1-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.8.0-ibm-devel-1:1.8.0.4.1-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.8.0-ibm-jdbc-1:1.8.0.4.1-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.8.0-ibm-jdbc-1:1.8.0.4.1-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.8.0-ibm-jdbc-1:1.8.0.4.1-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.8.0-ibm-jdbc-1:1.8.0.4.1-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.8.0-ibm-plugin-1:1.8.0.4.1-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.8.0-ibm-plugin-1:1.8.0.4.1-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.8.0-ibm-src-1:1.8.0.4.1-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.8.0-ibm-src-1:1.8.0.4.1-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.8.0-ibm-src-1:1.8.0.4.1-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.8.0-ibm-src-1:1.8.0.4.1-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.8.0-ibm-1:1.8.0.4.1-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.8.0-ibm-1:1.8.0.4.1-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.8.0-ibm-1:1.8.0.4.1-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.8.0-ibm-1:1.8.0.4.1-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.8.0-ibm-demo-1:1.8.0.4.1-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.8.0-ibm-demo-1:1.8.0.4.1-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.8.0-ibm-demo-1:1.8.0.4.1-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.8.0-ibm-demo-1:1.8.0.4.1-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.8.0-ibm-devel-1:1.8.0.4.1-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.8.0-ibm-devel-1:1.8.0.4.1-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.8.0-ibm-devel-1:1.8.0.4.1-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.8.0-ibm-devel-1:1.8.0.4.1-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.8.0-ibm-jdbc-1:1.8.0.4.1-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.8.0-ibm-jdbc-1:1.8.0.4.1-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.8.0-ibm-jdbc-1:1.8.0.4.1-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.8.0-ibm-jdbc-1:1.8.0.4.1-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.8.0-ibm-plugin-1:1.8.0.4.1-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.8.0-ibm-plugin-1:1.8.0.4.1-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.8.0-ibm-src-1:1.8.0.4.1-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.8.0-ibm-src-1:1.8.0.4.1-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.8.0-ibm-src-1:1.8.0.4.1-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.8.0-ibm-src-1:1.8.0.4.1-1jpp.1.el6_8.x86_64", "7Client-7.3.Z-Client:java-1.8.0-ibm-1:1.8.0.4.1-1jpp.2.el7.i686", "7Client-7.3.Z-Client:java-1.8.0-ibm-1:1.8.0.4.1-1jpp.2.el7.ppc", "7Client-7.3.Z-Client:java-1.8.0-ibm-1:1.8.0.4.1-1jpp.2.el7.ppc64", "7Client-7.3.Z-Client:java-1.8.0-ibm-1:1.8.0.4.1-1jpp.2.el7.ppc64le", "7Client-7.3.Z-Client:java-1.8.0-ibm-1:1.8.0.4.1-1jpp.2.el7.s390", "7Client-7.3.Z-Client:java-1.8.0-ibm-1:1.8.0.4.1-1jpp.2.el7.s390x", "7Client-7.3.Z-Client:java-1.8.0-ibm-1:1.8.0.4.1-1jpp.2.el7.x86_64", "7Client-7.3.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.4.1-1jpp.2.el7.ppc64", "7Client-7.3.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.4.1-1jpp.2.el7.ppc64le", "7Client-7.3.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.4.1-1jpp.2.el7.s390x", "7Client-7.3.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.4.1-1jpp.2.el7.x86_64", "7Client-7.3.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.4.1-1jpp.2.el7.i686", "7Client-7.3.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.4.1-1jpp.2.el7.ppc", "7Client-7.3.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.4.1-1jpp.2.el7.ppc64", "7Client-7.3.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.4.1-1jpp.2.el7.ppc64le", "7Client-7.3.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.4.1-1jpp.2.el7.s390", "7Client-7.3.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.4.1-1jpp.2.el7.s390x", "7Client-7.3.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.4.1-1jpp.2.el7.x86_64", "7Client-7.3.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.4.1-1jpp.2.el7.ppc64", "7Client-7.3.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.4.1-1jpp.2.el7.ppc64le", "7Client-7.3.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.4.1-1jpp.2.el7.s390x", "7Client-7.3.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.4.1-1jpp.2.el7.x86_64", "7Client-7.3.Z-Client:java-1.8.0-ibm-plugin-1:1.8.0.4.1-1jpp.2.el7.ppc64", "7Client-7.3.Z-Client:java-1.8.0-ibm-plugin-1:1.8.0.4.1-1jpp.2.el7.x86_64", "7Client-7.3.Z-Client:java-1.8.0-ibm-src-1:1.8.0.4.1-1jpp.2.el7.ppc64", "7Client-7.3.Z-Client:java-1.8.0-ibm-src-1:1.8.0.4.1-1jpp.2.el7.ppc64le", "7Client-7.3.Z-Client:java-1.8.0-ibm-src-1:1.8.0.4.1-1jpp.2.el7.s390x", "7Client-7.3.Z-Client:java-1.8.0-ibm-src-1:1.8.0.4.1-1jpp.2.el7.x86_64", "7ComputeNode-7.3.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.4.1-1jpp.2.el7.i686", "7ComputeNode-7.3.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.4.1-1jpp.2.el7.ppc", "7ComputeNode-7.3.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.4.1-1jpp.2.el7.ppc64", "7ComputeNode-7.3.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.4.1-1jpp.2.el7.ppc64le", "7ComputeNode-7.3.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.4.1-1jpp.2.el7.s390", "7ComputeNode-7.3.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.4.1-1jpp.2.el7.s390x", "7ComputeNode-7.3.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.4.1-1jpp.2.el7.x86_64", "7ComputeNode-7.3.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.4.1-1jpp.2.el7.ppc64", "7ComputeNode-7.3.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.4.1-1jpp.2.el7.ppc64le", "7ComputeNode-7.3.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.4.1-1jpp.2.el7.s390x", "7ComputeNode-7.3.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.4.1-1jpp.2.el7.x86_64", "7ComputeNode-7.3.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.4.1-1jpp.2.el7.i686", "7ComputeNode-7.3.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.4.1-1jpp.2.el7.ppc", "7ComputeNode-7.3.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.4.1-1jpp.2.el7.ppc64", "7ComputeNode-7.3.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.4.1-1jpp.2.el7.ppc64le", "7ComputeNode-7.3.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.4.1-1jpp.2.el7.s390", "7ComputeNode-7.3.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.4.1-1jpp.2.el7.s390x", "7ComputeNode-7.3.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.4.1-1jpp.2.el7.x86_64", "7ComputeNode-7.3.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.4.1-1jpp.2.el7.ppc64", "7ComputeNode-7.3.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.4.1-1jpp.2.el7.ppc64le", "7ComputeNode-7.3.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.4.1-1jpp.2.el7.s390x", "7ComputeNode-7.3.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.4.1-1jpp.2.el7.x86_64", "7ComputeNode-7.3.Z-ComputeNode:java-1.8.0-ibm-plugin-1:1.8.0.4.1-1jpp.2.el7.ppc64", "7ComputeNode-7.3.Z-ComputeNode:java-1.8.0-ibm-plugin-1:1.8.0.4.1-1jpp.2.el7.x86_64", "7ComputeNode-7.3.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.4.1-1jpp.2.el7.ppc64", "7ComputeNode-7.3.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.4.1-1jpp.2.el7.ppc64le", "7ComputeNode-7.3.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.4.1-1jpp.2.el7.s390x", "7ComputeNode-7.3.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.4.1-1jpp.2.el7.x86_64", "7Server-7.3.Z-Server:java-1.8.0-ibm-1:1.8.0.4.1-1jpp.2.el7.i686", "7Server-7.3.Z-Server:java-1.8.0-ibm-1:1.8.0.4.1-1jpp.2.el7.ppc", "7Server-7.3.Z-Server:java-1.8.0-ibm-1:1.8.0.4.1-1jpp.2.el7.ppc64", "7Server-7.3.Z-Server:java-1.8.0-ibm-1:1.8.0.4.1-1jpp.2.el7.ppc64le", "7Server-7.3.Z-Server:java-1.8.0-ibm-1:1.8.0.4.1-1jpp.2.el7.s390", "7Server-7.3.Z-Server:java-1.8.0-ibm-1:1.8.0.4.1-1jpp.2.el7.s390x", "7Server-7.3.Z-Server:java-1.8.0-ibm-1:1.8.0.4.1-1jpp.2.el7.x86_64", "7Server-7.3.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.4.1-1jpp.2.el7.ppc64", "7Server-7.3.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.4.1-1jpp.2.el7.ppc64le", "7Server-7.3.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.4.1-1jpp.2.el7.s390x", "7Server-7.3.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.4.1-1jpp.2.el7.x86_64", "7Server-7.3.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.4.1-1jpp.2.el7.i686", "7Server-7.3.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.4.1-1jpp.2.el7.ppc", "7Server-7.3.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.4.1-1jpp.2.el7.ppc64", "7Server-7.3.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.4.1-1jpp.2.el7.ppc64le", "7Server-7.3.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.4.1-1jpp.2.el7.s390", "7Server-7.3.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.4.1-1jpp.2.el7.s390x", "7Server-7.3.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.4.1-1jpp.2.el7.x86_64", "7Server-7.3.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.4.1-1jpp.2.el7.ppc64", "7Server-7.3.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.4.1-1jpp.2.el7.ppc64le", "7Server-7.3.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.4.1-1jpp.2.el7.s390x", "7Server-7.3.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.4.1-1jpp.2.el7.x86_64", "7Server-7.3.Z-Server:java-1.8.0-ibm-plugin-1:1.8.0.4.1-1jpp.2.el7.ppc64", "7Server-7.3.Z-Server:java-1.8.0-ibm-plugin-1:1.8.0.4.1-1jpp.2.el7.x86_64", "7Server-7.3.Z-Server:java-1.8.0-ibm-src-1:1.8.0.4.1-1jpp.2.el7.ppc64", "7Server-7.3.Z-Server:java-1.8.0-ibm-src-1:1.8.0.4.1-1jpp.2.el7.ppc64le", "7Server-7.3.Z-Server:java-1.8.0-ibm-src-1:1.8.0.4.1-1jpp.2.el7.s390x", "7Server-7.3.Z-Server:java-1.8.0-ibm-src-1:1.8.0.4.1-1jpp.2.el7.x86_64", "7Workstation-7.3.Z-Workstation:java-1.8.0-ibm-1:1.8.0.4.1-1jpp.2.el7.i686", "7Workstation-7.3.Z-Workstation:java-1.8.0-ibm-1:1.8.0.4.1-1jpp.2.el7.ppc", "7Workstation-7.3.Z-Workstation:java-1.8.0-ibm-1:1.8.0.4.1-1jpp.2.el7.ppc64", "7Workstation-7.3.Z-Workstation:java-1.8.0-ibm-1:1.8.0.4.1-1jpp.2.el7.ppc64le", "7Workstation-7.3.Z-Workstation:java-1.8.0-ibm-1:1.8.0.4.1-1jpp.2.el7.s390", "7Workstation-7.3.Z-Workstation:java-1.8.0-ibm-1:1.8.0.4.1-1jpp.2.el7.s390x", "7Workstation-7.3.Z-Workstation:java-1.8.0-ibm-1:1.8.0.4.1-1jpp.2.el7.x86_64", "7Workstation-7.3.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.4.1-1jpp.2.el7.ppc64", "7Workstation-7.3.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.4.1-1jpp.2.el7.ppc64le", "7Workstation-7.3.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.4.1-1jpp.2.el7.s390x", "7Workstation-7.3.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.4.1-1jpp.2.el7.x86_64", "7Workstation-7.3.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.4.1-1jpp.2.el7.i686", "7Workstation-7.3.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.4.1-1jpp.2.el7.ppc", "7Workstation-7.3.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.4.1-1jpp.2.el7.ppc64", "7Workstation-7.3.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.4.1-1jpp.2.el7.ppc64le", "7Workstation-7.3.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.4.1-1jpp.2.el7.s390", "7Workstation-7.3.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.4.1-1jpp.2.el7.s390x", "7Workstation-7.3.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.4.1-1jpp.2.el7.x86_64", "7Workstation-7.3.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.4.1-1jpp.2.el7.ppc64", "7Workstation-7.3.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.4.1-1jpp.2.el7.ppc64le", "7Workstation-7.3.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.4.1-1jpp.2.el7.s390x", "7Workstation-7.3.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.4.1-1jpp.2.el7.x86_64", "7Workstation-7.3.Z-Workstation:java-1.8.0-ibm-plugin-1:1.8.0.4.1-1jpp.2.el7.ppc64", "7Workstation-7.3.Z-Workstation:java-1.8.0-ibm-plugin-1:1.8.0.4.1-1jpp.2.el7.x86_64", "7Workstation-7.3.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.4.1-1jpp.2.el7.ppc64", "7Workstation-7.3.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.4.1-1jpp.2.el7.ppc64le", "7Workstation-7.3.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.4.1-1jpp.2.el7.s390x", "7Workstation-7.3.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.4.1-1jpp.2.el7.x86_64" ] } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0" }, "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.0" }, "products": [ "6Client-Supplementary-6.8.z:java-1.8.0-ibm-1:1.8.0.4.1-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.8.0-ibm-1:1.8.0.4.1-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.8.0-ibm-1:1.8.0.4.1-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.8.0-ibm-1:1.8.0.4.1-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.8.0-ibm-demo-1:1.8.0.4.1-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.8.0-ibm-demo-1:1.8.0.4.1-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.8.0-ibm-demo-1:1.8.0.4.1-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.8.0-ibm-demo-1:1.8.0.4.1-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.8.0-ibm-devel-1:1.8.0.4.1-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.8.0-ibm-devel-1:1.8.0.4.1-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.8.0-ibm-devel-1:1.8.0.4.1-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.8.0-ibm-devel-1:1.8.0.4.1-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.8.0-ibm-jdbc-1:1.8.0.4.1-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.8.0-ibm-jdbc-1:1.8.0.4.1-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.8.0-ibm-jdbc-1:1.8.0.4.1-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.8.0-ibm-jdbc-1:1.8.0.4.1-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.8.0-ibm-plugin-1:1.8.0.4.1-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.8.0-ibm-plugin-1:1.8.0.4.1-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.8.0-ibm-src-1:1.8.0.4.1-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.8.0-ibm-src-1:1.8.0.4.1-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.8.0-ibm-src-1:1.8.0.4.1-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.8.0-ibm-src-1:1.8.0.4.1-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.8.0-ibm-1:1.8.0.4.1-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.8.0-ibm-1:1.8.0.4.1-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.8.0-ibm-1:1.8.0.4.1-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.8.0-ibm-1:1.8.0.4.1-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.8.0-ibm-demo-1:1.8.0.4.1-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.8.0-ibm-demo-1:1.8.0.4.1-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.8.0-ibm-demo-1:1.8.0.4.1-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.8.0-ibm-demo-1:1.8.0.4.1-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.8.0-ibm-devel-1:1.8.0.4.1-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.8.0-ibm-devel-1:1.8.0.4.1-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.8.0-ibm-devel-1:1.8.0.4.1-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.8.0-ibm-devel-1:1.8.0.4.1-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.8.0-ibm-jdbc-1:1.8.0.4.1-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.8.0-ibm-jdbc-1:1.8.0.4.1-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.8.0-ibm-jdbc-1:1.8.0.4.1-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.8.0-ibm-jdbc-1:1.8.0.4.1-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.8.0-ibm-plugin-1:1.8.0.4.1-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.8.0-ibm-plugin-1:1.8.0.4.1-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.8.0-ibm-src-1:1.8.0.4.1-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.8.0-ibm-src-1:1.8.0.4.1-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.8.0-ibm-src-1:1.8.0.4.1-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.8.0-ibm-src-1:1.8.0.4.1-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.8.0-ibm-1:1.8.0.4.1-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.8.0-ibm-1:1.8.0.4.1-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.8.0-ibm-1:1.8.0.4.1-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.8.0-ibm-1:1.8.0.4.1-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.8.0-ibm-demo-1:1.8.0.4.1-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.8.0-ibm-demo-1:1.8.0.4.1-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.8.0-ibm-demo-1:1.8.0.4.1-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.8.0-ibm-demo-1:1.8.0.4.1-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.8.0-ibm-devel-1:1.8.0.4.1-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.8.0-ibm-devel-1:1.8.0.4.1-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.8.0-ibm-devel-1:1.8.0.4.1-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.8.0-ibm-devel-1:1.8.0.4.1-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.8.0-ibm-jdbc-1:1.8.0.4.1-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.8.0-ibm-jdbc-1:1.8.0.4.1-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.8.0-ibm-jdbc-1:1.8.0.4.1-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.8.0-ibm-jdbc-1:1.8.0.4.1-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.8.0-ibm-plugin-1:1.8.0.4.1-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.8.0-ibm-plugin-1:1.8.0.4.1-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.8.0-ibm-src-1:1.8.0.4.1-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.8.0-ibm-src-1:1.8.0.4.1-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.8.0-ibm-src-1:1.8.0.4.1-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.8.0-ibm-src-1:1.8.0.4.1-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.8.0-ibm-1:1.8.0.4.1-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.8.0-ibm-1:1.8.0.4.1-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.8.0-ibm-1:1.8.0.4.1-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.8.0-ibm-1:1.8.0.4.1-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.8.0-ibm-demo-1:1.8.0.4.1-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.8.0-ibm-demo-1:1.8.0.4.1-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.8.0-ibm-demo-1:1.8.0.4.1-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.8.0-ibm-demo-1:1.8.0.4.1-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.8.0-ibm-devel-1:1.8.0.4.1-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.8.0-ibm-devel-1:1.8.0.4.1-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.8.0-ibm-devel-1:1.8.0.4.1-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.8.0-ibm-devel-1:1.8.0.4.1-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.8.0-ibm-jdbc-1:1.8.0.4.1-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.8.0-ibm-jdbc-1:1.8.0.4.1-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.8.0-ibm-jdbc-1:1.8.0.4.1-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.8.0-ibm-jdbc-1:1.8.0.4.1-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.8.0-ibm-plugin-1:1.8.0.4.1-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.8.0-ibm-plugin-1:1.8.0.4.1-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.8.0-ibm-src-1:1.8.0.4.1-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.8.0-ibm-src-1:1.8.0.4.1-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.8.0-ibm-src-1:1.8.0.4.1-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.8.0-ibm-src-1:1.8.0.4.1-1jpp.1.el6_8.x86_64", "7Client-7.3.Z-Client:java-1.8.0-ibm-1:1.8.0.4.1-1jpp.2.el7.i686", "7Client-7.3.Z-Client:java-1.8.0-ibm-1:1.8.0.4.1-1jpp.2.el7.ppc", "7Client-7.3.Z-Client:java-1.8.0-ibm-1:1.8.0.4.1-1jpp.2.el7.ppc64", "7Client-7.3.Z-Client:java-1.8.0-ibm-1:1.8.0.4.1-1jpp.2.el7.ppc64le", "7Client-7.3.Z-Client:java-1.8.0-ibm-1:1.8.0.4.1-1jpp.2.el7.s390", "7Client-7.3.Z-Client:java-1.8.0-ibm-1:1.8.0.4.1-1jpp.2.el7.s390x", "7Client-7.3.Z-Client:java-1.8.0-ibm-1:1.8.0.4.1-1jpp.2.el7.x86_64", "7Client-7.3.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.4.1-1jpp.2.el7.ppc64", "7Client-7.3.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.4.1-1jpp.2.el7.ppc64le", "7Client-7.3.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.4.1-1jpp.2.el7.s390x", "7Client-7.3.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.4.1-1jpp.2.el7.x86_64", "7Client-7.3.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.4.1-1jpp.2.el7.i686", "7Client-7.3.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.4.1-1jpp.2.el7.ppc", "7Client-7.3.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.4.1-1jpp.2.el7.ppc64", "7Client-7.3.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.4.1-1jpp.2.el7.ppc64le", "7Client-7.3.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.4.1-1jpp.2.el7.s390", "7Client-7.3.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.4.1-1jpp.2.el7.s390x", "7Client-7.3.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.4.1-1jpp.2.el7.x86_64", "7Client-7.3.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.4.1-1jpp.2.el7.ppc64", "7Client-7.3.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.4.1-1jpp.2.el7.ppc64le", "7Client-7.3.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.4.1-1jpp.2.el7.s390x", "7Client-7.3.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.4.1-1jpp.2.el7.x86_64", "7Client-7.3.Z-Client:java-1.8.0-ibm-plugin-1:1.8.0.4.1-1jpp.2.el7.ppc64", "7Client-7.3.Z-Client:java-1.8.0-ibm-plugin-1:1.8.0.4.1-1jpp.2.el7.x86_64", "7Client-7.3.Z-Client:java-1.8.0-ibm-src-1:1.8.0.4.1-1jpp.2.el7.ppc64", "7Client-7.3.Z-Client:java-1.8.0-ibm-src-1:1.8.0.4.1-1jpp.2.el7.ppc64le", "7Client-7.3.Z-Client:java-1.8.0-ibm-src-1:1.8.0.4.1-1jpp.2.el7.s390x", "7Client-7.3.Z-Client:java-1.8.0-ibm-src-1:1.8.0.4.1-1jpp.2.el7.x86_64", "7ComputeNode-7.3.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.4.1-1jpp.2.el7.i686", "7ComputeNode-7.3.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.4.1-1jpp.2.el7.ppc", "7ComputeNode-7.3.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.4.1-1jpp.2.el7.ppc64", "7ComputeNode-7.3.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.4.1-1jpp.2.el7.ppc64le", "7ComputeNode-7.3.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.4.1-1jpp.2.el7.s390", "7ComputeNode-7.3.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.4.1-1jpp.2.el7.s390x", "7ComputeNode-7.3.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.4.1-1jpp.2.el7.x86_64", "7ComputeNode-7.3.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.4.1-1jpp.2.el7.ppc64", "7ComputeNode-7.3.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.4.1-1jpp.2.el7.ppc64le", "7ComputeNode-7.3.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.4.1-1jpp.2.el7.s390x", "7ComputeNode-7.3.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.4.1-1jpp.2.el7.x86_64", "7ComputeNode-7.3.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.4.1-1jpp.2.el7.i686", "7ComputeNode-7.3.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.4.1-1jpp.2.el7.ppc", "7ComputeNode-7.3.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.4.1-1jpp.2.el7.ppc64", "7ComputeNode-7.3.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.4.1-1jpp.2.el7.ppc64le", "7ComputeNode-7.3.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.4.1-1jpp.2.el7.s390", "7ComputeNode-7.3.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.4.1-1jpp.2.el7.s390x", "7ComputeNode-7.3.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.4.1-1jpp.2.el7.x86_64", "7ComputeNode-7.3.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.4.1-1jpp.2.el7.ppc64", "7ComputeNode-7.3.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.4.1-1jpp.2.el7.ppc64le", "7ComputeNode-7.3.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.4.1-1jpp.2.el7.s390x", "7ComputeNode-7.3.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.4.1-1jpp.2.el7.x86_64", "7ComputeNode-7.3.Z-ComputeNode:java-1.8.0-ibm-plugin-1:1.8.0.4.1-1jpp.2.el7.ppc64", "7ComputeNode-7.3.Z-ComputeNode:java-1.8.0-ibm-plugin-1:1.8.0.4.1-1jpp.2.el7.x86_64", "7ComputeNode-7.3.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.4.1-1jpp.2.el7.ppc64", "7ComputeNode-7.3.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.4.1-1jpp.2.el7.ppc64le", "7ComputeNode-7.3.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.4.1-1jpp.2.el7.s390x", "7ComputeNode-7.3.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.4.1-1jpp.2.el7.x86_64", "7Server-7.3.Z-Server:java-1.8.0-ibm-1:1.8.0.4.1-1jpp.2.el7.i686", "7Server-7.3.Z-Server:java-1.8.0-ibm-1:1.8.0.4.1-1jpp.2.el7.ppc", "7Server-7.3.Z-Server:java-1.8.0-ibm-1:1.8.0.4.1-1jpp.2.el7.ppc64", "7Server-7.3.Z-Server:java-1.8.0-ibm-1:1.8.0.4.1-1jpp.2.el7.ppc64le", "7Server-7.3.Z-Server:java-1.8.0-ibm-1:1.8.0.4.1-1jpp.2.el7.s390", "7Server-7.3.Z-Server:java-1.8.0-ibm-1:1.8.0.4.1-1jpp.2.el7.s390x", "7Server-7.3.Z-Server:java-1.8.0-ibm-1:1.8.0.4.1-1jpp.2.el7.x86_64", "7Server-7.3.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.4.1-1jpp.2.el7.ppc64", "7Server-7.3.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.4.1-1jpp.2.el7.ppc64le", "7Server-7.3.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.4.1-1jpp.2.el7.s390x", "7Server-7.3.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.4.1-1jpp.2.el7.x86_64", "7Server-7.3.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.4.1-1jpp.2.el7.i686", "7Server-7.3.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.4.1-1jpp.2.el7.ppc", "7Server-7.3.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.4.1-1jpp.2.el7.ppc64", "7Server-7.3.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.4.1-1jpp.2.el7.ppc64le", "7Server-7.3.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.4.1-1jpp.2.el7.s390", "7Server-7.3.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.4.1-1jpp.2.el7.s390x", "7Server-7.3.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.4.1-1jpp.2.el7.x86_64", "7Server-7.3.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.4.1-1jpp.2.el7.ppc64", "7Server-7.3.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.4.1-1jpp.2.el7.ppc64le", "7Server-7.3.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.4.1-1jpp.2.el7.s390x", "7Server-7.3.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.4.1-1jpp.2.el7.x86_64", "7Server-7.3.Z-Server:java-1.8.0-ibm-plugin-1:1.8.0.4.1-1jpp.2.el7.ppc64", "7Server-7.3.Z-Server:java-1.8.0-ibm-plugin-1:1.8.0.4.1-1jpp.2.el7.x86_64", "7Server-7.3.Z-Server:java-1.8.0-ibm-src-1:1.8.0.4.1-1jpp.2.el7.ppc64", "7Server-7.3.Z-Server:java-1.8.0-ibm-src-1:1.8.0.4.1-1jpp.2.el7.ppc64le", "7Server-7.3.Z-Server:java-1.8.0-ibm-src-1:1.8.0.4.1-1jpp.2.el7.s390x", "7Server-7.3.Z-Server:java-1.8.0-ibm-src-1:1.8.0.4.1-1jpp.2.el7.x86_64", "7Workstation-7.3.Z-Workstation:java-1.8.0-ibm-1:1.8.0.4.1-1jpp.2.el7.i686", "7Workstation-7.3.Z-Workstation:java-1.8.0-ibm-1:1.8.0.4.1-1jpp.2.el7.ppc", "7Workstation-7.3.Z-Workstation:java-1.8.0-ibm-1:1.8.0.4.1-1jpp.2.el7.ppc64", "7Workstation-7.3.Z-Workstation:java-1.8.0-ibm-1:1.8.0.4.1-1jpp.2.el7.ppc64le", "7Workstation-7.3.Z-Workstation:java-1.8.0-ibm-1:1.8.0.4.1-1jpp.2.el7.s390", "7Workstation-7.3.Z-Workstation:java-1.8.0-ibm-1:1.8.0.4.1-1jpp.2.el7.s390x", "7Workstation-7.3.Z-Workstation:java-1.8.0-ibm-1:1.8.0.4.1-1jpp.2.el7.x86_64", "7Workstation-7.3.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.4.1-1jpp.2.el7.ppc64", "7Workstation-7.3.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.4.1-1jpp.2.el7.ppc64le", "7Workstation-7.3.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.4.1-1jpp.2.el7.s390x", "7Workstation-7.3.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.4.1-1jpp.2.el7.x86_64", "7Workstation-7.3.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.4.1-1jpp.2.el7.i686", "7Workstation-7.3.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.4.1-1jpp.2.el7.ppc", "7Workstation-7.3.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.4.1-1jpp.2.el7.ppc64", "7Workstation-7.3.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.4.1-1jpp.2.el7.ppc64le", "7Workstation-7.3.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.4.1-1jpp.2.el7.s390", "7Workstation-7.3.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.4.1-1jpp.2.el7.s390x", "7Workstation-7.3.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.4.1-1jpp.2.el7.x86_64", "7Workstation-7.3.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.4.1-1jpp.2.el7.ppc64", "7Workstation-7.3.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.4.1-1jpp.2.el7.ppc64le", "7Workstation-7.3.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.4.1-1jpp.2.el7.s390x", "7Workstation-7.3.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.4.1-1jpp.2.el7.x86_64", "7Workstation-7.3.Z-Workstation:java-1.8.0-ibm-plugin-1:1.8.0.4.1-1jpp.2.el7.ppc64", "7Workstation-7.3.Z-Workstation:java-1.8.0-ibm-plugin-1:1.8.0.4.1-1jpp.2.el7.x86_64", "7Workstation-7.3.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.4.1-1jpp.2.el7.ppc64", "7Workstation-7.3.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.4.1-1jpp.2.el7.ppc64le", "7Workstation-7.3.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.4.1-1jpp.2.el7.s390x", "7Workstation-7.3.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.4.1-1jpp.2.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "SSL/TLS: Birthday attack against 64-bit block ciphers (SWEET32)" } ] }
rhsa-2017_0338
Vulnerability from csaf_redhat
Notes
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Critical" }, "category": "csaf_vex", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "An update for java-1.6.0-ibm is now available for Red Hat Enterprise Linux 5 Supplementary and Red Hat Enterprise Linux 6 Supplementary.\n\nRed Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", "title": "Topic" }, { "category": "general", "text": "IBM Java SE version 6 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit.\n\nThis update upgrades IBM Java SE 6 to version 6 SR16-FP41.\n\nSecurity Fix(es):\n\n* This update fixes multiple vulnerabilities in the IBM Java Runtime Environment and the IBM Java Software Development Kit. Further information about these flaws can be found on the IBM Java Security alerts page, listed in the References section. (CVE-2016-2183, CVE-2016-5546, CVE-2016-5548, CVE-2016-5549, CVE-2016-5552, CVE-2017-3231, CVE-2017-3241, CVE-2017-3252, CVE-2017-3253, CVE-2017-3259, CVE-2017-3261, CVE-2017-3272)", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat offerings.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHSA-2017:0338", "url": "https://access.redhat.com/errata/RHSA-2017:0338" }, { "category": "external", "summary": "https://access.redhat.com/security/updates/classification/#critical", "url": "https://access.redhat.com/security/updates/classification/#critical" }, { "category": "external", "summary": "https://developer.ibm.com/javasdk/support/security-vulnerabilities/", "url": "https://developer.ibm.com/javasdk/support/security-vulnerabilities/" }, { "category": "external", "summary": "1369383", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1369383" }, { "category": "external", "summary": "1413554", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1413554" }, { "category": "external", "summary": "1413583", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1413583" }, { "category": "external", "summary": "1413653", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1413653" }, { "category": "external", "summary": "1413717", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1413717" }, { "category": "external", "summary": "1413882", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1413882" }, { "category": "external", "summary": "1413906", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1413906" }, { "category": "external", "summary": "1413911", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1413911" }, { "category": "external", "summary": "1413920", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1413920" }, { "category": "external", "summary": "1413923", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1413923" }, { "category": "external", "summary": "1413955", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1413955" }, { "category": "external", "summary": "1414163", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1414163" }, { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/data/csaf/v2/advisories/2017/rhsa-2017_0338.json" } ], "title": "Red Hat Security Advisory: java-1.6.0-ibm security update", "tracking": { "current_release_date": "2024-09-13T11:58:20+00:00", "generator": { "date": "2024-09-13T11:58:20+00:00", "engine": { "name": "Red Hat SDEngine", "version": "3.33.3" } }, "id": "RHSA-2017:0338", "initial_release_date": "2017-02-28T08:29:25+00:00", "revision_history": [ { "date": "2017-02-28T08:29:25+00:00", "number": "1", "summary": "Initial version" }, { "date": "2017-02-28T08:29:25+00:00", "number": "2", "summary": "Last updated version" }, { "date": "2024-09-13T11:58:20+00:00", "number": "3", "summary": "Last generated version" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "Red Hat Enterprise Linux Desktop Supplementary (v. 6)", "product": { "name": "Red Hat Enterprise Linux Desktop Supplementary (v. 6)", "product_id": "6Client-Supplementary-6.8.z", "product_identification_helper": { "cpe": "cpe:/a:redhat:rhel_extras:6" } } }, { "category": "product_name", "name": "Red Hat Enterprise Linux HPC Node Supplementary (v. 6)", "product": { "name": "Red Hat Enterprise Linux HPC Node Supplementary (v. 6)", "product_id": "6ComputeNode-Supplementary-6.8.z", "product_identification_helper": { "cpe": "cpe:/a:redhat:rhel_extras:6" } } }, { "category": "product_name", "name": "Red Hat Enterprise Linux Server Supplementary (v. 6)", "product": { "name": "Red Hat Enterprise Linux Server Supplementary (v. 6)", "product_id": "6Server-Supplementary-6.8.z", "product_identification_helper": { "cpe": "cpe:/a:redhat:rhel_extras:6" } } }, { "category": "product_name", "name": "Red Hat Enterprise Linux Workstation Supplementary (v. 6)", "product": { "name": "Red Hat Enterprise Linux Workstation Supplementary (v. 6)", "product_id": "6Workstation-Supplementary-6.8.z", "product_identification_helper": { "cpe": "cpe:/a:redhat:rhel_extras:6" } } }, { "category": "product_name", "name": "Red Hat Enterprise Linux Desktop Supplementary (v. 5)", "product": { "name": "Red Hat Enterprise Linux Desktop Supplementary (v. 5)", "product_id": "5Client-Supplementary-5.11.Z", "product_identification_helper": { "cpe": "cpe:/a:redhat:rhel_extras:5::client" } } }, { "category": "product_name", "name": "Red Hat Enterprise Linux Server Supplementary (v. 5)", "product": { "name": "Red Hat Enterprise Linux Server Supplementary (v. 5)", "product_id": "5Server-Supplementary-5.11.Z", "product_identification_helper": { "cpe": "cpe:/a:redhat:rhel_extras:5::server" } } } ], "category": "product_family", "name": "Red Hat Enterprise Linux Supplementary" }, { "branches": [ { "category": "product_version", "name": "java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "product": { "name": "java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "product_id": "java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-ibm-javacomm@1.6.0.16.41-1jpp.1.el6_8?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "product": { "name": "java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "product_id": "java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-ibm-src@1.6.0.16.41-1jpp.1.el6_8?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "product": { "name": "java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "product_id": "java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-ibm-demo@1.6.0.16.41-1jpp.1.el6_8?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "product": { "name": "java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "product_id": "java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-ibm-jdbc@1.6.0.16.41-1jpp.1.el6_8?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "product": { "name": "java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "product_id": "java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-ibm-devel@1.6.0.16.41-1jpp.1.el6_8?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "product": { "name": "java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "product_id": "java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-ibm@1.6.0.16.41-1jpp.1.el6_8?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "product": { "name": "java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "product_id": "java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-ibm-plugin@1.6.0.16.41-1jpp.1.el6_8?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "product": { "name": "java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "product_id": "java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-ibm-jdbc@1.6.0.16.41-1jpp.1.el5_11?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "product": { "name": "java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "product_id": "java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-ibm@1.6.0.16.41-1jpp.1.el5_11?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "product": { "name": "java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "product_id": "java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-ibm-demo@1.6.0.16.41-1jpp.1.el5_11?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "product": { "name": "java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "product_id": "java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-ibm-plugin@1.6.0.16.41-1jpp.1.el5_11?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "product": { "name": "java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "product_id": "java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-ibm-devel@1.6.0.16.41-1jpp.1.el5_11?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "product": { "name": "java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "product_id": "java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-ibm-javacomm@1.6.0.16.41-1jpp.1.el5_11?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.6.0-ibm-accessibility-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "product": { "name": "java-1.6.0-ibm-accessibility-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "product_id": "java-1.6.0-ibm-accessibility-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-ibm-accessibility@1.6.0.16.41-1jpp.1.el5_11?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "product": { "name": "java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "product_id": "java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-ibm-src@1.6.0.16.41-1jpp.1.el5_11?arch=x86_64\u0026epoch=1" } } } ], "category": "architecture", "name": "x86_64" }, { "branches": [ { "category": "product_version", "name": "java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.i686", "product": { "name": "java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.i686", "product_id": "java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-ibm-javacomm@1.6.0.16.41-1jpp.1.el6_8?arch=i686\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.i686", "product": { "name": "java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.i686", "product_id": "java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-ibm-src@1.6.0.16.41-1jpp.1.el6_8?arch=i686\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.i686", "product": { "name": "java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.i686", "product_id": "java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-ibm-demo@1.6.0.16.41-1jpp.1.el6_8?arch=i686\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.i686", "product": { "name": "java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.i686", "product_id": "java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-ibm-jdbc@1.6.0.16.41-1jpp.1.el6_8?arch=i686\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.i686", "product": { "name": "java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.i686", "product_id": "java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-ibm-devel@1.6.0.16.41-1jpp.1.el6_8?arch=i686\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.i686", "product": { "name": "java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.i686", "product_id": "java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-ibm@1.6.0.16.41-1jpp.1.el6_8?arch=i686\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el6_8.i686", "product": { "name": "java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el6_8.i686", "product_id": "java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el6_8.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-ibm-plugin@1.6.0.16.41-1jpp.1.el6_8?arch=i686\u0026epoch=1" } } } ], "category": "architecture", "name": "i686" }, { "branches": [ { "category": "product_version", "name": "java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "product": { "name": "java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "product_id": "java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-ibm-javacomm@1.6.0.16.41-1jpp.1.el6_8?arch=ppc64\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "product": { "name": "java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "product_id": "java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-ibm-src@1.6.0.16.41-1jpp.1.el6_8?arch=ppc64\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "product": { "name": "java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "product_id": "java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-ibm-demo@1.6.0.16.41-1jpp.1.el6_8?arch=ppc64\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "product": { "name": "java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "product_id": "java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-ibm-jdbc@1.6.0.16.41-1jpp.1.el6_8?arch=ppc64\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "product": { "name": "java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "product_id": "java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-ibm-devel@1.6.0.16.41-1jpp.1.el6_8?arch=ppc64\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "product": { "name": "java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "product_id": "java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-ibm@1.6.0.16.41-1jpp.1.el6_8?arch=ppc64\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "product": { "name": "java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "product_id": "java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-ibm-jdbc@1.6.0.16.41-1jpp.1.el5_11?arch=ppc64\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "product": { "name": "java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "product_id": "java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-ibm@1.6.0.16.41-1jpp.1.el5_11?arch=ppc64\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "product": { "name": "java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "product_id": "java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-ibm-demo@1.6.0.16.41-1jpp.1.el5_11?arch=ppc64\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "product": { "name": "java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "product_id": "java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-ibm-devel@1.6.0.16.41-1jpp.1.el5_11?arch=ppc64\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "product": { "name": "java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "product_id": "java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-ibm-javacomm@1.6.0.16.41-1jpp.1.el5_11?arch=ppc64\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "product": { "name": "java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "product_id": "java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-ibm-src@1.6.0.16.41-1jpp.1.el5_11?arch=ppc64\u0026epoch=1" } } } ], "category": "architecture", "name": "ppc64" }, { "branches": [ { "category": "product_version", "name": "java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "product": { "name": "java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "product_id": "java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-ibm-src@1.6.0.16.41-1jpp.1.el6_8?arch=s390x\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "product": { "name": "java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "product_id": "java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-ibm-demo@1.6.0.16.41-1jpp.1.el6_8?arch=s390x\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "product": { "name": "java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "product_id": "java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-ibm-jdbc@1.6.0.16.41-1jpp.1.el6_8?arch=s390x\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "product": { "name": "java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "product_id": "java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-ibm-devel@1.6.0.16.41-1jpp.1.el6_8?arch=s390x\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "product": { "name": "java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "product_id": "java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-ibm@1.6.0.16.41-1jpp.1.el6_8?arch=s390x\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "product": { "name": "java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "product_id": "java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-ibm-jdbc@1.6.0.16.41-1jpp.1.el5_11?arch=s390x\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "product": { "name": "java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "product_id": "java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-ibm@1.6.0.16.41-1jpp.1.el5_11?arch=s390x\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "product": { "name": "java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "product_id": "java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-ibm-demo@1.6.0.16.41-1jpp.1.el5_11?arch=s390x\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "product": { "name": "java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "product_id": "java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-ibm-devel@1.6.0.16.41-1jpp.1.el5_11?arch=s390x\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.6.0-ibm-accessibility-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "product": { "name": "java-1.6.0-ibm-accessibility-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "product_id": "java-1.6.0-ibm-accessibility-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-ibm-accessibility@1.6.0.16.41-1jpp.1.el5_11?arch=s390x\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "product": { "name": "java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "product_id": "java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-ibm-src@1.6.0.16.41-1jpp.1.el5_11?arch=s390x\u0026epoch=1" } } } ], "category": "architecture", "name": "s390x" }, { "branches": [ { "category": "product_version", "name": "java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.i386", "product": { "name": "java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.i386", "product_id": "java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.i386", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-ibm-jdbc@1.6.0.16.41-1jpp.1.el5_11?arch=i386\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.i386", "product": { "name": "java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.i386", "product_id": "java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.i386", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-ibm@1.6.0.16.41-1jpp.1.el5_11?arch=i386\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.i386", "product": { "name": "java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.i386", "product_id": "java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.i386", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-ibm-demo@1.6.0.16.41-1jpp.1.el5_11?arch=i386\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el5_11.i386", "product": { "name": "java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el5_11.i386", "product_id": "java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el5_11.i386", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-ibm-plugin@1.6.0.16.41-1jpp.1.el5_11?arch=i386\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.i386", "product": { "name": "java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.i386", "product_id": "java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.i386", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-ibm-devel@1.6.0.16.41-1jpp.1.el5_11?arch=i386\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el5_11.i386", "product": { "name": "java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el5_11.i386", "product_id": "java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el5_11.i386", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-ibm-javacomm@1.6.0.16.41-1jpp.1.el5_11?arch=i386\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.i386", "product": { "name": "java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.i386", "product_id": "java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.i386", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-ibm-src@1.6.0.16.41-1jpp.1.el5_11?arch=i386\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.6.0-ibm-accessibility-1:1.6.0.16.41-1jpp.1.el5_11.i386", "product": { "name": "java-1.6.0-ibm-accessibility-1:1.6.0.16.41-1jpp.1.el5_11.i386", "product_id": "java-1.6.0-ibm-accessibility-1:1.6.0.16.41-1jpp.1.el5_11.i386", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-ibm-accessibility@1.6.0.16.41-1jpp.1.el5_11?arch=i386\u0026epoch=1" } } } ], "category": "architecture", "name": "i386" }, { "branches": [ { "category": "product_version", "name": "java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "product": { "name": "java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "product_id": "java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-ibm-jdbc@1.6.0.16.41-1jpp.1.el5_11?arch=ppc\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "product": { "name": "java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "product_id": "java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-ibm@1.6.0.16.41-1jpp.1.el5_11?arch=ppc\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "product": { "name": "java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "product_id": "java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-ibm-demo@1.6.0.16.41-1jpp.1.el5_11?arch=ppc\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "product": { "name": "java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "product_id": "java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-ibm-plugin@1.6.0.16.41-1jpp.1.el5_11?arch=ppc\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "product": { "name": "java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "product_id": "java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-ibm-devel@1.6.0.16.41-1jpp.1.el5_11?arch=ppc\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "product": { "name": "java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "product_id": "java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-ibm-javacomm@1.6.0.16.41-1jpp.1.el5_11?arch=ppc\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.6.0-ibm-accessibility-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "product": { "name": "java-1.6.0-ibm-accessibility-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "product_id": "java-1.6.0-ibm-accessibility-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-ibm-accessibility@1.6.0.16.41-1jpp.1.el5_11?arch=ppc\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "product": { "name": "java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "product_id": "java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-ibm-src@1.6.0.16.41-1jpp.1.el5_11?arch=ppc\u0026epoch=1" } } } ], "category": "architecture", "name": "ppc" }, { "branches": [ { "category": "product_version", "name": "java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.s390", "product": { "name": "java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.s390", "product_id": "java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.s390", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-ibm-jdbc@1.6.0.16.41-1jpp.1.el5_11?arch=s390\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.s390", "product": { "name": "java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.s390", "product_id": "java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.s390", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-ibm@1.6.0.16.41-1jpp.1.el5_11?arch=s390\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.s390", "product": { "name": "java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.s390", "product_id": "java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.s390", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-ibm-demo@1.6.0.16.41-1jpp.1.el5_11?arch=s390\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.s390", "product": { "name": "java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.s390", "product_id": "java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.s390", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-ibm-devel@1.6.0.16.41-1jpp.1.el5_11?arch=s390\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.s390", "product": { "name": "java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.s390", "product_id": "java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.s390", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-ibm-src@1.6.0.16.41-1jpp.1.el5_11?arch=s390\u0026epoch=1" } } } ], "category": "architecture", "name": "s390" } ], "category": "vendor", "name": "Red Hat" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.i386 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)", "product_id": "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.i386" }, "product_reference": "java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.i386", "relates_to_product_reference": "5Client-Supplementary-5.11.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.ppc as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)", "product_id": "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.ppc" }, "product_reference": "java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "relates_to_product_reference": "5Client-Supplementary-5.11.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.ppc64 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)", "product_id": "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.ppc64" }, "product_reference": "java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "relates_to_product_reference": "5Client-Supplementary-5.11.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.s390 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)", "product_id": "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.s390" }, "product_reference": "java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.s390", "relates_to_product_reference": "5Client-Supplementary-5.11.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.s390x as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)", "product_id": "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.s390x" }, "product_reference": "java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "relates_to_product_reference": "5Client-Supplementary-5.11.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.x86_64 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)", "product_id": "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.x86_64" }, "product_reference": "java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "relates_to_product_reference": "5Client-Supplementary-5.11.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-accessibility-1:1.6.0.16.41-1jpp.1.el5_11.i386 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)", "product_id": "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-accessibility-1:1.6.0.16.41-1jpp.1.el5_11.i386" }, "product_reference": "java-1.6.0-ibm-accessibility-1:1.6.0.16.41-1jpp.1.el5_11.i386", "relates_to_product_reference": "5Client-Supplementary-5.11.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-accessibility-1:1.6.0.16.41-1jpp.1.el5_11.ppc as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)", "product_id": "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-accessibility-1:1.6.0.16.41-1jpp.1.el5_11.ppc" }, "product_reference": "java-1.6.0-ibm-accessibility-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "relates_to_product_reference": "5Client-Supplementary-5.11.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-accessibility-1:1.6.0.16.41-1jpp.1.el5_11.s390x as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)", "product_id": "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-accessibility-1:1.6.0.16.41-1jpp.1.el5_11.s390x" }, "product_reference": "java-1.6.0-ibm-accessibility-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "relates_to_product_reference": "5Client-Supplementary-5.11.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-accessibility-1:1.6.0.16.41-1jpp.1.el5_11.x86_64 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)", "product_id": "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-accessibility-1:1.6.0.16.41-1jpp.1.el5_11.x86_64" }, "product_reference": "java-1.6.0-ibm-accessibility-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "relates_to_product_reference": "5Client-Supplementary-5.11.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.i386 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)", "product_id": "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.i386" }, "product_reference": "java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.i386", "relates_to_product_reference": "5Client-Supplementary-5.11.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.ppc as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)", "product_id": "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.ppc" }, "product_reference": "java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "relates_to_product_reference": "5Client-Supplementary-5.11.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.ppc64 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)", "product_id": "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.ppc64" }, "product_reference": "java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "relates_to_product_reference": "5Client-Supplementary-5.11.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.s390 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)", "product_id": "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.s390" }, "product_reference": "java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.s390", "relates_to_product_reference": "5Client-Supplementary-5.11.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.s390x as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)", "product_id": "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.s390x" }, "product_reference": "java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "relates_to_product_reference": "5Client-Supplementary-5.11.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.x86_64 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)", "product_id": "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.x86_64" }, "product_reference": "java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "relates_to_product_reference": "5Client-Supplementary-5.11.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.i386 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)", "product_id": "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.i386" }, "product_reference": "java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.i386", "relates_to_product_reference": "5Client-Supplementary-5.11.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.ppc as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)", "product_id": "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.ppc" }, "product_reference": "java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "relates_to_product_reference": "5Client-Supplementary-5.11.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.ppc64 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)", "product_id": "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.ppc64" }, "product_reference": "java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "relates_to_product_reference": "5Client-Supplementary-5.11.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.s390 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)", "product_id": "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.s390" }, "product_reference": "java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.s390", "relates_to_product_reference": "5Client-Supplementary-5.11.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.s390x as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)", "product_id": "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.s390x" }, "product_reference": "java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "relates_to_product_reference": "5Client-Supplementary-5.11.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.x86_64 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)", "product_id": "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.x86_64" }, "product_reference": "java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "relates_to_product_reference": "5Client-Supplementary-5.11.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el5_11.i386 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)", "product_id": "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el5_11.i386" }, "product_reference": "java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el5_11.i386", "relates_to_product_reference": "5Client-Supplementary-5.11.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el5_11.ppc as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)", "product_id": "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el5_11.ppc" }, "product_reference": "java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "relates_to_product_reference": "5Client-Supplementary-5.11.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el5_11.ppc64 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)", "product_id": "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el5_11.ppc64" }, "product_reference": "java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "relates_to_product_reference": "5Client-Supplementary-5.11.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el5_11.x86_64 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)", "product_id": "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el5_11.x86_64" }, "product_reference": "java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "relates_to_product_reference": "5Client-Supplementary-5.11.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.i386 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)", "product_id": "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.i386" }, "product_reference": "java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.i386", "relates_to_product_reference": "5Client-Supplementary-5.11.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.ppc as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)", "product_id": "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.ppc" }, "product_reference": "java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "relates_to_product_reference": "5Client-Supplementary-5.11.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.ppc64 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)", "product_id": "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.ppc64" }, "product_reference": "java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "relates_to_product_reference": "5Client-Supplementary-5.11.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.s390 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)", "product_id": "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.s390" }, "product_reference": "java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.s390", "relates_to_product_reference": "5Client-Supplementary-5.11.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.s390x as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)", "product_id": "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.s390x" }, "product_reference": "java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "relates_to_product_reference": "5Client-Supplementary-5.11.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.x86_64 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)", "product_id": "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.x86_64" }, "product_reference": "java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "relates_to_product_reference": "5Client-Supplementary-5.11.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el5_11.i386 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)", "product_id": "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el5_11.i386" }, "product_reference": "java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el5_11.i386", "relates_to_product_reference": "5Client-Supplementary-5.11.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el5_11.ppc as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)", "product_id": "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el5_11.ppc" }, "product_reference": "java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "relates_to_product_reference": "5Client-Supplementary-5.11.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el5_11.x86_64 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)", "product_id": "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el5_11.x86_64" }, "product_reference": "java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "relates_to_product_reference": "5Client-Supplementary-5.11.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.i386 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)", "product_id": "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.i386" }, "product_reference": "java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.i386", "relates_to_product_reference": "5Client-Supplementary-5.11.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.ppc as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)", "product_id": "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.ppc" }, "product_reference": "java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "relates_to_product_reference": "5Client-Supplementary-5.11.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.ppc64 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)", "product_id": "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.ppc64" }, "product_reference": "java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "relates_to_product_reference": "5Client-Supplementary-5.11.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.s390 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)", "product_id": "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.s390" }, "product_reference": "java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.s390", "relates_to_product_reference": "5Client-Supplementary-5.11.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.s390x as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)", "product_id": "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.s390x" }, "product_reference": "java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "relates_to_product_reference": "5Client-Supplementary-5.11.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.x86_64 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)", "product_id": "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.x86_64" }, "product_reference": "java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "relates_to_product_reference": "5Client-Supplementary-5.11.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.i386 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)", "product_id": "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.i386" }, "product_reference": "java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.i386", "relates_to_product_reference": "5Server-Supplementary-5.11.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.ppc as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)", "product_id": "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.ppc" }, "product_reference": "java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "relates_to_product_reference": "5Server-Supplementary-5.11.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.ppc64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)", "product_id": "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.ppc64" }, "product_reference": "java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "relates_to_product_reference": "5Server-Supplementary-5.11.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.s390 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)", "product_id": "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.s390" }, "product_reference": "java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.s390", "relates_to_product_reference": "5Server-Supplementary-5.11.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.s390x as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)", "product_id": "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.s390x" }, "product_reference": "java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "relates_to_product_reference": "5Server-Supplementary-5.11.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.x86_64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)", "product_id": "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.x86_64" }, "product_reference": "java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "relates_to_product_reference": "5Server-Supplementary-5.11.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-accessibility-1:1.6.0.16.41-1jpp.1.el5_11.i386 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)", "product_id": "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-accessibility-1:1.6.0.16.41-1jpp.1.el5_11.i386" }, "product_reference": "java-1.6.0-ibm-accessibility-1:1.6.0.16.41-1jpp.1.el5_11.i386", "relates_to_product_reference": "5Server-Supplementary-5.11.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-accessibility-1:1.6.0.16.41-1jpp.1.el5_11.ppc as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)", "product_id": "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-accessibility-1:1.6.0.16.41-1jpp.1.el5_11.ppc" }, "product_reference": "java-1.6.0-ibm-accessibility-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "relates_to_product_reference": "5Server-Supplementary-5.11.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-accessibility-1:1.6.0.16.41-1jpp.1.el5_11.s390x as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)", "product_id": "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-accessibility-1:1.6.0.16.41-1jpp.1.el5_11.s390x" }, "product_reference": "java-1.6.0-ibm-accessibility-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "relates_to_product_reference": "5Server-Supplementary-5.11.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-accessibility-1:1.6.0.16.41-1jpp.1.el5_11.x86_64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)", "product_id": "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-accessibility-1:1.6.0.16.41-1jpp.1.el5_11.x86_64" }, "product_reference": "java-1.6.0-ibm-accessibility-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "relates_to_product_reference": "5Server-Supplementary-5.11.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.i386 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)", "product_id": "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.i386" }, "product_reference": "java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.i386", "relates_to_product_reference": "5Server-Supplementary-5.11.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.ppc as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)", "product_id": "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.ppc" }, "product_reference": "java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "relates_to_product_reference": "5Server-Supplementary-5.11.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.ppc64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)", "product_id": "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.ppc64" }, "product_reference": "java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "relates_to_product_reference": "5Server-Supplementary-5.11.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.s390 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)", "product_id": "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.s390" }, "product_reference": "java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.s390", "relates_to_product_reference": "5Server-Supplementary-5.11.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.s390x as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)", "product_id": "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.s390x" }, "product_reference": "java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "relates_to_product_reference": "5Server-Supplementary-5.11.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.x86_64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)", "product_id": "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.x86_64" }, "product_reference": "java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "relates_to_product_reference": "5Server-Supplementary-5.11.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.i386 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)", "product_id": "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.i386" }, "product_reference": "java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.i386", "relates_to_product_reference": "5Server-Supplementary-5.11.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.ppc as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)", "product_id": "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.ppc" }, "product_reference": "java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "relates_to_product_reference": "5Server-Supplementary-5.11.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.ppc64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)", "product_id": "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.ppc64" }, "product_reference": "java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "relates_to_product_reference": "5Server-Supplementary-5.11.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.s390 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)", "product_id": "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.s390" }, "product_reference": "java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.s390", "relates_to_product_reference": "5Server-Supplementary-5.11.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.s390x as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)", "product_id": "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.s390x" }, "product_reference": "java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "relates_to_product_reference": "5Server-Supplementary-5.11.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.x86_64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)", "product_id": "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.x86_64" }, "product_reference": "java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "relates_to_product_reference": "5Server-Supplementary-5.11.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el5_11.i386 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)", "product_id": "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el5_11.i386" }, "product_reference": "java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el5_11.i386", "relates_to_product_reference": "5Server-Supplementary-5.11.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el5_11.ppc as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)", "product_id": "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el5_11.ppc" }, "product_reference": "java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "relates_to_product_reference": "5Server-Supplementary-5.11.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el5_11.ppc64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)", "product_id": "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el5_11.ppc64" }, "product_reference": "java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "relates_to_product_reference": "5Server-Supplementary-5.11.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el5_11.x86_64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)", "product_id": "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el5_11.x86_64" }, "product_reference": "java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "relates_to_product_reference": "5Server-Supplementary-5.11.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.i386 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)", "product_id": "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.i386" }, "product_reference": "java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.i386", "relates_to_product_reference": "5Server-Supplementary-5.11.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.ppc as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)", "product_id": "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.ppc" }, "product_reference": "java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "relates_to_product_reference": "5Server-Supplementary-5.11.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.ppc64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)", "product_id": "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.ppc64" }, "product_reference": "java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "relates_to_product_reference": "5Server-Supplementary-5.11.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.s390 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)", "product_id": "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.s390" }, "product_reference": "java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.s390", "relates_to_product_reference": "5Server-Supplementary-5.11.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.s390x as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)", "product_id": "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.s390x" }, "product_reference": "java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "relates_to_product_reference": "5Server-Supplementary-5.11.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.x86_64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)", "product_id": "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.x86_64" }, "product_reference": "java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "relates_to_product_reference": "5Server-Supplementary-5.11.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el5_11.i386 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)", "product_id": "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el5_11.i386" }, "product_reference": "java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el5_11.i386", "relates_to_product_reference": "5Server-Supplementary-5.11.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el5_11.ppc as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)", "product_id": "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el5_11.ppc" }, "product_reference": "java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "relates_to_product_reference": "5Server-Supplementary-5.11.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el5_11.x86_64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)", "product_id": "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el5_11.x86_64" }, "product_reference": "java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "relates_to_product_reference": "5Server-Supplementary-5.11.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.i386 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)", "product_id": "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.i386" }, "product_reference": "java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.i386", "relates_to_product_reference": "5Server-Supplementary-5.11.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.ppc as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)", "product_id": "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.ppc" }, "product_reference": "java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "relates_to_product_reference": "5Server-Supplementary-5.11.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.ppc64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)", "product_id": "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.ppc64" }, "product_reference": "java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "relates_to_product_reference": "5Server-Supplementary-5.11.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.s390 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)", "product_id": "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.s390" }, "product_reference": "java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.s390", "relates_to_product_reference": "5Server-Supplementary-5.11.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.s390x as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)", "product_id": "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.s390x" }, "product_reference": "java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "relates_to_product_reference": "5Server-Supplementary-5.11.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.x86_64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)", "product_id": "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.x86_64" }, "product_reference": "java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "relates_to_product_reference": "5Server-Supplementary-5.11.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.i686 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 6)", "product_id": "6Client-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.i686" }, "product_reference": "java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.i686", "relates_to_product_reference": "6Client-Supplementary-6.8.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.ppc64 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 6)", "product_id": "6Client-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.ppc64" }, "product_reference": "java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "relates_to_product_reference": "6Client-Supplementary-6.8.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.s390x as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 6)", "product_id": "6Client-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.s390x" }, "product_reference": "java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "relates_to_product_reference": "6Client-Supplementary-6.8.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.x86_64 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 6)", "product_id": "6Client-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.x86_64" }, "product_reference": "java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "relates_to_product_reference": "6Client-Supplementary-6.8.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.i686 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 6)", "product_id": "6Client-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.i686" }, "product_reference": "java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.i686", "relates_to_product_reference": "6Client-Supplementary-6.8.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.ppc64 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 6)", "product_id": "6Client-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.ppc64" }, "product_reference": "java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "relates_to_product_reference": "6Client-Supplementary-6.8.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.s390x as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 6)", "product_id": "6Client-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.s390x" }, "product_reference": "java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "relates_to_product_reference": "6Client-Supplementary-6.8.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.x86_64 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 6)", "product_id": "6Client-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.x86_64" }, "product_reference": "java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "relates_to_product_reference": "6Client-Supplementary-6.8.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.i686 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 6)", "product_id": "6Client-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.i686" }, "product_reference": "java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.i686", "relates_to_product_reference": "6Client-Supplementary-6.8.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.ppc64 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 6)", "product_id": "6Client-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.ppc64" }, "product_reference": "java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "relates_to_product_reference": "6Client-Supplementary-6.8.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.s390x as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 6)", "product_id": "6Client-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.s390x" }, "product_reference": "java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "relates_to_product_reference": "6Client-Supplementary-6.8.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.x86_64 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 6)", "product_id": "6Client-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.x86_64" }, "product_reference": "java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "relates_to_product_reference": "6Client-Supplementary-6.8.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.i686 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 6)", "product_id": "6Client-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.i686" }, "product_reference": "java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.i686", "relates_to_product_reference": "6Client-Supplementary-6.8.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.ppc64 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 6)", "product_id": "6Client-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.ppc64" }, "product_reference": "java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "relates_to_product_reference": "6Client-Supplementary-6.8.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.x86_64 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 6)", "product_id": "6Client-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.x86_64" }, "product_reference": "java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "relates_to_product_reference": "6Client-Supplementary-6.8.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.i686 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 6)", "product_id": "6Client-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.i686" }, "product_reference": "java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.i686", "relates_to_product_reference": "6Client-Supplementary-6.8.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.ppc64 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 6)", "product_id": "6Client-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.ppc64" }, "product_reference": "java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "relates_to_product_reference": "6Client-Supplementary-6.8.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.s390x as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 6)", "product_id": "6Client-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.s390x" }, "product_reference": "java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "relates_to_product_reference": "6Client-Supplementary-6.8.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.x86_64 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 6)", "product_id": "6Client-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.x86_64" }, "product_reference": "java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "relates_to_product_reference": "6Client-Supplementary-6.8.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el6_8.i686 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 6)", "product_id": "6Client-Supplementary-6.8.z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el6_8.i686" }, "product_reference": "java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el6_8.i686", "relates_to_product_reference": "6Client-Supplementary-6.8.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el6_8.x86_64 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 6)", "product_id": "6Client-Supplementary-6.8.z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el6_8.x86_64" }, "product_reference": "java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "relates_to_product_reference": "6Client-Supplementary-6.8.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.i686 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 6)", "product_id": "6Client-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.i686" }, "product_reference": "java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.i686", "relates_to_product_reference": "6Client-Supplementary-6.8.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.ppc64 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 6)", "product_id": "6Client-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.ppc64" }, "product_reference": "java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "relates_to_product_reference": "6Client-Supplementary-6.8.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.s390x as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 6)", "product_id": "6Client-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.s390x" }, "product_reference": "java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "relates_to_product_reference": "6Client-Supplementary-6.8.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.x86_64 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 6)", "product_id": "6Client-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.x86_64" }, "product_reference": "java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "relates_to_product_reference": "6Client-Supplementary-6.8.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.i686 as a component of Red Hat Enterprise Linux HPC Node Supplementary (v. 6)", "product_id": "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.i686" }, "product_reference": "java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.i686", "relates_to_product_reference": "6ComputeNode-Supplementary-6.8.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.ppc64 as a component of Red Hat Enterprise Linux HPC Node Supplementary (v. 6)", "product_id": "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.ppc64" }, "product_reference": "java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "relates_to_product_reference": "6ComputeNode-Supplementary-6.8.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.s390x as a component of Red Hat Enterprise Linux HPC Node Supplementary (v. 6)", "product_id": "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.s390x" }, "product_reference": "java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "relates_to_product_reference": "6ComputeNode-Supplementary-6.8.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.x86_64 as a component of Red Hat Enterprise Linux HPC Node Supplementary (v. 6)", "product_id": "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.x86_64" }, "product_reference": "java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "relates_to_product_reference": "6ComputeNode-Supplementary-6.8.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.i686 as a component of Red Hat Enterprise Linux HPC Node Supplementary (v. 6)", "product_id": "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.i686" }, "product_reference": "java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.i686", "relates_to_product_reference": "6ComputeNode-Supplementary-6.8.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.ppc64 as a component of Red Hat Enterprise Linux HPC Node Supplementary (v. 6)", "product_id": "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.ppc64" }, "product_reference": "java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "relates_to_product_reference": "6ComputeNode-Supplementary-6.8.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.s390x as a component of Red Hat Enterprise Linux HPC Node Supplementary (v. 6)", "product_id": "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.s390x" }, "product_reference": "java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "relates_to_product_reference": "6ComputeNode-Supplementary-6.8.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.x86_64 as a component of Red Hat Enterprise Linux HPC Node Supplementary (v. 6)", "product_id": "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.x86_64" }, "product_reference": "java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "relates_to_product_reference": "6ComputeNode-Supplementary-6.8.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.i686 as a component of Red Hat Enterprise Linux HPC Node Supplementary (v. 6)", "product_id": "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.i686" }, "product_reference": "java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.i686", "relates_to_product_reference": "6ComputeNode-Supplementary-6.8.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.ppc64 as a component of Red Hat Enterprise Linux HPC Node Supplementary (v. 6)", "product_id": "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.ppc64" }, "product_reference": "java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "relates_to_product_reference": "6ComputeNode-Supplementary-6.8.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.s390x as a component of Red Hat Enterprise Linux HPC Node Supplementary (v. 6)", "product_id": "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.s390x" }, "product_reference": "java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "relates_to_product_reference": "6ComputeNode-Supplementary-6.8.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.x86_64 as a component of Red Hat Enterprise Linux HPC Node Supplementary (v. 6)", "product_id": "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.x86_64" }, "product_reference": "java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "relates_to_product_reference": "6ComputeNode-Supplementary-6.8.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.i686 as a component of Red Hat Enterprise Linux HPC Node Supplementary (v. 6)", "product_id": "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.i686" }, "product_reference": "java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.i686", "relates_to_product_reference": "6ComputeNode-Supplementary-6.8.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.ppc64 as a component of Red Hat Enterprise Linux HPC Node Supplementary (v. 6)", "product_id": "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.ppc64" }, "product_reference": "java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "relates_to_product_reference": "6ComputeNode-Supplementary-6.8.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.x86_64 as a component of Red Hat Enterprise Linux HPC Node Supplementary (v. 6)", "product_id": "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.x86_64" }, "product_reference": "java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "relates_to_product_reference": "6ComputeNode-Supplementary-6.8.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.i686 as a component of Red Hat Enterprise Linux HPC Node Supplementary (v. 6)", "product_id": "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.i686" }, "product_reference": "java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.i686", "relates_to_product_reference": "6ComputeNode-Supplementary-6.8.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.ppc64 as a component of Red Hat Enterprise Linux HPC Node Supplementary (v. 6)", "product_id": "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.ppc64" }, "product_reference": "java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "relates_to_product_reference": "6ComputeNode-Supplementary-6.8.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.s390x as a component of Red Hat Enterprise Linux HPC Node Supplementary (v. 6)", "product_id": "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.s390x" }, "product_reference": "java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "relates_to_product_reference": "6ComputeNode-Supplementary-6.8.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.x86_64 as a component of Red Hat Enterprise Linux HPC Node Supplementary (v. 6)", "product_id": "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.x86_64" }, "product_reference": "java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "relates_to_product_reference": "6ComputeNode-Supplementary-6.8.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el6_8.i686 as a component of Red Hat Enterprise Linux HPC Node Supplementary (v. 6)", "product_id": "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el6_8.i686" }, "product_reference": "java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el6_8.i686", "relates_to_product_reference": "6ComputeNode-Supplementary-6.8.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el6_8.x86_64 as a component of Red Hat Enterprise Linux HPC Node Supplementary (v. 6)", "product_id": "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el6_8.x86_64" }, "product_reference": "java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "relates_to_product_reference": "6ComputeNode-Supplementary-6.8.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.i686 as a component of Red Hat Enterprise Linux HPC Node Supplementary (v. 6)", "product_id": "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.i686" }, "product_reference": "java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.i686", "relates_to_product_reference": "6ComputeNode-Supplementary-6.8.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.ppc64 as a component of Red Hat Enterprise Linux HPC Node Supplementary (v. 6)", "product_id": "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.ppc64" }, "product_reference": "java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "relates_to_product_reference": "6ComputeNode-Supplementary-6.8.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.s390x as a component of Red Hat Enterprise Linux HPC Node Supplementary (v. 6)", "product_id": "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.s390x" }, "product_reference": "java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "relates_to_product_reference": "6ComputeNode-Supplementary-6.8.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.x86_64 as a component of Red Hat Enterprise Linux HPC Node Supplementary (v. 6)", "product_id": "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.x86_64" }, "product_reference": "java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "relates_to_product_reference": "6ComputeNode-Supplementary-6.8.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.i686 as a component of Red Hat Enterprise Linux Server Supplementary (v. 6)", "product_id": "6Server-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.i686" }, "product_reference": "java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.i686", "relates_to_product_reference": "6Server-Supplementary-6.8.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.ppc64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 6)", "product_id": "6Server-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.ppc64" }, "product_reference": "java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "relates_to_product_reference": "6Server-Supplementary-6.8.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.s390x as a component of Red Hat Enterprise Linux Server Supplementary (v. 6)", "product_id": "6Server-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.s390x" }, "product_reference": "java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "relates_to_product_reference": "6Server-Supplementary-6.8.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.x86_64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 6)", "product_id": "6Server-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.x86_64" }, "product_reference": "java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "relates_to_product_reference": "6Server-Supplementary-6.8.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.i686 as a component of Red Hat Enterprise Linux Server Supplementary (v. 6)", "product_id": "6Server-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.i686" }, "product_reference": "java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.i686", "relates_to_product_reference": "6Server-Supplementary-6.8.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.ppc64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 6)", "product_id": "6Server-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.ppc64" }, "product_reference": "java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "relates_to_product_reference": "6Server-Supplementary-6.8.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.s390x as a component of Red Hat Enterprise Linux Server Supplementary (v. 6)", "product_id": "6Server-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.s390x" }, "product_reference": "java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "relates_to_product_reference": "6Server-Supplementary-6.8.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.x86_64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 6)", "product_id": "6Server-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.x86_64" }, "product_reference": "java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "relates_to_product_reference": "6Server-Supplementary-6.8.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.i686 as a component of Red Hat Enterprise Linux Server Supplementary (v. 6)", "product_id": "6Server-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.i686" }, "product_reference": "java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.i686", "relates_to_product_reference": "6Server-Supplementary-6.8.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.ppc64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 6)", "product_id": "6Server-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.ppc64" }, "product_reference": "java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "relates_to_product_reference": "6Server-Supplementary-6.8.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.s390x as a component of Red Hat Enterprise Linux Server Supplementary (v. 6)", "product_id": "6Server-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.s390x" }, "product_reference": "java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "relates_to_product_reference": "6Server-Supplementary-6.8.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.x86_64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 6)", "product_id": "6Server-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.x86_64" }, "product_reference": "java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "relates_to_product_reference": "6Server-Supplementary-6.8.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.i686 as a component of Red Hat Enterprise Linux Server Supplementary (v. 6)", "product_id": "6Server-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.i686" }, "product_reference": "java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.i686", "relates_to_product_reference": "6Server-Supplementary-6.8.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.ppc64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 6)", "product_id": "6Server-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.ppc64" }, "product_reference": "java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "relates_to_product_reference": "6Server-Supplementary-6.8.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.x86_64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 6)", "product_id": "6Server-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.x86_64" }, "product_reference": "java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "relates_to_product_reference": "6Server-Supplementary-6.8.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.i686 as a component of Red Hat Enterprise Linux Server Supplementary (v. 6)", "product_id": "6Server-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.i686" }, "product_reference": "java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.i686", "relates_to_product_reference": "6Server-Supplementary-6.8.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.ppc64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 6)", "product_id": "6Server-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.ppc64" }, "product_reference": "java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "relates_to_product_reference": "6Server-Supplementary-6.8.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.s390x as a component of Red Hat Enterprise Linux Server Supplementary (v. 6)", "product_id": "6Server-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.s390x" }, "product_reference": "java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "relates_to_product_reference": "6Server-Supplementary-6.8.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.x86_64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 6)", "product_id": "6Server-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.x86_64" }, "product_reference": "java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "relates_to_product_reference": "6Server-Supplementary-6.8.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el6_8.i686 as a component of Red Hat Enterprise Linux Server Supplementary (v. 6)", "product_id": "6Server-Supplementary-6.8.z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el6_8.i686" }, "product_reference": "java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el6_8.i686", "relates_to_product_reference": "6Server-Supplementary-6.8.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el6_8.x86_64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 6)", "product_id": "6Server-Supplementary-6.8.z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el6_8.x86_64" }, "product_reference": "java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "relates_to_product_reference": "6Server-Supplementary-6.8.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.i686 as a component of Red Hat Enterprise Linux Server Supplementary (v. 6)", "product_id": "6Server-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.i686" }, "product_reference": "java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.i686", "relates_to_product_reference": "6Server-Supplementary-6.8.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.ppc64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 6)", "product_id": "6Server-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.ppc64" }, "product_reference": "java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "relates_to_product_reference": "6Server-Supplementary-6.8.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.s390x as a component of Red Hat Enterprise Linux Server Supplementary (v. 6)", "product_id": "6Server-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.s390x" }, "product_reference": "java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "relates_to_product_reference": "6Server-Supplementary-6.8.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.x86_64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 6)", "product_id": "6Server-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.x86_64" }, "product_reference": "java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "relates_to_product_reference": "6Server-Supplementary-6.8.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.i686 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 6)", "product_id": "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.i686" }, "product_reference": "java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.i686", "relates_to_product_reference": "6Workstation-Supplementary-6.8.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.ppc64 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 6)", "product_id": "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.ppc64" }, "product_reference": "java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "relates_to_product_reference": "6Workstation-Supplementary-6.8.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.s390x as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 6)", "product_id": "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.s390x" }, "product_reference": "java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "relates_to_product_reference": "6Workstation-Supplementary-6.8.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.x86_64 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 6)", "product_id": "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.x86_64" }, "product_reference": "java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "relates_to_product_reference": "6Workstation-Supplementary-6.8.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.i686 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 6)", "product_id": "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.i686" }, "product_reference": "java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.i686", "relates_to_product_reference": "6Workstation-Supplementary-6.8.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.ppc64 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 6)", "product_id": "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.ppc64" }, "product_reference": "java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "relates_to_product_reference": "6Workstation-Supplementary-6.8.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.s390x as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 6)", "product_id": "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.s390x" }, "product_reference": "java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "relates_to_product_reference": "6Workstation-Supplementary-6.8.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.x86_64 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 6)", "product_id": "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.x86_64" }, "product_reference": "java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "relates_to_product_reference": "6Workstation-Supplementary-6.8.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.i686 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 6)", "product_id": "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.i686" }, "product_reference": "java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.i686", "relates_to_product_reference": "6Workstation-Supplementary-6.8.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.ppc64 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 6)", "product_id": "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.ppc64" }, "product_reference": "java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "relates_to_product_reference": "6Workstation-Supplementary-6.8.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.s390x as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 6)", "product_id": "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.s390x" }, "product_reference": "java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "relates_to_product_reference": "6Workstation-Supplementary-6.8.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.x86_64 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 6)", "product_id": "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.x86_64" }, "product_reference": "java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "relates_to_product_reference": "6Workstation-Supplementary-6.8.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.i686 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 6)", "product_id": "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.i686" }, "product_reference": "java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.i686", "relates_to_product_reference": "6Workstation-Supplementary-6.8.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.ppc64 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 6)", "product_id": "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.ppc64" }, "product_reference": "java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "relates_to_product_reference": "6Workstation-Supplementary-6.8.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.x86_64 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 6)", "product_id": "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.x86_64" }, "product_reference": "java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "relates_to_product_reference": "6Workstation-Supplementary-6.8.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.i686 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 6)", "product_id": "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.i686" }, "product_reference": "java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.i686", "relates_to_product_reference": "6Workstation-Supplementary-6.8.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.ppc64 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 6)", "product_id": "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.ppc64" }, "product_reference": "java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "relates_to_product_reference": "6Workstation-Supplementary-6.8.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.s390x as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 6)", "product_id": "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.s390x" }, "product_reference": "java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "relates_to_product_reference": "6Workstation-Supplementary-6.8.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.x86_64 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 6)", "product_id": "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.x86_64" }, "product_reference": "java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "relates_to_product_reference": "6Workstation-Supplementary-6.8.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el6_8.i686 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 6)", "product_id": "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el6_8.i686" }, "product_reference": "java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el6_8.i686", "relates_to_product_reference": "6Workstation-Supplementary-6.8.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el6_8.x86_64 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 6)", "product_id": "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el6_8.x86_64" }, "product_reference": "java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "relates_to_product_reference": "6Workstation-Supplementary-6.8.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.i686 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 6)", "product_id": "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.i686" }, "product_reference": "java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.i686", "relates_to_product_reference": "6Workstation-Supplementary-6.8.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.ppc64 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 6)", "product_id": "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.ppc64" }, "product_reference": "java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "relates_to_product_reference": "6Workstation-Supplementary-6.8.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.s390x as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 6)", "product_id": "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.s390x" }, "product_reference": "java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "relates_to_product_reference": "6Workstation-Supplementary-6.8.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.x86_64 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 6)", "product_id": "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.x86_64" }, "product_reference": "java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "relates_to_product_reference": "6Workstation-Supplementary-6.8.z" } ] }, "vulnerabilities": [ { "acknowledgments": [ { "names": [ "OpenVPN" ] }, { "names": [ "Karthikeyan Bhargavan", "Ga\u00ebtan Leurent" ], "organization": "Inria", "summary": "Acknowledged by upstream." } ], "cve": "CVE-2016-2183", "cwe": { "id": "CWE-327", "name": "Use of a Broken or Risky Cryptographic Algorithm" }, "discovery_date": "2016-08-18T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1369383" } ], "notes": [ { "category": "description", "text": "A flaw was found in the way the DES/3DES cipher was used as part of the TLS/SSL protocol. A man-in-the-middle attacker could use this flaw to recover some plaintext data by capturing large amounts of encrypted traffic between TLS/SSL server and client if the communication used a DES/3DES based ciphersuite.", "title": "Vulnerability description" }, { "category": "summary", "text": "SSL/TLS: Birthday attack against 64-bit block ciphers (SWEET32)", "title": "Vulnerability summary" }, { "category": "other", "text": "OpenSSL security update RHSA-2016:1940 mitigates this issue by lowering priority of DES cipher suites so they are not preferred over cipher suites using AES. For compatibility reasons, DES cipher suites remain enabled by default and included in the set of cipher suites identified by the HIGH cipher string. Future updates may move them to MEDIUM or not enable them by default.\n\nNSS addressed this issue by implementing limits on the amount of plain text which can be encrypted by using the same key. Once the limit is reached, the keys will need to be re-negotiated manually. This change will be available in nss-3.27.\n\nGnuTLS is not affected by this issue, since it prioritizes AES before 3DES in the cipher list.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-accessibility-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-accessibility-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-accessibility-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-accessibility-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-accessibility-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-accessibility-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-accessibility-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-accessibility-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2016-2183" }, { "category": "external", "summary": "RHBZ#1369383", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1369383" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2016-2183", "url": "https://www.cve.org/CVERecord?id=CVE-2016-2183" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-2183", "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-2183" }, { "category": "external", "summary": "https://access.redhat.com/articles/2548661", "url": "https://access.redhat.com/articles/2548661" }, { "category": "external", "summary": "https://access.redhat.com/errata/RHSA-2016:1940", "url": "https://access.redhat.com/errata/RHSA-2016:1940" }, { "category": "external", "summary": "https://sweet32.info/", "url": "https://sweet32.info/" } ], "release_date": "2016-08-24T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of IBM Java must be restarted for this update to take effect.", "product_ids": [ "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-accessibility-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-accessibility-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-accessibility-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-accessibility-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-accessibility-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-accessibility-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-accessibility-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-accessibility-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2017:0338" }, { "category": "workaround", "details": "1.SSL/TLS configurations should prefer AES over DES. Versions of OpenSSL shipped with Red Hat Enterprise Linux 6 and 7 already do so. In the version of OpenSSL shipped with Red Hat Enterprise Linux 5, 3DES is listed below the AES-256 cipher and above the AES-128 cipher, therefore AES-256 based ciphersuite should not be disabled on the server.\n2. Servers using OpenSSL, should not disable AES-128 and AES-256 ciphersuites. Versions of Apache shipped with Red Hat Enterprise Linux use the default cipher string, in which AES is preferred over DES/3DES based ciphersuites.\n\nFor JBoss Middleware, and Java mitigations, please review this knowledge base article:\n\nhttps://access.redhat.com/articles/2598471\n\nThis can be mitigated on OpenShift Container Platform (OCP) by disabling the vulnerable TLS cipher suite in the applicable component. TLS configuration options for OCP are described here:\n\nhttps://access.redhat.com/articles/5348961", "product_ids": [ "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-accessibility-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-accessibility-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-accessibility-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-accessibility-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-accessibility-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-accessibility-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-accessibility-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-accessibility-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.x86_64" ] } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0" }, "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.0" }, "products": [ "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-accessibility-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-accessibility-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-accessibility-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-accessibility-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-accessibility-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-accessibility-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-accessibility-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-accessibility-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "SSL/TLS: Birthday attack against 64-bit block ciphers (SWEET32)" }, { "cve": "CVE-2016-5546", "cwe": { "id": "CWE-20", "name": "Improper Input Validation" }, "discovery_date": "2017-01-15T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1413911" } ], "notes": [ { "category": "description", "text": "It was discovered that the Libraries component of OpenJDK accepted ECDSA signatures using non-canonical DER encoding. This could cause a Java application to accept signature in an incorrect format not accepted by other cryptographic tools.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: incorrect ECDSA signature extraction from the DER input (Libraries, 8168714)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-accessibility-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-accessibility-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-accessibility-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-accessibility-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-accessibility-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-accessibility-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-accessibility-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-accessibility-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2016-5546" }, { "category": "external", "summary": "RHBZ#1413911", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1413911" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2016-5546", "url": "https://www.cve.org/CVERecord?id=CVE-2016-5546" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-5546", "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-5546" } ], "release_date": "2017-01-17T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of IBM Java must be restarted for this update to take effect.", "product_ids": [ "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-accessibility-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-accessibility-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-accessibility-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-accessibility-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-accessibility-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-accessibility-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-accessibility-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-accessibility-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2017:0338" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.0" }, "products": [ "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-accessibility-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-accessibility-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-accessibility-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-accessibility-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-accessibility-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-accessibility-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-accessibility-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-accessibility-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "OpenJDK: incorrect ECDSA signature extraction from the DER input (Libraries, 8168714)" }, { "cve": "CVE-2016-5548", "cwe": { "id": "CWE-385", "name": "Covert Timing Channel" }, "discovery_date": "2017-01-15T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1413920" } ], "notes": [ { "category": "description", "text": "A covert timing channel flaw was found in the DSA implementation in the Libraries component of OpenJDK. A remote attacker could possibly use this flaw to extract certain information about the used key via a timing side channel.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: DSA implementation timing attack (Libraries, 8168728)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-accessibility-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-accessibility-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-accessibility-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-accessibility-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-accessibility-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-accessibility-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-accessibility-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-accessibility-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2016-5548" }, { "category": "external", "summary": "RHBZ#1413920", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1413920" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2016-5548", "url": "https://www.cve.org/CVERecord?id=CVE-2016-5548" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-5548", "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-5548" } ], "release_date": "2017-01-17T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of IBM Java must be restarted for this update to take effect.", "product_ids": [ "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-accessibility-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-accessibility-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-accessibility-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-accessibility-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-accessibility-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-accessibility-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-accessibility-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-accessibility-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2017:0338" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", "version": "3.0" }, "products": [ "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-accessibility-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-accessibility-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-accessibility-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-accessibility-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-accessibility-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-accessibility-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-accessibility-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-accessibility-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "OpenJDK: DSA implementation timing attack (Libraries, 8168728)" }, { "cve": "CVE-2016-5549", "cwe": { "id": "CWE-385", "name": "Covert Timing Channel" }, "discovery_date": "2017-01-15T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1413923" } ], "notes": [ { "category": "description", "text": "Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Libraries). Supported versions that are affected are Java SE: 7u121 and 8u112; Java SE Embedded: 8u111. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Java SE, Java SE Embedded accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS v3.0 Base Score 6.5 (Confidentiality impacts).", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: ECDSA implementation timing attack (Libraries, 8168724)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-accessibility-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-accessibility-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-accessibility-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-accessibility-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-accessibility-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-accessibility-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-accessibility-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-accessibility-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2016-5549" }, { "category": "external", "summary": "RHBZ#1413923", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1413923" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2016-5549", "url": "https://www.cve.org/CVERecord?id=CVE-2016-5549" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-5549", "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-5549" } ], "release_date": "2017-01-17T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of IBM Java must be restarted for this update to take effect.", "product_ids": [ "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-accessibility-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-accessibility-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-accessibility-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-accessibility-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-accessibility-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-accessibility-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-accessibility-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-accessibility-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2017:0338" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", "version": "3.0" }, "products": [ "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-accessibility-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-accessibility-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-accessibility-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-accessibility-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-accessibility-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-accessibility-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-accessibility-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-accessibility-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "OpenJDK: ECDSA implementation timing attack (Libraries, 8168724)" }, { "cve": "CVE-2016-5552", "cwe": { "id": "CWE-20", "name": "Improper Input Validation" }, "discovery_date": "2017-01-15T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1413882" } ], "notes": [ { "category": "description", "text": "It was discovered that the Networking component of OpenJDK failed to properly parse user info from the URL. A remote attacker could cause a Java application to incorrectly parse an attacker supplied URL and interpret it differently from other applications processing the same URL.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: incorrect URL parsing in URLStreamHandler (Networking, 8167223)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-accessibility-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-accessibility-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-accessibility-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-accessibility-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-accessibility-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-accessibility-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-accessibility-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-accessibility-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2016-5552" }, { "category": "external", "summary": "RHBZ#1413882", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1413882" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2016-5552", "url": "https://www.cve.org/CVERecord?id=CVE-2016-5552" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-5552", "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-5552" } ], "release_date": "2017-01-17T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of IBM Java must be restarted for this update to take effect.", "product_ids": [ "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-accessibility-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-accessibility-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-accessibility-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-accessibility-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-accessibility-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-accessibility-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-accessibility-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-accessibility-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2017:0338" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", "version": "3.0" }, "products": [ "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-accessibility-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-accessibility-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-accessibility-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-accessibility-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-accessibility-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-accessibility-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-accessibility-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-accessibility-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "OpenJDK: incorrect URL parsing in URLStreamHandler (Networking, 8167223)" }, { "cve": "CVE-2017-3231", "discovery_date": "2017-01-15T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1413717" } ], "notes": [ { "category": "description", "text": "Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Networking). Supported versions that are affected are Java SE: 6u131, 7u121 and 8u112; Java SE Embedded: 8u111. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Java SE, Java SE Embedded accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS v3.0 Base Score 4.3 (Confidentiality impacts).", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: URLClassLoader insufficient access control checks (Networking, 8151934)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-accessibility-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-accessibility-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-accessibility-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-accessibility-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-accessibility-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-accessibility-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-accessibility-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-accessibility-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2017-3231" }, { "category": "external", "summary": "RHBZ#1413717", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1413717" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2017-3231", "url": "https://www.cve.org/CVERecord?id=CVE-2017-3231" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-3231", "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-3231" } ], "release_date": "2017-01-17T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of IBM Java must be restarted for this update to take effect.", "product_ids": [ "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-accessibility-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-accessibility-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-accessibility-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-accessibility-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-accessibility-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-accessibility-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-accessibility-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-accessibility-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2017:0338" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 4.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N", "version": "3.0" }, "products": [ "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-accessibility-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-accessibility-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-accessibility-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-accessibility-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-accessibility-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-accessibility-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-accessibility-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-accessibility-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "OpenJDK: URLClassLoader insufficient access control checks (Networking, 8151934)" }, { "cve": "CVE-2017-3241", "cwe": { "id": "CWE-502", "name": "Deserialization of Untrusted Data" }, "discovery_date": "2017-01-15T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1413955" } ], "notes": [ { "category": "description", "text": "It was discovered that the RMI registry and DCG implementations in the RMI component of OpenJDK performed deserialization of untrusted inputs. A remote attacker could possibly use this flaw to execute arbitrary code with the privileges of RMI registry or a Java RMI application.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: untrusted input deserialization in RMI registry and DCG (RMI, 8156802)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-accessibility-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-accessibility-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-accessibility-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-accessibility-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-accessibility-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-accessibility-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-accessibility-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-accessibility-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2017-3241" }, { "category": "external", "summary": "RHBZ#1413955", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1413955" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2017-3241", "url": "https://www.cve.org/CVERecord?id=CVE-2017-3241" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-3241", "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-3241" } ], "release_date": "2017-01-17T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of IBM Java must be restarted for this update to take effect.", "product_ids": [ "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-accessibility-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-accessibility-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-accessibility-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-accessibility-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-accessibility-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-accessibility-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-accessibility-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-accessibility-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2017:0338" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" }, "products": [ "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-accessibility-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-accessibility-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-accessibility-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-accessibility-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-accessibility-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-accessibility-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-accessibility-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-accessibility-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Critical" } ], "title": "OpenJDK: untrusted input deserialization in RMI registry and DCG (RMI, 8156802)" }, { "cve": "CVE-2017-3252", "cwe": { "id": "CWE-20", "name": "Improper Input Validation" }, "discovery_date": "2017-01-15T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1413906" } ], "notes": [ { "category": "description", "text": "It was discovered that the JAAS component of OpenJDK did not use the correct way to extract user DN from the result of the user search LDAP query. A specially crafted user LDAP entry could cause the application to use an incorrect DN.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: LdapLoginModule incorrect userDN extraction (JAAS, 8161743)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-accessibility-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-accessibility-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-accessibility-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-accessibility-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-accessibility-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-accessibility-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-accessibility-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-accessibility-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2017-3252" }, { "category": "external", "summary": "RHBZ#1413906", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1413906" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2017-3252", "url": "https://www.cve.org/CVERecord?id=CVE-2017-3252" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-3252", "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-3252" } ], "release_date": "2017-01-17T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of IBM Java must be restarted for this update to take effect.", "product_ids": [ "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-accessibility-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-accessibility-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-accessibility-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-accessibility-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-accessibility-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-accessibility-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-accessibility-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-accessibility-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2017:0338" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N", "version": "3.0" }, "products": [ "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-accessibility-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-accessibility-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-accessibility-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-accessibility-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-accessibility-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-accessibility-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-accessibility-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-accessibility-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "OpenJDK: LdapLoginModule incorrect userDN extraction (JAAS, 8161743)" }, { "cve": "CVE-2017-3253", "cwe": { "id": "CWE-770", "name": "Allocation of Resources Without Limits or Throttling" }, "discovery_date": "2017-01-15T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1413583" } ], "notes": [ { "category": "description", "text": "It was discovered that the 2D component of OpenJDK performed parsing of iTXt and zTXt PNG image chunks even when configured to ignore metadata. An attacker able to make a Java application parse a specially crafted PNG image could cause the application to consume an excessive amount of memory.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: imageio PNGImageReader failed to honor ignoreMetadata for iTXt and zTXt chunks (2D, 8166988)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-accessibility-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-accessibility-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-accessibility-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-accessibility-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-accessibility-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-accessibility-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-accessibility-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-accessibility-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2017-3253" }, { "category": "external", "summary": "RHBZ#1413583", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1413583" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2017-3253", "url": "https://www.cve.org/CVERecord?id=CVE-2017-3253" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-3253", "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-3253" } ], "release_date": "2017-01-17T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of IBM Java must be restarted for this update to take effect.", "product_ids": [ "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-accessibility-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-accessibility-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-accessibility-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-accessibility-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-accessibility-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-accessibility-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-accessibility-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-accessibility-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2017:0338" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0" }, "products": [ "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-accessibility-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-accessibility-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-accessibility-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-accessibility-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-accessibility-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-accessibility-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-accessibility-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-accessibility-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "OpenJDK: imageio PNGImageReader failed to honor ignoreMetadata for iTXt and zTXt chunks (2D, 8166988)" }, { "cve": "CVE-2017-3259", "discovery_date": "2017-01-17T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1414163" } ], "notes": [ { "category": "description", "text": "Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Deployment). Supported versions that are affected are Java SE: 6u131, 7u121 and 8u112. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Java SE accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS v3.0 Base Score 3.7 (Confidentiality impacts).", "title": "Vulnerability description" }, { "category": "summary", "text": "JDK: unspecified vulnerability fixed in 6u141, 7u131, and 8u121 (Deployment)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-accessibility-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-accessibility-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-accessibility-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-accessibility-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-accessibility-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-accessibility-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-accessibility-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-accessibility-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2017-3259" }, { "category": "external", "summary": "RHBZ#1414163", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1414163" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2017-3259", "url": "https://www.cve.org/CVERecord?id=CVE-2017-3259" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-3259", "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-3259" }, { "category": "external", "summary": "http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html#AppendixJAVA", "url": "http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html#AppendixJAVA" } ], "release_date": "2017-01-17T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of IBM Java must be restarted for this update to take effect.", "product_ids": [ "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-accessibility-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-accessibility-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-accessibility-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-accessibility-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-accessibility-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-accessibility-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-accessibility-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-accessibility-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2017:0338" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 3.7, "baseSeverity": "LOW", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N", "version": "3.0" }, "products": [ "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-accessibility-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-accessibility-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-accessibility-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-accessibility-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-accessibility-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-accessibility-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-accessibility-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-accessibility-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "JDK: unspecified vulnerability fixed in 6u141, 7u131, and 8u121 (Deployment)" }, { "cve": "CVE-2017-3261", "cwe": { "id": "CWE-125", "name": "Out-of-bounds Read" }, "discovery_date": "2017-01-15T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1413653" } ], "notes": [ { "category": "description", "text": "Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Networking). Supported versions that are affected are Java SE: 6u131, 7u121 and 8u112; Java SE Embedded: 8u111. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Java SE, Java SE Embedded accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS v3.0 Base Score 4.3 (Confidentiality impacts).", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: integer overflow in SocketOutputStream boundary check (Networking, 8164147)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-accessibility-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-accessibility-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-accessibility-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-accessibility-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-accessibility-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-accessibility-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-accessibility-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-accessibility-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2017-3261" }, { "category": "external", "summary": "RHBZ#1413653", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1413653" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2017-3261", "url": "https://www.cve.org/CVERecord?id=CVE-2017-3261" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-3261", "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-3261" } ], "release_date": "2017-01-17T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of IBM Java must be restarted for this update to take effect.", "product_ids": [ "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-accessibility-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-accessibility-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-accessibility-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-accessibility-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-accessibility-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-accessibility-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-accessibility-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-accessibility-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2017:0338" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 4.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N", "version": "3.0" }, "products": [ "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-accessibility-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-accessibility-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-accessibility-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-accessibility-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-accessibility-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-accessibility-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-accessibility-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-accessibility-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "OpenJDK: integer overflow in SocketOutputStream boundary check (Networking, 8164147)" }, { "cve": "CVE-2017-3272", "discovery_date": "2017-01-15T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1413554" } ], "notes": [ { "category": "description", "text": "Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Libraries). Supported versions that are affected are Java SE: 6u131, 7u121 and 8u112; Java SE Embedded: 8u111. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Java SE, Java SE Embedded, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Java SE, Java SE Embedded. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS v3.0 Base Score 9.6 (Confidentiality, Integrity and Availability impacts).", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: insufficient protected field access checks in atomic field updaters (Libraries, 8165344)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-accessibility-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-accessibility-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-accessibility-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-accessibility-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-accessibility-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-accessibility-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-accessibility-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-accessibility-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2017-3272" }, { "category": "external", "summary": "RHBZ#1413554", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1413554" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2017-3272", "url": "https://www.cve.org/CVERecord?id=CVE-2017-3272" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-3272", "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-3272" } ], "release_date": "2017-01-17T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of IBM Java must be restarted for this update to take effect.", "product_ids": [ "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-accessibility-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-accessibility-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-accessibility-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-accessibility-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-accessibility-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-accessibility-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-accessibility-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-accessibility-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2017:0338" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0" }, "products": [ "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-accessibility-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-accessibility-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-accessibility-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-accessibility-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Client-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-accessibility-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-accessibility-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-accessibility-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-accessibility-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.i386", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.ppc", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.ppc64", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.s390", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.s390x", "5Server-Supplementary-5.11.Z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el5_11.x86_64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-demo-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-devel-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-javacomm-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-jdbc-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-plugin-1:1.6.0.16.41-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.6.0-ibm-src-1:1.6.0.16.41-1jpp.1.el6_8.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Critical" } ], "title": "OpenJDK: insufficient protected field access checks in atomic field updaters (Libraries, 8165344)" } ] }
rhsa-2017_1216
Vulnerability from csaf_redhat
Notes
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Moderate" }, "category": "csaf_vex", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "An update for java-1.7.1-ibm is now available for Red Hat\nSatellite 5.7 and Red Hat Satellite 5.6.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", "title": "Topic" }, { "category": "general", "text": "IBM Java SE version 7 Release 1 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit.\n\nThis update upgrades IBM Java SE 7 to version 7R1 SR4-FP1.\n\nSecurity Fix(es):\n\n* This update fixes multiple vulnerabilities in the IBM Java Runtime Environment and the IBM Java Software Development Kit. Further information about these flaws can be found on the IBM Java Security alerts page, listed in the References section. (CVE-2016-2183, CVE-2017-3272, CVE-2017-3289, CVE-2017-3253, CVE-2017-3261, CVE-2017-3231, CVE-2016-5547, CVE-2016-5552, CVE-2017-3252, CVE-2016-5546, CVE-2016-5548, CVE-2016-5549, CVE-2017-3241, CVE-2017-3259, CVE-2016-5573, CVE-2016-5554, CVE-2016-5542, CVE-2016-5597, CVE-2016-5556, CVE-2016-3598, CVE-2016-3511, CVE-2016-0363, CVE-2016-0686, CVE-2016-0687, CVE-2016-3426, CVE-2016-3427, CVE-2016-3443, CVE-2016-3449, CVE-2016-3422, CVE-2016-0376, CVE-2016-0264)", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat offerings.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHSA-2017:1216", "url": "https://access.redhat.com/errata/RHSA-2017:1216" }, { "category": "external", "summary": "https://access.redhat.com/security/updates/classification/#moderate", "url": "https://access.redhat.com/security/updates/classification/#moderate" }, { "category": "external", "summary": "1324044", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1324044" }, { "category": "external", "summary": "1327743", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1327743" }, { "category": "external", "summary": "1327749", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1327749" }, { "category": "external", "summary": "1328059", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1328059" }, { "category": "external", "summary": "1328210", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1328210" }, { "category": "external", "summary": "1328618", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1328618" }, { "category": "external", "summary": "1328619", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1328619" }, { "category": "external", "summary": "1328620", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1328620" }, { "category": "external", "summary": "1330986", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1330986" }, { "category": "external", "summary": "1331359", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1331359" }, { "category": "external", "summary": "1356971", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1356971" }, { "category": "external", "summary": "1358168", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1358168" }, { "category": "external", "summary": "1369383", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1369383" }, { "category": "external", "summary": "1385544", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1385544" }, { "category": "external", "summary": "1385714", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1385714" }, { "category": "external", "summary": "1385723", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1385723" }, { "category": "external", "summary": "1386103", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1386103" }, { "category": "external", "summary": "1386408", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1386408" }, { "category": "external", "summary": "1413554", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1413554" }, { "category": "external", "summary": "1413562", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1413562" }, { "category": "external", "summary": "1413583", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1413583" }, { "category": "external", "summary": "1413653", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1413653" }, { "category": "external", "summary": "1413717", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1413717" }, { "category": "external", "summary": "1413764", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1413764" }, { "category": "external", "summary": "1413882", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1413882" }, { "category": "external", "summary": "1413906", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1413906" }, { "category": "external", "summary": "1413911", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1413911" }, { "category": "external", "summary": "1413920", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1413920" }, { "category": "external", "summary": "1413923", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1413923" }, { "category": "external", "summary": "1413955", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1413955" }, { "category": "external", "summary": "1414163", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1414163" }, { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/data/csaf/v2/advisories/2017/rhsa-2017_1216.json" } ], "title": "Red Hat Security Advisory: java-1.7.1-ibm security update", "tracking": { "current_release_date": "2024-09-15T23:45:52+00:00", "generator": { "date": "2024-09-15T23:45:52+00:00", "engine": { "name": "Red Hat SDEngine", "version": "3.33.3" } }, "id": "RHSA-2017:1216", "initial_release_date": "2017-05-09T16:41:26+00:00", "revision_history": [ { "date": "2017-05-09T16:41:26+00:00", "number": "1", "summary": "Initial version" }, { "date": "2017-05-09T16:41:26+00:00", "number": "2", "summary": "Last updated version" }, { "date": "2024-09-15T23:45:52+00:00", "number": "3", "summary": "Last generated version" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "Red Hat Satellite 5.6 (RHEL v.6)", "product": { "name": "Red Hat Satellite 5.6 (RHEL v.6)", "product_id": "6Server-Satellite56", "product_identification_helper": { "cpe": "cpe:/a:redhat:network_satellite:5.6::el6" } } }, { "category": "product_name", "name": "Red Hat Satellite 5.7 (RHEL v.6)", "product": { "name": "Red Hat Satellite 5.7 (RHEL v.6)", "product_id": "6Server-Satellite57", "product_identification_helper": { "cpe": "cpe:/a:redhat:network_satellite:5.7::el6" } } } ], "category": "product_family", "name": "Red Hat Satellite" }, { "branches": [ { "category": "product_version", "name": "java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "product": { "name": "java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "product_id": "java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.7.1-ibm@1.7.1.4.1-1jpp.1.el6_8?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "product": { "name": "java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "product_id": "java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.7.1-ibm-devel@1.7.1.4.1-1jpp.1.el6_8?arch=x86_64\u0026epoch=1" } } } ], "category": "architecture", "name": "x86_64" }, { "branches": [ { "category": "product_version", "name": "java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "product": { "name": "java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "product_id": "java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.7.1-ibm@1.7.1.4.1-1jpp.1.el6_8?arch=s390x\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "product": { "name": "java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "product_id": "java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.7.1-ibm-devel@1.7.1.4.1-1jpp.1.el6_8?arch=s390x\u0026epoch=1" } } } ], "category": "architecture", "name": "s390x" }, { "branches": [ { "category": "product_version", "name": "java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.src", "product": { "name": "java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.src", "product_id": "java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.7.1-ibm@1.7.1.4.1-1jpp.1.el6_8?arch=src\u0026epoch=1" } } } ], "category": "architecture", "name": "src" } ], "category": "vendor", "name": "Red Hat" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x as a component of Red Hat Satellite 5.6 (RHEL v.6)", "product_id": "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x" }, "product_reference": "java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "relates_to_product_reference": "6Server-Satellite56" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.src as a component of Red Hat Satellite 5.6 (RHEL v.6)", "product_id": "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.src" }, "product_reference": "java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.src", "relates_to_product_reference": "6Server-Satellite56" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64 as a component of Red Hat Satellite 5.6 (RHEL v.6)", "product_id": "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64" }, "product_reference": "java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "relates_to_product_reference": "6Server-Satellite56" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x as a component of Red Hat Satellite 5.6 (RHEL v.6)", "product_id": "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x" }, "product_reference": "java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "relates_to_product_reference": "6Server-Satellite56" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64 as a component of Red Hat Satellite 5.6 (RHEL v.6)", "product_id": "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64" }, "product_reference": "java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "relates_to_product_reference": "6Server-Satellite56" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x as a component of Red Hat Satellite 5.7 (RHEL v.6)", "product_id": "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x" }, "product_reference": "java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "relates_to_product_reference": "6Server-Satellite57" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.src as a component of Red Hat Satellite 5.7 (RHEL v.6)", "product_id": "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.src" }, "product_reference": "java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.src", "relates_to_product_reference": "6Server-Satellite57" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64 as a component of Red Hat Satellite 5.7 (RHEL v.6)", "product_id": "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64" }, "product_reference": "java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "relates_to_product_reference": "6Server-Satellite57" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x as a component of Red Hat Satellite 5.7 (RHEL v.6)", "product_id": "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x" }, "product_reference": "java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "relates_to_product_reference": "6Server-Satellite57" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64 as a component of Red Hat Satellite 5.7 (RHEL v.6)", "product_id": "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64" }, "product_reference": "java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "relates_to_product_reference": "6Server-Satellite57" } ] }, "vulnerabilities": [ { "cve": "CVE-2016-0264", "cwe": { "id": "CWE-120", "name": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)" }, "discovery_date": "2016-04-28T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1331359" } ], "notes": [ { "category": "description", "text": "Buffer overflow in the Java Virtual Machine (JVM) in IBM SDK, Java Technology Edition 6 before SR16 FP25 (6.0.16.25), 6 R1 before SR8 FP25 (6.1.8.25), 7 before SR9 FP40 (7.0.9.40), 7 R1 before SR3 FP40 (7.1.3.40), and 8 before SR3 (8.0.3.0) allows remote attackers to execute arbitrary code via unspecified vectors.", "title": "Vulnerability description" }, { "category": "summary", "text": "JDK: buffer overflow vulnerability in the IBM JVM", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.src", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.src", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2016-0264" }, { "category": "external", "summary": "RHBZ#1331359", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1331359" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2016-0264", "url": "https://www.cve.org/CVERecord?id=CVE-2016-0264" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-0264", "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-0264" }, { "category": "external", "summary": "http://www.ibm.com/developerworks/java/jdk/alerts/#IBM_Security_Update_April_2016", "url": "http://www.ibm.com/developerworks/java/jdk/alerts/#IBM_Security_Update_April_2016" } ], "release_date": "2016-04-27T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.src", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.src", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2017:1216" } ], "scores": [ { "cvss_v2": { "accessComplexity": "HIGH", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.1, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:P", "version": "2.0" }, "products": [ "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.src", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.src", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "JDK: buffer overflow vulnerability in the IBM JVM" }, { "cve": "CVE-2016-0363", "discovery_date": "2016-04-04T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1324044" } ], "notes": [ { "category": "description", "text": "The com.ibm.CORBA.iiop.ClientDelegate class in IBM SDK, Java Technology Edition 6 before SR16 FP25 (6.0.16.25), 6 R1 before SR8 FP25 (6.1.8.25), 7 before SR9 FP40 (7.0.9.40), 7 R1 before SR3 FP40 (7.1.3.40), and 8 before SR3 (8.0.3.0) uses the invoke method of the java.lang.reflect.Method class in an AccessController doPrivileged block, which allows remote attackers to call setSecurityManager and bypass a sandbox protection mechanism via vectors related to a Proxy object instance implementing the java.lang.reflect.InvocationHandler interface. NOTE: this vulnerability exists because of an incomplete fix for CVE-2013-3009.", "title": "Vulnerability description" }, { "category": "summary", "text": "JDK: insecure use of invoke method in CORBA component, incorrect CVE-2013-3009 fix", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.src", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.src", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2016-0363" }, { "category": "external", "summary": "RHBZ#1324044", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1324044" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2016-0363", "url": "https://www.cve.org/CVERecord?id=CVE-2016-0363" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-0363", "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-0363" }, { "category": "external", "summary": "http://www.ibm.com/developerworks/java/jdk/alerts/#IBM_Security_Update_April_2016", "url": "http://www.ibm.com/developerworks/java/jdk/alerts/#IBM_Security_Update_April_2016" } ], "release_date": "2016-04-04T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.src", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.src", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2017:1216" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, "products": [ "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.src", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.src", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Critical" } ], "title": "JDK: insecure use of invoke method in CORBA component, incorrect CVE-2013-3009 fix" }, { "cve": "CVE-2016-0376", "discovery_date": "2016-04-20T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1330986" } ], "notes": [ { "category": "description", "text": "The com.ibm.rmi.io.SunSerializableFactory class in IBM SDK, Java Technology Edition 6 before SR16 FP25 (6.0.16.25), 6 R1 before SR8 FP25 (6.1.8.25), 7 before SR9 FP40 (7.0.9.40), 7 R1 before SR3 FP40 (7.1.3.40), and 8 before SR3 (8.0.3.0) does not properly deserialize classes in an AccessController doPrivileged block, which allows remote attackers to bypass a sandbox protection mechanism and execute arbitrary code as demonstrated by the readValue method of the com.ibm.rmi.io.ValueHandlerPool.ValueHandlerSingleton class, which implements the javax.rmi.CORBA.ValueHandler interface. NOTE: this vulnerability exists because of an incomplete fix for CVE-2013-5456.", "title": "Vulnerability description" }, { "category": "summary", "text": "JDK: insecure deserialization in CORBA, incorrect CVE-2013-5456 fix", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.src", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.src", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2016-0376" }, { "category": "external", "summary": "RHBZ#1330986", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1330986" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2016-0376", "url": "https://www.cve.org/CVERecord?id=CVE-2016-0376" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-0376", "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-0376" }, { "category": "external", "summary": "http://www.ibm.com/developerworks/java/jdk/alerts/#IBM_Security_Update_April_2016", "url": "http://www.ibm.com/developerworks/java/jdk/alerts/#IBM_Security_Update_April_2016" } ], "release_date": "2016-04-14T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.src", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.src", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2017:1216" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, "products": [ "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.src", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.src", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Critical" } ], "title": "JDK: insecure deserialization in CORBA, incorrect CVE-2013-5456 fix" }, { "cve": "CVE-2016-0686", "discovery_date": "2016-04-15T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1327743" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in Oracle Java SE 6u113, 7u99, and 8u77 and Java SE Embedded 8u77 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to Serialization.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: insufficient thread consistency checks in ObjectInputStream (Serialization, 8129952)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.src", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.src", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2016-0686" }, { "category": "external", "summary": "RHBZ#1327743", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1327743" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2016-0686", "url": "https://www.cve.org/CVERecord?id=CVE-2016-0686" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-0686", "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-0686" }, { "category": "external", "summary": "http://www.oracle.com/technetwork/topics/security/cpuapr2016-2881694.html#AppendixJAVA", "url": "http://www.oracle.com/technetwork/topics/security/cpuapr2016-2881694.html#AppendixJAVA" } ], "release_date": "2016-04-19T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.src", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.src", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2017:1216" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, "products": [ "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.src", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.src", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Critical" } ], "title": "OpenJDK: insufficient thread consistency checks in ObjectInputStream (Serialization, 8129952)" }, { "cve": "CVE-2016-0687", "discovery_date": "2016-04-15T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1327749" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in Oracle Java SE 6u113, 7u99, and 8u77 and Java SE Embedded 8u77 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to the Hotspot sub-component.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: insufficient byte type checks (Hotspot, 8132051)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.src", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.src", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2016-0687" }, { "category": "external", "summary": "RHBZ#1327749", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1327749" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2016-0687", "url": "https://www.cve.org/CVERecord?id=CVE-2016-0687" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-0687", "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-0687" }, { "category": "external", "summary": "http://www.oracle.com/technetwork/topics/security/cpuapr2016-2881694.html#AppendixJAVA", "url": "http://www.oracle.com/technetwork/topics/security/cpuapr2016-2881694.html#AppendixJAVA" } ], "release_date": "2016-04-19T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.src", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.src", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2017:1216" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, "products": [ "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.src", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.src", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Critical" } ], "title": "OpenJDK: insufficient byte type checks (Hotspot, 8132051)" }, { "acknowledgments": [ { "names": [ "OpenVPN" ] }, { "names": [ "Karthikeyan Bhargavan", "Ga\u00ebtan Leurent" ], "organization": "Inria", "summary": "Acknowledged by upstream." } ], "cve": "CVE-2016-2183", "cwe": { "id": "CWE-327", "name": "Use of a Broken or Risky Cryptographic Algorithm" }, "discovery_date": "2016-08-18T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1369383" } ], "notes": [ { "category": "description", "text": "A flaw was found in the way the DES/3DES cipher was used as part of the TLS/SSL protocol. A man-in-the-middle attacker could use this flaw to recover some plaintext data by capturing large amounts of encrypted traffic between TLS/SSL server and client if the communication used a DES/3DES based ciphersuite.", "title": "Vulnerability description" }, { "category": "summary", "text": "SSL/TLS: Birthday attack against 64-bit block ciphers (SWEET32)", "title": "Vulnerability summary" }, { "category": "other", "text": "OpenSSL security update RHSA-2016:1940 mitigates this issue by lowering priority of DES cipher suites so they are not preferred over cipher suites using AES. For compatibility reasons, DES cipher suites remain enabled by default and included in the set of cipher suites identified by the HIGH cipher string. Future updates may move them to MEDIUM or not enable them by default.\n\nNSS addressed this issue by implementing limits on the amount of plain text which can be encrypted by using the same key. Once the limit is reached, the keys will need to be re-negotiated manually. This change will be available in nss-3.27.\n\nGnuTLS is not affected by this issue, since it prioritizes AES before 3DES in the cipher list.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.src", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.src", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2016-2183" }, { "category": "external", "summary": "RHBZ#1369383", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1369383" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2016-2183", "url": "https://www.cve.org/CVERecord?id=CVE-2016-2183" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-2183", "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-2183" }, { "category": "external", "summary": "https://access.redhat.com/articles/2548661", "url": "https://access.redhat.com/articles/2548661" }, { "category": "external", "summary": "https://access.redhat.com/errata/RHSA-2016:1940", "url": "https://access.redhat.com/errata/RHSA-2016:1940" }, { "category": "external", "summary": "https://sweet32.info/", "url": "https://sweet32.info/" } ], "release_date": "2016-08-24T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.src", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.src", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2017:1216" }, { "category": "workaround", "details": "1.SSL/TLS configurations should prefer AES over DES. Versions of OpenSSL shipped with Red Hat Enterprise Linux 6 and 7 already do so. In the version of OpenSSL shipped with Red Hat Enterprise Linux 5, 3DES is listed below the AES-256 cipher and above the AES-128 cipher, therefore AES-256 based ciphersuite should not be disabled on the server.\n2. Servers using OpenSSL, should not disable AES-128 and AES-256 ciphersuites. Versions of Apache shipped with Red Hat Enterprise Linux use the default cipher string, in which AES is preferred over DES/3DES based ciphersuites.\n\nFor JBoss Middleware, and Java mitigations, please review this knowledge base article:\n\nhttps://access.redhat.com/articles/2598471\n\nThis can be mitigated on OpenShift Container Platform (OCP) by disabling the vulnerable TLS cipher suite in the applicable component. TLS configuration options for OCP are described here:\n\nhttps://access.redhat.com/articles/5348961", "product_ids": [ "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.src", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.src", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64" ] } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0" }, "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.0" }, "products": [ "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.src", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.src", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "SSL/TLS: Birthday attack against 64-bit block ciphers (SWEET32)" }, { "cve": "CVE-2016-3422", "discovery_date": "2016-04-19T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1328620" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in Oracle Java SE 6u113, 7u99, and 8u77 allows remote attackers to affect availability via vectors related to 2D.", "title": "Vulnerability description" }, { "category": "summary", "text": "JDK: unspecified vulnerability fixed in 6u115, 7u101 and 8u91 (2D)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.src", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.src", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2016-3422" }, { "category": "external", "summary": "RHBZ#1328620", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1328620" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2016-3422", "url": "https://www.cve.org/CVERecord?id=CVE-2016-3422" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-3422", "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-3422" }, { "category": "external", "summary": "http://www.oracle.com/technetwork/topics/security/cpuapr2016-2881694.html#AppendixJAVA", "url": "http://www.oracle.com/technetwork/topics/security/cpuapr2016-2881694.html#AppendixJAVA" } ], "release_date": "2016-04-19T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.src", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.src", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2017:1216" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0" }, "products": [ "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.src", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.src", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "JDK: unspecified vulnerability fixed in 6u115, 7u101 and 8u91 (2D)" }, { "cve": "CVE-2016-3426", "discovery_date": "2016-04-15T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1328059" } ], "notes": [ { "category": "description", "text": "It was discovered that the GCM (Galois/Counter Mode) implementation in the JCE component in OpenJDK used a non-constant time comparison when comparing GCM authentication tags. A remote attacker could possibly use this flaw to determine the value of the authentication tag.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: non-constant time GCM authentication tag comparison (JCE, 8143945)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.src", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.src", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2016-3426" }, { "category": "external", "summary": "RHBZ#1328059", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1328059" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2016-3426", "url": "https://www.cve.org/CVERecord?id=CVE-2016-3426" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-3426", "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-3426" }, { "category": "external", "summary": "http://www.oracle.com/technetwork/topics/security/cpuapr2016-2881694.html#AppendixJAVA", "url": "http://www.oracle.com/technetwork/topics/security/cpuapr2016-2881694.html#AppendixJAVA" } ], "release_date": "2016-04-19T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.src", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.src", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2017:1216" } ], "scores": [ { "cvss_v2": { "accessComplexity": "HIGH", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 2.6, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:H/Au:N/C:P/I:N/A:N", "version": "2.0" }, "products": [ "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.src", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.src", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "OpenJDK: non-constant time GCM authentication tag comparison (JCE, 8143945)" }, { "cve": "CVE-2016-3427", "discovery_date": "2016-04-15T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1328210" } ], "notes": [ { "category": "description", "text": "It was discovered that the RMI server implementation in the JMX component in OpenJDK did not restrict which classes can be deserialized when deserializing authentication credentials. A remote, unauthenticated attacker able to connect to a JMX port could possibly use this flaw to trigger deserialization flaws.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: unrestricted deserialization of authentication credentials (JMX, 8144430)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.src", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.src", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2016-3427" }, { "category": "external", "summary": "RHBZ#1328210", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1328210" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2016-3427", "url": "https://www.cve.org/CVERecord?id=CVE-2016-3427" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-3427", "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-3427" }, { "category": "external", "summary": "http://www.oracle.com/technetwork/topics/security/cpuapr2016-2881694.html#AppendixJAVA", "url": "http://www.oracle.com/technetwork/topics/security/cpuapr2016-2881694.html#AppendixJAVA" }, { "category": "external", "summary": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog", "url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog" } ], "release_date": "2016-04-19T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.src", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.src", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2017:1216" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, "products": [ "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.src", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.src", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64" ] } ], "threats": [ { "category": "exploit_status", "date": "2023-05-12T00:00:00+00:00", "details": "CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog" }, { "category": "impact", "details": "Critical" } ], "title": "OpenJDK: unrestricted deserialization of authentication credentials (JMX, 8144430)" }, { "cve": "CVE-2016-3443", "discovery_date": "2016-04-19T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1328618" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in Oracle Java SE 6u113, 7u99, and 8u77 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to 2D. NOTE: the previous information is from the April 2016 CPU. Oracle has not commented on third-party claims that this issue allows remote attackers to obtain sensitive information via crafted font data, which triggers an out-of-bounds read.", "title": "Vulnerability description" }, { "category": "summary", "text": "JDK: unspecified vulnerability fixed in 6u115, 7u101 and 8u91 (2D)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.src", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.src", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2016-3443" }, { "category": "external", "summary": "RHBZ#1328618", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1328618" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2016-3443", "url": "https://www.cve.org/CVERecord?id=CVE-2016-3443" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-3443", "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-3443" }, { "category": "external", "summary": "http://www.oracle.com/technetwork/topics/security/cpuapr2016-2881694.html#AppendixJAVA", "url": "http://www.oracle.com/technetwork/topics/security/cpuapr2016-2881694.html#AppendixJAVA" } ], "release_date": "2016-04-19T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.src", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.src", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2017:1216" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, "products": [ "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.src", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.src", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Critical" } ], "title": "JDK: unspecified vulnerability fixed in 6u115, 7u101 and 8u91 (2D)" }, { "cve": "CVE-2016-3449", "discovery_date": "2016-04-19T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1328619" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in Oracle Java SE 6u113, 7u99, and 8u77 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to Deployment.", "title": "Vulnerability description" }, { "category": "summary", "text": "JDK: unspecified vulnerability fixed in 6u115, 7u101 and 8u91 (Deployment)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.src", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.src", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2016-3449" }, { "category": "external", "summary": "RHBZ#1328619", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1328619" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2016-3449", "url": "https://www.cve.org/CVERecord?id=CVE-2016-3449" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-3449", "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-3449" }, { "category": "external", "summary": "http://www.oracle.com/technetwork/topics/security/cpuapr2016-2881694.html#AppendixJAVA", "url": "http://www.oracle.com/technetwork/topics/security/cpuapr2016-2881694.html#AppendixJAVA" } ], "release_date": "2016-04-19T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.src", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.src", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2017:1216" } ], "scores": [ { "cvss_v2": { "accessComplexity": "HIGH", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.1, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:P", "version": "2.0" }, "products": [ "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.src", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.src", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "JDK: unspecified vulnerability fixed in 6u115, 7u101 and 8u91 (Deployment)" }, { "cve": "CVE-2016-3511", "discovery_date": "2016-07-19T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1358168" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in Oracle Java SE 7u101 and 8u92 allows local users to affect confidentiality, integrity, and availability via vectors related to Deployment.", "title": "Vulnerability description" }, { "category": "summary", "text": "JDK: unspecified vulnerability fixed in 7u111 and 8u101 (Deployment)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.src", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.src", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2016-3511" }, { "category": "external", "summary": "RHBZ#1358168", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1358168" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2016-3511", "url": "https://www.cve.org/CVERecord?id=CVE-2016-3511" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-3511", "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-3511" }, { "category": "external", "summary": "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html#AppendixJAVA", "url": "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html#AppendixJAVA" } ], "release_date": "2016-07-19T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.src", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.src", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2017:1216" } ], "scores": [ { "cvss_v2": { "accessComplexity": "HIGH", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 3.7, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:L/AC:H/Au:N/C:P/I:P/A:P", "version": "2.0" }, "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.0, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0" }, "products": [ "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.src", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.src", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "JDK: unspecified vulnerability fixed in 7u111 and 8u101 (Deployment)" }, { "cve": "CVE-2016-3598", "discovery_date": "2016-06-30T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1356971" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in Oracle Java SE 8u92 and Java SE Embedded 8u91 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to Libraries, a different vulnerability than CVE-2016-3610.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: incorrect handling of MethodHandles.dropArguments() argument (Libraries, 8155985)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.src", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.src", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2016-3598" }, { "category": "external", "summary": "RHBZ#1356971", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1356971" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2016-3598", "url": "https://www.cve.org/CVERecord?id=CVE-2016-3598" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-3598", "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-3598" }, { "category": "external", "summary": "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html#AppendixJAVA", "url": "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html#AppendixJAVA" } ], "release_date": "2016-07-19T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.src", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.src", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2017:1216" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0" }, "products": [ "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.src", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.src", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Critical" } ], "title": "OpenJDK: incorrect handling of MethodHandles.dropArguments() argument (Libraries, 8155985)" }, { "cve": "CVE-2016-5542", "cwe": { "id": "CWE-327", "name": "Use of a Broken or Risky Cryptographic Algorithm" }, "discovery_date": "2016-10-14T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1385723" } ], "notes": [ { "category": "description", "text": "It was discovered that the Libraries component of OpenJDK did not restrict the set of algorithms used for JAR integrity verification. This flaw could allow an attacker to modify content of the JAR file that used weak signing key or hash algorithm.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: missing algorithm restrictions for jar verification (Libraries, 8155973)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.src", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.src", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2016-5542" }, { "category": "external", "summary": "RHBZ#1385723", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1385723" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2016-5542", "url": "https://www.cve.org/CVERecord?id=CVE-2016-5542" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-5542", "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-5542" }, { "category": "external", "summary": "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html#AppendixJAVA", "url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html#AppendixJAVA" } ], "release_date": "2016-10-18T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.src", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.src", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2017:1216" } ], "scores": [ { "cvss_v2": { "accessComplexity": "HIGH", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 2.6, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:H/Au:N/C:N/I:P/A:N", "version": "2.0" }, "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 3.1, "baseSeverity": "LOW", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N", "version": "3.0" }, "products": [ "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.src", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.src", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "OpenJDK: missing algorithm restrictions for jar verification (Libraries, 8155973)" }, { "cve": "CVE-2016-5546", "cwe": { "id": "CWE-20", "name": "Improper Input Validation" }, "discovery_date": "2017-01-15T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1413911" } ], "notes": [ { "category": "description", "text": "It was discovered that the Libraries component of OpenJDK accepted ECDSA signatures using non-canonical DER encoding. This could cause a Java application to accept signature in an incorrect format not accepted by other cryptographic tools.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: incorrect ECDSA signature extraction from the DER input (Libraries, 8168714)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.src", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.src", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2016-5546" }, { "category": "external", "summary": "RHBZ#1413911", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1413911" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2016-5546", "url": "https://www.cve.org/CVERecord?id=CVE-2016-5546" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-5546", "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-5546" } ], "release_date": "2017-01-17T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.src", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.src", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2017:1216" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.0" }, "products": [ "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.src", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.src", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "OpenJDK: incorrect ECDSA signature extraction from the DER input (Libraries, 8168714)" }, { "cve": "CVE-2016-5547", "cwe": { "id": "CWE-770", "name": "Allocation of Resources Without Limits or Throttling" }, "discovery_date": "2017-01-15T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1413764" } ], "notes": [ { "category": "description", "text": "It was discovered that the Libraries component of OpenJDK did not validate the length of the object identifier read from the DER input before allocating memory to store the OID. An attacker able to make a Java application decode a specially crafted DER input could cause the application to consume an excessive amount of memory.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: missing ObjectIdentifier length check (Libraries, 8168705)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.src", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.src", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2016-5547" }, { "category": "external", "summary": "RHBZ#1413764", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1413764" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2016-5547", "url": "https://www.cve.org/CVERecord?id=CVE-2016-5547" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-5547", "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-5547" } ], "release_date": "2017-01-17T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.src", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.src", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2017:1216" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "version": "3.0" }, "products": [ "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.src", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.src", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "OpenJDK: missing ObjectIdentifier length check (Libraries, 8168705)" }, { "cve": "CVE-2016-5548", "cwe": { "id": "CWE-385", "name": "Covert Timing Channel" }, "discovery_date": "2017-01-15T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1413920" } ], "notes": [ { "category": "description", "text": "A covert timing channel flaw was found in the DSA implementation in the Libraries component of OpenJDK. A remote attacker could possibly use this flaw to extract certain information about the used key via a timing side channel.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: DSA implementation timing attack (Libraries, 8168728)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.src", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.src", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2016-5548" }, { "category": "external", "summary": "RHBZ#1413920", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1413920" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2016-5548", "url": "https://www.cve.org/CVERecord?id=CVE-2016-5548" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-5548", "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-5548" } ], "release_date": "2017-01-17T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.src", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.src", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2017:1216" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", "version": "3.0" }, "products": [ "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.src", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.src", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "OpenJDK: DSA implementation timing attack (Libraries, 8168728)" }, { "cve": "CVE-2016-5549", "cwe": { "id": "CWE-385", "name": "Covert Timing Channel" }, "discovery_date": "2017-01-15T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1413923" } ], "notes": [ { "category": "description", "text": "Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Libraries). Supported versions that are affected are Java SE: 7u121 and 8u112; Java SE Embedded: 8u111. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Java SE, Java SE Embedded accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS v3.0 Base Score 6.5 (Confidentiality impacts).", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: ECDSA implementation timing attack (Libraries, 8168724)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.src", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.src", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2016-5549" }, { "category": "external", "summary": "RHBZ#1413923", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1413923" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2016-5549", "url": "https://www.cve.org/CVERecord?id=CVE-2016-5549" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-5549", "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-5549" } ], "release_date": "2017-01-17T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.src", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.src", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2017:1216" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", "version": "3.0" }, "products": [ "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.src", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.src", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "OpenJDK: ECDSA implementation timing attack (Libraries, 8168724)" }, { "cve": "CVE-2016-5552", "cwe": { "id": "CWE-20", "name": "Improper Input Validation" }, "discovery_date": "2017-01-15T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1413882" } ], "notes": [ { "category": "description", "text": "It was discovered that the Networking component of OpenJDK failed to properly parse user info from the URL. A remote attacker could cause a Java application to incorrectly parse an attacker supplied URL and interpret it differently from other applications processing the same URL.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: incorrect URL parsing in URLStreamHandler (Networking, 8167223)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.src", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.src", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2016-5552" }, { "category": "external", "summary": "RHBZ#1413882", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1413882" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2016-5552", "url": "https://www.cve.org/CVERecord?id=CVE-2016-5552" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-5552", "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-5552" } ], "release_date": "2017-01-17T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.src", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.src", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2017:1216" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", "version": "3.0" }, "products": [ "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.src", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.src", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "OpenJDK: incorrect URL parsing in URLStreamHandler (Networking, 8167223)" }, { "cve": "CVE-2016-5554", "discovery_date": "2016-10-14T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1385714" } ], "notes": [ { "category": "description", "text": "A flaw was found in the way the JMX component of OpenJDK handled classloaders. An untrusted Java application or applet could use this flaw to bypass certain Java sandbox restrictions.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: insufficient classloader consistency checks in ClassLoaderWithRepository (JMX, 8157739)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.src", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.src", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2016-5554" }, { "category": "external", "summary": "RHBZ#1385714", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1385714" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2016-5554", "url": "https://www.cve.org/CVERecord?id=CVE-2016-5554" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-5554", "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-5554" }, { "category": "external", "summary": "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html#AppendixJAVA", "url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html#AppendixJAVA" } ], "release_date": "2016-10-18T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.src", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.src", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2017:1216" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0" }, "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 4.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N", "version": "3.0" }, "products": [ "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.src", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.src", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "OpenJDK: insufficient classloader consistency checks in ClassLoaderWithRepository (JMX, 8157739)" }, { "cve": "CVE-2016-5556", "discovery_date": "2016-10-18T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1386408" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in Oracle Java SE 6u121, 7u111, and 8u102 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to 2D.", "title": "Vulnerability description" }, { "category": "summary", "text": "JDK: unspecified vulnerability fixed in 6u131, 7u121, and 8u111 (2D)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.src", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.src", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2016-5556" }, { "category": "external", "summary": "RHBZ#1386408", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1386408" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2016-5556", "url": "https://www.cve.org/CVERecord?id=CVE-2016-5556" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-5556", "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-5556" }, { "category": "external", "summary": "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html#AppendixJAVA", "url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html#AppendixJAVA" } ], "release_date": "2016-10-18T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.src", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.src", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2017:1216" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0" }, "products": [ "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.src", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.src", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Critical" } ], "title": "JDK: unspecified vulnerability fixed in 6u131, 7u121, and 8u111 (2D)" }, { "cve": "CVE-2016-5573", "cwe": { "id": "CWE-20", "name": "Improper Input Validation" }, "discovery_date": "2016-10-14T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1385544" } ], "notes": [ { "category": "description", "text": "It was discovered that the Hotspot component of OpenJDK did not properly check received Java Debug Wire Protocol (JDWP) packets. An attacker could possibly use this flaw to send debugging commands to a Java program running with debugging enabled if they could make victim\u0027s browser send HTTP requests to the JDWP port of the debugged application.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: insufficient checks of JDWP packets (Hotspot, 8159519)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.src", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.src", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2016-5573" }, { "category": "external", "summary": "RHBZ#1385544", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1385544" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2016-5573", "url": "https://www.cve.org/CVERecord?id=CVE-2016-5573" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-5573", "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-5573" }, { "category": "external", "summary": "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html#AppendixJAVA", "url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html#AppendixJAVA" } ], "release_date": "2016-10-18T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.src", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.src", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2017:1216" } ], "scores": [ { "cvss_v2": { "accessComplexity": "HIGH", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.1, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:P", "version": "2.0" }, "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0" }, "products": [ "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.src", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.src", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "OpenJDK: insufficient checks of JDWP packets (Hotspot, 8159519)" }, { "cve": "CVE-2016-5597", "cwe": { "id": "CWE-319", "name": "Cleartext Transmission of Sensitive Information" }, "discovery_date": "2016-10-14T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1386103" } ], "notes": [ { "category": "description", "text": "A flaw was found in the way the Networking component of OpenJDK handled HTTP proxy authentication. A Java application could possibly expose HTTPS server authentication credentials via a plain text network connection to an HTTP proxy if proxy asked for authentication.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: exposure of server authentication credentials to proxy (Networking, 8160838)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.src", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.src", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2016-5597" }, { "category": "external", "summary": "RHBZ#1386103", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1386103" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2016-5597", "url": "https://www.cve.org/CVERecord?id=CVE-2016-5597" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-5597", "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-5597" }, { "category": "external", "summary": "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html#AppendixJAVA", "url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html#AppendixJAVA" } ], "release_date": "2016-10-18T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.src", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.src", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2017:1216" } ], "scores": [ { "cvss_v2": { "accessComplexity": "HIGH", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 2.6, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:H/Au:N/C:P/I:N/A:N", "version": "2.0" }, "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N", "version": "3.0" }, "products": [ "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.src", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.src", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "OpenJDK: exposure of server authentication credentials to proxy (Networking, 8160838)" }, { "cve": "CVE-2017-3231", "discovery_date": "2017-01-15T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1413717" } ], "notes": [ { "category": "description", "text": "Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Networking). Supported versions that are affected are Java SE: 6u131, 7u121 and 8u112; Java SE Embedded: 8u111. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Java SE, Java SE Embedded accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS v3.0 Base Score 4.3 (Confidentiality impacts).", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: URLClassLoader insufficient access control checks (Networking, 8151934)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.src", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.src", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2017-3231" }, { "category": "external", "summary": "RHBZ#1413717", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1413717" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2017-3231", "url": "https://www.cve.org/CVERecord?id=CVE-2017-3231" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-3231", "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-3231" } ], "release_date": "2017-01-17T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.src", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.src", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2017:1216" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 4.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N", "version": "3.0" }, "products": [ "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.src", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.src", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "OpenJDK: URLClassLoader insufficient access control checks (Networking, 8151934)" }, { "cve": "CVE-2017-3241", "cwe": { "id": "CWE-502", "name": "Deserialization of Untrusted Data" }, "discovery_date": "2017-01-15T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1413955" } ], "notes": [ { "category": "description", "text": "It was discovered that the RMI registry and DCG implementations in the RMI component of OpenJDK performed deserialization of untrusted inputs. A remote attacker could possibly use this flaw to execute arbitrary code with the privileges of RMI registry or a Java RMI application.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: untrusted input deserialization in RMI registry and DCG (RMI, 8156802)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.src", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.src", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2017-3241" }, { "category": "external", "summary": "RHBZ#1413955", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1413955" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2017-3241", "url": "https://www.cve.org/CVERecord?id=CVE-2017-3241" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-3241", "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-3241" } ], "release_date": "2017-01-17T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.src", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.src", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2017:1216" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" }, "products": [ "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.src", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.src", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Critical" } ], "title": "OpenJDK: untrusted input deserialization in RMI registry and DCG (RMI, 8156802)" }, { "cve": "CVE-2017-3252", "cwe": { "id": "CWE-20", "name": "Improper Input Validation" }, "discovery_date": "2017-01-15T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1413906" } ], "notes": [ { "category": "description", "text": "It was discovered that the JAAS component of OpenJDK did not use the correct way to extract user DN from the result of the user search LDAP query. A specially crafted user LDAP entry could cause the application to use an incorrect DN.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: LdapLoginModule incorrect userDN extraction (JAAS, 8161743)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.src", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.src", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2017-3252" }, { "category": "external", "summary": "RHBZ#1413906", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1413906" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2017-3252", "url": "https://www.cve.org/CVERecord?id=CVE-2017-3252" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-3252", "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-3252" } ], "release_date": "2017-01-17T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.src", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.src", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2017:1216" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N", "version": "3.0" }, "products": [ "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.src", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.src", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "OpenJDK: LdapLoginModule incorrect userDN extraction (JAAS, 8161743)" }, { "cve": "CVE-2017-3253", "cwe": { "id": "CWE-770", "name": "Allocation of Resources Without Limits or Throttling" }, "discovery_date": "2017-01-15T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1413583" } ], "notes": [ { "category": "description", "text": "It was discovered that the 2D component of OpenJDK performed parsing of iTXt and zTXt PNG image chunks even when configured to ignore metadata. An attacker able to make a Java application parse a specially crafted PNG image could cause the application to consume an excessive amount of memory.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: imageio PNGImageReader failed to honor ignoreMetadata for iTXt and zTXt chunks (2D, 8166988)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.src", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.src", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2017-3253" }, { "category": "external", "summary": "RHBZ#1413583", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1413583" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2017-3253", "url": "https://www.cve.org/CVERecord?id=CVE-2017-3253" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-3253", "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-3253" } ], "release_date": "2017-01-17T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.src", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.src", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2017:1216" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0" }, "products": [ "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.src", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.src", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "OpenJDK: imageio PNGImageReader failed to honor ignoreMetadata for iTXt and zTXt chunks (2D, 8166988)" }, { "cve": "CVE-2017-3259", "discovery_date": "2017-01-17T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1414163" } ], "notes": [ { "category": "description", "text": "Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Deployment). Supported versions that are affected are Java SE: 6u131, 7u121 and 8u112. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Java SE accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS v3.0 Base Score 3.7 (Confidentiality impacts).", "title": "Vulnerability description" }, { "category": "summary", "text": "JDK: unspecified vulnerability fixed in 6u141, 7u131, and 8u121 (Deployment)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.src", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.src", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2017-3259" }, { "category": "external", "summary": "RHBZ#1414163", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1414163" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2017-3259", "url": "https://www.cve.org/CVERecord?id=CVE-2017-3259" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-3259", "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-3259" }, { "category": "external", "summary": "http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html#AppendixJAVA", "url": "http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html#AppendixJAVA" } ], "release_date": "2017-01-17T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.src", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.src", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2017:1216" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 3.7, "baseSeverity": "LOW", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N", "version": "3.0" }, "products": [ "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.src", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.src", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "JDK: unspecified vulnerability fixed in 6u141, 7u131, and 8u121 (Deployment)" }, { "cve": "CVE-2017-3261", "cwe": { "id": "CWE-125", "name": "Out-of-bounds Read" }, "discovery_date": "2017-01-15T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1413653" } ], "notes": [ { "category": "description", "text": "Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Networking). Supported versions that are affected are Java SE: 6u131, 7u121 and 8u112; Java SE Embedded: 8u111. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Java SE, Java SE Embedded accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS v3.0 Base Score 4.3 (Confidentiality impacts).", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: integer overflow in SocketOutputStream boundary check (Networking, 8164147)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.src", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.src", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2017-3261" }, { "category": "external", "summary": "RHBZ#1413653", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1413653" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2017-3261", "url": "https://www.cve.org/CVERecord?id=CVE-2017-3261" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-3261", "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-3261" } ], "release_date": "2017-01-17T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.src", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.src", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2017:1216" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 4.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N", "version": "3.0" }, "products": [ "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.src", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.src", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "OpenJDK: integer overflow in SocketOutputStream boundary check (Networking, 8164147)" }, { "cve": "CVE-2017-3272", "discovery_date": "2017-01-15T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1413554" } ], "notes": [ { "category": "description", "text": "Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Libraries). Supported versions that are affected are Java SE: 6u131, 7u121 and 8u112; Java SE Embedded: 8u111. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Java SE, Java SE Embedded, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Java SE, Java SE Embedded. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS v3.0 Base Score 9.6 (Confidentiality, Integrity and Availability impacts).", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: insufficient protected field access checks in atomic field updaters (Libraries, 8165344)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.src", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.src", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2017-3272" }, { "category": "external", "summary": "RHBZ#1413554", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1413554" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2017-3272", "url": "https://www.cve.org/CVERecord?id=CVE-2017-3272" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-3272", "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-3272" } ], "release_date": "2017-01-17T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.src", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.src", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2017:1216" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0" }, "products": [ "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.src", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.src", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Critical" } ], "title": "OpenJDK: insufficient protected field access checks in atomic field updaters (Libraries, 8165344)" }, { "cve": "CVE-2017-3289", "discovery_date": "2017-01-15T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1413562" } ], "notes": [ { "category": "description", "text": "Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Hotspot). Supported versions that are affected are Java SE: 7u121 and 8u112; Java SE Embedded: 8u111. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Java SE, Java SE Embedded, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Java SE, Java SE Embedded. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS v3.0 Base Score 9.6 (Confidentiality, Integrity and Availability impacts).", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: insecure class construction (Hotspot, 8167104)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.src", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.src", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2017-3289" }, { "category": "external", "summary": "RHBZ#1413562", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1413562" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2017-3289", "url": "https://www.cve.org/CVERecord?id=CVE-2017-3289" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-3289", "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-3289" } ], "release_date": "2017-01-17T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.src", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.src", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2017:1216" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0" }, "products": [ "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.src", "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.src", "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Critical" } ], "title": "OpenJDK: insecure class construction (Hotspot, 8167104)" } ] }
rhsa-2017_2709
Vulnerability from csaf_redhat
Notes
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Important" }, "category": "csaf_vex", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "An update is now available for JBoss Core Services on Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", "title": "Topic" }, { "category": "general", "text": "Red Hat JBoss Core Services is a set of supplementary software for Red Hat JBoss middleware products. This software, such as Apache HTTP Server, is common to multiple JBoss middleware products, and is packaged under Red Hat JBoss Core Services to allow for faster distribution of updates, and for a more consistent update experience.\n\nThis release of Red Hat JBoss Core Services Apache HTTP Server 2.4.23 Service Pack 2 serves as an update for Red Hat JBoss Core Services Apache HTTP Server 2.4.23 Service Pack 1, and includes bug fixes, which are documented in the Release Notes document linked to in the References.\n\nSecurity Fix(es):\n\n* It was discovered that the httpd\u0027s mod_auth_digest module did not properly initialize memory before using it when processing certain headers related to digest authentication. A remote attacker could possibly use this flaw to disclose potentially sensitive information or cause httpd child process to crash by sending specially crafted requests to a server. (CVE-2017-9788)\n\n* It was discovered that in httpd 2.4, the internal API function ap_some_auth_required() could incorrectly indicate that a request was authenticated even when no authentication was used. An httpd module using this API function could consequently allow access that should have been denied. (CVE-2015-3185)\n\n* A flaw was found in the way the DES/3DES cipher was used as part of the TLS/SSL protocol. A man-in-the-middle attacker could use this flaw to recover some plaintext data by capturing large amounts of encrypted traffic between TLS/SSL server and client if the communication used a DES/3DES based ciphersuite. (CVE-2016-2183)\n\nRed Hat would like to thank OpenVPN for reporting CVE-2016-2183. Upstream acknowledges Karthikeyan Bhargavan (Inria) and Ga\u00ebtan Leurent (Inria) as the original reporters of CVE-2016-2183.", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat offerings.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHSA-2017:2709", "url": "https://access.redhat.com/errata/RHSA-2017:2709" }, { "category": "external", "summary": "https://access.redhat.com/security/updates/classification/#important", "url": "https://access.redhat.com/security/updates/classification/#important" }, { "category": "external", "summary": "https://access.redhat.com/documentation/en/red-hat-jboss-core-services/", "url": "https://access.redhat.com/documentation/en/red-hat-jboss-core-services/" }, { "category": "external", "summary": "1243888", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1243888" }, { "category": "external", "summary": "1369383", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1369383" }, { "category": "external", "summary": "1470748", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1470748" }, { "category": "external", "summary": "JBCS-329", "url": "https://issues.redhat.com/browse/JBCS-329" }, { "category": "external", "summary": "JBCS-336", "url": "https://issues.redhat.com/browse/JBCS-336" }, { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/data/csaf/v2/advisories/2017/rhsa-2017_2709.json" } ], "title": "Red Hat Security Advisory: Red Hat JBoss Core Services security update", "tracking": { "current_release_date": "2024-09-13T16:49:04+00:00", "generator": { "date": "2024-09-13T16:49:04+00:00", "engine": { "name": "Red Hat SDEngine", "version": "3.33.3" } }, "id": "RHSA-2017:2709", "initial_release_date": "2017-09-13T16:48:46+00:00", "revision_history": [ { "date": "2017-09-13T16:48:46+00:00", "number": "1", "summary": "Initial version" }, { "date": "2017-09-13T16:48:46+00:00", "number": "2", "summary": "Last updated version" }, { "date": "2024-09-13T16:49:04+00:00", "number": "3", "summary": "Last generated version" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "Red Hat JBoss Core Services on RHEL 7 Server", "product": { "name": "Red Hat JBoss Core Services on RHEL 7 Server", "product_id": "7Server-JBCS", "product_identification_helper": { "cpe": "cpe:/a:redhat:jboss_core_services:1::el7" } } } ], "category": "product_family", "name": "Red Hat JBoss Core Services" }, { "branches": [ { "category": "product_version", "name": "jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el7.x86_64", "product": { "name": "jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el7.x86_64", "product_id": "jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-openssl-static@1.0.2h-14.jbcs.el7?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el7.x86_64", "product": { "name": "jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el7.x86_64", "product_id": "jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-openssl-libs@1.0.2h-14.jbcs.el7?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el7.x86_64", "product": { "name": "jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el7.x86_64", "product_id": "jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-openssl-perl@1.0.2h-14.jbcs.el7?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el7.x86_64", "product": { "name": "jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el7.x86_64", "product_id": "jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-openssl@1.0.2h-14.jbcs.el7?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el7.x86_64", "product": { "name": "jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el7.x86_64", "product_id": "jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-openssl-devel@1.0.2h-14.jbcs.el7?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el7.x86_64", "product": { "name": "jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el7.x86_64", "product_id": "jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-openssl-debuginfo@1.0.2h-14.jbcs.el7?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "jbcs-httpd24-mod_session-0:2.4.23-122.jbcs.el7.x86_64", "product": { "name": "jbcs-httpd24-mod_session-0:2.4.23-122.jbcs.el7.x86_64", "product_id": "jbcs-httpd24-mod_session-0:2.4.23-122.jbcs.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-mod_session@2.4.23-122.jbcs.el7?arch=x86_64" } } }, { "category": "product_version", "name": "jbcs-httpd24-httpd-libs-0:2.4.23-122.jbcs.el7.x86_64", "product": { "name": "jbcs-httpd24-httpd-libs-0:2.4.23-122.jbcs.el7.x86_64", "product_id": "jbcs-httpd24-httpd-libs-0:2.4.23-122.jbcs.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-httpd-libs@2.4.23-122.jbcs.el7?arch=x86_64" } } }, { "category": "product_version", "name": "jbcs-httpd24-mod_ssl-1:2.4.23-122.jbcs.el7.x86_64", "product": { "name": "jbcs-httpd24-mod_ssl-1:2.4.23-122.jbcs.el7.x86_64", "product_id": "jbcs-httpd24-mod_ssl-1:2.4.23-122.jbcs.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-mod_ssl@2.4.23-122.jbcs.el7?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "jbcs-httpd24-httpd-tools-0:2.4.23-122.jbcs.el7.x86_64", "product": { "name": "jbcs-httpd24-httpd-tools-0:2.4.23-122.jbcs.el7.x86_64", "product_id": "jbcs-httpd24-httpd-tools-0:2.4.23-122.jbcs.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-httpd-tools@2.4.23-122.jbcs.el7?arch=x86_64" } } }, { "category": "product_version", "name": "jbcs-httpd24-mod_ldap-0:2.4.23-122.jbcs.el7.x86_64", "product": { "name": "jbcs-httpd24-mod_ldap-0:2.4.23-122.jbcs.el7.x86_64", "product_id": "jbcs-httpd24-mod_ldap-0:2.4.23-122.jbcs.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-mod_ldap@2.4.23-122.jbcs.el7?arch=x86_64" } } }, { "category": "product_version", "name": "jbcs-httpd24-mod_proxy_html-1:2.4.23-122.jbcs.el7.x86_64", "product": { "name": "jbcs-httpd24-mod_proxy_html-1:2.4.23-122.jbcs.el7.x86_64", "product_id": "jbcs-httpd24-mod_proxy_html-1:2.4.23-122.jbcs.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-mod_proxy_html@2.4.23-122.jbcs.el7?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "jbcs-httpd24-httpd-selinux-0:2.4.23-122.jbcs.el7.x86_64", "product": { "name": "jbcs-httpd24-httpd-selinux-0:2.4.23-122.jbcs.el7.x86_64", "product_id": "jbcs-httpd24-httpd-selinux-0:2.4.23-122.jbcs.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-httpd-selinux@2.4.23-122.jbcs.el7?arch=x86_64" } } }, { "category": "product_version", "name": "jbcs-httpd24-httpd-debuginfo-0:2.4.23-122.jbcs.el7.x86_64", "product": { "name": "jbcs-httpd24-httpd-debuginfo-0:2.4.23-122.jbcs.el7.x86_64", "product_id": "jbcs-httpd24-httpd-debuginfo-0:2.4.23-122.jbcs.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-httpd-debuginfo@2.4.23-122.jbcs.el7?arch=x86_64" } } }, { "category": "product_version", "name": "jbcs-httpd24-httpd-0:2.4.23-122.jbcs.el7.x86_64", "product": { "name": "jbcs-httpd24-httpd-0:2.4.23-122.jbcs.el7.x86_64", "product_id": "jbcs-httpd24-httpd-0:2.4.23-122.jbcs.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-httpd@2.4.23-122.jbcs.el7?arch=x86_64" } } }, { "category": "product_version", "name": "jbcs-httpd24-httpd-devel-0:2.4.23-122.jbcs.el7.x86_64", "product": { "name": "jbcs-httpd24-httpd-devel-0:2.4.23-122.jbcs.el7.x86_64", "product_id": "jbcs-httpd24-httpd-devel-0:2.4.23-122.jbcs.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-httpd-devel@2.4.23-122.jbcs.el7?arch=x86_64" } } } ], "category": "architecture", "name": "x86_64" }, { "branches": [ { "category": "product_version", "name": "jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el7.src", "product": { "name": "jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el7.src", "product_id": "jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-openssl@1.0.2h-14.jbcs.el7?arch=src\u0026epoch=1" } } }, { "category": "product_version", "name": "jbcs-httpd24-httpd-0:2.4.23-122.jbcs.el7.src", "product": { "name": "jbcs-httpd24-httpd-0:2.4.23-122.jbcs.el7.src", "product_id": "jbcs-httpd24-httpd-0:2.4.23-122.jbcs.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-httpd@2.4.23-122.jbcs.el7?arch=src" } } } ], "category": "architecture", "name": "src" }, { "branches": [ { "category": "product_version", "name": "jbcs-httpd24-httpd-manual-0:2.4.23-122.jbcs.el7.noarch", "product": { "name": "jbcs-httpd24-httpd-manual-0:2.4.23-122.jbcs.el7.noarch", "product_id": "jbcs-httpd24-httpd-manual-0:2.4.23-122.jbcs.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-httpd-manual@2.4.23-122.jbcs.el7?arch=noarch" } } } ], "category": "architecture", "name": "noarch" } ], "category": "vendor", "name": "Red Hat" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-httpd-0:2.4.23-122.jbcs.el7.src as a component of Red Hat JBoss Core Services on RHEL 7 Server", "product_id": "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.23-122.jbcs.el7.src" }, "product_reference": "jbcs-httpd24-httpd-0:2.4.23-122.jbcs.el7.src", "relates_to_product_reference": "7Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-httpd-0:2.4.23-122.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server", "product_id": "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.23-122.jbcs.el7.x86_64" }, "product_reference": "jbcs-httpd24-httpd-0:2.4.23-122.jbcs.el7.x86_64", "relates_to_product_reference": "7Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-httpd-debuginfo-0:2.4.23-122.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server", "product_id": "7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.23-122.jbcs.el7.x86_64" }, "product_reference": "jbcs-httpd24-httpd-debuginfo-0:2.4.23-122.jbcs.el7.x86_64", "relates_to_product_reference": "7Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-httpd-devel-0:2.4.23-122.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server", "product_id": "7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.23-122.jbcs.el7.x86_64" }, "product_reference": "jbcs-httpd24-httpd-devel-0:2.4.23-122.jbcs.el7.x86_64", "relates_to_product_reference": "7Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-httpd-libs-0:2.4.23-122.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server", "product_id": "7Server-JBCS:jbcs-httpd24-httpd-libs-0:2.4.23-122.jbcs.el7.x86_64" }, "product_reference": "jbcs-httpd24-httpd-libs-0:2.4.23-122.jbcs.el7.x86_64", "relates_to_product_reference": "7Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-httpd-manual-0:2.4.23-122.jbcs.el7.noarch as a component of Red Hat JBoss Core Services on RHEL 7 Server", "product_id": "7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.23-122.jbcs.el7.noarch" }, "product_reference": "jbcs-httpd24-httpd-manual-0:2.4.23-122.jbcs.el7.noarch", "relates_to_product_reference": "7Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-httpd-selinux-0:2.4.23-122.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server", "product_id": "7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.23-122.jbcs.el7.x86_64" }, "product_reference": "jbcs-httpd24-httpd-selinux-0:2.4.23-122.jbcs.el7.x86_64", "relates_to_product_reference": "7Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-httpd-tools-0:2.4.23-122.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server", "product_id": "7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.23-122.jbcs.el7.x86_64" }, "product_reference": "jbcs-httpd24-httpd-tools-0:2.4.23-122.jbcs.el7.x86_64", "relates_to_product_reference": "7Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-mod_ldap-0:2.4.23-122.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server", "product_id": "7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.23-122.jbcs.el7.x86_64" }, "product_reference": "jbcs-httpd24-mod_ldap-0:2.4.23-122.jbcs.el7.x86_64", "relates_to_product_reference": "7Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-mod_proxy_html-1:2.4.23-122.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server", "product_id": "7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.23-122.jbcs.el7.x86_64" }, "product_reference": "jbcs-httpd24-mod_proxy_html-1:2.4.23-122.jbcs.el7.x86_64", "relates_to_product_reference": "7Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-mod_session-0:2.4.23-122.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server", "product_id": "7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.23-122.jbcs.el7.x86_64" }, "product_reference": "jbcs-httpd24-mod_session-0:2.4.23-122.jbcs.el7.x86_64", "relates_to_product_reference": "7Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-mod_ssl-1:2.4.23-122.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server", "product_id": "7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.23-122.jbcs.el7.x86_64" }, "product_reference": "jbcs-httpd24-mod_ssl-1:2.4.23-122.jbcs.el7.x86_64", "relates_to_product_reference": "7Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el7.src as a component of Red Hat JBoss Core Services on RHEL 7 Server", "product_id": "7Server-JBCS:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el7.src" }, "product_reference": "jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el7.src", "relates_to_product_reference": "7Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server", "product_id": "7Server-JBCS:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el7.x86_64" }, "product_reference": "jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el7.x86_64", "relates_to_product_reference": "7Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server", "product_id": "7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el7.x86_64" }, "product_reference": "jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el7.x86_64", "relates_to_product_reference": "7Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server", "product_id": "7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el7.x86_64" }, "product_reference": "jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el7.x86_64", "relates_to_product_reference": "7Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server", "product_id": "7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el7.x86_64" }, "product_reference": "jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el7.x86_64", "relates_to_product_reference": "7Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server", "product_id": "7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el7.x86_64" }, "product_reference": "jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el7.x86_64", "relates_to_product_reference": "7Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server", "product_id": "7Server-JBCS:jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el7.x86_64" }, "product_reference": "jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el7.x86_64", "relates_to_product_reference": "7Server-JBCS" } ] }, "vulnerabilities": [ { "cve": "CVE-2015-3185", "cwe": { "id": "CWE-287", "name": "Improper Authentication" }, "discovery_date": "2015-07-16T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1243888" } ], "notes": [ { "category": "description", "text": "It was discovered that in httpd 2.4, the internal API function ap_some_auth_required() could incorrectly indicate that a request was authenticated even when no authentication was used. An httpd module using this API function could consequently allow access that should have been denied.", "title": "Vulnerability description" }, { "category": "summary", "text": "httpd: ap_some_auth_required() does not properly indicate authenticated request in 2.4", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.23-122.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.23-122.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.23-122.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.23-122.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-libs-0:2.4.23-122.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.23-122.jbcs.el7.noarch", "7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.23-122.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.23-122.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.23-122.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.23-122.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.23-122.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.23-122.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2015-3185" }, { "category": "external", "summary": "RHBZ#1243888", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1243888" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2015-3185", "url": "https://www.cve.org/CVERecord?id=CVE-2015-3185" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2015-3185", "url": "https://nvd.nist.gov/vuln/detail/CVE-2015-3185" }, { "category": "external", "summary": "http://httpd.apache.org/security/vulnerabilities_24.html#2.4.16", "url": "http://httpd.apache.org/security/vulnerabilities_24.html#2.4.16" } ], "release_date": "2015-07-15T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the updated packages, the httpd daemon will be restarted automatically. For the update to take effect, all services linked to the OpenSSL library must be restarted, or the system rebooted.", "product_ids": [ "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.23-122.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.23-122.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.23-122.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.23-122.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-libs-0:2.4.23-122.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.23-122.jbcs.el7.noarch", "7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.23-122.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.23-122.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.23-122.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.23-122.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.23-122.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.23-122.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2017:2709" } ], "scores": [ { "cvss_v2": { "accessComplexity": "HIGH", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 2.6, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:H/Au:N/C:N/I:N/A:P", "version": "2.0" }, "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 3.7, "baseSeverity": "LOW", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L", "version": "3.0" }, "products": [ "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.23-122.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.23-122.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.23-122.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.23-122.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-libs-0:2.4.23-122.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.23-122.jbcs.el7.noarch", "7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.23-122.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.23-122.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.23-122.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.23-122.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.23-122.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.23-122.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "httpd: ap_some_auth_required() does not properly indicate authenticated request in 2.4" }, { "acknowledgments": [ { "names": [ "OpenVPN" ] }, { "names": [ "Karthikeyan Bhargavan", "Ga\u00ebtan Leurent" ], "organization": "Inria", "summary": "Acknowledged by upstream." } ], "cve": "CVE-2016-2183", "cwe": { "id": "CWE-327", "name": "Use of a Broken or Risky Cryptographic Algorithm" }, "discovery_date": "2016-08-18T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1369383" } ], "notes": [ { "category": "description", "text": "A flaw was found in the way the DES/3DES cipher was used as part of the TLS/SSL protocol. A man-in-the-middle attacker could use this flaw to recover some plaintext data by capturing large amounts of encrypted traffic between TLS/SSL server and client if the communication used a DES/3DES based ciphersuite.", "title": "Vulnerability description" }, { "category": "summary", "text": "SSL/TLS: Birthday attack against 64-bit block ciphers (SWEET32)", "title": "Vulnerability summary" }, { "category": "other", "text": "OpenSSL security update RHSA-2016:1940 mitigates this issue by lowering priority of DES cipher suites so they are not preferred over cipher suites using AES. For compatibility reasons, DES cipher suites remain enabled by default and included in the set of cipher suites identified by the HIGH cipher string. Future updates may move them to MEDIUM or not enable them by default.\n\nNSS addressed this issue by implementing limits on the amount of plain text which can be encrypted by using the same key. Once the limit is reached, the keys will need to be re-negotiated manually. This change will be available in nss-3.27.\n\nGnuTLS is not affected by this issue, since it prioritizes AES before 3DES in the cipher list.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.23-122.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.23-122.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.23-122.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.23-122.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-libs-0:2.4.23-122.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.23-122.jbcs.el7.noarch", "7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.23-122.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.23-122.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.23-122.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.23-122.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.23-122.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.23-122.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2016-2183" }, { "category": "external", "summary": "RHBZ#1369383", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1369383" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2016-2183", "url": "https://www.cve.org/CVERecord?id=CVE-2016-2183" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-2183", "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-2183" }, { "category": "external", "summary": "https://access.redhat.com/articles/2548661", "url": "https://access.redhat.com/articles/2548661" }, { "category": "external", "summary": "https://access.redhat.com/errata/RHSA-2016:1940", "url": "https://access.redhat.com/errata/RHSA-2016:1940" }, { "category": "external", "summary": "https://sweet32.info/", "url": "https://sweet32.info/" } ], "release_date": "2016-08-24T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the updated packages, the httpd daemon will be restarted automatically. For the update to take effect, all services linked to the OpenSSL library must be restarted, or the system rebooted.", "product_ids": [ "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.23-122.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.23-122.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.23-122.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.23-122.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-libs-0:2.4.23-122.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.23-122.jbcs.el7.noarch", "7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.23-122.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.23-122.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.23-122.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.23-122.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.23-122.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.23-122.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2017:2709" }, { "category": "workaround", "details": "1.SSL/TLS configurations should prefer AES over DES. Versions of OpenSSL shipped with Red Hat Enterprise Linux 6 and 7 already do so. In the version of OpenSSL shipped with Red Hat Enterprise Linux 5, 3DES is listed below the AES-256 cipher and above the AES-128 cipher, therefore AES-256 based ciphersuite should not be disabled on the server.\n2. Servers using OpenSSL, should not disable AES-128 and AES-256 ciphersuites. Versions of Apache shipped with Red Hat Enterprise Linux use the default cipher string, in which AES is preferred over DES/3DES based ciphersuites.\n\nFor JBoss Middleware, and Java mitigations, please review this knowledge base article:\n\nhttps://access.redhat.com/articles/2598471\n\nThis can be mitigated on OpenShift Container Platform (OCP) by disabling the vulnerable TLS cipher suite in the applicable component. TLS configuration options for OCP are described here:\n\nhttps://access.redhat.com/articles/5348961", "product_ids": [ "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.23-122.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.23-122.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.23-122.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.23-122.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-libs-0:2.4.23-122.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.23-122.jbcs.el7.noarch", "7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.23-122.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.23-122.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.23-122.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.23-122.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.23-122.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.23-122.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el7.x86_64" ] } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0" }, "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.0" }, "products": [ "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.23-122.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.23-122.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.23-122.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.23-122.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-libs-0:2.4.23-122.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.23-122.jbcs.el7.noarch", "7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.23-122.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.23-122.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.23-122.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.23-122.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.23-122.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.23-122.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "SSL/TLS: Birthday attack against 64-bit block ciphers (SWEET32)" }, { "cve": "CVE-2017-9788", "cwe": { "id": "CWE-456", "name": "Missing Initialization of a Variable" }, "discovery_date": "2017-07-13T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1470748" } ], "notes": [ { "category": "description", "text": "It was discovered that the httpd\u0027s mod_auth_digest module did not properly initialize memory before using it when processing certain headers related to digest authentication. A remote attacker could possibly use this flaw to disclose potentially sensitive information or cause httpd child process to crash by sending specially crafted requests to a server.", "title": "Vulnerability description" }, { "category": "summary", "text": "httpd: Uninitialized memory reflection in mod_auth_digest", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.23-122.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.23-122.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.23-122.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.23-122.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-libs-0:2.4.23-122.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.23-122.jbcs.el7.noarch", "7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.23-122.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.23-122.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.23-122.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.23-122.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.23-122.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.23-122.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2017-9788" }, { "category": "external", "summary": "RHBZ#1470748", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1470748" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2017-9788", "url": "https://www.cve.org/CVERecord?id=CVE-2017-9788" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-9788", "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-9788" }, { "category": "external", "summary": "https://httpd.apache.org/security/vulnerabilities_22.html#2.2.34", "url": "https://httpd.apache.org/security/vulnerabilities_22.html#2.2.34" }, { "category": "external", "summary": "https://httpd.apache.org/security/vulnerabilities_24.html#2.4.27", "url": "https://httpd.apache.org/security/vulnerabilities_24.html#2.4.27" } ], "release_date": "2017-07-11T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the updated packages, the httpd daemon will be restarted automatically. For the update to take effect, all services linked to the OpenSSL library must be restarted, or the system rebooted.", "product_ids": [ "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.23-122.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.23-122.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.23-122.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.23-122.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-libs-0:2.4.23-122.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.23-122.jbcs.el7.noarch", "7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.23-122.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.23-122.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.23-122.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.23-122.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.23-122.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.23-122.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2017:2709" }, { "category": "workaround", "details": "If you do not use digest authentication, do not load the \"auth_digest_module\".\n\nFor example, on RHEL 7, this can be done by commenting out or removing the\n\"LoadModule auth_digest_module modules/mod_auth_digest.so\"\nline within the /etc/httpd/conf.modules.d/00-base.conf configuration file and restarting the service.\n\nYou can then use the \"httpd -t -D DUMP_MODULES\" command to verify that the module is no longer loaded.", "product_ids": [ "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.23-122.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.23-122.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.23-122.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.23-122.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-libs-0:2.4.23-122.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.23-122.jbcs.el7.noarch", "7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.23-122.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.23-122.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.23-122.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.23-122.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.23-122.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.23-122.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el7.x86_64" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 4.8, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:L", "version": "3.0" }, "products": [ "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.23-122.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.23-122.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.23-122.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.23-122.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-libs-0:2.4.23-122.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.23-122.jbcs.el7.noarch", "7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.23-122.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.23-122.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.23-122.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.23-122.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.23-122.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.23-122.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "httpd: Uninitialized memory reflection in mod_auth_digest" } ] }
rhsa-2019_1245
Vulnerability from csaf_redhat
Notes
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Moderate" }, "category": "csaf_vex", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "An update is now available for Red Hat Quay 3.\n\nRed Hat Product Security has rated this update as having a security impact\nof Moderate. A Common Vulnerability Scoring System (CVSS) base score, which\ngives a detailed severity rating, is available for each vulnerability from\nthe CVE link(s) in the References section.\n\nRed Hat Quay is a secure, private container registry that builds, analyzes\nand distributes container images. It provides a high level of automation\nand customization.", "title": "Topic" }, { "category": "general", "text": "Security Fix(es):\n\n* A flaw was found in the way the DES/3DES cipher was used as part of the\n TLS/SSL protocol. A man-in-the-middle attacker could use this flaw to recover some plaintext data by capturing large amounts of encrypted traffic between TLS/SSL server and client if the communication used a DES/3DES based ciphersuite. (CVE-2016-2183)\n\nBug Fix(es):\n\n* Running Quay in config mode now works in a disconnected option which doesn\u0027t require pulling resources from the Internet.\n\n* Quay\u0027s security scan endpoint is now enabled at startup for viewing results of Clair container image scans.", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat offerings.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHSA-2019:1245", "url": "https://access.redhat.com/errata/RHSA-2019:1245" }, { "category": "external", "summary": "https://access.redhat.com/security/updates/classification/#moderate", "url": "https://access.redhat.com/security/updates/classification/#moderate" }, { "category": "external", "summary": "1369383", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1369383" }, { "category": "external", "summary": "1709477", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1709477" }, { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/data/csaf/v2/advisories/2019/rhsa-2019_1245.json" } ], "title": "Red Hat Security Advisory: Red Hat Quay 3.0.2 security and bug fix update", "tracking": { "current_release_date": "2024-09-13T11:34:47+00:00", "generator": { "date": "2024-09-13T11:34:47+00:00", "engine": { "name": "Red Hat SDEngine", "version": "3.33.3" } }, "id": "RHSA-2019:1245", "initial_release_date": "2019-05-20T14:12:27+00:00", "revision_history": [ { "date": "2019-05-20T14:12:27+00:00", "number": "1", "summary": "Initial version" }, { "date": "2019-05-20T14:12:27+00:00", "number": "2", "summary": "Last updated version" }, { "date": "2024-09-13T11:34:47+00:00", "number": "3", "summary": "Last generated version" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "Red Hat Quay 3", "product": { "name": "Red Hat Quay 3", "product_id": "Red Hat Quay 3", "product_identification_helper": { "cpe": "cpe:/a:redhat:quay:3::el7" } } } ], "category": "product_family", "name": "Red Hat Quay" } ], "category": "vendor", "name": "Red Hat" } ] }, "vulnerabilities": [ { "acknowledgments": [ { "names": [ "OpenVPN" ] }, { "names": [ "Karthikeyan Bhargavan", "Ga\u00ebtan Leurent" ], "organization": "Inria", "summary": "Acknowledged by upstream." } ], "cve": "CVE-2016-2183", "cwe": { "id": "CWE-327", "name": "Use of a Broken or Risky Cryptographic Algorithm" }, "discovery_date": "2016-08-18T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1369383" } ], "notes": [ { "category": "description", "text": "A flaw was found in the way the DES/3DES cipher was used as part of the TLS/SSL protocol. A man-in-the-middle attacker could use this flaw to recover some plaintext data by capturing large amounts of encrypted traffic between TLS/SSL server and client if the communication used a DES/3DES based ciphersuite.", "title": "Vulnerability description" }, { "category": "summary", "text": "SSL/TLS: Birthday attack against 64-bit block ciphers (SWEET32)", "title": "Vulnerability summary" }, { "category": "other", "text": "OpenSSL security update RHSA-2016:1940 mitigates this issue by lowering priority of DES cipher suites so they are not preferred over cipher suites using AES. For compatibility reasons, DES cipher suites remain enabled by default and included in the set of cipher suites identified by the HIGH cipher string. Future updates may move them to MEDIUM or not enable them by default.\n\nNSS addressed this issue by implementing limits on the amount of plain text which can be encrypted by using the same key. Once the limit is reached, the keys will need to be re-negotiated manually. This change will be available in nss-3.27.\n\nGnuTLS is not affected by this issue, since it prioritizes AES before 3DES in the cipher list.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red Hat Quay 3" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2016-2183" }, { "category": "external", "summary": "RHBZ#1369383", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1369383" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2016-2183", "url": "https://www.cve.org/CVERecord?id=CVE-2016-2183" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-2183", "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-2183" }, { "category": "external", "summary": "https://access.redhat.com/articles/2548661", "url": "https://access.redhat.com/articles/2548661" }, { "category": "external", "summary": "https://access.redhat.com/errata/RHSA-2016:1940", "url": "https://access.redhat.com/errata/RHSA-2016:1940" }, { "category": "external", "summary": "https://sweet32.info/", "url": "https://sweet32.info/" } ], "release_date": "2016-08-24T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "Red Hat Quay 3" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2019:1245" }, { "category": "workaround", "details": "1.SSL/TLS configurations should prefer AES over DES. Versions of OpenSSL shipped with Red Hat Enterprise Linux 6 and 7 already do so. In the version of OpenSSL shipped with Red Hat Enterprise Linux 5, 3DES is listed below the AES-256 cipher and above the AES-128 cipher, therefore AES-256 based ciphersuite should not be disabled on the server.\n2. Servers using OpenSSL, should not disable AES-128 and AES-256 ciphersuites. Versions of Apache shipped with Red Hat Enterprise Linux use the default cipher string, in which AES is preferred over DES/3DES based ciphersuites.\n\nFor JBoss Middleware, and Java mitigations, please review this knowledge base article:\n\nhttps://access.redhat.com/articles/2598471\n\nThis can be mitigated on OpenShift Container Platform (OCP) by disabling the vulnerable TLS cipher suite in the applicable component. TLS configuration options for OCP are described here:\n\nhttps://access.redhat.com/articles/5348961", "product_ids": [ "Red Hat Quay 3" ] } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0" }, "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.0" }, "products": [ "Red Hat Quay 3" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "SSL/TLS: Birthday attack against 64-bit block ciphers (SWEET32)" } ] }
rhsa-2017_3240
Vulnerability from csaf_redhat
Notes
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Important" }, "category": "csaf_vex", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "An update is now available for Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 and Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.\n\n[Updated 21st November 2017]\nPreviously, this erratum was marked as a replacement of the JBoss Enterprise Application Platform 6.4.16 Natives. This was incorrect; the erratum is an update, not a replacement. The erratum text has been modified to reflect this.", "title": "Topic" }, { "category": "general", "text": "Red Hat JBoss Enterprise Application Platform is a platform for Java applications based on the JBoss Application Server.\n\nThis release provides an update to httpd and OpenSSL. The updates are documented in the Release Notes document linked to in the References.\n\nThe httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server.\n\nOpenSSL is a toolkit that implements the Secure Sockets Layer (SSL) and Transport Layer Security (TLS) protocols, as well as a full-strength general-purpose cryptography library.\n\nThis release of JBoss Enterprise Application Platform 6.4.18 Natives serves as an update to the JBoss Enterprise Application Platform 6.4.16 Natives and includes bug fixes which are documented in the Release Notes document linked to in the References.\n\nAll users of Red Hat JBoss Enterprise Application Platform 6.4 Natives are advised to upgrade to these updated packages.\n\nSecurity Fix(es):\n\n* It was discovered that the httpd\u0027s mod_auth_digest module did not properly initialize memory before using it when processing certain headers related to digest authentication. A remote attacker could possibly use this flaw to disclose potentially sensitive information or cause httpd child process to crash by sending specially crafted requests to a server. (CVE-2017-9788)\n\n* A flaw was found in the way the DES/3DES cipher was used as part of the TLS/SSL protocol. A man-in-the-middle attacker could use this flaw to recover some plaintext data by capturing large amounts of encrypted traffic between TLS/SSL server and client if the communication used a DES/3DES based ciphersuite. (CVE-2016-2183)\n\n* A use-after-free flaw was found in the way httpd handled invalid and previously unregistered HTTP methods specified in the Limit directive used in an .htaccess file. A remote attacker could possibly use this flaw to disclose portions of the server memory, or cause httpd child process to crash. (CVE-2017-9798)\n\nRed Hat would like to thank OpenVPN for reporting CVE-2016-2183 and Hanno B\u00f6ck for reporting CVE-2017-9798. Upstream acknowledges Karthikeyan Bhargavan (Inria) and Ga\u00ebtan Leurent (Inria) as the original reporters of CVE-2016-2183.\n\nBug Fix(es):\n\n* CRL checking of very large CRLs fails with OpenSSL 1.0.2 (BZ#1508880)\n\n* mod_cluster segfaults in process_info() due to wrongly generated assembler instruction movslq (BZ#1508884)\n\n* Corruption in nodestatsmem in multiple core dumps but in different functions of each core dump. (BZ#1508885)", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat offerings.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHSA-2017:3240", "url": "https://access.redhat.com/errata/RHSA-2017:3240" }, { "category": "external", "summary": "https://access.redhat.com/security/updates/classification/#important", "url": "https://access.redhat.com/security/updates/classification/#important" }, { "category": "external", "summary": "https://access.redhat.com/documentation/en/red-hat-jboss-enterprise-application-platform/", "url": "https://access.redhat.com/documentation/en/red-hat-jboss-enterprise-application-platform/" }, { "category": "external", "summary": "https://access.redhat.com/articles/3229231", "url": "https://access.redhat.com/articles/3229231" }, { "category": "external", "summary": "1369383", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1369383" }, { "category": "external", "summary": "1470748", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1470748" }, { "category": "external", "summary": "1490344", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1490344" }, { "category": "external", "summary": "1508880", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1508880" }, { "category": "external", "summary": "1508884", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1508884" }, { "category": "external", "summary": "1508885", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1508885" }, { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/data/csaf/v2/advisories/2017/rhsa-2017_3240.json" } ], "title": "Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 6.4.18 security update", "tracking": { "current_release_date": "2024-09-13T16:49:14+00:00", "generator": { "date": "2024-09-13T16:49:14+00:00", "engine": { "name": "Red Hat SDEngine", "version": "3.33.3" } }, "id": "RHSA-2017:3240", "initial_release_date": "2017-11-16T19:27:22+00:00", "revision_history": [ { "date": "2017-11-16T19:27:22+00:00", "number": "1", "summary": "Initial version" }, { "date": "2017-11-21T18:17:26+00:00", "number": "2", "summary": "Last updated version" }, { "date": "2024-09-13T16:49:14+00:00", "number": "3", "summary": "Last generated version" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product": { "name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4", "product_identification_helper": { "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6" } } }, { "category": "product_name", "name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product": { "name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4", "product_identification_helper": { "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7" } } } ], "category": "product_family", "name": "Red Hat JBoss Enterprise Application Platform" }, { "branches": [ { "category": "product_version", "name": "jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el6.x86_64", "product": { "name": "jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el6.x86_64", "product_id": "jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el6.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-openssl-static@1.0.2h-14.jbcs.el6?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el6.x86_64", "product": { "name": "jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el6.x86_64", "product_id": "jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el6.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-openssl-libs@1.0.2h-14.jbcs.el6?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el6.x86_64", "product": { "name": "jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el6.x86_64", "product_id": "jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el6.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-openssl-perl@1.0.2h-14.jbcs.el6?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.x86_64", "product": { "name": "jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.x86_64", "product_id": "jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-openssl@1.0.2h-14.jbcs.el6?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el6.x86_64", "product": { "name": "jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el6.x86_64", "product_id": "jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el6.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-openssl-debuginfo@1.0.2h-14.jbcs.el6?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el6.x86_64", "product": { "name": "jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el6.x86_64", "product_id": "jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el6.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-openssl-devel@1.0.2h-14.jbcs.el6?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "mod_cluster-native-debuginfo-0:1.2.13-9.Final_redhat_2.ep6.el6.x86_64", "product": { "name": "mod_cluster-native-debuginfo-0:1.2.13-9.Final_redhat_2.ep6.el6.x86_64", "product_id": "mod_cluster-native-debuginfo-0:1.2.13-9.Final_redhat_2.ep6.el6.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/mod_cluster-native-debuginfo@1.2.13-9.Final_redhat_2.ep6.el6?arch=x86_64" } } }, { "category": "product_version", "name": "mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el6.x86_64", "product": { "name": "mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el6.x86_64", "product_id": "mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el6.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/mod_cluster-native@1.2.13-9.Final_redhat_2.ep6.el6?arch=x86_64" } } }, { "category": "product_version", "name": "httpd-0:2.2.26-57.ep6.el6.x86_64", "product": { "name": "httpd-0:2.2.26-57.ep6.el6.x86_64", "product_id": "httpd-0:2.2.26-57.ep6.el6.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/httpd@2.2.26-57.ep6.el6?arch=x86_64" } } }, { "category": "product_version", "name": "httpd-debuginfo-0:2.2.26-57.ep6.el6.x86_64", "product": { "name": "httpd-debuginfo-0:2.2.26-57.ep6.el6.x86_64", "product_id": "httpd-debuginfo-0:2.2.26-57.ep6.el6.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/httpd-debuginfo@2.2.26-57.ep6.el6?arch=x86_64" } } }, { "category": "product_version", "name": "mod_ldap-0:2.2.26-57.ep6.el6.x86_64", "product": { "name": "mod_ldap-0:2.2.26-57.ep6.el6.x86_64", "product_id": "mod_ldap-0:2.2.26-57.ep6.el6.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/mod_ldap@2.2.26-57.ep6.el6?arch=x86_64" } } }, { "category": "product_version", "name": "httpd-tools-0:2.2.26-57.ep6.el6.x86_64", "product": { "name": "httpd-tools-0:2.2.26-57.ep6.el6.x86_64", "product_id": "httpd-tools-0:2.2.26-57.ep6.el6.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/httpd-tools@2.2.26-57.ep6.el6?arch=x86_64" } } }, { "category": "product_version", "name": "httpd-devel-0:2.2.26-57.ep6.el6.x86_64", "product": { "name": "httpd-devel-0:2.2.26-57.ep6.el6.x86_64", "product_id": "httpd-devel-0:2.2.26-57.ep6.el6.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/httpd-devel@2.2.26-57.ep6.el6?arch=x86_64" } } }, { "category": "product_version", "name": "mod_ssl-1:2.2.26-57.ep6.el6.x86_64", "product": { "name": "mod_ssl-1:2.2.26-57.ep6.el6.x86_64", "product_id": "mod_ssl-1:2.2.26-57.ep6.el6.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/mod_ssl@2.2.26-57.ep6.el6?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "httpd-manual-0:2.2.26-57.ep6.el6.x86_64", "product": { "name": "httpd-manual-0:2.2.26-57.ep6.el6.x86_64", "product_id": "httpd-manual-0:2.2.26-57.ep6.el6.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/httpd-manual@2.2.26-57.ep6.el6?arch=x86_64" } } }, { "category": "product_version", "name": "jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el7.x86_64", "product": { "name": "jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el7.x86_64", "product_id": "jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-openssl-static@1.0.2h-14.jbcs.el7?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el7.x86_64", "product": { "name": "jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el7.x86_64", "product_id": "jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-openssl-libs@1.0.2h-14.jbcs.el7?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el7.x86_64", "product": { "name": "jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el7.x86_64", "product_id": "jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-openssl-perl@1.0.2h-14.jbcs.el7?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el7.x86_64", "product": { "name": "jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el7.x86_64", "product_id": "jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-openssl@1.0.2h-14.jbcs.el7?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el7.x86_64", "product": { "name": "jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el7.x86_64", "product_id": "jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-openssl-devel@1.0.2h-14.jbcs.el7?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el7.x86_64", "product": { "name": "jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el7.x86_64", "product_id": "jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-openssl-debuginfo@1.0.2h-14.jbcs.el7?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "mod_ssl22-1:2.2.26-58.ep6.el7.x86_64", "product": { "name": "mod_ssl22-1:2.2.26-58.ep6.el7.x86_64", "product_id": "mod_ssl22-1:2.2.26-58.ep6.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/mod_ssl22@2.2.26-58.ep6.el7?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "httpd22-manual-0:2.2.26-58.ep6.el7.x86_64", "product": { "name": "httpd22-manual-0:2.2.26-58.ep6.el7.x86_64", "product_id": "httpd22-manual-0:2.2.26-58.ep6.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/httpd22-manual@2.2.26-58.ep6.el7?arch=x86_64" } } }, { "category": "product_version", "name": "mod_ldap22-0:2.2.26-58.ep6.el7.x86_64", "product": { "name": "mod_ldap22-0:2.2.26-58.ep6.el7.x86_64", "product_id": "mod_ldap22-0:2.2.26-58.ep6.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/mod_ldap22@2.2.26-58.ep6.el7?arch=x86_64" } } }, { "category": "product_version", "name": "httpd22-0:2.2.26-58.ep6.el7.x86_64", "product": { "name": "httpd22-0:2.2.26-58.ep6.el7.x86_64", "product_id": "httpd22-0:2.2.26-58.ep6.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/httpd22@2.2.26-58.ep6.el7?arch=x86_64" } } }, { "category": "product_version", "name": "httpd22-debuginfo-0:2.2.26-58.ep6.el7.x86_64", "product": { "name": "httpd22-debuginfo-0:2.2.26-58.ep6.el7.x86_64", "product_id": "httpd22-debuginfo-0:2.2.26-58.ep6.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/httpd22-debuginfo@2.2.26-58.ep6.el7?arch=x86_64" } } }, { "category": "product_version", "name": "httpd22-tools-0:2.2.26-58.ep6.el7.x86_64", "product": { "name": "httpd22-tools-0:2.2.26-58.ep6.el7.x86_64", "product_id": "httpd22-tools-0:2.2.26-58.ep6.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/httpd22-tools@2.2.26-58.ep6.el7?arch=x86_64" } } }, { "category": "product_version", "name": "httpd22-devel-0:2.2.26-58.ep6.el7.x86_64", "product": { "name": "httpd22-devel-0:2.2.26-58.ep6.el7.x86_64", "product_id": "httpd22-devel-0:2.2.26-58.ep6.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/httpd22-devel@2.2.26-58.ep6.el7?arch=x86_64" } } }, { "category": "product_version", "name": "mod_cluster-native-debuginfo-0:1.2.13-9.Final_redhat_2.ep6.el7.x86_64", "product": { "name": "mod_cluster-native-debuginfo-0:1.2.13-9.Final_redhat_2.ep6.el7.x86_64", "product_id": "mod_cluster-native-debuginfo-0:1.2.13-9.Final_redhat_2.ep6.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/mod_cluster-native-debuginfo@1.2.13-9.Final_redhat_2.ep6.el7?arch=x86_64" } } }, { "category": "product_version", "name": "mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el7.x86_64", "product": { "name": "mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el7.x86_64", "product_id": "mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/mod_cluster-native@1.2.13-9.Final_redhat_2.ep6.el7?arch=x86_64" } } } ], "category": "architecture", "name": "x86_64" }, { "branches": [ { "category": "product_version", "name": "jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el6.ppc64", "product": { "name": "jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el6.ppc64", "product_id": "jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el6.ppc64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-openssl-static@1.0.2h-14.jbcs.el6?arch=ppc64\u0026epoch=1" } } }, { "category": "product_version", "name": "jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el6.ppc64", "product": { "name": "jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el6.ppc64", "product_id": "jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el6.ppc64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-openssl-libs@1.0.2h-14.jbcs.el6?arch=ppc64\u0026epoch=1" } } }, { "category": "product_version", "name": "jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el6.ppc64", "product": { "name": "jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el6.ppc64", "product_id": "jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el6.ppc64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-openssl-perl@1.0.2h-14.jbcs.el6?arch=ppc64\u0026epoch=1" } } }, { "category": "product_version", "name": "jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.ppc64", "product": { "name": "jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.ppc64", "product_id": "jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.ppc64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-openssl@1.0.2h-14.jbcs.el6?arch=ppc64\u0026epoch=1" } } }, { "category": "product_version", "name": "jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el6.ppc64", "product": { "name": "jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el6.ppc64", "product_id": "jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el6.ppc64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-openssl-debuginfo@1.0.2h-14.jbcs.el6?arch=ppc64\u0026epoch=1" } } }, { "category": "product_version", "name": "jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el6.ppc64", "product": { "name": "jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el6.ppc64", "product_id": "jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el6.ppc64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-openssl-devel@1.0.2h-14.jbcs.el6?arch=ppc64\u0026epoch=1" } } }, { "category": "product_version", "name": "mod_cluster-native-debuginfo-0:1.2.13-9.Final_redhat_2.ep6.el6.ppc64", "product": { "name": "mod_cluster-native-debuginfo-0:1.2.13-9.Final_redhat_2.ep6.el6.ppc64", "product_id": "mod_cluster-native-debuginfo-0:1.2.13-9.Final_redhat_2.ep6.el6.ppc64", "product_identification_helper": { "purl": "pkg:rpm/redhat/mod_cluster-native-debuginfo@1.2.13-9.Final_redhat_2.ep6.el6?arch=ppc64" } } }, { "category": "product_version", "name": "mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el6.ppc64", "product": { "name": "mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el6.ppc64", "product_id": "mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el6.ppc64", "product_identification_helper": { "purl": "pkg:rpm/redhat/mod_cluster-native@1.2.13-9.Final_redhat_2.ep6.el6?arch=ppc64" } } }, { "category": "product_version", "name": "httpd-0:2.2.26-57.ep6.el6.ppc64", "product": { "name": "httpd-0:2.2.26-57.ep6.el6.ppc64", "product_id": "httpd-0:2.2.26-57.ep6.el6.ppc64", "product_identification_helper": { "purl": "pkg:rpm/redhat/httpd@2.2.26-57.ep6.el6?arch=ppc64" } } }, { "category": "product_version", "name": "httpd-debuginfo-0:2.2.26-57.ep6.el6.ppc64", "product": { "name": "httpd-debuginfo-0:2.2.26-57.ep6.el6.ppc64", "product_id": "httpd-debuginfo-0:2.2.26-57.ep6.el6.ppc64", "product_identification_helper": { "purl": "pkg:rpm/redhat/httpd-debuginfo@2.2.26-57.ep6.el6?arch=ppc64" } } }, { "category": "product_version", "name": "mod_ldap-0:2.2.26-57.ep6.el6.ppc64", "product": { "name": "mod_ldap-0:2.2.26-57.ep6.el6.ppc64", "product_id": "mod_ldap-0:2.2.26-57.ep6.el6.ppc64", "product_identification_helper": { "purl": "pkg:rpm/redhat/mod_ldap@2.2.26-57.ep6.el6?arch=ppc64" } } }, { "category": "product_version", "name": "httpd-tools-0:2.2.26-57.ep6.el6.ppc64", "product": { "name": "httpd-tools-0:2.2.26-57.ep6.el6.ppc64", "product_id": "httpd-tools-0:2.2.26-57.ep6.el6.ppc64", "product_identification_helper": { "purl": "pkg:rpm/redhat/httpd-tools@2.2.26-57.ep6.el6?arch=ppc64" } } }, { "category": "product_version", "name": "httpd-devel-0:2.2.26-57.ep6.el6.ppc64", "product": { "name": "httpd-devel-0:2.2.26-57.ep6.el6.ppc64", "product_id": "httpd-devel-0:2.2.26-57.ep6.el6.ppc64", "product_identification_helper": { "purl": "pkg:rpm/redhat/httpd-devel@2.2.26-57.ep6.el6?arch=ppc64" } } }, { "category": "product_version", "name": "mod_ssl-1:2.2.26-57.ep6.el6.ppc64", "product": { "name": "mod_ssl-1:2.2.26-57.ep6.el6.ppc64", "product_id": "mod_ssl-1:2.2.26-57.ep6.el6.ppc64", "product_identification_helper": { "purl": "pkg:rpm/redhat/mod_ssl@2.2.26-57.ep6.el6?arch=ppc64\u0026epoch=1" } } }, { "category": "product_version", "name": "httpd-manual-0:2.2.26-57.ep6.el6.ppc64", "product": { "name": "httpd-manual-0:2.2.26-57.ep6.el6.ppc64", "product_id": "httpd-manual-0:2.2.26-57.ep6.el6.ppc64", "product_identification_helper": { "purl": "pkg:rpm/redhat/httpd-manual@2.2.26-57.ep6.el6?arch=ppc64" } } }, { "category": "product_version", "name": "jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el7.ppc64", "product": { "name": "jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el7.ppc64", "product_id": "jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el7.ppc64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-openssl-static@1.0.2h-14.jbcs.el7?arch=ppc64\u0026epoch=1" } } }, { "category": "product_version", "name": "jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el7.ppc64", "product": { "name": "jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el7.ppc64", "product_id": "jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el7.ppc64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-openssl-libs@1.0.2h-14.jbcs.el7?arch=ppc64\u0026epoch=1" } } }, { "category": "product_version", "name": "jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el7.ppc64", "product": { "name": "jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el7.ppc64", "product_id": "jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el7.ppc64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-openssl-perl@1.0.2h-14.jbcs.el7?arch=ppc64\u0026epoch=1" } } }, { "category": "product_version", "name": "jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el7.ppc64", "product": { "name": "jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el7.ppc64", "product_id": "jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el7.ppc64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-openssl@1.0.2h-14.jbcs.el7?arch=ppc64\u0026epoch=1" } } }, { "category": "product_version", "name": "jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el7.ppc64", "product": { "name": "jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el7.ppc64", "product_id": "jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el7.ppc64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-openssl-devel@1.0.2h-14.jbcs.el7?arch=ppc64\u0026epoch=1" } } }, { "category": "product_version", "name": "jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el7.ppc64", "product": { "name": "jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el7.ppc64", "product_id": "jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el7.ppc64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-openssl-debuginfo@1.0.2h-14.jbcs.el7?arch=ppc64\u0026epoch=1" } } }, { "category": "product_version", "name": "mod_ssl22-1:2.2.26-58.ep6.el7.ppc64", "product": { "name": "mod_ssl22-1:2.2.26-58.ep6.el7.ppc64", "product_id": "mod_ssl22-1:2.2.26-58.ep6.el7.ppc64", "product_identification_helper": { "purl": "pkg:rpm/redhat/mod_ssl22@2.2.26-58.ep6.el7?arch=ppc64\u0026epoch=1" } } }, { "category": "product_version", "name": "httpd22-manual-0:2.2.26-58.ep6.el7.ppc64", "product": { "name": "httpd22-manual-0:2.2.26-58.ep6.el7.ppc64", "product_id": "httpd22-manual-0:2.2.26-58.ep6.el7.ppc64", "product_identification_helper": { "purl": "pkg:rpm/redhat/httpd22-manual@2.2.26-58.ep6.el7?arch=ppc64" } } }, { "category": "product_version", "name": "mod_ldap22-0:2.2.26-58.ep6.el7.ppc64", "product": { "name": "mod_ldap22-0:2.2.26-58.ep6.el7.ppc64", "product_id": "mod_ldap22-0:2.2.26-58.ep6.el7.ppc64", "product_identification_helper": { "purl": "pkg:rpm/redhat/mod_ldap22@2.2.26-58.ep6.el7?arch=ppc64" } } }, { "category": "product_version", "name": "httpd22-0:2.2.26-58.ep6.el7.ppc64", "product": { "name": "httpd22-0:2.2.26-58.ep6.el7.ppc64", "product_id": "httpd22-0:2.2.26-58.ep6.el7.ppc64", "product_identification_helper": { "purl": "pkg:rpm/redhat/httpd22@2.2.26-58.ep6.el7?arch=ppc64" } } }, { "category": "product_version", "name": "httpd22-debuginfo-0:2.2.26-58.ep6.el7.ppc64", "product": { "name": "httpd22-debuginfo-0:2.2.26-58.ep6.el7.ppc64", "product_id": "httpd22-debuginfo-0:2.2.26-58.ep6.el7.ppc64", "product_identification_helper": { "purl": "pkg:rpm/redhat/httpd22-debuginfo@2.2.26-58.ep6.el7?arch=ppc64" } } }, { "category": "product_version", "name": "httpd22-tools-0:2.2.26-58.ep6.el7.ppc64", "product": { "name": "httpd22-tools-0:2.2.26-58.ep6.el7.ppc64", "product_id": "httpd22-tools-0:2.2.26-58.ep6.el7.ppc64", "product_identification_helper": { "purl": "pkg:rpm/redhat/httpd22-tools@2.2.26-58.ep6.el7?arch=ppc64" } } }, { "category": "product_version", "name": "httpd22-devel-0:2.2.26-58.ep6.el7.ppc64", "product": { "name": "httpd22-devel-0:2.2.26-58.ep6.el7.ppc64", "product_id": "httpd22-devel-0:2.2.26-58.ep6.el7.ppc64", "product_identification_helper": { "purl": "pkg:rpm/redhat/httpd22-devel@2.2.26-58.ep6.el7?arch=ppc64" } } }, { "category": "product_version", "name": "mod_cluster-native-debuginfo-0:1.2.13-9.Final_redhat_2.ep6.el7.ppc64", "product": { "name": "mod_cluster-native-debuginfo-0:1.2.13-9.Final_redhat_2.ep6.el7.ppc64", "product_id": "mod_cluster-native-debuginfo-0:1.2.13-9.Final_redhat_2.ep6.el7.ppc64", "product_identification_helper": { "purl": "pkg:rpm/redhat/mod_cluster-native-debuginfo@1.2.13-9.Final_redhat_2.ep6.el7?arch=ppc64" } } }, { "category": "product_version", "name": "mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el7.ppc64", "product": { "name": "mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el7.ppc64", "product_id": "mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el7.ppc64", "product_identification_helper": { "purl": "pkg:rpm/redhat/mod_cluster-native@1.2.13-9.Final_redhat_2.ep6.el7?arch=ppc64" } } } ], "category": "architecture", "name": "ppc64" }, { "branches": [ { "category": "product_version", "name": "jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el6.i686", "product": { "name": "jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el6.i686", "product_id": "jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el6.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-openssl-static@1.0.2h-14.jbcs.el6?arch=i686\u0026epoch=1" } } }, { "category": "product_version", "name": "jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el6.i686", "product": { "name": "jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el6.i686", "product_id": "jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el6.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-openssl-libs@1.0.2h-14.jbcs.el6?arch=i686\u0026epoch=1" } } }, { "category": "product_version", "name": "jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el6.i686", "product": { "name": "jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el6.i686", "product_id": "jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el6.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-openssl-perl@1.0.2h-14.jbcs.el6?arch=i686\u0026epoch=1" } } }, { "category": "product_version", "name": "jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.i686", "product": { "name": "jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.i686", "product_id": "jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-openssl@1.0.2h-14.jbcs.el6?arch=i686\u0026epoch=1" } } }, { "category": "product_version", "name": "jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el6.i686", "product": { "name": "jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el6.i686", "product_id": "jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el6.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-openssl-debuginfo@1.0.2h-14.jbcs.el6?arch=i686\u0026epoch=1" } } }, { "category": "product_version", "name": "jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el6.i686", "product": { "name": "jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el6.i686", "product_id": "jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el6.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-openssl-devel@1.0.2h-14.jbcs.el6?arch=i686\u0026epoch=1" } } } ], "category": "architecture", "name": "i686" }, { "branches": [ { "category": "product_version", "name": "jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.src", "product": { "name": "jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.src", "product_id": "jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-openssl@1.0.2h-14.jbcs.el6?arch=src\u0026epoch=1" } } }, { "category": "product_version", "name": "mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el6.src", "product": { "name": "mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el6.src", "product_id": "mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el6.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/mod_cluster-native@1.2.13-9.Final_redhat_2.ep6.el6?arch=src" } } }, { "category": "product_version", "name": "httpd-0:2.2.26-57.ep6.el6.src", "product": { "name": "httpd-0:2.2.26-57.ep6.el6.src", "product_id": "httpd-0:2.2.26-57.ep6.el6.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/httpd@2.2.26-57.ep6.el6?arch=src" } } }, { "category": "product_version", "name": "jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el7.src", "product": { "name": "jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el7.src", "product_id": "jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-openssl@1.0.2h-14.jbcs.el7?arch=src\u0026epoch=1" } } }, { "category": "product_version", "name": "httpd22-0:2.2.26-58.ep6.el7.src", "product": { "name": "httpd22-0:2.2.26-58.ep6.el7.src", "product_id": "httpd22-0:2.2.26-58.ep6.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/httpd22@2.2.26-58.ep6.el7?arch=src" } } }, { "category": "product_version", "name": "mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el7.src", "product": { "name": "mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el7.src", "product_id": "mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/mod_cluster-native@1.2.13-9.Final_redhat_2.ep6.el7?arch=src" } } } ], "category": "architecture", "name": "src" }, { "branches": [ { "category": "product_version", "name": "mod_cluster-native-debuginfo-0:1.2.13-9.Final_redhat_2.ep6.el6.i386", "product": { "name": "mod_cluster-native-debuginfo-0:1.2.13-9.Final_redhat_2.ep6.el6.i386", "product_id": "mod_cluster-native-debuginfo-0:1.2.13-9.Final_redhat_2.ep6.el6.i386", "product_identification_helper": { "purl": "pkg:rpm/redhat/mod_cluster-native-debuginfo@1.2.13-9.Final_redhat_2.ep6.el6?arch=i386" } } }, { "category": "product_version", "name": "mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el6.i386", "product": { "name": "mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el6.i386", "product_id": "mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el6.i386", "product_identification_helper": { "purl": "pkg:rpm/redhat/mod_cluster-native@1.2.13-9.Final_redhat_2.ep6.el6?arch=i386" } } }, { "category": "product_version", "name": "mod_ldap-0:2.2.26-57.ep6.el6.i386", "product": { "name": "mod_ldap-0:2.2.26-57.ep6.el6.i386", "product_id": "mod_ldap-0:2.2.26-57.ep6.el6.i386", "product_identification_helper": { "purl": "pkg:rpm/redhat/mod_ldap@2.2.26-57.ep6.el6?arch=i386" } } }, { "category": "product_version", "name": "httpd-tools-0:2.2.26-57.ep6.el6.i386", "product": { "name": "httpd-tools-0:2.2.26-57.ep6.el6.i386", "product_id": "httpd-tools-0:2.2.26-57.ep6.el6.i386", "product_identification_helper": { "purl": "pkg:rpm/redhat/httpd-tools@2.2.26-57.ep6.el6?arch=i386" } } }, { "category": "product_version", "name": "httpd-devel-0:2.2.26-57.ep6.el6.i386", "product": { "name": "httpd-devel-0:2.2.26-57.ep6.el6.i386", "product_id": "httpd-devel-0:2.2.26-57.ep6.el6.i386", "product_identification_helper": { "purl": "pkg:rpm/redhat/httpd-devel@2.2.26-57.ep6.el6?arch=i386" } } }, { "category": "product_version", "name": "mod_ssl-1:2.2.26-57.ep6.el6.i386", "product": { "name": "mod_ssl-1:2.2.26-57.ep6.el6.i386", "product_id": "mod_ssl-1:2.2.26-57.ep6.el6.i386", "product_identification_helper": { "purl": "pkg:rpm/redhat/mod_ssl@2.2.26-57.ep6.el6?arch=i386\u0026epoch=1" } } }, { "category": "product_version", "name": "httpd-manual-0:2.2.26-57.ep6.el6.i386", "product": { "name": "httpd-manual-0:2.2.26-57.ep6.el6.i386", "product_id": "httpd-manual-0:2.2.26-57.ep6.el6.i386", "product_identification_helper": { "purl": "pkg:rpm/redhat/httpd-manual@2.2.26-57.ep6.el6?arch=i386" } } }, { "category": "product_version", "name": "httpd-0:2.2.26-57.ep6.el6.i386", "product": { "name": "httpd-0:2.2.26-57.ep6.el6.i386", "product_id": "httpd-0:2.2.26-57.ep6.el6.i386", "product_identification_helper": { "purl": "pkg:rpm/redhat/httpd@2.2.26-57.ep6.el6?arch=i386" } } }, { "category": "product_version", "name": "httpd-debuginfo-0:2.2.26-57.ep6.el6.i386", "product": { "name": "httpd-debuginfo-0:2.2.26-57.ep6.el6.i386", "product_id": "httpd-debuginfo-0:2.2.26-57.ep6.el6.i386", "product_identification_helper": { "purl": "pkg:rpm/redhat/httpd-debuginfo@2.2.26-57.ep6.el6?arch=i386" } } } ], "category": "architecture", "name": "i386" } ], "category": "vendor", "name": "Red Hat" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "httpd-0:2.2.26-57.ep6.el6.i386 as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:httpd-0:2.2.26-57.ep6.el6.i386" }, "product_reference": "httpd-0:2.2.26-57.ep6.el6.i386", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "httpd-0:2.2.26-57.ep6.el6.ppc64 as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:httpd-0:2.2.26-57.ep6.el6.ppc64" }, "product_reference": "httpd-0:2.2.26-57.ep6.el6.ppc64", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "httpd-0:2.2.26-57.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:httpd-0:2.2.26-57.ep6.el6.src" }, "product_reference": "httpd-0:2.2.26-57.ep6.el6.src", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "httpd-0:2.2.26-57.ep6.el6.x86_64 as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:httpd-0:2.2.26-57.ep6.el6.x86_64" }, "product_reference": "httpd-0:2.2.26-57.ep6.el6.x86_64", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "httpd-debuginfo-0:2.2.26-57.ep6.el6.i386 as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:httpd-debuginfo-0:2.2.26-57.ep6.el6.i386" }, "product_reference": "httpd-debuginfo-0:2.2.26-57.ep6.el6.i386", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "httpd-debuginfo-0:2.2.26-57.ep6.el6.ppc64 as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:httpd-debuginfo-0:2.2.26-57.ep6.el6.ppc64" }, "product_reference": "httpd-debuginfo-0:2.2.26-57.ep6.el6.ppc64", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "httpd-debuginfo-0:2.2.26-57.ep6.el6.x86_64 as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:httpd-debuginfo-0:2.2.26-57.ep6.el6.x86_64" }, "product_reference": "httpd-debuginfo-0:2.2.26-57.ep6.el6.x86_64", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "httpd-devel-0:2.2.26-57.ep6.el6.i386 as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:httpd-devel-0:2.2.26-57.ep6.el6.i386" }, "product_reference": "httpd-devel-0:2.2.26-57.ep6.el6.i386", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "httpd-devel-0:2.2.26-57.ep6.el6.ppc64 as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:httpd-devel-0:2.2.26-57.ep6.el6.ppc64" }, "product_reference": "httpd-devel-0:2.2.26-57.ep6.el6.ppc64", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "httpd-devel-0:2.2.26-57.ep6.el6.x86_64 as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:httpd-devel-0:2.2.26-57.ep6.el6.x86_64" }, "product_reference": "httpd-devel-0:2.2.26-57.ep6.el6.x86_64", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "httpd-manual-0:2.2.26-57.ep6.el6.i386 as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:httpd-manual-0:2.2.26-57.ep6.el6.i386" }, "product_reference": "httpd-manual-0:2.2.26-57.ep6.el6.i386", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "httpd-manual-0:2.2.26-57.ep6.el6.ppc64 as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:httpd-manual-0:2.2.26-57.ep6.el6.ppc64" }, "product_reference": "httpd-manual-0:2.2.26-57.ep6.el6.ppc64", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "httpd-manual-0:2.2.26-57.ep6.el6.x86_64 as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:httpd-manual-0:2.2.26-57.ep6.el6.x86_64" }, "product_reference": "httpd-manual-0:2.2.26-57.ep6.el6.x86_64", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "httpd-tools-0:2.2.26-57.ep6.el6.i386 as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:httpd-tools-0:2.2.26-57.ep6.el6.i386" }, "product_reference": "httpd-tools-0:2.2.26-57.ep6.el6.i386", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "httpd-tools-0:2.2.26-57.ep6.el6.ppc64 as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:httpd-tools-0:2.2.26-57.ep6.el6.ppc64" }, "product_reference": "httpd-tools-0:2.2.26-57.ep6.el6.ppc64", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "httpd-tools-0:2.2.26-57.ep6.el6.x86_64 as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:httpd-tools-0:2.2.26-57.ep6.el6.x86_64" }, "product_reference": "httpd-tools-0:2.2.26-57.ep6.el6.x86_64", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.i686 as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.i686" }, "product_reference": "jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.i686", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.ppc64 as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.ppc64" }, "product_reference": "jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.ppc64", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.src" }, "product_reference": "jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.src", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.x86_64 as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.x86_64" }, "product_reference": "jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.x86_64", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el6.i686 as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el6.i686" }, "product_reference": "jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el6.i686", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el6.ppc64 as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el6.ppc64" }, "product_reference": "jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el6.ppc64", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el6.x86_64 as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el6.x86_64" }, "product_reference": "jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el6.x86_64", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el6.i686 as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el6.i686" }, "product_reference": "jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el6.i686", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el6.ppc64 as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el6.ppc64" }, "product_reference": "jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el6.ppc64", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el6.x86_64 as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el6.x86_64" }, "product_reference": "jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el6.x86_64", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el6.i686 as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el6.i686" }, "product_reference": "jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el6.i686", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el6.ppc64 as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el6.ppc64" }, "product_reference": "jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el6.ppc64", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el6.x86_64 as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el6.x86_64" }, "product_reference": "jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el6.x86_64", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el6.i686 as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el6.i686" }, "product_reference": "jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el6.i686", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el6.ppc64 as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el6.ppc64" }, "product_reference": "jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el6.ppc64", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el6.x86_64 as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el6.x86_64" }, "product_reference": "jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el6.x86_64", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el6.i686 as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el6.i686" }, "product_reference": "jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el6.i686", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el6.ppc64 as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el6.ppc64" }, "product_reference": "jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el6.ppc64", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el6.x86_64 as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el6.x86_64" }, "product_reference": "jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el6.x86_64", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el6.i386 as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el6.i386" }, "product_reference": "mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el6.i386", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el6.ppc64 as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el6.ppc64" }, "product_reference": "mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el6.ppc64", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el6.src" }, "product_reference": "mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el6.src", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el6.x86_64 as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el6.x86_64" }, "product_reference": "mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el6.x86_64", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "mod_cluster-native-debuginfo-0:1.2.13-9.Final_redhat_2.ep6.el6.i386 as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:mod_cluster-native-debuginfo-0:1.2.13-9.Final_redhat_2.ep6.el6.i386" }, "product_reference": "mod_cluster-native-debuginfo-0:1.2.13-9.Final_redhat_2.ep6.el6.i386", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "mod_cluster-native-debuginfo-0:1.2.13-9.Final_redhat_2.ep6.el6.ppc64 as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:mod_cluster-native-debuginfo-0:1.2.13-9.Final_redhat_2.ep6.el6.ppc64" }, "product_reference": "mod_cluster-native-debuginfo-0:1.2.13-9.Final_redhat_2.ep6.el6.ppc64", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "mod_cluster-native-debuginfo-0:1.2.13-9.Final_redhat_2.ep6.el6.x86_64 as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:mod_cluster-native-debuginfo-0:1.2.13-9.Final_redhat_2.ep6.el6.x86_64" }, "product_reference": "mod_cluster-native-debuginfo-0:1.2.13-9.Final_redhat_2.ep6.el6.x86_64", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "mod_ldap-0:2.2.26-57.ep6.el6.i386 as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:mod_ldap-0:2.2.26-57.ep6.el6.i386" }, "product_reference": "mod_ldap-0:2.2.26-57.ep6.el6.i386", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "mod_ldap-0:2.2.26-57.ep6.el6.ppc64 as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:mod_ldap-0:2.2.26-57.ep6.el6.ppc64" }, "product_reference": "mod_ldap-0:2.2.26-57.ep6.el6.ppc64", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "mod_ldap-0:2.2.26-57.ep6.el6.x86_64 as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:mod_ldap-0:2.2.26-57.ep6.el6.x86_64" }, "product_reference": "mod_ldap-0:2.2.26-57.ep6.el6.x86_64", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "mod_ssl-1:2.2.26-57.ep6.el6.i386 as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:mod_ssl-1:2.2.26-57.ep6.el6.i386" }, "product_reference": "mod_ssl-1:2.2.26-57.ep6.el6.i386", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "mod_ssl-1:2.2.26-57.ep6.el6.ppc64 as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:mod_ssl-1:2.2.26-57.ep6.el6.ppc64" }, "product_reference": "mod_ssl-1:2.2.26-57.ep6.el6.ppc64", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "mod_ssl-1:2.2.26-57.ep6.el6.x86_64 as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:mod_ssl-1:2.2.26-57.ep6.el6.x86_64" }, "product_reference": "mod_ssl-1:2.2.26-57.ep6.el6.x86_64", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "httpd22-0:2.2.26-58.ep6.el7.ppc64 as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:httpd22-0:2.2.26-58.ep6.el7.ppc64" }, "product_reference": "httpd22-0:2.2.26-58.ep6.el7.ppc64", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "httpd22-0:2.2.26-58.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:httpd22-0:2.2.26-58.ep6.el7.src" }, "product_reference": "httpd22-0:2.2.26-58.ep6.el7.src", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "httpd22-0:2.2.26-58.ep6.el7.x86_64 as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:httpd22-0:2.2.26-58.ep6.el7.x86_64" }, "product_reference": "httpd22-0:2.2.26-58.ep6.el7.x86_64", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "httpd22-debuginfo-0:2.2.26-58.ep6.el7.ppc64 as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:httpd22-debuginfo-0:2.2.26-58.ep6.el7.ppc64" }, "product_reference": "httpd22-debuginfo-0:2.2.26-58.ep6.el7.ppc64", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "httpd22-debuginfo-0:2.2.26-58.ep6.el7.x86_64 as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:httpd22-debuginfo-0:2.2.26-58.ep6.el7.x86_64" }, "product_reference": "httpd22-debuginfo-0:2.2.26-58.ep6.el7.x86_64", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "httpd22-devel-0:2.2.26-58.ep6.el7.ppc64 as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:httpd22-devel-0:2.2.26-58.ep6.el7.ppc64" }, "product_reference": "httpd22-devel-0:2.2.26-58.ep6.el7.ppc64", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "httpd22-devel-0:2.2.26-58.ep6.el7.x86_64 as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:httpd22-devel-0:2.2.26-58.ep6.el7.x86_64" }, "product_reference": "httpd22-devel-0:2.2.26-58.ep6.el7.x86_64", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "httpd22-manual-0:2.2.26-58.ep6.el7.ppc64 as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:httpd22-manual-0:2.2.26-58.ep6.el7.ppc64" }, "product_reference": "httpd22-manual-0:2.2.26-58.ep6.el7.ppc64", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "httpd22-manual-0:2.2.26-58.ep6.el7.x86_64 as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:httpd22-manual-0:2.2.26-58.ep6.el7.x86_64" }, "product_reference": "httpd22-manual-0:2.2.26-58.ep6.el7.x86_64", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "httpd22-tools-0:2.2.26-58.ep6.el7.ppc64 as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:httpd22-tools-0:2.2.26-58.ep6.el7.ppc64" }, "product_reference": "httpd22-tools-0:2.2.26-58.ep6.el7.ppc64", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "httpd22-tools-0:2.2.26-58.ep6.el7.x86_64 as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:httpd22-tools-0:2.2.26-58.ep6.el7.x86_64" }, "product_reference": "httpd22-tools-0:2.2.26-58.ep6.el7.x86_64", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el7.ppc64 as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el7.ppc64" }, "product_reference": "jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el7.ppc64", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el7.src" }, "product_reference": "jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el7.src", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el7.x86_64 as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el7.x86_64" }, "product_reference": "jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el7.x86_64", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el7.ppc64 as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el7.ppc64" }, "product_reference": "jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el7.ppc64", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el7.x86_64 as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el7.x86_64" }, "product_reference": "jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el7.x86_64", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el7.ppc64 as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el7.ppc64" }, "product_reference": "jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el7.ppc64", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el7.x86_64 as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el7.x86_64" }, "product_reference": "jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el7.x86_64", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el7.ppc64 as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el7.ppc64" }, "product_reference": "jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el7.ppc64", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el7.x86_64 as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el7.x86_64" }, "product_reference": "jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el7.x86_64", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el7.ppc64 as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el7.ppc64" }, "product_reference": "jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el7.ppc64", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el7.x86_64 as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el7.x86_64" }, "product_reference": "jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el7.x86_64", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el7.ppc64 as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el7.ppc64" }, "product_reference": "jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el7.ppc64", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el7.x86_64 as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el7.x86_64" }, "product_reference": "jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el7.x86_64", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el7.ppc64 as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el7.ppc64" }, "product_reference": "mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el7.ppc64", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el7.src" }, "product_reference": "mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el7.src", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el7.x86_64 as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el7.x86_64" }, "product_reference": "mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el7.x86_64", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "mod_cluster-native-debuginfo-0:1.2.13-9.Final_redhat_2.ep6.el7.ppc64 as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:mod_cluster-native-debuginfo-0:1.2.13-9.Final_redhat_2.ep6.el7.ppc64" }, "product_reference": "mod_cluster-native-debuginfo-0:1.2.13-9.Final_redhat_2.ep6.el7.ppc64", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "mod_cluster-native-debuginfo-0:1.2.13-9.Final_redhat_2.ep6.el7.x86_64 as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:mod_cluster-native-debuginfo-0:1.2.13-9.Final_redhat_2.ep6.el7.x86_64" }, "product_reference": "mod_cluster-native-debuginfo-0:1.2.13-9.Final_redhat_2.ep6.el7.x86_64", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "mod_ldap22-0:2.2.26-58.ep6.el7.ppc64 as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:mod_ldap22-0:2.2.26-58.ep6.el7.ppc64" }, "product_reference": "mod_ldap22-0:2.2.26-58.ep6.el7.ppc64", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "mod_ldap22-0:2.2.26-58.ep6.el7.x86_64 as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:mod_ldap22-0:2.2.26-58.ep6.el7.x86_64" }, "product_reference": "mod_ldap22-0:2.2.26-58.ep6.el7.x86_64", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "mod_ssl22-1:2.2.26-58.ep6.el7.ppc64 as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:mod_ssl22-1:2.2.26-58.ep6.el7.ppc64" }, "product_reference": "mod_ssl22-1:2.2.26-58.ep6.el7.ppc64", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "mod_ssl22-1:2.2.26-58.ep6.el7.x86_64 as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:mod_ssl22-1:2.2.26-58.ep6.el7.x86_64" }, "product_reference": "mod_ssl22-1:2.2.26-58.ep6.el7.x86_64", "relates_to_product_reference": "7Server-JBEAP-6.4" } ] }, "vulnerabilities": [ { "acknowledgments": [ { "names": [ "OpenVPN" ] }, { "names": [ "Karthikeyan Bhargavan", "Ga\u00ebtan Leurent" ], "organization": "Inria", "summary": "Acknowledged by upstream." } ], "cve": "CVE-2016-2183", "cwe": { "id": "CWE-327", "name": "Use of a Broken or Risky Cryptographic Algorithm" }, "discovery_date": "2016-08-18T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1369383" } ], "notes": [ { "category": "description", "text": "A flaw was found in the way the DES/3DES cipher was used as part of the TLS/SSL protocol. A man-in-the-middle attacker could use this flaw to recover some plaintext data by capturing large amounts of encrypted traffic between TLS/SSL server and client if the communication used a DES/3DES based ciphersuite.", "title": "Vulnerability description" }, { "category": "summary", "text": "SSL/TLS: Birthday attack against 64-bit block ciphers (SWEET32)", "title": "Vulnerability summary" }, { "category": "other", "text": "OpenSSL security update RHSA-2016:1940 mitigates this issue by lowering priority of DES cipher suites so they are not preferred over cipher suites using AES. For compatibility reasons, DES cipher suites remain enabled by default and included in the set of cipher suites identified by the HIGH cipher string. Future updates may move them to MEDIUM or not enable them by default.\n\nNSS addressed this issue by implementing limits on the amount of plain text which can be encrypted by using the same key. Once the limit is reached, the keys will need to be re-negotiated manually. This change will be available in nss-3.27.\n\nGnuTLS is not affected by this issue, since it prioritizes AES before 3DES in the cipher list.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Server-JBEAP-6.4:httpd-0:2.2.26-57.ep6.el6.i386", "6Server-JBEAP-6.4:httpd-0:2.2.26-57.ep6.el6.ppc64", "6Server-JBEAP-6.4:httpd-0:2.2.26-57.ep6.el6.src", "6Server-JBEAP-6.4:httpd-0:2.2.26-57.ep6.el6.x86_64", "6Server-JBEAP-6.4:httpd-debuginfo-0:2.2.26-57.ep6.el6.i386", "6Server-JBEAP-6.4:httpd-debuginfo-0:2.2.26-57.ep6.el6.ppc64", "6Server-JBEAP-6.4:httpd-debuginfo-0:2.2.26-57.ep6.el6.x86_64", "6Server-JBEAP-6.4:httpd-devel-0:2.2.26-57.ep6.el6.i386", "6Server-JBEAP-6.4:httpd-devel-0:2.2.26-57.ep6.el6.ppc64", "6Server-JBEAP-6.4:httpd-devel-0:2.2.26-57.ep6.el6.x86_64", "6Server-JBEAP-6.4:httpd-manual-0:2.2.26-57.ep6.el6.i386", "6Server-JBEAP-6.4:httpd-manual-0:2.2.26-57.ep6.el6.ppc64", "6Server-JBEAP-6.4:httpd-manual-0:2.2.26-57.ep6.el6.x86_64", "6Server-JBEAP-6.4:httpd-tools-0:2.2.26-57.ep6.el6.i386", "6Server-JBEAP-6.4:httpd-tools-0:2.2.26-57.ep6.el6.ppc64", "6Server-JBEAP-6.4:httpd-tools-0:2.2.26-57.ep6.el6.x86_64", "6Server-JBEAP-6.4:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.i686", "6Server-JBEAP-6.4:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.ppc64", "6Server-JBEAP-6.4:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.src", "6Server-JBEAP-6.4:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.x86_64", "6Server-JBEAP-6.4:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el6.i686", "6Server-JBEAP-6.4:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el6.ppc64", "6Server-JBEAP-6.4:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el6.x86_64", "6Server-JBEAP-6.4:jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el6.i686", "6Server-JBEAP-6.4:jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el6.ppc64", "6Server-JBEAP-6.4:jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el6.x86_64", "6Server-JBEAP-6.4:jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el6.i686", "6Server-JBEAP-6.4:jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el6.ppc64", "6Server-JBEAP-6.4:jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el6.x86_64", "6Server-JBEAP-6.4:jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el6.i686", "6Server-JBEAP-6.4:jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el6.ppc64", "6Server-JBEAP-6.4:jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el6.x86_64", "6Server-JBEAP-6.4:jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el6.i686", "6Server-JBEAP-6.4:jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el6.ppc64", "6Server-JBEAP-6.4:jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el6.x86_64", "6Server-JBEAP-6.4:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el6.i386", "6Server-JBEAP-6.4:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el6.ppc64", "6Server-JBEAP-6.4:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el6.src", "6Server-JBEAP-6.4:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el6.x86_64", "6Server-JBEAP-6.4:mod_cluster-native-debuginfo-0:1.2.13-9.Final_redhat_2.ep6.el6.i386", "6Server-JBEAP-6.4:mod_cluster-native-debuginfo-0:1.2.13-9.Final_redhat_2.ep6.el6.ppc64", "6Server-JBEAP-6.4:mod_cluster-native-debuginfo-0:1.2.13-9.Final_redhat_2.ep6.el6.x86_64", "6Server-JBEAP-6.4:mod_ldap-0:2.2.26-57.ep6.el6.i386", "6Server-JBEAP-6.4:mod_ldap-0:2.2.26-57.ep6.el6.ppc64", "6Server-JBEAP-6.4:mod_ldap-0:2.2.26-57.ep6.el6.x86_64", "6Server-JBEAP-6.4:mod_ssl-1:2.2.26-57.ep6.el6.i386", "6Server-JBEAP-6.4:mod_ssl-1:2.2.26-57.ep6.el6.ppc64", "6Server-JBEAP-6.4:mod_ssl-1:2.2.26-57.ep6.el6.x86_64", "7Server-JBEAP-6.4:httpd22-0:2.2.26-58.ep6.el7.ppc64", "7Server-JBEAP-6.4:httpd22-0:2.2.26-58.ep6.el7.src", "7Server-JBEAP-6.4:httpd22-0:2.2.26-58.ep6.el7.x86_64", "7Server-JBEAP-6.4:httpd22-debuginfo-0:2.2.26-58.ep6.el7.ppc64", "7Server-JBEAP-6.4:httpd22-debuginfo-0:2.2.26-58.ep6.el7.x86_64", "7Server-JBEAP-6.4:httpd22-devel-0:2.2.26-58.ep6.el7.ppc64", "7Server-JBEAP-6.4:httpd22-devel-0:2.2.26-58.ep6.el7.x86_64", "7Server-JBEAP-6.4:httpd22-manual-0:2.2.26-58.ep6.el7.ppc64", "7Server-JBEAP-6.4:httpd22-manual-0:2.2.26-58.ep6.el7.x86_64", "7Server-JBEAP-6.4:httpd22-tools-0:2.2.26-58.ep6.el7.ppc64", "7Server-JBEAP-6.4:httpd22-tools-0:2.2.26-58.ep6.el7.x86_64", "7Server-JBEAP-6.4:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el7.ppc64", "7Server-JBEAP-6.4:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el7.src", "7Server-JBEAP-6.4:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el7.x86_64", "7Server-JBEAP-6.4:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el7.ppc64", "7Server-JBEAP-6.4:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el7.x86_64", "7Server-JBEAP-6.4:jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el7.ppc64", "7Server-JBEAP-6.4:jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el7.x86_64", "7Server-JBEAP-6.4:jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el7.ppc64", "7Server-JBEAP-6.4:jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el7.x86_64", "7Server-JBEAP-6.4:jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el7.ppc64", "7Server-JBEAP-6.4:jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el7.x86_64", "7Server-JBEAP-6.4:jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el7.ppc64", "7Server-JBEAP-6.4:jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el7.x86_64", "7Server-JBEAP-6.4:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el7.ppc64", "7Server-JBEAP-6.4:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el7.src", "7Server-JBEAP-6.4:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el7.x86_64", "7Server-JBEAP-6.4:mod_cluster-native-debuginfo-0:1.2.13-9.Final_redhat_2.ep6.el7.ppc64", "7Server-JBEAP-6.4:mod_cluster-native-debuginfo-0:1.2.13-9.Final_redhat_2.ep6.el7.x86_64", "7Server-JBEAP-6.4:mod_ldap22-0:2.2.26-58.ep6.el7.ppc64", "7Server-JBEAP-6.4:mod_ldap22-0:2.2.26-58.ep6.el7.x86_64", "7Server-JBEAP-6.4:mod_ssl22-1:2.2.26-58.ep6.el7.ppc64", "7Server-JBEAP-6.4:mod_ssl22-1:2.2.26-58.ep6.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2016-2183" }, { "category": "external", "summary": "RHBZ#1369383", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1369383" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2016-2183", "url": "https://www.cve.org/CVERecord?id=CVE-2016-2183" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-2183", "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-2183" }, { "category": "external", "summary": "https://access.redhat.com/articles/2548661", "url": "https://access.redhat.com/articles/2548661" }, { "category": "external", "summary": "https://access.redhat.com/errata/RHSA-2016:1940", "url": "https://access.redhat.com/errata/RHSA-2016:1940" }, { "category": "external", "summary": "https://sweet32.info/", "url": "https://sweet32.info/" } ], "release_date": "2016-08-24T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the updated packages, the httpd daemon will be restarted automatically. For the update to take effect, all services linked to the OpenSSL library must be restarted, or the system rebooted. The JBoss server process must be restarted for the update to take effect.", "product_ids": [ "6Server-JBEAP-6.4:httpd-0:2.2.26-57.ep6.el6.i386", "6Server-JBEAP-6.4:httpd-0:2.2.26-57.ep6.el6.ppc64", "6Server-JBEAP-6.4:httpd-0:2.2.26-57.ep6.el6.src", "6Server-JBEAP-6.4:httpd-0:2.2.26-57.ep6.el6.x86_64", "6Server-JBEAP-6.4:httpd-debuginfo-0:2.2.26-57.ep6.el6.i386", "6Server-JBEAP-6.4:httpd-debuginfo-0:2.2.26-57.ep6.el6.ppc64", "6Server-JBEAP-6.4:httpd-debuginfo-0:2.2.26-57.ep6.el6.x86_64", "6Server-JBEAP-6.4:httpd-devel-0:2.2.26-57.ep6.el6.i386", "6Server-JBEAP-6.4:httpd-devel-0:2.2.26-57.ep6.el6.ppc64", "6Server-JBEAP-6.4:httpd-devel-0:2.2.26-57.ep6.el6.x86_64", "6Server-JBEAP-6.4:httpd-manual-0:2.2.26-57.ep6.el6.i386", "6Server-JBEAP-6.4:httpd-manual-0:2.2.26-57.ep6.el6.ppc64", "6Server-JBEAP-6.4:httpd-manual-0:2.2.26-57.ep6.el6.x86_64", "6Server-JBEAP-6.4:httpd-tools-0:2.2.26-57.ep6.el6.i386", "6Server-JBEAP-6.4:httpd-tools-0:2.2.26-57.ep6.el6.ppc64", "6Server-JBEAP-6.4:httpd-tools-0:2.2.26-57.ep6.el6.x86_64", "6Server-JBEAP-6.4:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.i686", "6Server-JBEAP-6.4:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.ppc64", "6Server-JBEAP-6.4:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.src", "6Server-JBEAP-6.4:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.x86_64", "6Server-JBEAP-6.4:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el6.i686", "6Server-JBEAP-6.4:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el6.ppc64", "6Server-JBEAP-6.4:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el6.x86_64", "6Server-JBEAP-6.4:jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el6.i686", "6Server-JBEAP-6.4:jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el6.ppc64", "6Server-JBEAP-6.4:jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el6.x86_64", "6Server-JBEAP-6.4:jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el6.i686", "6Server-JBEAP-6.4:jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el6.ppc64", "6Server-JBEAP-6.4:jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el6.x86_64", "6Server-JBEAP-6.4:jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el6.i686", "6Server-JBEAP-6.4:jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el6.ppc64", "6Server-JBEAP-6.4:jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el6.x86_64", "6Server-JBEAP-6.4:jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el6.i686", "6Server-JBEAP-6.4:jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el6.ppc64", "6Server-JBEAP-6.4:jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el6.x86_64", "6Server-JBEAP-6.4:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el6.i386", "6Server-JBEAP-6.4:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el6.ppc64", "6Server-JBEAP-6.4:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el6.src", "6Server-JBEAP-6.4:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el6.x86_64", "6Server-JBEAP-6.4:mod_cluster-native-debuginfo-0:1.2.13-9.Final_redhat_2.ep6.el6.i386", "6Server-JBEAP-6.4:mod_cluster-native-debuginfo-0:1.2.13-9.Final_redhat_2.ep6.el6.ppc64", "6Server-JBEAP-6.4:mod_cluster-native-debuginfo-0:1.2.13-9.Final_redhat_2.ep6.el6.x86_64", "6Server-JBEAP-6.4:mod_ldap-0:2.2.26-57.ep6.el6.i386", "6Server-JBEAP-6.4:mod_ldap-0:2.2.26-57.ep6.el6.ppc64", "6Server-JBEAP-6.4:mod_ldap-0:2.2.26-57.ep6.el6.x86_64", "6Server-JBEAP-6.4:mod_ssl-1:2.2.26-57.ep6.el6.i386", "6Server-JBEAP-6.4:mod_ssl-1:2.2.26-57.ep6.el6.ppc64", "6Server-JBEAP-6.4:mod_ssl-1:2.2.26-57.ep6.el6.x86_64", "7Server-JBEAP-6.4:httpd22-0:2.2.26-58.ep6.el7.ppc64", "7Server-JBEAP-6.4:httpd22-0:2.2.26-58.ep6.el7.src", "7Server-JBEAP-6.4:httpd22-0:2.2.26-58.ep6.el7.x86_64", "7Server-JBEAP-6.4:httpd22-debuginfo-0:2.2.26-58.ep6.el7.ppc64", "7Server-JBEAP-6.4:httpd22-debuginfo-0:2.2.26-58.ep6.el7.x86_64", "7Server-JBEAP-6.4:httpd22-devel-0:2.2.26-58.ep6.el7.ppc64", "7Server-JBEAP-6.4:httpd22-devel-0:2.2.26-58.ep6.el7.x86_64", "7Server-JBEAP-6.4:httpd22-manual-0:2.2.26-58.ep6.el7.ppc64", "7Server-JBEAP-6.4:httpd22-manual-0:2.2.26-58.ep6.el7.x86_64", "7Server-JBEAP-6.4:httpd22-tools-0:2.2.26-58.ep6.el7.ppc64", "7Server-JBEAP-6.4:httpd22-tools-0:2.2.26-58.ep6.el7.x86_64", "7Server-JBEAP-6.4:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el7.ppc64", "7Server-JBEAP-6.4:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el7.src", "7Server-JBEAP-6.4:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el7.x86_64", "7Server-JBEAP-6.4:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el7.ppc64", "7Server-JBEAP-6.4:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el7.x86_64", "7Server-JBEAP-6.4:jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el7.ppc64", "7Server-JBEAP-6.4:jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el7.x86_64", "7Server-JBEAP-6.4:jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el7.ppc64", "7Server-JBEAP-6.4:jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el7.x86_64", "7Server-JBEAP-6.4:jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el7.ppc64", "7Server-JBEAP-6.4:jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el7.x86_64", "7Server-JBEAP-6.4:jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el7.ppc64", "7Server-JBEAP-6.4:jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el7.x86_64", "7Server-JBEAP-6.4:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el7.ppc64", "7Server-JBEAP-6.4:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el7.src", "7Server-JBEAP-6.4:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el7.x86_64", "7Server-JBEAP-6.4:mod_cluster-native-debuginfo-0:1.2.13-9.Final_redhat_2.ep6.el7.ppc64", "7Server-JBEAP-6.4:mod_cluster-native-debuginfo-0:1.2.13-9.Final_redhat_2.ep6.el7.x86_64", "7Server-JBEAP-6.4:mod_ldap22-0:2.2.26-58.ep6.el7.ppc64", "7Server-JBEAP-6.4:mod_ldap22-0:2.2.26-58.ep6.el7.x86_64", "7Server-JBEAP-6.4:mod_ssl22-1:2.2.26-58.ep6.el7.ppc64", "7Server-JBEAP-6.4:mod_ssl22-1:2.2.26-58.ep6.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2017:3240" }, { "category": "workaround", "details": "1.SSL/TLS configurations should prefer AES over DES. Versions of OpenSSL shipped with Red Hat Enterprise Linux 6 and 7 already do so. In the version of OpenSSL shipped with Red Hat Enterprise Linux 5, 3DES is listed below the AES-256 cipher and above the AES-128 cipher, therefore AES-256 based ciphersuite should not be disabled on the server.\n2. Servers using OpenSSL, should not disable AES-128 and AES-256 ciphersuites. Versions of Apache shipped with Red Hat Enterprise Linux use the default cipher string, in which AES is preferred over DES/3DES based ciphersuites.\n\nFor JBoss Middleware, and Java mitigations, please review this knowledge base article:\n\nhttps://access.redhat.com/articles/2598471\n\nThis can be mitigated on OpenShift Container Platform (OCP) by disabling the vulnerable TLS cipher suite in the applicable component. TLS configuration options for OCP are described here:\n\nhttps://access.redhat.com/articles/5348961", "product_ids": [ "6Server-JBEAP-6.4:httpd-0:2.2.26-57.ep6.el6.i386", "6Server-JBEAP-6.4:httpd-0:2.2.26-57.ep6.el6.ppc64", "6Server-JBEAP-6.4:httpd-0:2.2.26-57.ep6.el6.src", "6Server-JBEAP-6.4:httpd-0:2.2.26-57.ep6.el6.x86_64", "6Server-JBEAP-6.4:httpd-debuginfo-0:2.2.26-57.ep6.el6.i386", "6Server-JBEAP-6.4:httpd-debuginfo-0:2.2.26-57.ep6.el6.ppc64", "6Server-JBEAP-6.4:httpd-debuginfo-0:2.2.26-57.ep6.el6.x86_64", "6Server-JBEAP-6.4:httpd-devel-0:2.2.26-57.ep6.el6.i386", "6Server-JBEAP-6.4:httpd-devel-0:2.2.26-57.ep6.el6.ppc64", "6Server-JBEAP-6.4:httpd-devel-0:2.2.26-57.ep6.el6.x86_64", "6Server-JBEAP-6.4:httpd-manual-0:2.2.26-57.ep6.el6.i386", "6Server-JBEAP-6.4:httpd-manual-0:2.2.26-57.ep6.el6.ppc64", "6Server-JBEAP-6.4:httpd-manual-0:2.2.26-57.ep6.el6.x86_64", "6Server-JBEAP-6.4:httpd-tools-0:2.2.26-57.ep6.el6.i386", "6Server-JBEAP-6.4:httpd-tools-0:2.2.26-57.ep6.el6.ppc64", "6Server-JBEAP-6.4:httpd-tools-0:2.2.26-57.ep6.el6.x86_64", "6Server-JBEAP-6.4:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.i686", "6Server-JBEAP-6.4:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.ppc64", "6Server-JBEAP-6.4:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.src", "6Server-JBEAP-6.4:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.x86_64", "6Server-JBEAP-6.4:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el6.i686", "6Server-JBEAP-6.4:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el6.ppc64", "6Server-JBEAP-6.4:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el6.x86_64", "6Server-JBEAP-6.4:jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el6.i686", "6Server-JBEAP-6.4:jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el6.ppc64", "6Server-JBEAP-6.4:jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el6.x86_64", "6Server-JBEAP-6.4:jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el6.i686", "6Server-JBEAP-6.4:jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el6.ppc64", "6Server-JBEAP-6.4:jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el6.x86_64", "6Server-JBEAP-6.4:jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el6.i686", "6Server-JBEAP-6.4:jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el6.ppc64", "6Server-JBEAP-6.4:jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el6.x86_64", "6Server-JBEAP-6.4:jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el6.i686", "6Server-JBEAP-6.4:jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el6.ppc64", "6Server-JBEAP-6.4:jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el6.x86_64", "6Server-JBEAP-6.4:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el6.i386", "6Server-JBEAP-6.4:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el6.ppc64", "6Server-JBEAP-6.4:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el6.src", "6Server-JBEAP-6.4:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el6.x86_64", "6Server-JBEAP-6.4:mod_cluster-native-debuginfo-0:1.2.13-9.Final_redhat_2.ep6.el6.i386", "6Server-JBEAP-6.4:mod_cluster-native-debuginfo-0:1.2.13-9.Final_redhat_2.ep6.el6.ppc64", "6Server-JBEAP-6.4:mod_cluster-native-debuginfo-0:1.2.13-9.Final_redhat_2.ep6.el6.x86_64", "6Server-JBEAP-6.4:mod_ldap-0:2.2.26-57.ep6.el6.i386", "6Server-JBEAP-6.4:mod_ldap-0:2.2.26-57.ep6.el6.ppc64", "6Server-JBEAP-6.4:mod_ldap-0:2.2.26-57.ep6.el6.x86_64", "6Server-JBEAP-6.4:mod_ssl-1:2.2.26-57.ep6.el6.i386", "6Server-JBEAP-6.4:mod_ssl-1:2.2.26-57.ep6.el6.ppc64", "6Server-JBEAP-6.4:mod_ssl-1:2.2.26-57.ep6.el6.x86_64", "7Server-JBEAP-6.4:httpd22-0:2.2.26-58.ep6.el7.ppc64", "7Server-JBEAP-6.4:httpd22-0:2.2.26-58.ep6.el7.src", "7Server-JBEAP-6.4:httpd22-0:2.2.26-58.ep6.el7.x86_64", "7Server-JBEAP-6.4:httpd22-debuginfo-0:2.2.26-58.ep6.el7.ppc64", "7Server-JBEAP-6.4:httpd22-debuginfo-0:2.2.26-58.ep6.el7.x86_64", "7Server-JBEAP-6.4:httpd22-devel-0:2.2.26-58.ep6.el7.ppc64", "7Server-JBEAP-6.4:httpd22-devel-0:2.2.26-58.ep6.el7.x86_64", "7Server-JBEAP-6.4:httpd22-manual-0:2.2.26-58.ep6.el7.ppc64", "7Server-JBEAP-6.4:httpd22-manual-0:2.2.26-58.ep6.el7.x86_64", "7Server-JBEAP-6.4:httpd22-tools-0:2.2.26-58.ep6.el7.ppc64", "7Server-JBEAP-6.4:httpd22-tools-0:2.2.26-58.ep6.el7.x86_64", "7Server-JBEAP-6.4:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el7.ppc64", "7Server-JBEAP-6.4:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el7.src", "7Server-JBEAP-6.4:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el7.x86_64", "7Server-JBEAP-6.4:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el7.ppc64", "7Server-JBEAP-6.4:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el7.x86_64", "7Server-JBEAP-6.4:jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el7.ppc64", "7Server-JBEAP-6.4:jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el7.x86_64", "7Server-JBEAP-6.4:jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el7.ppc64", "7Server-JBEAP-6.4:jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el7.x86_64", "7Server-JBEAP-6.4:jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el7.ppc64", "7Server-JBEAP-6.4:jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el7.x86_64", "7Server-JBEAP-6.4:jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el7.ppc64", "7Server-JBEAP-6.4:jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el7.x86_64", "7Server-JBEAP-6.4:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el7.ppc64", "7Server-JBEAP-6.4:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el7.src", "7Server-JBEAP-6.4:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el7.x86_64", "7Server-JBEAP-6.4:mod_cluster-native-debuginfo-0:1.2.13-9.Final_redhat_2.ep6.el7.ppc64", "7Server-JBEAP-6.4:mod_cluster-native-debuginfo-0:1.2.13-9.Final_redhat_2.ep6.el7.x86_64", "7Server-JBEAP-6.4:mod_ldap22-0:2.2.26-58.ep6.el7.ppc64", "7Server-JBEAP-6.4:mod_ldap22-0:2.2.26-58.ep6.el7.x86_64", "7Server-JBEAP-6.4:mod_ssl22-1:2.2.26-58.ep6.el7.ppc64", "7Server-JBEAP-6.4:mod_ssl22-1:2.2.26-58.ep6.el7.x86_64" ] } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0" }, "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.0" }, "products": [ "6Server-JBEAP-6.4:httpd-0:2.2.26-57.ep6.el6.i386", "6Server-JBEAP-6.4:httpd-0:2.2.26-57.ep6.el6.ppc64", "6Server-JBEAP-6.4:httpd-0:2.2.26-57.ep6.el6.src", "6Server-JBEAP-6.4:httpd-0:2.2.26-57.ep6.el6.x86_64", "6Server-JBEAP-6.4:httpd-debuginfo-0:2.2.26-57.ep6.el6.i386", "6Server-JBEAP-6.4:httpd-debuginfo-0:2.2.26-57.ep6.el6.ppc64", "6Server-JBEAP-6.4:httpd-debuginfo-0:2.2.26-57.ep6.el6.x86_64", "6Server-JBEAP-6.4:httpd-devel-0:2.2.26-57.ep6.el6.i386", "6Server-JBEAP-6.4:httpd-devel-0:2.2.26-57.ep6.el6.ppc64", "6Server-JBEAP-6.4:httpd-devel-0:2.2.26-57.ep6.el6.x86_64", "6Server-JBEAP-6.4:httpd-manual-0:2.2.26-57.ep6.el6.i386", "6Server-JBEAP-6.4:httpd-manual-0:2.2.26-57.ep6.el6.ppc64", "6Server-JBEAP-6.4:httpd-manual-0:2.2.26-57.ep6.el6.x86_64", "6Server-JBEAP-6.4:httpd-tools-0:2.2.26-57.ep6.el6.i386", "6Server-JBEAP-6.4:httpd-tools-0:2.2.26-57.ep6.el6.ppc64", "6Server-JBEAP-6.4:httpd-tools-0:2.2.26-57.ep6.el6.x86_64", "6Server-JBEAP-6.4:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.i686", "6Server-JBEAP-6.4:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.ppc64", "6Server-JBEAP-6.4:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.src", "6Server-JBEAP-6.4:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.x86_64", "6Server-JBEAP-6.4:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el6.i686", "6Server-JBEAP-6.4:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el6.ppc64", "6Server-JBEAP-6.4:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el6.x86_64", "6Server-JBEAP-6.4:jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el6.i686", "6Server-JBEAP-6.4:jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el6.ppc64", "6Server-JBEAP-6.4:jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el6.x86_64", "6Server-JBEAP-6.4:jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el6.i686", "6Server-JBEAP-6.4:jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el6.ppc64", "6Server-JBEAP-6.4:jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el6.x86_64", "6Server-JBEAP-6.4:jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el6.i686", "6Server-JBEAP-6.4:jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el6.ppc64", "6Server-JBEAP-6.4:jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el6.x86_64", "6Server-JBEAP-6.4:jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el6.i686", "6Server-JBEAP-6.4:jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el6.ppc64", "6Server-JBEAP-6.4:jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el6.x86_64", "6Server-JBEAP-6.4:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el6.i386", "6Server-JBEAP-6.4:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el6.ppc64", "6Server-JBEAP-6.4:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el6.src", "6Server-JBEAP-6.4:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el6.x86_64", "6Server-JBEAP-6.4:mod_cluster-native-debuginfo-0:1.2.13-9.Final_redhat_2.ep6.el6.i386", "6Server-JBEAP-6.4:mod_cluster-native-debuginfo-0:1.2.13-9.Final_redhat_2.ep6.el6.ppc64", "6Server-JBEAP-6.4:mod_cluster-native-debuginfo-0:1.2.13-9.Final_redhat_2.ep6.el6.x86_64", "6Server-JBEAP-6.4:mod_ldap-0:2.2.26-57.ep6.el6.i386", "6Server-JBEAP-6.4:mod_ldap-0:2.2.26-57.ep6.el6.ppc64", "6Server-JBEAP-6.4:mod_ldap-0:2.2.26-57.ep6.el6.x86_64", "6Server-JBEAP-6.4:mod_ssl-1:2.2.26-57.ep6.el6.i386", "6Server-JBEAP-6.4:mod_ssl-1:2.2.26-57.ep6.el6.ppc64", "6Server-JBEAP-6.4:mod_ssl-1:2.2.26-57.ep6.el6.x86_64", "7Server-JBEAP-6.4:httpd22-0:2.2.26-58.ep6.el7.ppc64", "7Server-JBEAP-6.4:httpd22-0:2.2.26-58.ep6.el7.src", "7Server-JBEAP-6.4:httpd22-0:2.2.26-58.ep6.el7.x86_64", "7Server-JBEAP-6.4:httpd22-debuginfo-0:2.2.26-58.ep6.el7.ppc64", "7Server-JBEAP-6.4:httpd22-debuginfo-0:2.2.26-58.ep6.el7.x86_64", "7Server-JBEAP-6.4:httpd22-devel-0:2.2.26-58.ep6.el7.ppc64", "7Server-JBEAP-6.4:httpd22-devel-0:2.2.26-58.ep6.el7.x86_64", "7Server-JBEAP-6.4:httpd22-manual-0:2.2.26-58.ep6.el7.ppc64", "7Server-JBEAP-6.4:httpd22-manual-0:2.2.26-58.ep6.el7.x86_64", "7Server-JBEAP-6.4:httpd22-tools-0:2.2.26-58.ep6.el7.ppc64", "7Server-JBEAP-6.4:httpd22-tools-0:2.2.26-58.ep6.el7.x86_64", "7Server-JBEAP-6.4:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el7.ppc64", "7Server-JBEAP-6.4:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el7.src", "7Server-JBEAP-6.4:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el7.x86_64", "7Server-JBEAP-6.4:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el7.ppc64", "7Server-JBEAP-6.4:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el7.x86_64", "7Server-JBEAP-6.4:jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el7.ppc64", "7Server-JBEAP-6.4:jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el7.x86_64", "7Server-JBEAP-6.4:jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el7.ppc64", "7Server-JBEAP-6.4:jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el7.x86_64", "7Server-JBEAP-6.4:jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el7.ppc64", "7Server-JBEAP-6.4:jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el7.x86_64", "7Server-JBEAP-6.4:jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el7.ppc64", "7Server-JBEAP-6.4:jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el7.x86_64", "7Server-JBEAP-6.4:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el7.ppc64", "7Server-JBEAP-6.4:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el7.src", "7Server-JBEAP-6.4:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el7.x86_64", "7Server-JBEAP-6.4:mod_cluster-native-debuginfo-0:1.2.13-9.Final_redhat_2.ep6.el7.ppc64", "7Server-JBEAP-6.4:mod_cluster-native-debuginfo-0:1.2.13-9.Final_redhat_2.ep6.el7.x86_64", "7Server-JBEAP-6.4:mod_ldap22-0:2.2.26-58.ep6.el7.ppc64", "7Server-JBEAP-6.4:mod_ldap22-0:2.2.26-58.ep6.el7.x86_64", "7Server-JBEAP-6.4:mod_ssl22-1:2.2.26-58.ep6.el7.ppc64", "7Server-JBEAP-6.4:mod_ssl22-1:2.2.26-58.ep6.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "SSL/TLS: Birthday attack against 64-bit block ciphers (SWEET32)" }, { "cve": "CVE-2017-9788", "cwe": { "id": "CWE-456", "name": "Missing Initialization of a Variable" }, "discovery_date": "2017-07-13T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1470748" } ], "notes": [ { "category": "description", "text": "It was discovered that the httpd\u0027s mod_auth_digest module did not properly initialize memory before using it when processing certain headers related to digest authentication. A remote attacker could possibly use this flaw to disclose potentially sensitive information or cause httpd child process to crash by sending specially crafted requests to a server.", "title": "Vulnerability description" }, { "category": "summary", "text": "httpd: Uninitialized memory reflection in mod_auth_digest", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Server-JBEAP-6.4:httpd-0:2.2.26-57.ep6.el6.i386", "6Server-JBEAP-6.4:httpd-0:2.2.26-57.ep6.el6.ppc64", "6Server-JBEAP-6.4:httpd-0:2.2.26-57.ep6.el6.src", "6Server-JBEAP-6.4:httpd-0:2.2.26-57.ep6.el6.x86_64", "6Server-JBEAP-6.4:httpd-debuginfo-0:2.2.26-57.ep6.el6.i386", "6Server-JBEAP-6.4:httpd-debuginfo-0:2.2.26-57.ep6.el6.ppc64", "6Server-JBEAP-6.4:httpd-debuginfo-0:2.2.26-57.ep6.el6.x86_64", "6Server-JBEAP-6.4:httpd-devel-0:2.2.26-57.ep6.el6.i386", "6Server-JBEAP-6.4:httpd-devel-0:2.2.26-57.ep6.el6.ppc64", "6Server-JBEAP-6.4:httpd-devel-0:2.2.26-57.ep6.el6.x86_64", "6Server-JBEAP-6.4:httpd-manual-0:2.2.26-57.ep6.el6.i386", "6Server-JBEAP-6.4:httpd-manual-0:2.2.26-57.ep6.el6.ppc64", "6Server-JBEAP-6.4:httpd-manual-0:2.2.26-57.ep6.el6.x86_64", "6Server-JBEAP-6.4:httpd-tools-0:2.2.26-57.ep6.el6.i386", "6Server-JBEAP-6.4:httpd-tools-0:2.2.26-57.ep6.el6.ppc64", "6Server-JBEAP-6.4:httpd-tools-0:2.2.26-57.ep6.el6.x86_64", "6Server-JBEAP-6.4:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.i686", "6Server-JBEAP-6.4:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.ppc64", "6Server-JBEAP-6.4:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.src", "6Server-JBEAP-6.4:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.x86_64", "6Server-JBEAP-6.4:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el6.i686", "6Server-JBEAP-6.4:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el6.ppc64", "6Server-JBEAP-6.4:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el6.x86_64", "6Server-JBEAP-6.4:jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el6.i686", "6Server-JBEAP-6.4:jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el6.ppc64", "6Server-JBEAP-6.4:jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el6.x86_64", "6Server-JBEAP-6.4:jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el6.i686", "6Server-JBEAP-6.4:jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el6.ppc64", "6Server-JBEAP-6.4:jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el6.x86_64", "6Server-JBEAP-6.4:jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el6.i686", "6Server-JBEAP-6.4:jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el6.ppc64", "6Server-JBEAP-6.4:jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el6.x86_64", "6Server-JBEAP-6.4:jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el6.i686", "6Server-JBEAP-6.4:jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el6.ppc64", "6Server-JBEAP-6.4:jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el6.x86_64", "6Server-JBEAP-6.4:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el6.i386", "6Server-JBEAP-6.4:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el6.ppc64", "6Server-JBEAP-6.4:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el6.src", "6Server-JBEAP-6.4:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el6.x86_64", "6Server-JBEAP-6.4:mod_cluster-native-debuginfo-0:1.2.13-9.Final_redhat_2.ep6.el6.i386", "6Server-JBEAP-6.4:mod_cluster-native-debuginfo-0:1.2.13-9.Final_redhat_2.ep6.el6.ppc64", "6Server-JBEAP-6.4:mod_cluster-native-debuginfo-0:1.2.13-9.Final_redhat_2.ep6.el6.x86_64", "6Server-JBEAP-6.4:mod_ldap-0:2.2.26-57.ep6.el6.i386", "6Server-JBEAP-6.4:mod_ldap-0:2.2.26-57.ep6.el6.ppc64", "6Server-JBEAP-6.4:mod_ldap-0:2.2.26-57.ep6.el6.x86_64", "6Server-JBEAP-6.4:mod_ssl-1:2.2.26-57.ep6.el6.i386", "6Server-JBEAP-6.4:mod_ssl-1:2.2.26-57.ep6.el6.ppc64", "6Server-JBEAP-6.4:mod_ssl-1:2.2.26-57.ep6.el6.x86_64", "7Server-JBEAP-6.4:httpd22-0:2.2.26-58.ep6.el7.ppc64", "7Server-JBEAP-6.4:httpd22-0:2.2.26-58.ep6.el7.src", "7Server-JBEAP-6.4:httpd22-0:2.2.26-58.ep6.el7.x86_64", "7Server-JBEAP-6.4:httpd22-debuginfo-0:2.2.26-58.ep6.el7.ppc64", "7Server-JBEAP-6.4:httpd22-debuginfo-0:2.2.26-58.ep6.el7.x86_64", "7Server-JBEAP-6.4:httpd22-devel-0:2.2.26-58.ep6.el7.ppc64", "7Server-JBEAP-6.4:httpd22-devel-0:2.2.26-58.ep6.el7.x86_64", "7Server-JBEAP-6.4:httpd22-manual-0:2.2.26-58.ep6.el7.ppc64", "7Server-JBEAP-6.4:httpd22-manual-0:2.2.26-58.ep6.el7.x86_64", "7Server-JBEAP-6.4:httpd22-tools-0:2.2.26-58.ep6.el7.ppc64", "7Server-JBEAP-6.4:httpd22-tools-0:2.2.26-58.ep6.el7.x86_64", "7Server-JBEAP-6.4:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el7.ppc64", "7Server-JBEAP-6.4:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el7.src", "7Server-JBEAP-6.4:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el7.x86_64", "7Server-JBEAP-6.4:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el7.ppc64", "7Server-JBEAP-6.4:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el7.x86_64", "7Server-JBEAP-6.4:jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el7.ppc64", "7Server-JBEAP-6.4:jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el7.x86_64", "7Server-JBEAP-6.4:jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el7.ppc64", "7Server-JBEAP-6.4:jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el7.x86_64", "7Server-JBEAP-6.4:jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el7.ppc64", "7Server-JBEAP-6.4:jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el7.x86_64", "7Server-JBEAP-6.4:jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el7.ppc64", "7Server-JBEAP-6.4:jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el7.x86_64", "7Server-JBEAP-6.4:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el7.ppc64", "7Server-JBEAP-6.4:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el7.src", "7Server-JBEAP-6.4:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el7.x86_64", "7Server-JBEAP-6.4:mod_cluster-native-debuginfo-0:1.2.13-9.Final_redhat_2.ep6.el7.ppc64", "7Server-JBEAP-6.4:mod_cluster-native-debuginfo-0:1.2.13-9.Final_redhat_2.ep6.el7.x86_64", "7Server-JBEAP-6.4:mod_ldap22-0:2.2.26-58.ep6.el7.ppc64", "7Server-JBEAP-6.4:mod_ldap22-0:2.2.26-58.ep6.el7.x86_64", "7Server-JBEAP-6.4:mod_ssl22-1:2.2.26-58.ep6.el7.ppc64", "7Server-JBEAP-6.4:mod_ssl22-1:2.2.26-58.ep6.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2017-9788" }, { "category": "external", "summary": "RHBZ#1470748", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1470748" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2017-9788", "url": "https://www.cve.org/CVERecord?id=CVE-2017-9788" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-9788", "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-9788" }, { "category": "external", "summary": "https://httpd.apache.org/security/vulnerabilities_22.html#2.2.34", "url": "https://httpd.apache.org/security/vulnerabilities_22.html#2.2.34" }, { "category": "external", "summary": "https://httpd.apache.org/security/vulnerabilities_24.html#2.4.27", "url": "https://httpd.apache.org/security/vulnerabilities_24.html#2.4.27" } ], "release_date": "2017-07-11T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the updated packages, the httpd daemon will be restarted automatically. For the update to take effect, all services linked to the OpenSSL library must be restarted, or the system rebooted. The JBoss server process must be restarted for the update to take effect.", "product_ids": [ "6Server-JBEAP-6.4:httpd-0:2.2.26-57.ep6.el6.i386", "6Server-JBEAP-6.4:httpd-0:2.2.26-57.ep6.el6.ppc64", "6Server-JBEAP-6.4:httpd-0:2.2.26-57.ep6.el6.src", "6Server-JBEAP-6.4:httpd-0:2.2.26-57.ep6.el6.x86_64", "6Server-JBEAP-6.4:httpd-debuginfo-0:2.2.26-57.ep6.el6.i386", "6Server-JBEAP-6.4:httpd-debuginfo-0:2.2.26-57.ep6.el6.ppc64", "6Server-JBEAP-6.4:httpd-debuginfo-0:2.2.26-57.ep6.el6.x86_64", "6Server-JBEAP-6.4:httpd-devel-0:2.2.26-57.ep6.el6.i386", "6Server-JBEAP-6.4:httpd-devel-0:2.2.26-57.ep6.el6.ppc64", "6Server-JBEAP-6.4:httpd-devel-0:2.2.26-57.ep6.el6.x86_64", "6Server-JBEAP-6.4:httpd-manual-0:2.2.26-57.ep6.el6.i386", "6Server-JBEAP-6.4:httpd-manual-0:2.2.26-57.ep6.el6.ppc64", "6Server-JBEAP-6.4:httpd-manual-0:2.2.26-57.ep6.el6.x86_64", "6Server-JBEAP-6.4:httpd-tools-0:2.2.26-57.ep6.el6.i386", "6Server-JBEAP-6.4:httpd-tools-0:2.2.26-57.ep6.el6.ppc64", "6Server-JBEAP-6.4:httpd-tools-0:2.2.26-57.ep6.el6.x86_64", "6Server-JBEAP-6.4:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.i686", "6Server-JBEAP-6.4:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.ppc64", "6Server-JBEAP-6.4:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.src", "6Server-JBEAP-6.4:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.x86_64", "6Server-JBEAP-6.4:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el6.i686", "6Server-JBEAP-6.4:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el6.ppc64", "6Server-JBEAP-6.4:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el6.x86_64", "6Server-JBEAP-6.4:jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el6.i686", "6Server-JBEAP-6.4:jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el6.ppc64", "6Server-JBEAP-6.4:jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el6.x86_64", "6Server-JBEAP-6.4:jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el6.i686", "6Server-JBEAP-6.4:jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el6.ppc64", "6Server-JBEAP-6.4:jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el6.x86_64", "6Server-JBEAP-6.4:jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el6.i686", "6Server-JBEAP-6.4:jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el6.ppc64", "6Server-JBEAP-6.4:jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el6.x86_64", "6Server-JBEAP-6.4:jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el6.i686", "6Server-JBEAP-6.4:jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el6.ppc64", "6Server-JBEAP-6.4:jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el6.x86_64", "6Server-JBEAP-6.4:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el6.i386", "6Server-JBEAP-6.4:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el6.ppc64", "6Server-JBEAP-6.4:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el6.src", "6Server-JBEAP-6.4:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el6.x86_64", "6Server-JBEAP-6.4:mod_cluster-native-debuginfo-0:1.2.13-9.Final_redhat_2.ep6.el6.i386", "6Server-JBEAP-6.4:mod_cluster-native-debuginfo-0:1.2.13-9.Final_redhat_2.ep6.el6.ppc64", "6Server-JBEAP-6.4:mod_cluster-native-debuginfo-0:1.2.13-9.Final_redhat_2.ep6.el6.x86_64", "6Server-JBEAP-6.4:mod_ldap-0:2.2.26-57.ep6.el6.i386", "6Server-JBEAP-6.4:mod_ldap-0:2.2.26-57.ep6.el6.ppc64", "6Server-JBEAP-6.4:mod_ldap-0:2.2.26-57.ep6.el6.x86_64", "6Server-JBEAP-6.4:mod_ssl-1:2.2.26-57.ep6.el6.i386", "6Server-JBEAP-6.4:mod_ssl-1:2.2.26-57.ep6.el6.ppc64", "6Server-JBEAP-6.4:mod_ssl-1:2.2.26-57.ep6.el6.x86_64", "7Server-JBEAP-6.4:httpd22-0:2.2.26-58.ep6.el7.ppc64", "7Server-JBEAP-6.4:httpd22-0:2.2.26-58.ep6.el7.src", "7Server-JBEAP-6.4:httpd22-0:2.2.26-58.ep6.el7.x86_64", "7Server-JBEAP-6.4:httpd22-debuginfo-0:2.2.26-58.ep6.el7.ppc64", "7Server-JBEAP-6.4:httpd22-debuginfo-0:2.2.26-58.ep6.el7.x86_64", "7Server-JBEAP-6.4:httpd22-devel-0:2.2.26-58.ep6.el7.ppc64", "7Server-JBEAP-6.4:httpd22-devel-0:2.2.26-58.ep6.el7.x86_64", "7Server-JBEAP-6.4:httpd22-manual-0:2.2.26-58.ep6.el7.ppc64", "7Server-JBEAP-6.4:httpd22-manual-0:2.2.26-58.ep6.el7.x86_64", "7Server-JBEAP-6.4:httpd22-tools-0:2.2.26-58.ep6.el7.ppc64", "7Server-JBEAP-6.4:httpd22-tools-0:2.2.26-58.ep6.el7.x86_64", "7Server-JBEAP-6.4:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el7.ppc64", "7Server-JBEAP-6.4:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el7.src", "7Server-JBEAP-6.4:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el7.x86_64", "7Server-JBEAP-6.4:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el7.ppc64", "7Server-JBEAP-6.4:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el7.x86_64", "7Server-JBEAP-6.4:jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el7.ppc64", "7Server-JBEAP-6.4:jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el7.x86_64", "7Server-JBEAP-6.4:jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el7.ppc64", "7Server-JBEAP-6.4:jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el7.x86_64", "7Server-JBEAP-6.4:jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el7.ppc64", "7Server-JBEAP-6.4:jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el7.x86_64", "7Server-JBEAP-6.4:jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el7.ppc64", "7Server-JBEAP-6.4:jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el7.x86_64", "7Server-JBEAP-6.4:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el7.ppc64", "7Server-JBEAP-6.4:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el7.src", "7Server-JBEAP-6.4:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el7.x86_64", "7Server-JBEAP-6.4:mod_cluster-native-debuginfo-0:1.2.13-9.Final_redhat_2.ep6.el7.ppc64", "7Server-JBEAP-6.4:mod_cluster-native-debuginfo-0:1.2.13-9.Final_redhat_2.ep6.el7.x86_64", "7Server-JBEAP-6.4:mod_ldap22-0:2.2.26-58.ep6.el7.ppc64", "7Server-JBEAP-6.4:mod_ldap22-0:2.2.26-58.ep6.el7.x86_64", "7Server-JBEAP-6.4:mod_ssl22-1:2.2.26-58.ep6.el7.ppc64", "7Server-JBEAP-6.4:mod_ssl22-1:2.2.26-58.ep6.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2017:3240" }, { "category": "workaround", "details": "If you do not use digest authentication, do not load the \"auth_digest_module\".\n\nFor example, on RHEL 7, this can be done by commenting out or removing the\n\"LoadModule auth_digest_module modules/mod_auth_digest.so\"\nline within the /etc/httpd/conf.modules.d/00-base.conf configuration file and restarting the service.\n\nYou can then use the \"httpd -t -D DUMP_MODULES\" command to verify that the module is no longer loaded.", "product_ids": [ "6Server-JBEAP-6.4:httpd-0:2.2.26-57.ep6.el6.i386", "6Server-JBEAP-6.4:httpd-0:2.2.26-57.ep6.el6.ppc64", "6Server-JBEAP-6.4:httpd-0:2.2.26-57.ep6.el6.src", "6Server-JBEAP-6.4:httpd-0:2.2.26-57.ep6.el6.x86_64", "6Server-JBEAP-6.4:httpd-debuginfo-0:2.2.26-57.ep6.el6.i386", "6Server-JBEAP-6.4:httpd-debuginfo-0:2.2.26-57.ep6.el6.ppc64", "6Server-JBEAP-6.4:httpd-debuginfo-0:2.2.26-57.ep6.el6.x86_64", "6Server-JBEAP-6.4:httpd-devel-0:2.2.26-57.ep6.el6.i386", "6Server-JBEAP-6.4:httpd-devel-0:2.2.26-57.ep6.el6.ppc64", "6Server-JBEAP-6.4:httpd-devel-0:2.2.26-57.ep6.el6.x86_64", "6Server-JBEAP-6.4:httpd-manual-0:2.2.26-57.ep6.el6.i386", "6Server-JBEAP-6.4:httpd-manual-0:2.2.26-57.ep6.el6.ppc64", "6Server-JBEAP-6.4:httpd-manual-0:2.2.26-57.ep6.el6.x86_64", "6Server-JBEAP-6.4:httpd-tools-0:2.2.26-57.ep6.el6.i386", "6Server-JBEAP-6.4:httpd-tools-0:2.2.26-57.ep6.el6.ppc64", "6Server-JBEAP-6.4:httpd-tools-0:2.2.26-57.ep6.el6.x86_64", "6Server-JBEAP-6.4:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.i686", "6Server-JBEAP-6.4:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.ppc64", "6Server-JBEAP-6.4:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.src", "6Server-JBEAP-6.4:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.x86_64", "6Server-JBEAP-6.4:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el6.i686", "6Server-JBEAP-6.4:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el6.ppc64", "6Server-JBEAP-6.4:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el6.x86_64", "6Server-JBEAP-6.4:jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el6.i686", "6Server-JBEAP-6.4:jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el6.ppc64", "6Server-JBEAP-6.4:jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el6.x86_64", "6Server-JBEAP-6.4:jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el6.i686", "6Server-JBEAP-6.4:jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el6.ppc64", "6Server-JBEAP-6.4:jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el6.x86_64", "6Server-JBEAP-6.4:jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el6.i686", "6Server-JBEAP-6.4:jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el6.ppc64", "6Server-JBEAP-6.4:jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el6.x86_64", "6Server-JBEAP-6.4:jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el6.i686", "6Server-JBEAP-6.4:jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el6.ppc64", "6Server-JBEAP-6.4:jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el6.x86_64", "6Server-JBEAP-6.4:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el6.i386", "6Server-JBEAP-6.4:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el6.ppc64", "6Server-JBEAP-6.4:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el6.src", "6Server-JBEAP-6.4:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el6.x86_64", "6Server-JBEAP-6.4:mod_cluster-native-debuginfo-0:1.2.13-9.Final_redhat_2.ep6.el6.i386", "6Server-JBEAP-6.4:mod_cluster-native-debuginfo-0:1.2.13-9.Final_redhat_2.ep6.el6.ppc64", "6Server-JBEAP-6.4:mod_cluster-native-debuginfo-0:1.2.13-9.Final_redhat_2.ep6.el6.x86_64", "6Server-JBEAP-6.4:mod_ldap-0:2.2.26-57.ep6.el6.i386", "6Server-JBEAP-6.4:mod_ldap-0:2.2.26-57.ep6.el6.ppc64", "6Server-JBEAP-6.4:mod_ldap-0:2.2.26-57.ep6.el6.x86_64", "6Server-JBEAP-6.4:mod_ssl-1:2.2.26-57.ep6.el6.i386", "6Server-JBEAP-6.4:mod_ssl-1:2.2.26-57.ep6.el6.ppc64", "6Server-JBEAP-6.4:mod_ssl-1:2.2.26-57.ep6.el6.x86_64", "7Server-JBEAP-6.4:httpd22-0:2.2.26-58.ep6.el7.ppc64", "7Server-JBEAP-6.4:httpd22-0:2.2.26-58.ep6.el7.src", "7Server-JBEAP-6.4:httpd22-0:2.2.26-58.ep6.el7.x86_64", "7Server-JBEAP-6.4:httpd22-debuginfo-0:2.2.26-58.ep6.el7.ppc64", "7Server-JBEAP-6.4:httpd22-debuginfo-0:2.2.26-58.ep6.el7.x86_64", "7Server-JBEAP-6.4:httpd22-devel-0:2.2.26-58.ep6.el7.ppc64", "7Server-JBEAP-6.4:httpd22-devel-0:2.2.26-58.ep6.el7.x86_64", "7Server-JBEAP-6.4:httpd22-manual-0:2.2.26-58.ep6.el7.ppc64", "7Server-JBEAP-6.4:httpd22-manual-0:2.2.26-58.ep6.el7.x86_64", "7Server-JBEAP-6.4:httpd22-tools-0:2.2.26-58.ep6.el7.ppc64", "7Server-JBEAP-6.4:httpd22-tools-0:2.2.26-58.ep6.el7.x86_64", "7Server-JBEAP-6.4:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el7.ppc64", "7Server-JBEAP-6.4:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el7.src", "7Server-JBEAP-6.4:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el7.x86_64", "7Server-JBEAP-6.4:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el7.ppc64", "7Server-JBEAP-6.4:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el7.x86_64", "7Server-JBEAP-6.4:jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el7.ppc64", "7Server-JBEAP-6.4:jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el7.x86_64", "7Server-JBEAP-6.4:jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el7.ppc64", "7Server-JBEAP-6.4:jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el7.x86_64", "7Server-JBEAP-6.4:jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el7.ppc64", "7Server-JBEAP-6.4:jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el7.x86_64", "7Server-JBEAP-6.4:jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el7.ppc64", "7Server-JBEAP-6.4:jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el7.x86_64", "7Server-JBEAP-6.4:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el7.ppc64", "7Server-JBEAP-6.4:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el7.src", "7Server-JBEAP-6.4:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el7.x86_64", "7Server-JBEAP-6.4:mod_cluster-native-debuginfo-0:1.2.13-9.Final_redhat_2.ep6.el7.ppc64", "7Server-JBEAP-6.4:mod_cluster-native-debuginfo-0:1.2.13-9.Final_redhat_2.ep6.el7.x86_64", "7Server-JBEAP-6.4:mod_ldap22-0:2.2.26-58.ep6.el7.ppc64", "7Server-JBEAP-6.4:mod_ldap22-0:2.2.26-58.ep6.el7.x86_64", "7Server-JBEAP-6.4:mod_ssl22-1:2.2.26-58.ep6.el7.ppc64", "7Server-JBEAP-6.4:mod_ssl22-1:2.2.26-58.ep6.el7.x86_64" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 4.8, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:L", "version": "3.0" }, "products": [ "6Server-JBEAP-6.4:httpd-0:2.2.26-57.ep6.el6.i386", "6Server-JBEAP-6.4:httpd-0:2.2.26-57.ep6.el6.ppc64", "6Server-JBEAP-6.4:httpd-0:2.2.26-57.ep6.el6.src", "6Server-JBEAP-6.4:httpd-0:2.2.26-57.ep6.el6.x86_64", "6Server-JBEAP-6.4:httpd-debuginfo-0:2.2.26-57.ep6.el6.i386", "6Server-JBEAP-6.4:httpd-debuginfo-0:2.2.26-57.ep6.el6.ppc64", "6Server-JBEAP-6.4:httpd-debuginfo-0:2.2.26-57.ep6.el6.x86_64", "6Server-JBEAP-6.4:httpd-devel-0:2.2.26-57.ep6.el6.i386", "6Server-JBEAP-6.4:httpd-devel-0:2.2.26-57.ep6.el6.ppc64", "6Server-JBEAP-6.4:httpd-devel-0:2.2.26-57.ep6.el6.x86_64", "6Server-JBEAP-6.4:httpd-manual-0:2.2.26-57.ep6.el6.i386", "6Server-JBEAP-6.4:httpd-manual-0:2.2.26-57.ep6.el6.ppc64", "6Server-JBEAP-6.4:httpd-manual-0:2.2.26-57.ep6.el6.x86_64", "6Server-JBEAP-6.4:httpd-tools-0:2.2.26-57.ep6.el6.i386", "6Server-JBEAP-6.4:httpd-tools-0:2.2.26-57.ep6.el6.ppc64", "6Server-JBEAP-6.4:httpd-tools-0:2.2.26-57.ep6.el6.x86_64", "6Server-JBEAP-6.4:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.i686", "6Server-JBEAP-6.4:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.ppc64", "6Server-JBEAP-6.4:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.src", "6Server-JBEAP-6.4:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.x86_64", "6Server-JBEAP-6.4:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el6.i686", "6Server-JBEAP-6.4:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el6.ppc64", "6Server-JBEAP-6.4:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el6.x86_64", "6Server-JBEAP-6.4:jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el6.i686", "6Server-JBEAP-6.4:jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el6.ppc64", "6Server-JBEAP-6.4:jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el6.x86_64", "6Server-JBEAP-6.4:jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el6.i686", "6Server-JBEAP-6.4:jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el6.ppc64", "6Server-JBEAP-6.4:jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el6.x86_64", "6Server-JBEAP-6.4:jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el6.i686", "6Server-JBEAP-6.4:jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el6.ppc64", "6Server-JBEAP-6.4:jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el6.x86_64", "6Server-JBEAP-6.4:jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el6.i686", "6Server-JBEAP-6.4:jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el6.ppc64", "6Server-JBEAP-6.4:jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el6.x86_64", "6Server-JBEAP-6.4:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el6.i386", "6Server-JBEAP-6.4:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el6.ppc64", "6Server-JBEAP-6.4:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el6.src", "6Server-JBEAP-6.4:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el6.x86_64", "6Server-JBEAP-6.4:mod_cluster-native-debuginfo-0:1.2.13-9.Final_redhat_2.ep6.el6.i386", "6Server-JBEAP-6.4:mod_cluster-native-debuginfo-0:1.2.13-9.Final_redhat_2.ep6.el6.ppc64", "6Server-JBEAP-6.4:mod_cluster-native-debuginfo-0:1.2.13-9.Final_redhat_2.ep6.el6.x86_64", "6Server-JBEAP-6.4:mod_ldap-0:2.2.26-57.ep6.el6.i386", "6Server-JBEAP-6.4:mod_ldap-0:2.2.26-57.ep6.el6.ppc64", "6Server-JBEAP-6.4:mod_ldap-0:2.2.26-57.ep6.el6.x86_64", "6Server-JBEAP-6.4:mod_ssl-1:2.2.26-57.ep6.el6.i386", "6Server-JBEAP-6.4:mod_ssl-1:2.2.26-57.ep6.el6.ppc64", "6Server-JBEAP-6.4:mod_ssl-1:2.2.26-57.ep6.el6.x86_64", "7Server-JBEAP-6.4:httpd22-0:2.2.26-58.ep6.el7.ppc64", "7Server-JBEAP-6.4:httpd22-0:2.2.26-58.ep6.el7.src", "7Server-JBEAP-6.4:httpd22-0:2.2.26-58.ep6.el7.x86_64", "7Server-JBEAP-6.4:httpd22-debuginfo-0:2.2.26-58.ep6.el7.ppc64", "7Server-JBEAP-6.4:httpd22-debuginfo-0:2.2.26-58.ep6.el7.x86_64", "7Server-JBEAP-6.4:httpd22-devel-0:2.2.26-58.ep6.el7.ppc64", "7Server-JBEAP-6.4:httpd22-devel-0:2.2.26-58.ep6.el7.x86_64", "7Server-JBEAP-6.4:httpd22-manual-0:2.2.26-58.ep6.el7.ppc64", "7Server-JBEAP-6.4:httpd22-manual-0:2.2.26-58.ep6.el7.x86_64", "7Server-JBEAP-6.4:httpd22-tools-0:2.2.26-58.ep6.el7.ppc64", "7Server-JBEAP-6.4:httpd22-tools-0:2.2.26-58.ep6.el7.x86_64", "7Server-JBEAP-6.4:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el7.ppc64", "7Server-JBEAP-6.4:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el7.src", "7Server-JBEAP-6.4:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el7.x86_64", "7Server-JBEAP-6.4:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el7.ppc64", "7Server-JBEAP-6.4:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el7.x86_64", "7Server-JBEAP-6.4:jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el7.ppc64", "7Server-JBEAP-6.4:jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el7.x86_64", "7Server-JBEAP-6.4:jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el7.ppc64", "7Server-JBEAP-6.4:jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el7.x86_64", "7Server-JBEAP-6.4:jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el7.ppc64", "7Server-JBEAP-6.4:jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el7.x86_64", "7Server-JBEAP-6.4:jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el7.ppc64", "7Server-JBEAP-6.4:jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el7.x86_64", "7Server-JBEAP-6.4:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el7.ppc64", "7Server-JBEAP-6.4:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el7.src", "7Server-JBEAP-6.4:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el7.x86_64", "7Server-JBEAP-6.4:mod_cluster-native-debuginfo-0:1.2.13-9.Final_redhat_2.ep6.el7.ppc64", "7Server-JBEAP-6.4:mod_cluster-native-debuginfo-0:1.2.13-9.Final_redhat_2.ep6.el7.x86_64", "7Server-JBEAP-6.4:mod_ldap22-0:2.2.26-58.ep6.el7.ppc64", "7Server-JBEAP-6.4:mod_ldap22-0:2.2.26-58.ep6.el7.x86_64", "7Server-JBEAP-6.4:mod_ssl22-1:2.2.26-58.ep6.el7.ppc64", "7Server-JBEAP-6.4:mod_ssl22-1:2.2.26-58.ep6.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "httpd: Uninitialized memory reflection in mod_auth_digest" }, { "acknowledgments": [ { "names": [ "Hanno B\u00f6ck" ] } ], "cve": "CVE-2017-9798", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "discovery_date": "2017-09-11T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1490344" } ], "notes": [ { "category": "description", "text": "A use-after-free flaw was found in the way httpd handled invalid and previously unregistered HTTP methods specified in the Limit directive used in an .htaccess file. A remote attacker could possibly use this flaw to disclose portions of the server memory, or cause httpd child process to crash.", "title": "Vulnerability description" }, { "category": "summary", "text": "httpd: Use-after-free by limiting unregistered HTTP method (Optionsbleed)", "title": "Vulnerability summary" }, { "category": "other", "text": "This issue affects the versions of httpd as shipped with Red Hat Enterprise Linux 5, 6, and 7. This issue affects the versions of httpd24-httpd as shipped with Red Hat Software Collections. Product Security has rated this issue as having Moderate security impact.\n\nIn order to be vulnerable, .htaccess files need to contain an invalid or not globally registered HTTP method in a \"Limit\" directive.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Server-JBEAP-6.4:httpd-0:2.2.26-57.ep6.el6.i386", "6Server-JBEAP-6.4:httpd-0:2.2.26-57.ep6.el6.ppc64", "6Server-JBEAP-6.4:httpd-0:2.2.26-57.ep6.el6.src", "6Server-JBEAP-6.4:httpd-0:2.2.26-57.ep6.el6.x86_64", "6Server-JBEAP-6.4:httpd-debuginfo-0:2.2.26-57.ep6.el6.i386", "6Server-JBEAP-6.4:httpd-debuginfo-0:2.2.26-57.ep6.el6.ppc64", "6Server-JBEAP-6.4:httpd-debuginfo-0:2.2.26-57.ep6.el6.x86_64", "6Server-JBEAP-6.4:httpd-devel-0:2.2.26-57.ep6.el6.i386", "6Server-JBEAP-6.4:httpd-devel-0:2.2.26-57.ep6.el6.ppc64", "6Server-JBEAP-6.4:httpd-devel-0:2.2.26-57.ep6.el6.x86_64", "6Server-JBEAP-6.4:httpd-manual-0:2.2.26-57.ep6.el6.i386", "6Server-JBEAP-6.4:httpd-manual-0:2.2.26-57.ep6.el6.ppc64", "6Server-JBEAP-6.4:httpd-manual-0:2.2.26-57.ep6.el6.x86_64", "6Server-JBEAP-6.4:httpd-tools-0:2.2.26-57.ep6.el6.i386", "6Server-JBEAP-6.4:httpd-tools-0:2.2.26-57.ep6.el6.ppc64", "6Server-JBEAP-6.4:httpd-tools-0:2.2.26-57.ep6.el6.x86_64", "6Server-JBEAP-6.4:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.i686", "6Server-JBEAP-6.4:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.ppc64", "6Server-JBEAP-6.4:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.src", "6Server-JBEAP-6.4:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.x86_64", "6Server-JBEAP-6.4:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el6.i686", "6Server-JBEAP-6.4:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el6.ppc64", "6Server-JBEAP-6.4:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el6.x86_64", "6Server-JBEAP-6.4:jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el6.i686", "6Server-JBEAP-6.4:jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el6.ppc64", "6Server-JBEAP-6.4:jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el6.x86_64", "6Server-JBEAP-6.4:jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el6.i686", "6Server-JBEAP-6.4:jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el6.ppc64", "6Server-JBEAP-6.4:jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el6.x86_64", "6Server-JBEAP-6.4:jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el6.i686", "6Server-JBEAP-6.4:jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el6.ppc64", "6Server-JBEAP-6.4:jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el6.x86_64", "6Server-JBEAP-6.4:jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el6.i686", "6Server-JBEAP-6.4:jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el6.ppc64", "6Server-JBEAP-6.4:jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el6.x86_64", "6Server-JBEAP-6.4:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el6.i386", "6Server-JBEAP-6.4:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el6.ppc64", "6Server-JBEAP-6.4:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el6.src", "6Server-JBEAP-6.4:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el6.x86_64", "6Server-JBEAP-6.4:mod_cluster-native-debuginfo-0:1.2.13-9.Final_redhat_2.ep6.el6.i386", "6Server-JBEAP-6.4:mod_cluster-native-debuginfo-0:1.2.13-9.Final_redhat_2.ep6.el6.ppc64", "6Server-JBEAP-6.4:mod_cluster-native-debuginfo-0:1.2.13-9.Final_redhat_2.ep6.el6.x86_64", "6Server-JBEAP-6.4:mod_ldap-0:2.2.26-57.ep6.el6.i386", "6Server-JBEAP-6.4:mod_ldap-0:2.2.26-57.ep6.el6.ppc64", "6Server-JBEAP-6.4:mod_ldap-0:2.2.26-57.ep6.el6.x86_64", "6Server-JBEAP-6.4:mod_ssl-1:2.2.26-57.ep6.el6.i386", "6Server-JBEAP-6.4:mod_ssl-1:2.2.26-57.ep6.el6.ppc64", "6Server-JBEAP-6.4:mod_ssl-1:2.2.26-57.ep6.el6.x86_64", "7Server-JBEAP-6.4:httpd22-0:2.2.26-58.ep6.el7.ppc64", "7Server-JBEAP-6.4:httpd22-0:2.2.26-58.ep6.el7.src", "7Server-JBEAP-6.4:httpd22-0:2.2.26-58.ep6.el7.x86_64", "7Server-JBEAP-6.4:httpd22-debuginfo-0:2.2.26-58.ep6.el7.ppc64", "7Server-JBEAP-6.4:httpd22-debuginfo-0:2.2.26-58.ep6.el7.x86_64", "7Server-JBEAP-6.4:httpd22-devel-0:2.2.26-58.ep6.el7.ppc64", "7Server-JBEAP-6.4:httpd22-devel-0:2.2.26-58.ep6.el7.x86_64", "7Server-JBEAP-6.4:httpd22-manual-0:2.2.26-58.ep6.el7.ppc64", "7Server-JBEAP-6.4:httpd22-manual-0:2.2.26-58.ep6.el7.x86_64", "7Server-JBEAP-6.4:httpd22-tools-0:2.2.26-58.ep6.el7.ppc64", "7Server-JBEAP-6.4:httpd22-tools-0:2.2.26-58.ep6.el7.x86_64", "7Server-JBEAP-6.4:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el7.ppc64", "7Server-JBEAP-6.4:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el7.src", "7Server-JBEAP-6.4:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el7.x86_64", "7Server-JBEAP-6.4:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el7.ppc64", "7Server-JBEAP-6.4:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el7.x86_64", "7Server-JBEAP-6.4:jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el7.ppc64", "7Server-JBEAP-6.4:jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el7.x86_64", "7Server-JBEAP-6.4:jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el7.ppc64", "7Server-JBEAP-6.4:jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el7.x86_64", "7Server-JBEAP-6.4:jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el7.ppc64", "7Server-JBEAP-6.4:jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el7.x86_64", "7Server-JBEAP-6.4:jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el7.ppc64", "7Server-JBEAP-6.4:jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el7.x86_64", "7Server-JBEAP-6.4:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el7.ppc64", "7Server-JBEAP-6.4:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el7.src", "7Server-JBEAP-6.4:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el7.x86_64", "7Server-JBEAP-6.4:mod_cluster-native-debuginfo-0:1.2.13-9.Final_redhat_2.ep6.el7.ppc64", "7Server-JBEAP-6.4:mod_cluster-native-debuginfo-0:1.2.13-9.Final_redhat_2.ep6.el7.x86_64", "7Server-JBEAP-6.4:mod_ldap22-0:2.2.26-58.ep6.el7.ppc64", "7Server-JBEAP-6.4:mod_ldap22-0:2.2.26-58.ep6.el7.x86_64", "7Server-JBEAP-6.4:mod_ssl22-1:2.2.26-58.ep6.el7.ppc64", "7Server-JBEAP-6.4:mod_ssl22-1:2.2.26-58.ep6.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2017-9798" }, { "category": "external", "summary": "RHBZ#1490344", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1490344" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2017-9798", "url": "https://www.cve.org/CVERecord?id=CVE-2017-9798" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-9798", "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-9798" }, { "category": "external", "summary": "https://blog.fuzzing-project.org/60-Optionsbleed-HTTP-OPTIONS-method-can-leak-Apaches-server-memory.html", "url": "https://blog.fuzzing-project.org/60-Optionsbleed-HTTP-OPTIONS-method-can-leak-Apaches-server-memory.html" } ], "release_date": "2017-09-18T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the updated packages, the httpd daemon will be restarted automatically. For the update to take effect, all services linked to the OpenSSL library must be restarted, or the system rebooted. The JBoss server process must be restarted for the update to take effect.", "product_ids": [ "6Server-JBEAP-6.4:httpd-0:2.2.26-57.ep6.el6.i386", "6Server-JBEAP-6.4:httpd-0:2.2.26-57.ep6.el6.ppc64", "6Server-JBEAP-6.4:httpd-0:2.2.26-57.ep6.el6.src", "6Server-JBEAP-6.4:httpd-0:2.2.26-57.ep6.el6.x86_64", "6Server-JBEAP-6.4:httpd-debuginfo-0:2.2.26-57.ep6.el6.i386", "6Server-JBEAP-6.4:httpd-debuginfo-0:2.2.26-57.ep6.el6.ppc64", "6Server-JBEAP-6.4:httpd-debuginfo-0:2.2.26-57.ep6.el6.x86_64", "6Server-JBEAP-6.4:httpd-devel-0:2.2.26-57.ep6.el6.i386", "6Server-JBEAP-6.4:httpd-devel-0:2.2.26-57.ep6.el6.ppc64", "6Server-JBEAP-6.4:httpd-devel-0:2.2.26-57.ep6.el6.x86_64", "6Server-JBEAP-6.4:httpd-manual-0:2.2.26-57.ep6.el6.i386", "6Server-JBEAP-6.4:httpd-manual-0:2.2.26-57.ep6.el6.ppc64", "6Server-JBEAP-6.4:httpd-manual-0:2.2.26-57.ep6.el6.x86_64", "6Server-JBEAP-6.4:httpd-tools-0:2.2.26-57.ep6.el6.i386", "6Server-JBEAP-6.4:httpd-tools-0:2.2.26-57.ep6.el6.ppc64", "6Server-JBEAP-6.4:httpd-tools-0:2.2.26-57.ep6.el6.x86_64", "6Server-JBEAP-6.4:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.i686", "6Server-JBEAP-6.4:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.ppc64", "6Server-JBEAP-6.4:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.src", "6Server-JBEAP-6.4:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.x86_64", "6Server-JBEAP-6.4:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el6.i686", "6Server-JBEAP-6.4:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el6.ppc64", "6Server-JBEAP-6.4:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el6.x86_64", "6Server-JBEAP-6.4:jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el6.i686", "6Server-JBEAP-6.4:jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el6.ppc64", "6Server-JBEAP-6.4:jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el6.x86_64", "6Server-JBEAP-6.4:jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el6.i686", "6Server-JBEAP-6.4:jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el6.ppc64", "6Server-JBEAP-6.4:jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el6.x86_64", "6Server-JBEAP-6.4:jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el6.i686", "6Server-JBEAP-6.4:jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el6.ppc64", "6Server-JBEAP-6.4:jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el6.x86_64", "6Server-JBEAP-6.4:jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el6.i686", "6Server-JBEAP-6.4:jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el6.ppc64", "6Server-JBEAP-6.4:jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el6.x86_64", "6Server-JBEAP-6.4:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el6.i386", "6Server-JBEAP-6.4:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el6.ppc64", "6Server-JBEAP-6.4:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el6.src", "6Server-JBEAP-6.4:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el6.x86_64", "6Server-JBEAP-6.4:mod_cluster-native-debuginfo-0:1.2.13-9.Final_redhat_2.ep6.el6.i386", "6Server-JBEAP-6.4:mod_cluster-native-debuginfo-0:1.2.13-9.Final_redhat_2.ep6.el6.ppc64", "6Server-JBEAP-6.4:mod_cluster-native-debuginfo-0:1.2.13-9.Final_redhat_2.ep6.el6.x86_64", "6Server-JBEAP-6.4:mod_ldap-0:2.2.26-57.ep6.el6.i386", "6Server-JBEAP-6.4:mod_ldap-0:2.2.26-57.ep6.el6.ppc64", "6Server-JBEAP-6.4:mod_ldap-0:2.2.26-57.ep6.el6.x86_64", "6Server-JBEAP-6.4:mod_ssl-1:2.2.26-57.ep6.el6.i386", "6Server-JBEAP-6.4:mod_ssl-1:2.2.26-57.ep6.el6.ppc64", "6Server-JBEAP-6.4:mod_ssl-1:2.2.26-57.ep6.el6.x86_64", "7Server-JBEAP-6.4:httpd22-0:2.2.26-58.ep6.el7.ppc64", "7Server-JBEAP-6.4:httpd22-0:2.2.26-58.ep6.el7.src", "7Server-JBEAP-6.4:httpd22-0:2.2.26-58.ep6.el7.x86_64", "7Server-JBEAP-6.4:httpd22-debuginfo-0:2.2.26-58.ep6.el7.ppc64", "7Server-JBEAP-6.4:httpd22-debuginfo-0:2.2.26-58.ep6.el7.x86_64", "7Server-JBEAP-6.4:httpd22-devel-0:2.2.26-58.ep6.el7.ppc64", "7Server-JBEAP-6.4:httpd22-devel-0:2.2.26-58.ep6.el7.x86_64", "7Server-JBEAP-6.4:httpd22-manual-0:2.2.26-58.ep6.el7.ppc64", "7Server-JBEAP-6.4:httpd22-manual-0:2.2.26-58.ep6.el7.x86_64", "7Server-JBEAP-6.4:httpd22-tools-0:2.2.26-58.ep6.el7.ppc64", "7Server-JBEAP-6.4:httpd22-tools-0:2.2.26-58.ep6.el7.x86_64", "7Server-JBEAP-6.4:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el7.ppc64", "7Server-JBEAP-6.4:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el7.src", "7Server-JBEAP-6.4:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el7.x86_64", "7Server-JBEAP-6.4:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el7.ppc64", "7Server-JBEAP-6.4:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el7.x86_64", "7Server-JBEAP-6.4:jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el7.ppc64", "7Server-JBEAP-6.4:jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el7.x86_64", "7Server-JBEAP-6.4:jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el7.ppc64", "7Server-JBEAP-6.4:jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el7.x86_64", "7Server-JBEAP-6.4:jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el7.ppc64", "7Server-JBEAP-6.4:jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el7.x86_64", "7Server-JBEAP-6.4:jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el7.ppc64", "7Server-JBEAP-6.4:jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el7.x86_64", "7Server-JBEAP-6.4:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el7.ppc64", "7Server-JBEAP-6.4:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el7.src", "7Server-JBEAP-6.4:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el7.x86_64", "7Server-JBEAP-6.4:mod_cluster-native-debuginfo-0:1.2.13-9.Final_redhat_2.ep6.el7.ppc64", "7Server-JBEAP-6.4:mod_cluster-native-debuginfo-0:1.2.13-9.Final_redhat_2.ep6.el7.x86_64", "7Server-JBEAP-6.4:mod_ldap22-0:2.2.26-58.ep6.el7.ppc64", "7Server-JBEAP-6.4:mod_ldap22-0:2.2.26-58.ep6.el7.x86_64", "7Server-JBEAP-6.4:mod_ssl22-1:2.2.26-58.ep6.el7.ppc64", "7Server-JBEAP-6.4:mod_ssl22-1:2.2.26-58.ep6.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2017:3240" }, { "category": "workaround", "details": "This issue can be mitigated by configuring httpd to disallow the use of the \"Limit\" configuration directive in .htaccess files. The set of directives that can be used in .htaccess files is configured using the \"AllowOverride\" directive. Refer to Red Hat Bugzilla bug 1490344 for further details:\nhttps://bugzilla.redhat.com/show_bug.cgi?id=1490344#c18", "product_ids": [ "6Server-JBEAP-6.4:httpd-0:2.2.26-57.ep6.el6.i386", "6Server-JBEAP-6.4:httpd-0:2.2.26-57.ep6.el6.ppc64", "6Server-JBEAP-6.4:httpd-0:2.2.26-57.ep6.el6.src", "6Server-JBEAP-6.4:httpd-0:2.2.26-57.ep6.el6.x86_64", "6Server-JBEAP-6.4:httpd-debuginfo-0:2.2.26-57.ep6.el6.i386", "6Server-JBEAP-6.4:httpd-debuginfo-0:2.2.26-57.ep6.el6.ppc64", "6Server-JBEAP-6.4:httpd-debuginfo-0:2.2.26-57.ep6.el6.x86_64", "6Server-JBEAP-6.4:httpd-devel-0:2.2.26-57.ep6.el6.i386", "6Server-JBEAP-6.4:httpd-devel-0:2.2.26-57.ep6.el6.ppc64", "6Server-JBEAP-6.4:httpd-devel-0:2.2.26-57.ep6.el6.x86_64", "6Server-JBEAP-6.4:httpd-manual-0:2.2.26-57.ep6.el6.i386", "6Server-JBEAP-6.4:httpd-manual-0:2.2.26-57.ep6.el6.ppc64", "6Server-JBEAP-6.4:httpd-manual-0:2.2.26-57.ep6.el6.x86_64", "6Server-JBEAP-6.4:httpd-tools-0:2.2.26-57.ep6.el6.i386", "6Server-JBEAP-6.4:httpd-tools-0:2.2.26-57.ep6.el6.ppc64", "6Server-JBEAP-6.4:httpd-tools-0:2.2.26-57.ep6.el6.x86_64", "6Server-JBEAP-6.4:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.i686", "6Server-JBEAP-6.4:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.ppc64", "6Server-JBEAP-6.4:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.src", "6Server-JBEAP-6.4:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.x86_64", "6Server-JBEAP-6.4:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el6.i686", "6Server-JBEAP-6.4:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el6.ppc64", "6Server-JBEAP-6.4:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el6.x86_64", "6Server-JBEAP-6.4:jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el6.i686", "6Server-JBEAP-6.4:jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el6.ppc64", "6Server-JBEAP-6.4:jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el6.x86_64", "6Server-JBEAP-6.4:jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el6.i686", "6Server-JBEAP-6.4:jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el6.ppc64", "6Server-JBEAP-6.4:jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el6.x86_64", "6Server-JBEAP-6.4:jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el6.i686", "6Server-JBEAP-6.4:jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el6.ppc64", "6Server-JBEAP-6.4:jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el6.x86_64", "6Server-JBEAP-6.4:jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el6.i686", "6Server-JBEAP-6.4:jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el6.ppc64", "6Server-JBEAP-6.4:jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el6.x86_64", "6Server-JBEAP-6.4:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el6.i386", "6Server-JBEAP-6.4:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el6.ppc64", "6Server-JBEAP-6.4:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el6.src", "6Server-JBEAP-6.4:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el6.x86_64", "6Server-JBEAP-6.4:mod_cluster-native-debuginfo-0:1.2.13-9.Final_redhat_2.ep6.el6.i386", "6Server-JBEAP-6.4:mod_cluster-native-debuginfo-0:1.2.13-9.Final_redhat_2.ep6.el6.ppc64", "6Server-JBEAP-6.4:mod_cluster-native-debuginfo-0:1.2.13-9.Final_redhat_2.ep6.el6.x86_64", "6Server-JBEAP-6.4:mod_ldap-0:2.2.26-57.ep6.el6.i386", "6Server-JBEAP-6.4:mod_ldap-0:2.2.26-57.ep6.el6.ppc64", "6Server-JBEAP-6.4:mod_ldap-0:2.2.26-57.ep6.el6.x86_64", "6Server-JBEAP-6.4:mod_ssl-1:2.2.26-57.ep6.el6.i386", "6Server-JBEAP-6.4:mod_ssl-1:2.2.26-57.ep6.el6.ppc64", "6Server-JBEAP-6.4:mod_ssl-1:2.2.26-57.ep6.el6.x86_64", "7Server-JBEAP-6.4:httpd22-0:2.2.26-58.ep6.el7.ppc64", "7Server-JBEAP-6.4:httpd22-0:2.2.26-58.ep6.el7.src", "7Server-JBEAP-6.4:httpd22-0:2.2.26-58.ep6.el7.x86_64", "7Server-JBEAP-6.4:httpd22-debuginfo-0:2.2.26-58.ep6.el7.ppc64", "7Server-JBEAP-6.4:httpd22-debuginfo-0:2.2.26-58.ep6.el7.x86_64", "7Server-JBEAP-6.4:httpd22-devel-0:2.2.26-58.ep6.el7.ppc64", "7Server-JBEAP-6.4:httpd22-devel-0:2.2.26-58.ep6.el7.x86_64", "7Server-JBEAP-6.4:httpd22-manual-0:2.2.26-58.ep6.el7.ppc64", "7Server-JBEAP-6.4:httpd22-manual-0:2.2.26-58.ep6.el7.x86_64", "7Server-JBEAP-6.4:httpd22-tools-0:2.2.26-58.ep6.el7.ppc64", "7Server-JBEAP-6.4:httpd22-tools-0:2.2.26-58.ep6.el7.x86_64", "7Server-JBEAP-6.4:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el7.ppc64", "7Server-JBEAP-6.4:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el7.src", "7Server-JBEAP-6.4:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el7.x86_64", "7Server-JBEAP-6.4:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el7.ppc64", "7Server-JBEAP-6.4:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el7.x86_64", "7Server-JBEAP-6.4:jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el7.ppc64", "7Server-JBEAP-6.4:jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el7.x86_64", "7Server-JBEAP-6.4:jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el7.ppc64", "7Server-JBEAP-6.4:jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el7.x86_64", "7Server-JBEAP-6.4:jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el7.ppc64", "7Server-JBEAP-6.4:jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el7.x86_64", "7Server-JBEAP-6.4:jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el7.ppc64", "7Server-JBEAP-6.4:jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el7.x86_64", "7Server-JBEAP-6.4:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el7.ppc64", "7Server-JBEAP-6.4:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el7.src", "7Server-JBEAP-6.4:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el7.x86_64", "7Server-JBEAP-6.4:mod_cluster-native-debuginfo-0:1.2.13-9.Final_redhat_2.ep6.el7.ppc64", "7Server-JBEAP-6.4:mod_cluster-native-debuginfo-0:1.2.13-9.Final_redhat_2.ep6.el7.x86_64", "7Server-JBEAP-6.4:mod_ldap22-0:2.2.26-58.ep6.el7.ppc64", "7Server-JBEAP-6.4:mod_ldap22-0:2.2.26-58.ep6.el7.x86_64", "7Server-JBEAP-6.4:mod_ssl22-1:2.2.26-58.ep6.el7.ppc64", "7Server-JBEAP-6.4:mod_ssl22-1:2.2.26-58.ep6.el7.x86_64" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.9, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.0" }, "products": [ "6Server-JBEAP-6.4:httpd-0:2.2.26-57.ep6.el6.i386", "6Server-JBEAP-6.4:httpd-0:2.2.26-57.ep6.el6.ppc64", "6Server-JBEAP-6.4:httpd-0:2.2.26-57.ep6.el6.src", "6Server-JBEAP-6.4:httpd-0:2.2.26-57.ep6.el6.x86_64", "6Server-JBEAP-6.4:httpd-debuginfo-0:2.2.26-57.ep6.el6.i386", "6Server-JBEAP-6.4:httpd-debuginfo-0:2.2.26-57.ep6.el6.ppc64", "6Server-JBEAP-6.4:httpd-debuginfo-0:2.2.26-57.ep6.el6.x86_64", "6Server-JBEAP-6.4:httpd-devel-0:2.2.26-57.ep6.el6.i386", "6Server-JBEAP-6.4:httpd-devel-0:2.2.26-57.ep6.el6.ppc64", "6Server-JBEAP-6.4:httpd-devel-0:2.2.26-57.ep6.el6.x86_64", "6Server-JBEAP-6.4:httpd-manual-0:2.2.26-57.ep6.el6.i386", "6Server-JBEAP-6.4:httpd-manual-0:2.2.26-57.ep6.el6.ppc64", "6Server-JBEAP-6.4:httpd-manual-0:2.2.26-57.ep6.el6.x86_64", "6Server-JBEAP-6.4:httpd-tools-0:2.2.26-57.ep6.el6.i386", "6Server-JBEAP-6.4:httpd-tools-0:2.2.26-57.ep6.el6.ppc64", "6Server-JBEAP-6.4:httpd-tools-0:2.2.26-57.ep6.el6.x86_64", "6Server-JBEAP-6.4:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.i686", "6Server-JBEAP-6.4:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.ppc64", "6Server-JBEAP-6.4:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.src", "6Server-JBEAP-6.4:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.x86_64", "6Server-JBEAP-6.4:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el6.i686", "6Server-JBEAP-6.4:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el6.ppc64", "6Server-JBEAP-6.4:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el6.x86_64", "6Server-JBEAP-6.4:jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el6.i686", "6Server-JBEAP-6.4:jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el6.ppc64", "6Server-JBEAP-6.4:jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el6.x86_64", "6Server-JBEAP-6.4:jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el6.i686", "6Server-JBEAP-6.4:jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el6.ppc64", "6Server-JBEAP-6.4:jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el6.x86_64", "6Server-JBEAP-6.4:jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el6.i686", "6Server-JBEAP-6.4:jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el6.ppc64", "6Server-JBEAP-6.4:jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el6.x86_64", "6Server-JBEAP-6.4:jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el6.i686", "6Server-JBEAP-6.4:jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el6.ppc64", "6Server-JBEAP-6.4:jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el6.x86_64", "6Server-JBEAP-6.4:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el6.i386", "6Server-JBEAP-6.4:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el6.ppc64", "6Server-JBEAP-6.4:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el6.src", "6Server-JBEAP-6.4:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el6.x86_64", "6Server-JBEAP-6.4:mod_cluster-native-debuginfo-0:1.2.13-9.Final_redhat_2.ep6.el6.i386", "6Server-JBEAP-6.4:mod_cluster-native-debuginfo-0:1.2.13-9.Final_redhat_2.ep6.el6.ppc64", "6Server-JBEAP-6.4:mod_cluster-native-debuginfo-0:1.2.13-9.Final_redhat_2.ep6.el6.x86_64", "6Server-JBEAP-6.4:mod_ldap-0:2.2.26-57.ep6.el6.i386", "6Server-JBEAP-6.4:mod_ldap-0:2.2.26-57.ep6.el6.ppc64", "6Server-JBEAP-6.4:mod_ldap-0:2.2.26-57.ep6.el6.x86_64", "6Server-JBEAP-6.4:mod_ssl-1:2.2.26-57.ep6.el6.i386", "6Server-JBEAP-6.4:mod_ssl-1:2.2.26-57.ep6.el6.ppc64", "6Server-JBEAP-6.4:mod_ssl-1:2.2.26-57.ep6.el6.x86_64", "7Server-JBEAP-6.4:httpd22-0:2.2.26-58.ep6.el7.ppc64", "7Server-JBEAP-6.4:httpd22-0:2.2.26-58.ep6.el7.src", "7Server-JBEAP-6.4:httpd22-0:2.2.26-58.ep6.el7.x86_64", "7Server-JBEAP-6.4:httpd22-debuginfo-0:2.2.26-58.ep6.el7.ppc64", "7Server-JBEAP-6.4:httpd22-debuginfo-0:2.2.26-58.ep6.el7.x86_64", "7Server-JBEAP-6.4:httpd22-devel-0:2.2.26-58.ep6.el7.ppc64", "7Server-JBEAP-6.4:httpd22-devel-0:2.2.26-58.ep6.el7.x86_64", "7Server-JBEAP-6.4:httpd22-manual-0:2.2.26-58.ep6.el7.ppc64", "7Server-JBEAP-6.4:httpd22-manual-0:2.2.26-58.ep6.el7.x86_64", "7Server-JBEAP-6.4:httpd22-tools-0:2.2.26-58.ep6.el7.ppc64", "7Server-JBEAP-6.4:httpd22-tools-0:2.2.26-58.ep6.el7.x86_64", "7Server-JBEAP-6.4:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el7.ppc64", "7Server-JBEAP-6.4:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el7.src", "7Server-JBEAP-6.4:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el7.x86_64", "7Server-JBEAP-6.4:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el7.ppc64", "7Server-JBEAP-6.4:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el7.x86_64", "7Server-JBEAP-6.4:jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el7.ppc64", "7Server-JBEAP-6.4:jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el7.x86_64", "7Server-JBEAP-6.4:jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el7.ppc64", "7Server-JBEAP-6.4:jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el7.x86_64", "7Server-JBEAP-6.4:jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el7.ppc64", "7Server-JBEAP-6.4:jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el7.x86_64", "7Server-JBEAP-6.4:jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el7.ppc64", "7Server-JBEAP-6.4:jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el7.x86_64", "7Server-JBEAP-6.4:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el7.ppc64", "7Server-JBEAP-6.4:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el7.src", "7Server-JBEAP-6.4:mod_cluster-native-0:1.2.13-9.Final_redhat_2.ep6.el7.x86_64", "7Server-JBEAP-6.4:mod_cluster-native-debuginfo-0:1.2.13-9.Final_redhat_2.ep6.el7.ppc64", "7Server-JBEAP-6.4:mod_cluster-native-debuginfo-0:1.2.13-9.Final_redhat_2.ep6.el7.x86_64", "7Server-JBEAP-6.4:mod_ldap22-0:2.2.26-58.ep6.el7.ppc64", "7Server-JBEAP-6.4:mod_ldap22-0:2.2.26-58.ep6.el7.x86_64", "7Server-JBEAP-6.4:mod_ssl22-1:2.2.26-58.ep6.el7.ppc64", "7Server-JBEAP-6.4:mod_ssl22-1:2.2.26-58.ep6.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "httpd: Use-after-free by limiting unregistered HTTP method (Optionsbleed)" } ] }
rhsa-2021_0308
Vulnerability from csaf_redhat
Notes
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Important" }, "category": "csaf_vex", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 2023 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "Red Hat OpenShift Container Platform release 4.6.16 is now available with\nupdates to packages and images that fix several bugs.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", "title": "Topic" }, { "category": "general", "text": "Red Hat OpenShift Container Platform is Red Hat\u0027s cloud computing\nKubernetes application platform solution designed for on-premise or private\ncloud deployments.\n\nThis advisory contains the container images for Red Hat OpenShift Container\nPlatform 4.6.16. See the following advisory for the RPM packages for this\nrelease:\n\nhttps://access.redhat.com/errata/RHBA-2021:0309\n\nSpace precludes documenting all of the container images in this advisory.\nSee the following Release Notes documentation, which will be updated\nshortly for this release, for details about these changes:\n\nhttps://docs.openshift.com/container-platform/4.6/release_notes/ocp-4-6-release-notes.html\n\nYou may download the oc tool and use it to inspect release image metadata\nas follows:\n\n(For x86_64 architecture)\n\n $ oc adm release info\nquay.io/openshift-release-dev/ocp-release:4.6.16-x86_64\n\nThe image digest is sha256:3e855ad88f46ad1b7f56c312f078ca6adaba623c5d4b360143f9f82d2f349741\n\n(For s390x architecture)\n\n $ oc adm release info\nquay.io/openshift-release-dev/ocp-release:4.6.16-s390x\n\nThe image digest is sha256:2335685cda334ecf9e12c056b148c483fb81412fbfc96c885dc669d775e1f1ee\n\n(For ppc64le architecture)\n\n $ oc adm release info\nquay.io/openshift-release-dev/ocp-release:4.6.16-ppc64le\n\nThe image digest is sha256:953ccacf79467b3e8ebfb8def92013f1574d75e24b3ea9a455aa8931f7f17b88\n\nAll OpenShift Container Platform 4.6 users are advised to upgrade to these\nupdated packages and images when they are available in the appropriate\nrelease channel. To check for available updates, use the OpenShift Console\nor the CLI oc command. Instructions for upgrading a cluster are available\nat\nhttps://docs.openshift.com/container-platform/4.6/updating/updating-cluster-between-minor.html#understanding-upgrade-channels_updating-cluster-between-minor.\n\nSecurity Fix(es):\n\n* SSL/TLS: Birthday attack against 64-bit block ciphers (SWEET32) (CVE-2016-2183)\n\n* openshift/builder: privilege escalation during container image builds via mounted secrets (CVE-2021-3344)\n\n* openshift/installer: Bootstrap nodes allow anonymous authentication on kubelet port 10250 (CVE-2021-20198)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat offerings.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHSA-2021:0308", "url": "https://access.redhat.com/errata/RHSA-2021:0308" }, { "category": "external", "summary": "https://access.redhat.com/security/updates/classification/#important", "url": "https://access.redhat.com/security/updates/classification/#important" }, { "category": "external", "summary": "https://access.redhat.com/articles/2548661", "url": "https://access.redhat.com/articles/2548661" }, { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/data/csaf/v2/advisories/2021/rhsa-2021_0308.json" } ], "title": "Red Hat Security Advisory: OpenShift Container Platform 4.6.16 security and bug fix update", "tracking": { "current_release_date": "2021-02-08T13:49:00Z", "generator": { "date": "2023-07-01T04:33:00Z", "engine": { "name": "Red Hat SDEngine", "version": "3.18.0" } }, "id": "RHSA-2021:0308", "initial_release_date": "2021-02-08T13:49:00Z", "revision_history": [ { "date": "2021-02-08T13:49:00Z", "number": "1", "summary": "Current version" } ], "status": "final", "version": "1" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "Red Hat OpenShift Container Platform 4.6", "product": { "name": "Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6", "product_identification_helper": { "cpe": "cpe:/a:redhat:openshift:4.6::el8" } } } ], "category": "product_family", "name": "Red Hat OpenShift Enterprise" }, { "category": "product_version", "name": "openshift4/ose-aws-ebs-csi-driver-rhel8-operator:v4.6.0-202101300140.p0", "product": { "name": "openshift4/ose-aws-ebs-csi-driver-rhel8-operator:v4.6.0-202101300140.p0", "product_id": "openshift4/ose-aws-ebs-csi-driver-rhel8-operator:v4.6.0-202101300140.p0" } }, { "category": "product_version", "name": "openshift4/ose-aws-ebs-csi-driver-rhel8:v4.6.0-202101300140.p0", "product": { "name": "openshift4/ose-aws-ebs-csi-driver-rhel8:v4.6.0-202101300140.p0", "product_id": "openshift4/ose-aws-ebs-csi-driver-rhel8:v4.6.0-202101300140.p0" } }, { "category": "product_version", "name": "openshift4/ose-aws-machine-controllers:v4.6.0-202101300140.p0", "product": { "name": "openshift4/ose-aws-machine-controllers:v4.6.0-202101300140.p0", "product_id": "openshift4/ose-aws-machine-controllers:v4.6.0-202101300140.p0" } }, { "category": "product_version", "name": "openshift4/ose-aws-pod-identity-webhook-rhel8:v4.6.0-202101300140.p0", "product": { "name": "openshift4/ose-aws-pod-identity-webhook-rhel8:v4.6.0-202101300140.p0", "product_id": "openshift4/ose-aws-pod-identity-webhook-rhel8:v4.6.0-202101300140.p0" } }, { "category": "product_version", "name": "openshift4/ose-azure-machine-controllers:v4.6.0-202101300140.p0", "product": { "name": "openshift4/ose-azure-machine-controllers:v4.6.0-202101300140.p0", "product_id": "openshift4/ose-azure-machine-controllers:v4.6.0-202101300140.p0" } }, { "category": "product_version", "name": "openshift4/ose-baremetal-installer-rhel8:v4.6.0-202101300140.p0", "product": { "name": "openshift4/ose-baremetal-installer-rhel8:v4.6.0-202101300140.p0", "product_id": "openshift4/ose-baremetal-installer-rhel8:v4.6.0-202101300140.p0" } }, { "category": "product_version", "name": "openshift4/ose-baremetal-machine-controllers:v4.6.0-202101300140.p0", "product": { "name": "openshift4/ose-baremetal-machine-controllers:v4.6.0-202101300140.p0", "product_id": "openshift4/ose-baremetal-machine-controllers:v4.6.0-202101300140.p0" } }, { "category": "product_version", "name": "openshift4/ose-baremetal-rhel8-operator:v4.6.0-202101300140.p0", "product": { "name": "openshift4/ose-baremetal-rhel8-operator:v4.6.0-202101300140.p0", "product_id": "openshift4/ose-baremetal-rhel8-operator:v4.6.0-202101300140.p0" } }, { "category": "product_version", "name": "openshift4/ose-baremetal-runtimecfg-rhel8:v4.6.0-202101300140.p0", "product": { "name": "openshift4/ose-baremetal-runtimecfg-rhel8:v4.6.0-202101300140.p0", "product_id": "openshift4/ose-baremetal-runtimecfg-rhel8:v4.6.0-202101300140.p0" } }, { "category": "product_version", "name": "openshift4/ose-cli-artifacts:v4.6.0-202101301510.p0", "product": { "name": "openshift4/ose-cli-artifacts:v4.6.0-202101301510.p0", "product_id": "openshift4/ose-cli-artifacts:v4.6.0-202101301510.p0" } }, { "category": "product_version", "name": "openshift4/ose-cli:v4.6.0-202101301510.p0", "product": { "name": "openshift4/ose-cli:v4.6.0-202101301510.p0", "product_id": "openshift4/ose-cli:v4.6.0-202101301510.p0" } }, { "category": "product_version", "name": "openshift4/ose-cloud-credential-operator:v4.6.0-202101300140.p0", "product": { "name": "openshift4/ose-cloud-credential-operator:v4.6.0-202101300140.p0", "product_id": "openshift4/ose-cloud-credential-operator:v4.6.0-202101300140.p0" } }, { "category": "product_version", "name": "openshift4/ose-cluster-authentication-operator:v4.6.0-202101300140.p0", "product": { "name": "openshift4/ose-cluster-authentication-operator:v4.6.0-202101300140.p0", "product_id": "openshift4/ose-cluster-authentication-operator:v4.6.0-202101300140.p0" } }, { "category": "product_version", "name": "openshift4/ose-cluster-autoscaler-operator:v4.6.0-202101300140.p0", "product": { "name": "openshift4/ose-cluster-autoscaler-operator:v4.6.0-202101300140.p0", "product_id": "openshift4/ose-cluster-autoscaler-operator:v4.6.0-202101300140.p0" } }, { "category": "product_version", "name": "openshift4/ose-cluster-autoscaler:v4.6.0-202101300140.p0", "product": { "name": "openshift4/ose-cluster-autoscaler:v4.6.0-202101300140.p0", "product_id": "openshift4/ose-cluster-autoscaler:v4.6.0-202101300140.p0" } }, { "category": "product_version", "name": "openshift4/ose-cluster-bootstrap:v4.6.0-202101300140.p0", "product": { "name": "openshift4/ose-cluster-bootstrap:v4.6.0-202101300140.p0", "product_id": "openshift4/ose-cluster-bootstrap:v4.6.0-202101300140.p0" } }, { "category": "product_version", "name": "openshift4/ose-cluster-config-operator:v4.6.0-202101300140.p0", "product": { "name": "openshift4/ose-cluster-config-operator:v4.6.0-202101300140.p0", "product_id": "openshift4/ose-cluster-config-operator:v4.6.0-202101300140.p0" } }, { "category": "product_version", "name": "openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator:v4.6.0-202101300140.p0", "product": { "name": "openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator:v4.6.0-202101300140.p0", "product_id": "openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator:v4.6.0-202101300140.p0" } }, { "category": "product_version", "name": "openshift4/ose-cluster-dns-operator:v4.6.0-202101301510.p0", "product": { "name": "openshift4/ose-cluster-dns-operator:v4.6.0-202101301510.p0", "product_id": "openshift4/ose-cluster-dns-operator:v4.6.0-202101301510.p0" } }, { "category": "product_version", "name": "openshift4/ose-cluster-etcd-rhel8-operator:v4.6.0-202101300140.p0", "product": { "name": "openshift4/ose-cluster-etcd-rhel8-operator:v4.6.0-202101300140.p0", "product_id": "openshift4/ose-cluster-etcd-rhel8-operator:v4.6.0-202101300140.p0" } }, { "category": "product_version", "name": "openshift4/ose-cluster-image-registry-operator:v4.6.0-202101300140.p0", "product": { "name": "openshift4/ose-cluster-image-registry-operator:v4.6.0-202101300140.p0", "product_id": "openshift4/ose-cluster-image-registry-operator:v4.6.0-202101300140.p0" } }, { "category": "product_version", "name": "openshift4/ose-cluster-ingress-operator:v4.6.0-202101300140.p0", "product": { "name": "openshift4/ose-cluster-ingress-operator:v4.6.0-202101300140.p0", "product_id": "openshift4/ose-cluster-ingress-operator:v4.6.0-202101300140.p0" } }, { "category": "product_version", "name": "openshift4/ose-cluster-kube-apiserver-operator:v4.6.0-202101300140.p0", "product": { "name": "openshift4/ose-cluster-kube-apiserver-operator:v4.6.0-202101300140.p0", "product_id": "openshift4/ose-cluster-kube-apiserver-operator:v4.6.0-202101300140.p0" } }, { "category": "product_version", "name": "openshift4/ose-cluster-kube-controller-manager-operator:v4.6.0-202101300140.p0", "product": { "name": "openshift4/ose-cluster-kube-controller-manager-operator:v4.6.0-202101300140.p0", "product_id": "openshift4/ose-cluster-kube-controller-manager-operator:v4.6.0-202101300140.p0" } }, { "category": "product_version", "name": "openshift4/ose-cluster-kube-scheduler-operator:v4.6.0-202101300140.p0", "product": { "name": "openshift4/ose-cluster-kube-scheduler-operator:v4.6.0-202101300140.p0", "product_id": "openshift4/ose-cluster-kube-scheduler-operator:v4.6.0-202101300140.p0" } }, { "category": "product_version", "name": "openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator:v4.6.0-202101300140.p0", "product": { "name": "openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator:v4.6.0-202101300140.p0", "product_id": "openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator:v4.6.0-202101300140.p0" } }, { "category": "product_version", "name": "openshift4/ose-cluster-machine-approver:v4.6.0-202101300140.p0", "product": { "name": "openshift4/ose-cluster-machine-approver:v4.6.0-202101300140.p0", "product_id": "openshift4/ose-cluster-machine-approver:v4.6.0-202101300140.p0" } }, { "category": "product_version", "name": "openshift4/ose-cluster-monitoring-operator:v4.6.0-202101300850.p0", "product": { "name": "openshift4/ose-cluster-monitoring-operator:v4.6.0-202101300850.p0", "product_id": "openshift4/ose-cluster-monitoring-operator:v4.6.0-202101300850.p0" } }, { "category": "product_version", "name": "openshift4/ose-cluster-network-operator:v4.6.0-202101300140.p0", "product": { "name": "openshift4/ose-cluster-network-operator:v4.6.0-202101300140.p0", "product_id": "openshift4/ose-cluster-network-operator:v4.6.0-202101300140.p0" } }, { "category": "product_version", "name": "openshift4/ose-cluster-node-tuning-operator:v4.6.0-202101300140.p0", "product": { "name": "openshift4/ose-cluster-node-tuning-operator:v4.6.0-202101300140.p0", "product_id": "openshift4/ose-cluster-node-tuning-operator:v4.6.0-202101300140.p0" } }, { "category": "product_version", "name": "openshift4/ose-cluster-openshift-apiserver-operator:v4.6.0-202101300140.p0", "product": { "name": "openshift4/ose-cluster-openshift-apiserver-operator:v4.6.0-202101300140.p0", "product_id": "openshift4/ose-cluster-openshift-apiserver-operator:v4.6.0-202101300140.p0" } }, { "category": "product_version", "name": "openshift4/ose-cluster-openshift-controller-manager-operator:v4.6.0-202101300140.p0", "product": { "name": "openshift4/ose-cluster-openshift-controller-manager-operator:v4.6.0-202101300140.p0", "product_id": "openshift4/ose-cluster-openshift-controller-manager-operator:v4.6.0-202101300140.p0" } }, { "category": "product_version", "name": "openshift4/ose-cluster-policy-controller-rhel8:v4.6.0-202101300140.p0", "product": { "name": "openshift4/ose-cluster-policy-controller-rhel8:v4.6.0-202101300140.p0", "product_id": "openshift4/ose-cluster-policy-controller-rhel8:v4.6.0-202101300140.p0" } }, { "category": "product_version", "name": "openshift4/ose-cluster-samples-operator:v4.6.0-202101300140.p0", "product": { "name": "openshift4/ose-cluster-samples-operator:v4.6.0-202101300140.p0", "product_id": "openshift4/ose-cluster-samples-operator:v4.6.0-202101300140.p0" } }, { "category": "product_version", "name": "openshift4/ose-cluster-storage-operator:v4.6.0-202101300140.p0", "product": { "name": "openshift4/ose-cluster-storage-operator:v4.6.0-202101300140.p0", "product_id": "openshift4/ose-cluster-storage-operator:v4.6.0-202101300140.p0" } }, { "category": "product_version", "name": "openshift4/ose-cluster-update-keys:v4.6.0-202101300140.p0", "product": { "name": "openshift4/ose-cluster-update-keys:v4.6.0-202101300140.p0", "product_id": "openshift4/ose-cluster-update-keys:v4.6.0-202101300140.p0" } }, { "category": "product_version", "name": "openshift4/ose-cluster-version-operator:v4.6.0-202101300140.p0", "product": { "name": "openshift4/ose-cluster-version-operator:v4.6.0-202101300140.p0", "product_id": "openshift4/ose-cluster-version-operator:v4.6.0-202101300140.p0" } }, { "category": "product_version", "name": "openshift4/ose-configmap-reloader:v4.6.0-202101300140.p0", "product": { "name": "openshift4/ose-configmap-reloader:v4.6.0-202101300140.p0", "product_id": "openshift4/ose-configmap-reloader:v4.6.0-202101300140.p0" } }, { "category": "product_version", "name": "openshift4/ose-console-operator:v4.6.0-202101300140.p0", "product": { "name": "openshift4/ose-console-operator:v4.6.0-202101300140.p0", "product_id": "openshift4/ose-console-operator:v4.6.0-202101300140.p0" } }, { "category": "product_version", "name": "openshift4/ose-console:v4.6.0-202101300140.p0", "product": { "name": "openshift4/ose-console:v4.6.0-202101300140.p0", "product_id": "openshift4/ose-console:v4.6.0-202101300140.p0" } }, { "category": "product_version", "name": "openshift4/ose-container-networking-plugins-rhel8:v4.6.0-202101300140.p0", "product": { "name": "openshift4/ose-container-networking-plugins-rhel8:v4.6.0-202101300140.p0", "product_id": "openshift4/ose-container-networking-plugins-rhel8:v4.6.0-202101300140.p0" } }, { "category": "product_version", "name": "openshift4/ose-coredns:v4.6.0-202101300140.p0", "product": { "name": "openshift4/ose-coredns:v4.6.0-202101300140.p0", "product_id": "openshift4/ose-coredns:v4.6.0-202101300140.p0" } }, { "category": "product_version", "name": "openshift4/ose-csi-driver-manila-rhel8-operator:v4.6.0-202101300140.p0", "product": { "name": "openshift4/ose-csi-driver-manila-rhel8-operator:v4.6.0-202101300140.p0", "product_id": "openshift4/ose-csi-driver-manila-rhel8-operator:v4.6.0-202101300140.p0" } }, { "category": "product_version", "name": "openshift4/ose-csi-driver-manila-rhel8:v4.6.0-202101300140.p0", "product": { "name": "openshift4/ose-csi-driver-manila-rhel8:v4.6.0-202101300140.p0", "product_id": "openshift4/ose-csi-driver-manila-rhel8:v4.6.0-202101300140.p0" } }, { "category": "product_version", "name": "openshift4/ose-csi-driver-nfs-rhel8:v4.6.0-202101300140.p0", "product": { "name": "openshift4/ose-csi-driver-nfs-rhel8:v4.6.0-202101300140.p0", "product_id": "openshift4/ose-csi-driver-nfs-rhel8:v4.6.0-202101300140.p0" } }, { "category": "product_version", "name": "openshift4/ose-csi-external-attacher-rhel8:v4.6.0-202101300140.p0", "product": { "name": "openshift4/ose-csi-external-attacher-rhel8:v4.6.0-202101300140.p0", "product_id": "openshift4/ose-csi-external-attacher-rhel8:v4.6.0-202101300140.p0" } }, { "category": "product_version", "name": "openshift4/ose-csi-external-attacher:v4.6.0-202101300140.p0", "product": { "name": "openshift4/ose-csi-external-attacher:v4.6.0-202101300140.p0", "product_id": "openshift4/ose-csi-external-attacher:v4.6.0-202101300140.p0" } }, { "category": "product_version", "name": "openshift4/ose-csi-external-provisioner-rhel8:v4.6.0-202101300140.p0", "product": { "name": "openshift4/ose-csi-external-provisioner-rhel8:v4.6.0-202101300140.p0", "product_id": "openshift4/ose-csi-external-provisioner-rhel8:v4.6.0-202101300140.p0" } }, { "category": "product_version", "name": "openshift4/ose-csi-external-provisioner:v4.6.0-202101300140.p0", "product": { "name": "openshift4/ose-csi-external-provisioner:v4.6.0-202101300140.p0", "product_id": "openshift4/ose-csi-external-provisioner:v4.6.0-202101300140.p0" } }, { "category": "product_version", "name": "openshift4/ose-csi-external-resizer-rhel8:v4.6.0-202101300140.p0", "product": { "name": "openshift4/ose-csi-external-resizer-rhel8:v4.6.0-202101300140.p0", "product_id": "openshift4/ose-csi-external-resizer-rhel8:v4.6.0-202101300140.p0" } }, { "category": "product_version", "name": "openshift4/ose-csi-external-resizer:v4.6.0-202101300140.p0", "product": { "name": "openshift4/ose-csi-external-resizer:v4.6.0-202101300140.p0", "product_id": "openshift4/ose-csi-external-resizer:v4.6.0-202101300140.p0" } }, { "category": "product_version", "name": "openshift4/ose-csi-external-snapshotter-rhel8:v4.6.0-202101300140.p0", "product": { "name": "openshift4/ose-csi-external-snapshotter-rhel8:v4.6.0-202101300140.p0", "product_id": "openshift4/ose-csi-external-snapshotter-rhel8:v4.6.0-202101300140.p0" } }, { "category": "product_version", "name": "openshift4/ose-csi-external-snapshotter:v4.6.0-202101300140.p0", "product": { "name": "openshift4/ose-csi-external-snapshotter:v4.6.0-202101300140.p0", "product_id": "openshift4/ose-csi-external-snapshotter:v4.6.0-202101300140.p0" } }, { "category": "product_version", "name": "openshift4/ose-csi-livenessprobe-rhel8:v4.6.0-202101300140.p0", "product": { "name": "openshift4/ose-csi-livenessprobe-rhel8:v4.6.0-202101300140.p0", "product_id": "openshift4/ose-csi-livenessprobe-rhel8:v4.6.0-202101300140.p0" } }, { "category": "product_version", "name": "openshift4/ose-csi-livenessprobe:v4.6.0-202101300140.p0", "product": { "name": "openshift4/ose-csi-livenessprobe:v4.6.0-202101300140.p0", "product_id": "openshift4/ose-csi-livenessprobe:v4.6.0-202101300140.p0" } }, { "category": "product_version", "name": "openshift4/ose-csi-node-driver-registrar-rhel8:v4.6.0-202101300140.p0", "product": { "name": "openshift4/ose-csi-node-driver-registrar-rhel8:v4.6.0-202101300140.p0", "product_id": "openshift4/ose-csi-node-driver-registrar-rhel8:v4.6.0-202101300140.p0" } }, { "category": "product_version", "name": "openshift4/ose-csi-node-driver-registrar:v4.6.0-202101300140.p0", "product": { "name": "openshift4/ose-csi-node-driver-registrar:v4.6.0-202101300140.p0", "product_id": "openshift4/ose-csi-node-driver-registrar:v4.6.0-202101300140.p0" } }, { "category": "product_version", "name": "openshift4/ose-csi-snapshot-controller-rhel8:v4.6.0-202101300140.p0", "product": { "name": "openshift4/ose-csi-snapshot-controller-rhel8:v4.6.0-202101300140.p0", "product_id": "openshift4/ose-csi-snapshot-controller-rhel8:v4.6.0-202101300140.p0" } }, { "category": "product_version", "name": "openshift4/ose-csi-snapshot-controller:v4.6.0-202101300140.p0", "product": { "name": "openshift4/ose-csi-snapshot-controller:v4.6.0-202101300140.p0", "product_id": "openshift4/ose-csi-snapshot-controller:v4.6.0-202101300140.p0" } }, { "category": "product_version", "name": "openshift4/ose-deployer:v4.6.0-202101301510.p0", "product": { "name": "openshift4/ose-deployer:v4.6.0-202101301510.p0", "product_id": "openshift4/ose-deployer:v4.6.0-202101301510.p0" } }, { "category": "product_version", "name": "openshift4/ose-docker-builder:v4.6.0-202101300140.p0", "product": { "name": "openshift4/ose-docker-builder:v4.6.0-202101300140.p0", "product_id": "openshift4/ose-docker-builder:v4.6.0-202101300140.p0" } }, { "category": "product_version", "name": "openshift4/ose-docker-registry:v4.6.0-202101300140.p0", "product": { "name": "openshift4/ose-docker-registry:v4.6.0-202101300140.p0", "product_id": "openshift4/ose-docker-registry:v4.6.0-202101300140.p0" } }, { "category": "product_version", "name": "openshift4/ose-etcd:v4.6.0-202101300140.p0", "product": { "name": "openshift4/ose-etcd:v4.6.0-202101300140.p0", "product_id": "openshift4/ose-etcd:v4.6.0-202101300140.p0" } }, { "category": "product_version", "name": "openshift4/ose-gcp-machine-controllers-rhel8:v4.6.0-202101300140.p0", "product": { "name": "openshift4/ose-gcp-machine-controllers-rhel8:v4.6.0-202101300140.p0", "product_id": "openshift4/ose-gcp-machine-controllers-rhel8:v4.6.0-202101300140.p0" } }, { "category": "product_version", "name": "openshift4/ose-grafana:v4.6.0-202101300140.p0", "product": { "name": "openshift4/ose-grafana:v4.6.0-202101300140.p0", "product_id": "openshift4/ose-grafana:v4.6.0-202101300140.p0" } }, { "category": "product_version", "name": "openshift4/ose-haproxy-router:v4.6.0-202101300140.p0", "product": { "name": "openshift4/ose-haproxy-router:v4.6.0-202101300140.p0", "product_id": "openshift4/ose-haproxy-router:v4.6.0-202101300140.p0" } }, { "category": "product_version", "name": "openshift4/ose-hyperkube:v4.6.0-202101300140.p0", "product": { "name": "openshift4/ose-hyperkube:v4.6.0-202101300140.p0", "product_id": "openshift4/ose-hyperkube:v4.6.0-202101300140.p0" } }, { "category": "product_version", "name": "openshift4/ose-insights-rhel8-operator:v4.6.0-202101300140.p0", "product": { "name": "openshift4/ose-insights-rhel8-operator:v4.6.0-202101300140.p0", "product_id": "openshift4/ose-insights-rhel8-operator:v4.6.0-202101300140.p0" } }, { "category": "product_version", "name": "openshift4/ose-installer-artifacts:v4.6.0-202101300140.p0", "product": { "name": "openshift4/ose-installer-artifacts:v4.6.0-202101300140.p0", "product_id": "openshift4/ose-installer-artifacts:v4.6.0-202101300140.p0" } }, { "category": "product_version", "name": "openshift4/ose-installer:v4.6.0-202101300140.p0", "product": { "name": "openshift4/ose-installer:v4.6.0-202101300140.p0", "product_id": "openshift4/ose-installer:v4.6.0-202101300140.p0" } }, { "category": "product_version", "name": "openshift4/ose-ironic-hardware-inventory-recorder-rhel8:v4.6.0-202101300140.p0", "product": { "name": "openshift4/ose-ironic-hardware-inventory-recorder-rhel8:v4.6.0-202101300140.p0", "product_id": "openshift4/ose-ironic-hardware-inventory-recorder-rhel8:v4.6.0-202101300140.p0" } }, { "category": "product_version", "name": "openshift4/ose-ironic-inspector-rhel8:v4.6.0-202101300140.p0", "product": { "name": "openshift4/ose-ironic-inspector-rhel8:v4.6.0-202101300140.p0", "product_id": "openshift4/ose-ironic-inspector-rhel8:v4.6.0-202101300140.p0" } }, { "category": "product_version", "name": "openshift4/ose-ironic-ipa-downloader-rhel8:v4.6.0-202101300140.p0", "product": { "name": "openshift4/ose-ironic-ipa-downloader-rhel8:v4.6.0-202101300140.p0", "product_id": "openshift4/ose-ironic-ipa-downloader-rhel8:v4.6.0-202101300140.p0" } }, { "category": "product_version", "name": "openshift4/ose-ironic-machine-os-downloader-rhel8:v4.6.0-202101300140.p0", "product": { "name": "openshift4/ose-ironic-machine-os-downloader-rhel8:v4.6.0-202101300140.p0", "product_id": "openshift4/ose-ironic-machine-os-downloader-rhel8:v4.6.0-202101300140.p0" } }, { "category": "product_version", "name": "openshift4/ose-ironic-rhel8:v4.6.0-202101300140.p0", "product": { "name": "openshift4/ose-ironic-rhel8:v4.6.0-202101300140.p0", "product_id": "openshift4/ose-ironic-rhel8:v4.6.0-202101300140.p0" } }, { "category": "product_version", "name": "openshift4/ose-ironic-static-ip-manager-rhel8:v4.6.0-202101300140.p0", "product": { "name": "openshift4/ose-ironic-static-ip-manager-rhel8:v4.6.0-202101300140.p0", "product_id": "openshift4/ose-ironic-static-ip-manager-rhel8:v4.6.0-202101300140.p0" } }, { "category": "product_version", "name": "openshift4/ose-jenkins-agent-base:v4.6.0-202101301510.p0", "product": { "name": "openshift4/ose-jenkins-agent-base:v4.6.0-202101301510.p0", "product_id": "openshift4/ose-jenkins-agent-base:v4.6.0-202101301510.p0" } }, { "category": "product_version", "name": "openshift4/ose-jenkins-agent-maven:v4.6.0-202101301510.p0", "product": { "name": "openshift4/ose-jenkins-agent-maven:v4.6.0-202101301510.p0", "product_id": "openshift4/ose-jenkins-agent-maven:v4.6.0-202101301510.p0" } }, { "category": "product_version", "name": "openshift4/ose-jenkins-agent-nodejs-12-rhel8:v4.6.0-202101301510.p0", "product": { "name": "openshift4/ose-jenkins-agent-nodejs-12-rhel8:v4.6.0-202101301510.p0", "product_id": "openshift4/ose-jenkins-agent-nodejs-12-rhel8:v4.6.0-202101301510.p0" } }, { "category": "product_version", "name": "openshift4/ose-jenkins:v4.6.0-202101301510.p0", "product": { "name": "openshift4/ose-jenkins:v4.6.0-202101301510.p0", "product_id": "openshift4/ose-jenkins:v4.6.0-202101301510.p0" } }, { "category": "product_version", "name": "openshift4/ose-k8s-prometheus-adapter:v4.6.0-202101300140.p0", "product": { "name": "openshift4/ose-k8s-prometheus-adapter:v4.6.0-202101300140.p0", "product_id": "openshift4/ose-k8s-prometheus-adapter:v4.6.0-202101300140.p0" } }, { "category": "product_version", "name": "openshift4/ose-keepalived-ipfailover:v4.6.0-202101300140.p0", "product": { "name": "openshift4/ose-keepalived-ipfailover:v4.6.0-202101300140.p0", "product_id": "openshift4/ose-keepalived-ipfailover:v4.6.0-202101300140.p0" } }, { "category": "product_version", "name": "openshift4/ose-kube-proxy:v4.6.0-202101300140.p0", "product": { "name": "openshift4/ose-kube-proxy:v4.6.0-202101300140.p0", "product_id": "openshift4/ose-kube-proxy:v4.6.0-202101300140.p0" } }, { "category": "product_version", "name": "openshift4/ose-kube-rbac-proxy:v4.6.0-202101300140.p0", "product": { "name": "openshift4/ose-kube-rbac-proxy:v4.6.0-202101300140.p0", "product_id": "openshift4/ose-kube-rbac-proxy:v4.6.0-202101300140.p0" } }, { "category": "product_version", "name": "openshift4/ose-kube-state-metrics:v4.6.0-202101300140.p0", "product": { "name": "openshift4/ose-kube-state-metrics:v4.6.0-202101300140.p0", "product_id": "openshift4/ose-kube-state-metrics:v4.6.0-202101300140.p0" } }, { "category": "product_version", "name": "openshift4/ose-kube-storage-version-migrator-rhel8:v4.6.0-202101300140.p0", "product": { "name": "openshift4/ose-kube-storage-version-migrator-rhel8:v4.6.0-202101300140.p0", "product_id": "openshift4/ose-kube-storage-version-migrator-rhel8:v4.6.0-202101300140.p0" } }, { "category": "product_version", "name": "openshift4/ose-kuryr-cni-rhel8:v4.6.0-202101300140.p0", "product": { "name": "openshift4/ose-kuryr-cni-rhel8:v4.6.0-202101300140.p0", "product_id": "openshift4/ose-kuryr-cni-rhel8:v4.6.0-202101300140.p0" } }, { "category": "product_version", "name": "openshift4/ose-kuryr-controller-rhel8:v4.6.0-202101300140.p0", "product": { "name": "openshift4/ose-kuryr-controller-rhel8:v4.6.0-202101300140.p0", "product_id": "openshift4/ose-kuryr-controller-rhel8:v4.6.0-202101300140.p0" } }, { "category": "product_version", "name": "openshift4/ose-libvirt-machine-controllers:v4.6.0-202101300140.p0", "product": { "name": "openshift4/ose-libvirt-machine-controllers:v4.6.0-202101300140.p0", "product_id": "openshift4/ose-libvirt-machine-controllers:v4.6.0-202101300140.p0" } }, { "category": "product_version", "name": "openshift4/ose-local-storage-static-provisioner:v4.6.0-202101300140.p0", "product": { "name": "openshift4/ose-local-storage-static-provisioner:v4.6.0-202101300140.p0", "product_id": "openshift4/ose-local-storage-static-provisioner:v4.6.0-202101300140.p0" } }, { "category": "product_version", "name": "openshift4/ose-machine-api-operator:v4.6.0-202101300140.p0", "product": { "name": "openshift4/ose-machine-api-operator:v4.6.0-202101300140.p0", "product_id": "openshift4/ose-machine-api-operator:v4.6.0-202101300140.p0" } }, { "category": "product_version", "name": "openshift4/ose-machine-config-operator:v4.6.0-202101300140.p0", "product": { "name": "openshift4/ose-machine-config-operator:v4.6.0-202101300140.p0", "product_id": "openshift4/ose-machine-config-operator:v4.6.0-202101300140.p0" } }, { "category": "product_version", "name": "openshift4/ose-mdns-publisher-rhel8:v4.6.0-202101300140.p0", "product": { "name": "openshift4/ose-mdns-publisher-rhel8:v4.6.0-202101300140.p0", "product_id": "openshift4/ose-mdns-publisher-rhel8:v4.6.0-202101300140.p0" } }, { "category": "product_version", "name": "openshift4/ose-multus-admission-controller:v4.6.0-202101300140.p0", "product": { "name": "openshift4/ose-multus-admission-controller:v4.6.0-202101300140.p0", "product_id": "openshift4/ose-multus-admission-controller:v4.6.0-202101300140.p0" } }, { "category": "product_version", "name": "openshift4/ose-multus-cni:v4.6.0-202101300140.p0", "product": { "name": "openshift4/ose-multus-cni:v4.6.0-202101300140.p0", "product_id": "openshift4/ose-multus-cni:v4.6.0-202101300140.p0" } }, { "category": "product_version", "name": "openshift4/ose-multus-route-override-cni-rhel8:v4.6.0-202101300140.p0", "product": { "name": "openshift4/ose-multus-route-override-cni-rhel8:v4.6.0-202101300140.p0", "product_id": "openshift4/ose-multus-route-override-cni-rhel8:v4.6.0-202101300140.p0" } }, { "category": "product_version", "name": "openshift4/ose-multus-whereabouts-ipam-cni-rhel8:v4.6.0-202101300140.p0", "product": { "name": "openshift4/ose-multus-whereabouts-ipam-cni-rhel8:v4.6.0-202101300140.p0", "product_id": "openshift4/ose-multus-whereabouts-ipam-cni-rhel8:v4.6.0-202101300140.p0" } }, { "category": "product_version", "name": "openshift4/ose-must-gather:v4.6.0-202101301510.p0", "product": { "name": "openshift4/ose-must-gather:v4.6.0-202101301510.p0", "product_id": "openshift4/ose-must-gather:v4.6.0-202101301510.p0" } }, { "category": "product_version", "name": "openshift4/ose-network-metrics-daemon-rhel8:v4.6.0-202101300140.p0", "product": { "name": "openshift4/ose-network-metrics-daemon-rhel8:v4.6.0-202101300140.p0", "product_id": "openshift4/ose-network-metrics-daemon-rhel8:v4.6.0-202101300140.p0" } }, { "category": "product_version", "name": "openshift4/ose-oauth-apiserver-rhel8:v4.6.0-202101300140.p0", "product": { "name": "openshift4/ose-oauth-apiserver-rhel8:v4.6.0-202101300140.p0", "product_id": "openshift4/ose-oauth-apiserver-rhel8:v4.6.0-202101300140.p0" } }, { "category": "product_version", "name": "openshift4/ose-oauth-proxy:v4.6.0-202101300140.p0", "product": { "name": "openshift4/ose-oauth-proxy:v4.6.0-202101300140.p0", "product_id": "openshift4/ose-oauth-proxy:v4.6.0-202101300140.p0" } }, { "category": "product_version", "name": "openshift4/ose-oauth-server-rhel8:v4.6.0-202101300140.p0", "product": { "name": "openshift4/ose-oauth-server-rhel8:v4.6.0-202101300140.p0", "product_id": "openshift4/ose-oauth-server-rhel8:v4.6.0-202101300140.p0" } }, { "category": "product_version", "name": "openshift4/ose-openshift-apiserver-rhel8:v4.6.0-202101300850.p0", "product": { "name": "openshift4/ose-openshift-apiserver-rhel8:v4.6.0-202101300850.p0", "product_id": "openshift4/ose-openshift-apiserver-rhel8:v4.6.0-202101300850.p0" } }, { "category": "product_version", "name": "openshift4/ose-openshift-controller-manager-rhel8:v4.6.0-202101300140.p0", "product": { "name": "openshift4/ose-openshift-controller-manager-rhel8:v4.6.0-202101300140.p0", "product_id": "openshift4/ose-openshift-controller-manager-rhel8:v4.6.0-202101300140.p0" } }, { "category": "product_version", "name": "openshift4/ose-openshift-state-metrics-rhel8:v4.6.0-202101300140.p0", "product": { "name": "openshift4/ose-openshift-state-metrics-rhel8:v4.6.0-202101300140.p0", "product_id": "openshift4/ose-openshift-state-metrics-rhel8:v4.6.0-202101300140.p0" } }, { "category": "product_version", "name": "openshift4/ose-openstack-machine-controllers:v4.6.0-202101300140.p0", "product": { "name": "openshift4/ose-openstack-machine-controllers:v4.6.0-202101300140.p0", "product_id": "openshift4/ose-openstack-machine-controllers:v4.6.0-202101300140.p0" } }, { "category": "product_version", "name": "openshift4/ose-operator-lifecycle-manager:v4.6.0-202101300140.p0", "product": { "name": "openshift4/ose-operator-lifecycle-manager:v4.6.0-202101300140.p0", "product_id": "openshift4/ose-operator-lifecycle-manager:v4.6.0-202101300140.p0" } }, { "category": "product_version", "name": "openshift4/ose-operator-marketplace:v4.6.0-202101300140.p0", "product": { "name": "openshift4/ose-operator-marketplace:v4.6.0-202101300140.p0", "product_id": "openshift4/ose-operator-marketplace:v4.6.0-202101300140.p0" } }, { "category": "product_version", "name": "openshift4/ose-operator-registry:v4.6.0-202101300140.p0", "product": { "name": "openshift4/ose-operator-registry:v4.6.0-202101300140.p0", "product_id": "openshift4/ose-operator-registry:v4.6.0-202101300140.p0" } }, { "category": "product_version", "name": "openshift4/ose-ovirt-machine-controllers-rhel8:v4.6.0-202101300140.p0", "product": { "name": "openshift4/ose-ovirt-machine-controllers-rhel8:v4.6.0-202101300140.p0", "product_id": "openshift4/ose-ovirt-machine-controllers-rhel8:v4.6.0-202101300140.p0" } }, { "category": "product_version", "name": "openshift4/ose-ovn-kubernetes:v4.6.0-202101301510.p0", "product": { "name": "openshift4/ose-ovn-kubernetes:v4.6.0-202101301510.p0", "product_id": "openshift4/ose-ovn-kubernetes:v4.6.0-202101301510.p0" } }, { "category": "product_version", "name": "openshift4/ose-pod:v4.6.0-202101300140.p0", "product": { "name": "openshift4/ose-pod:v4.6.0-202101300140.p0", "product_id": "openshift4/ose-pod:v4.6.0-202101300140.p0" } }, { "category": "product_version", "name": "openshift4/ose-prom-label-proxy:v4.6.0-202101300140.p0", "product": { "name": "openshift4/ose-prom-label-proxy:v4.6.0-202101300140.p0", "product_id": "openshift4/ose-prom-label-proxy:v4.6.0-202101300140.p0" } }, { "category": "product_version", "name": "openshift4/ose-prometheus-alertmanager:v4.6.0-202101300140.p0", "product": { "name": "openshift4/ose-prometheus-alertmanager:v4.6.0-202101300140.p0", "product_id": "openshift4/ose-prometheus-alertmanager:v4.6.0-202101300140.p0" } }, { "category": "product_version", "name": "openshift4/ose-prometheus-config-reloader:v4.6.0-202101300140.p0", "product": { "name": "openshift4/ose-prometheus-config-reloader:v4.6.0-202101300140.p0", "product_id": "openshift4/ose-prometheus-config-reloader:v4.6.0-202101300140.p0" } }, { "category": "product_version", "name": "openshift4/ose-prometheus-node-exporter:v4.6.0-202101300140.p0", "product": { "name": "openshift4/ose-prometheus-node-exporter:v4.6.0-202101300140.p0", "product_id": "openshift4/ose-prometheus-node-exporter:v4.6.0-202101300140.p0" } }, { "category": "product_version", "name": "openshift4/ose-prometheus-operator:v4.6.0-202101300140.p0", "product": { "name": "openshift4/ose-prometheus-operator:v4.6.0-202101300140.p0", "product_id": "openshift4/ose-prometheus-operator:v4.6.0-202101300140.p0" } }, { "category": "product_version", "name": "openshift4/ose-prometheus:v4.6.0-202101300140.p0", "product": { "name": "openshift4/ose-prometheus:v4.6.0-202101300140.p0", "product_id": "openshift4/ose-prometheus:v4.6.0-202101300140.p0" } }, { "category": "product_version", "name": "openshift4/ose-sdn-rhel8:v4.6.0-202101300140.p0", "product": { "name": "openshift4/ose-sdn-rhel8:v4.6.0-202101300140.p0", "product_id": "openshift4/ose-sdn-rhel8:v4.6.0-202101300140.p0" } }, { "category": "product_version", "name": "openshift4/ose-service-ca-operator:v4.6.0-202101300140.p0", "product": { "name": "openshift4/ose-service-ca-operator:v4.6.0-202101300140.p0", "product_id": "openshift4/ose-service-ca-operator:v4.6.0-202101300140.p0" } }, { "category": "product_version", "name": "openshift4/ose-telemeter:v4.6.0-202101300140.p0", "product": { "name": "openshift4/ose-telemeter:v4.6.0-202101300140.p0", "product_id": "openshift4/ose-telemeter:v4.6.0-202101300140.p0" } }, { "category": "product_version", "name": "openshift4/ose-tests:v4.6.0-202101301510.p0", "product": { "name": "openshift4/ose-tests:v4.6.0-202101301510.p0", "product_id": "openshift4/ose-tests:v4.6.0-202101301510.p0" } }, { "category": "product_version", "name": "openshift4/ose-thanos-rhel8:v4.6.0-202101300140.p0", "product": { "name": "openshift4/ose-thanos-rhel8:v4.6.0-202101300140.p0", "product_id": "openshift4/ose-thanos-rhel8:v4.6.0-202101300140.p0" } }, { "category": "product_version", "name": "openshift4/ose-tools-rhel8:v4.6.0-202101301510.p0", "product": { "name": "openshift4/ose-tools-rhel8:v4.6.0-202101301510.p0", "product_id": "openshift4/ose-tools-rhel8:v4.6.0-202101301510.p0" } }, { "category": "product_version", "name": "openshift4/ovirt-csi-driver-rhel7:v4.6.0-202101300140.p0", "product": { "name": "openshift4/ovirt-csi-driver-rhel7:v4.6.0-202101300140.p0", "product_id": "openshift4/ovirt-csi-driver-rhel7:v4.6.0-202101300140.p0" } }, { "category": "product_version", "name": "openshift4/ovirt-csi-driver-rhel8-operator:v4.6.0-202101300140.p0", "product": { "name": "openshift4/ovirt-csi-driver-rhel8-operator:v4.6.0-202101300140.p0", "product_id": "openshift4/ovirt-csi-driver-rhel8-operator:v4.6.0-202101300140.p0" } } ], "category": "vendor", "name": "Red Hat" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-aws-ebs-csi-driver-rhel8-operator:v4.6.0-202101300140.p0 as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-aws-ebs-csi-driver-rhel8-operator:v4.6.0-202101300140.p0" }, "product_reference": "openshift4/ose-aws-ebs-csi-driver-rhel8-operator:v4.6.0-202101300140.p0", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-aws-ebs-csi-driver-rhel8:v4.6.0-202101300140.p0 as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-aws-ebs-csi-driver-rhel8:v4.6.0-202101300140.p0" }, "product_reference": "openshift4/ose-aws-ebs-csi-driver-rhel8:v4.6.0-202101300140.p0", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-aws-machine-controllers:v4.6.0-202101300140.p0 as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-aws-machine-controllers:v4.6.0-202101300140.p0" }, "product_reference": "openshift4/ose-aws-machine-controllers:v4.6.0-202101300140.p0", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-aws-pod-identity-webhook-rhel8:v4.6.0-202101300140.p0 as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-aws-pod-identity-webhook-rhel8:v4.6.0-202101300140.p0" }, "product_reference": "openshift4/ose-aws-pod-identity-webhook-rhel8:v4.6.0-202101300140.p0", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-azure-machine-controllers:v4.6.0-202101300140.p0 as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-azure-machine-controllers:v4.6.0-202101300140.p0" }, "product_reference": "openshift4/ose-azure-machine-controllers:v4.6.0-202101300140.p0", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-baremetal-installer-rhel8:v4.6.0-202101300140.p0 as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-baremetal-installer-rhel8:v4.6.0-202101300140.p0" }, "product_reference": "openshift4/ose-baremetal-installer-rhel8:v4.6.0-202101300140.p0", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-baremetal-machine-controllers:v4.6.0-202101300140.p0 as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers:v4.6.0-202101300140.p0" }, "product_reference": "openshift4/ose-baremetal-machine-controllers:v4.6.0-202101300140.p0", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-baremetal-rhel8-operator:v4.6.0-202101300140.p0 as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator:v4.6.0-202101300140.p0" }, "product_reference": "openshift4/ose-baremetal-rhel8-operator:v4.6.0-202101300140.p0", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-baremetal-runtimecfg-rhel8:v4.6.0-202101300140.p0 as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8:v4.6.0-202101300140.p0" }, "product_reference": "openshift4/ose-baremetal-runtimecfg-rhel8:v4.6.0-202101300140.p0", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-cli-artifacts:v4.6.0-202101301510.p0 as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-cli-artifacts:v4.6.0-202101301510.p0" }, "product_reference": "openshift4/ose-cli-artifacts:v4.6.0-202101301510.p0", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-cli:v4.6.0-202101301510.p0 as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-cli:v4.6.0-202101301510.p0" }, "product_reference": "openshift4/ose-cli:v4.6.0-202101301510.p0", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-cloud-credential-operator:v4.6.0-202101300140.p0 as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator:v4.6.0-202101300140.p0" }, "product_reference": "openshift4/ose-cloud-credential-operator:v4.6.0-202101300140.p0", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-cluster-authentication-operator:v4.6.0-202101300140.p0 as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator:v4.6.0-202101300140.p0" }, "product_reference": "openshift4/ose-cluster-authentication-operator:v4.6.0-202101300140.p0", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-cluster-autoscaler-operator:v4.6.0-202101300140.p0 as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator:v4.6.0-202101300140.p0" }, "product_reference": "openshift4/ose-cluster-autoscaler-operator:v4.6.0-202101300140.p0", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-cluster-autoscaler:v4.6.0-202101300140.p0 as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler:v4.6.0-202101300140.p0" }, "product_reference": "openshift4/ose-cluster-autoscaler:v4.6.0-202101300140.p0", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-cluster-bootstrap:v4.6.0-202101300140.p0 as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-cluster-bootstrap:v4.6.0-202101300140.p0" }, "product_reference": "openshift4/ose-cluster-bootstrap:v4.6.0-202101300140.p0", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-cluster-config-operator:v4.6.0-202101300140.p0 as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator:v4.6.0-202101300140.p0" }, "product_reference": "openshift4/ose-cluster-config-operator:v4.6.0-202101300140.p0", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator:v4.6.0-202101300140.p0 as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator:v4.6.0-202101300140.p0" }, "product_reference": "openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator:v4.6.0-202101300140.p0", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-cluster-dns-operator:v4.6.0-202101301510.p0 as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator:v4.6.0-202101301510.p0" }, "product_reference": "openshift4/ose-cluster-dns-operator:v4.6.0-202101301510.p0", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-cluster-etcd-rhel8-operator:v4.6.0-202101300140.p0 as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator:v4.6.0-202101300140.p0" }, "product_reference": "openshift4/ose-cluster-etcd-rhel8-operator:v4.6.0-202101300140.p0", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-cluster-image-registry-operator:v4.6.0-202101300140.p0 as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator:v4.6.0-202101300140.p0" }, "product_reference": "openshift4/ose-cluster-image-registry-operator:v4.6.0-202101300140.p0", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-cluster-ingress-operator:v4.6.0-202101300140.p0 as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-cluster-ingress-operator:v4.6.0-202101300140.p0" }, "product_reference": "openshift4/ose-cluster-ingress-operator:v4.6.0-202101300140.p0", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-cluster-kube-apiserver-operator:v4.6.0-202101300140.p0 as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator:v4.6.0-202101300140.p0" }, "product_reference": "openshift4/ose-cluster-kube-apiserver-operator:v4.6.0-202101300140.p0", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-cluster-kube-controller-manager-operator:v4.6.0-202101300140.p0 as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator:v4.6.0-202101300140.p0" }, "product_reference": "openshift4/ose-cluster-kube-controller-manager-operator:v4.6.0-202101300140.p0", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-cluster-kube-scheduler-operator:v4.6.0-202101300140.p0 as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator:v4.6.0-202101300140.p0" }, "product_reference": "openshift4/ose-cluster-kube-scheduler-operator:v4.6.0-202101300140.p0", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator:v4.6.0-202101300140.p0 as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator:v4.6.0-202101300140.p0" }, "product_reference": "openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator:v4.6.0-202101300140.p0", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-cluster-machine-approver:v4.6.0-202101300140.p0 as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver:v4.6.0-202101300140.p0" }, "product_reference": "openshift4/ose-cluster-machine-approver:v4.6.0-202101300140.p0", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-cluster-monitoring-operator:v4.6.0-202101300850.p0 as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-cluster-monitoring-operator:v4.6.0-202101300850.p0" }, "product_reference": "openshift4/ose-cluster-monitoring-operator:v4.6.0-202101300850.p0", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-cluster-network-operator:v4.6.0-202101300140.p0 as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-cluster-network-operator:v4.6.0-202101300140.p0" }, "product_reference": "openshift4/ose-cluster-network-operator:v4.6.0-202101300140.p0", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-cluster-node-tuning-operator:v4.6.0-202101300140.p0 as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-cluster-node-tuning-operator:v4.6.0-202101300140.p0" }, "product_reference": "openshift4/ose-cluster-node-tuning-operator:v4.6.0-202101300140.p0", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-cluster-openshift-apiserver-operator:v4.6.0-202101300140.p0 as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator:v4.6.0-202101300140.p0" }, "product_reference": "openshift4/ose-cluster-openshift-apiserver-operator:v4.6.0-202101300140.p0", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-cluster-openshift-controller-manager-operator:v4.6.0-202101300140.p0 as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator:v4.6.0-202101300140.p0" }, "product_reference": "openshift4/ose-cluster-openshift-controller-manager-operator:v4.6.0-202101300140.p0", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-cluster-policy-controller-rhel8:v4.6.0-202101300140.p0 as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8:v4.6.0-202101300140.p0" }, "product_reference": "openshift4/ose-cluster-policy-controller-rhel8:v4.6.0-202101300140.p0", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-cluster-samples-operator:v4.6.0-202101300140.p0 as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator:v4.6.0-202101300140.p0" }, "product_reference": "openshift4/ose-cluster-samples-operator:v4.6.0-202101300140.p0", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-cluster-storage-operator:v4.6.0-202101300140.p0 as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator:v4.6.0-202101300140.p0" }, "product_reference": "openshift4/ose-cluster-storage-operator:v4.6.0-202101300140.p0", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-cluster-update-keys:v4.6.0-202101300140.p0 as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-cluster-update-keys:v4.6.0-202101300140.p0" }, "product_reference": "openshift4/ose-cluster-update-keys:v4.6.0-202101300140.p0", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-cluster-version-operator:v4.6.0-202101300140.p0 as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-cluster-version-operator:v4.6.0-202101300140.p0" }, "product_reference": "openshift4/ose-cluster-version-operator:v4.6.0-202101300140.p0", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-configmap-reloader:v4.6.0-202101300140.p0 as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-configmap-reloader:v4.6.0-202101300140.p0" }, "product_reference": "openshift4/ose-configmap-reloader:v4.6.0-202101300140.p0", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-console-operator:v4.6.0-202101300140.p0 as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-console-operator:v4.6.0-202101300140.p0" }, "product_reference": "openshift4/ose-console-operator:v4.6.0-202101300140.p0", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-console:v4.6.0-202101300140.p0 as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-console:v4.6.0-202101300140.p0" }, "product_reference": "openshift4/ose-console:v4.6.0-202101300140.p0", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-container-networking-plugins-rhel8:v4.6.0-202101300140.p0 as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-container-networking-plugins-rhel8:v4.6.0-202101300140.p0" }, "product_reference": "openshift4/ose-container-networking-plugins-rhel8:v4.6.0-202101300140.p0", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-coredns:v4.6.0-202101300140.p0 as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-coredns:v4.6.0-202101300140.p0" }, "product_reference": "openshift4/ose-coredns:v4.6.0-202101300140.p0", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-csi-driver-manila-rhel8-operator:v4.6.0-202101300140.p0 as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-csi-driver-manila-rhel8-operator:v4.6.0-202101300140.p0" }, "product_reference": "openshift4/ose-csi-driver-manila-rhel8-operator:v4.6.0-202101300140.p0", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-csi-driver-manila-rhel8:v4.6.0-202101300140.p0 as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-csi-driver-manila-rhel8:v4.6.0-202101300140.p0" }, "product_reference": "openshift4/ose-csi-driver-manila-rhel8:v4.6.0-202101300140.p0", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-csi-driver-nfs-rhel8:v4.6.0-202101300140.p0 as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-csi-driver-nfs-rhel8:v4.6.0-202101300140.p0" }, "product_reference": "openshift4/ose-csi-driver-nfs-rhel8:v4.6.0-202101300140.p0", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-csi-external-attacher-rhel8:v4.6.0-202101300140.p0 as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8:v4.6.0-202101300140.p0" }, "product_reference": "openshift4/ose-csi-external-attacher-rhel8:v4.6.0-202101300140.p0", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-csi-external-attacher:v4.6.0-202101300140.p0 as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher:v4.6.0-202101300140.p0" }, "product_reference": "openshift4/ose-csi-external-attacher:v4.6.0-202101300140.p0", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-csi-external-provisioner-rhel8:v4.6.0-202101300140.p0 as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8:v4.6.0-202101300140.p0" }, "product_reference": "openshift4/ose-csi-external-provisioner-rhel8:v4.6.0-202101300140.p0", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-csi-external-provisioner:v4.6.0-202101300140.p0 as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner:v4.6.0-202101300140.p0" }, "product_reference": "openshift4/ose-csi-external-provisioner:v4.6.0-202101300140.p0", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-csi-external-resizer-rhel8:v4.6.0-202101300140.p0 as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8:v4.6.0-202101300140.p0" }, "product_reference": "openshift4/ose-csi-external-resizer-rhel8:v4.6.0-202101300140.p0", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-csi-external-resizer:v4.6.0-202101300140.p0 as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer:v4.6.0-202101300140.p0" }, "product_reference": "openshift4/ose-csi-external-resizer:v4.6.0-202101300140.p0", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-csi-external-snapshotter-rhel8:v4.6.0-202101300140.p0 as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8:v4.6.0-202101300140.p0" }, "product_reference": "openshift4/ose-csi-external-snapshotter-rhel8:v4.6.0-202101300140.p0", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-csi-external-snapshotter:v4.6.0-202101300140.p0 as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter:v4.6.0-202101300140.p0" }, "product_reference": "openshift4/ose-csi-external-snapshotter:v4.6.0-202101300140.p0", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-csi-livenessprobe-rhel8:v4.6.0-202101300140.p0 as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8:v4.6.0-202101300140.p0" }, "product_reference": "openshift4/ose-csi-livenessprobe-rhel8:v4.6.0-202101300140.p0", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-csi-livenessprobe:v4.6.0-202101300140.p0 as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe:v4.6.0-202101300140.p0" }, "product_reference": "openshift4/ose-csi-livenessprobe:v4.6.0-202101300140.p0", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-csi-node-driver-registrar-rhel8:v4.6.0-202101300140.p0 as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8:v4.6.0-202101300140.p0" }, "product_reference": "openshift4/ose-csi-node-driver-registrar-rhel8:v4.6.0-202101300140.p0", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-csi-node-driver-registrar:v4.6.0-202101300140.p0 as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar:v4.6.0-202101300140.p0" }, "product_reference": "openshift4/ose-csi-node-driver-registrar:v4.6.0-202101300140.p0", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-csi-snapshot-controller-rhel8:v4.6.0-202101300140.p0 as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8:v4.6.0-202101300140.p0" }, "product_reference": "openshift4/ose-csi-snapshot-controller-rhel8:v4.6.0-202101300140.p0", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-csi-snapshot-controller:v4.6.0-202101300140.p0 as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller:v4.6.0-202101300140.p0" }, "product_reference": "openshift4/ose-csi-snapshot-controller:v4.6.0-202101300140.p0", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-deployer:v4.6.0-202101301510.p0 as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-deployer:v4.6.0-202101301510.p0" }, "product_reference": "openshift4/ose-deployer:v4.6.0-202101301510.p0", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-docker-builder:v4.6.0-202101300140.p0 as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-docker-builder:v4.6.0-202101300140.p0" }, "product_reference": "openshift4/ose-docker-builder:v4.6.0-202101300140.p0", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-docker-registry:v4.6.0-202101300140.p0 as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-docker-registry:v4.6.0-202101300140.p0" }, "product_reference": "openshift4/ose-docker-registry:v4.6.0-202101300140.p0", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-etcd:v4.6.0-202101300140.p0 as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-etcd:v4.6.0-202101300140.p0" }, "product_reference": "openshift4/ose-etcd:v4.6.0-202101300140.p0", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-gcp-machine-controllers-rhel8:v4.6.0-202101300140.p0 as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-gcp-machine-controllers-rhel8:v4.6.0-202101300140.p0" }, "product_reference": "openshift4/ose-gcp-machine-controllers-rhel8:v4.6.0-202101300140.p0", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-grafana:v4.6.0-202101300140.p0 as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-grafana:v4.6.0-202101300140.p0" }, "product_reference": "openshift4/ose-grafana:v4.6.0-202101300140.p0", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-haproxy-router:v4.6.0-202101300140.p0 as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-haproxy-router:v4.6.0-202101300140.p0" }, "product_reference": "openshift4/ose-haproxy-router:v4.6.0-202101300140.p0", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-hyperkube:v4.6.0-202101300140.p0 as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-hyperkube:v4.6.0-202101300140.p0" }, "product_reference": "openshift4/ose-hyperkube:v4.6.0-202101300140.p0", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-insights-rhel8-operator:v4.6.0-202101300140.p0 as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-insights-rhel8-operator:v4.6.0-202101300140.p0" }, "product_reference": "openshift4/ose-insights-rhel8-operator:v4.6.0-202101300140.p0", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-installer-artifacts:v4.6.0-202101300140.p0 as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-installer-artifacts:v4.6.0-202101300140.p0" }, "product_reference": "openshift4/ose-installer-artifacts:v4.6.0-202101300140.p0", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-installer:v4.6.0-202101300140.p0 as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-installer:v4.6.0-202101300140.p0" }, "product_reference": "openshift4/ose-installer:v4.6.0-202101300140.p0", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-ironic-hardware-inventory-recorder-rhel8:v4.6.0-202101300140.p0 as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-ironic-hardware-inventory-recorder-rhel8:v4.6.0-202101300140.p0" }, "product_reference": "openshift4/ose-ironic-hardware-inventory-recorder-rhel8:v4.6.0-202101300140.p0", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-ironic-inspector-rhel8:v4.6.0-202101300140.p0 as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-ironic-inspector-rhel8:v4.6.0-202101300140.p0" }, "product_reference": "openshift4/ose-ironic-inspector-rhel8:v4.6.0-202101300140.p0", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-ironic-ipa-downloader-rhel8:v4.6.0-202101300140.p0 as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-ironic-ipa-downloader-rhel8:v4.6.0-202101300140.p0" }, "product_reference": "openshift4/ose-ironic-ipa-downloader-rhel8:v4.6.0-202101300140.p0", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-ironic-machine-os-downloader-rhel8:v4.6.0-202101300140.p0 as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-ironic-machine-os-downloader-rhel8:v4.6.0-202101300140.p0" }, "product_reference": "openshift4/ose-ironic-machine-os-downloader-rhel8:v4.6.0-202101300140.p0", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-ironic-rhel8:v4.6.0-202101300140.p0 as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-ironic-rhel8:v4.6.0-202101300140.p0" }, "product_reference": "openshift4/ose-ironic-rhel8:v4.6.0-202101300140.p0", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-ironic-static-ip-manager-rhel8:v4.6.0-202101300140.p0 as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-ironic-static-ip-manager-rhel8:v4.6.0-202101300140.p0" }, "product_reference": "openshift4/ose-ironic-static-ip-manager-rhel8:v4.6.0-202101300140.p0", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-jenkins-agent-base:v4.6.0-202101301510.p0 as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-jenkins-agent-base:v4.6.0-202101301510.p0" }, "product_reference": "openshift4/ose-jenkins-agent-base:v4.6.0-202101301510.p0", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-jenkins-agent-maven:v4.6.0-202101301510.p0 as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-jenkins-agent-maven:v4.6.0-202101301510.p0" }, "product_reference": "openshift4/ose-jenkins-agent-maven:v4.6.0-202101301510.p0", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-jenkins-agent-nodejs-12-rhel8:v4.6.0-202101301510.p0 as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-jenkins-agent-nodejs-12-rhel8:v4.6.0-202101301510.p0" }, "product_reference": "openshift4/ose-jenkins-agent-nodejs-12-rhel8:v4.6.0-202101301510.p0", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-jenkins:v4.6.0-202101301510.p0 as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-jenkins:v4.6.0-202101301510.p0" }, "product_reference": "openshift4/ose-jenkins:v4.6.0-202101301510.p0", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-k8s-prometheus-adapter:v4.6.0-202101300140.p0 as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-k8s-prometheus-adapter:v4.6.0-202101300140.p0" }, "product_reference": "openshift4/ose-k8s-prometheus-adapter:v4.6.0-202101300140.p0", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-keepalived-ipfailover:v4.6.0-202101300140.p0 as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-keepalived-ipfailover:v4.6.0-202101300140.p0" }, "product_reference": "openshift4/ose-keepalived-ipfailover:v4.6.0-202101300140.p0", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-kube-proxy:v4.6.0-202101300140.p0 as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-kube-proxy:v4.6.0-202101300140.p0" }, "product_reference": "openshift4/ose-kube-proxy:v4.6.0-202101300140.p0", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-kube-rbac-proxy:v4.6.0-202101300140.p0 as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy:v4.6.0-202101300140.p0" }, "product_reference": "openshift4/ose-kube-rbac-proxy:v4.6.0-202101300140.p0", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-kube-state-metrics:v4.6.0-202101300140.p0 as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-kube-state-metrics:v4.6.0-202101300140.p0" }, "product_reference": "openshift4/ose-kube-state-metrics:v4.6.0-202101300140.p0", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-kube-storage-version-migrator-rhel8:v4.6.0-202101300140.p0 as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8:v4.6.0-202101300140.p0" }, "product_reference": "openshift4/ose-kube-storage-version-migrator-rhel8:v4.6.0-202101300140.p0", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-kuryr-cni-rhel8:v4.6.0-202101300140.p0 as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-kuryr-cni-rhel8:v4.6.0-202101300140.p0" }, "product_reference": "openshift4/ose-kuryr-cni-rhel8:v4.6.0-202101300140.p0", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-kuryr-controller-rhel8:v4.6.0-202101300140.p0 as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-kuryr-controller-rhel8:v4.6.0-202101300140.p0" }, "product_reference": "openshift4/ose-kuryr-controller-rhel8:v4.6.0-202101300140.p0", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-libvirt-machine-controllers:v4.6.0-202101300140.p0 as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-libvirt-machine-controllers:v4.6.0-202101300140.p0" }, "product_reference": "openshift4/ose-libvirt-machine-controllers:v4.6.0-202101300140.p0", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-local-storage-static-provisioner:v4.6.0-202101300140.p0 as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner:v4.6.0-202101300140.p0" }, "product_reference": "openshift4/ose-local-storage-static-provisioner:v4.6.0-202101300140.p0", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-machine-api-operator:v4.6.0-202101300140.p0 as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-machine-api-operator:v4.6.0-202101300140.p0" }, "product_reference": "openshift4/ose-machine-api-operator:v4.6.0-202101300140.p0", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-machine-config-operator:v4.6.0-202101300140.p0 as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-machine-config-operator:v4.6.0-202101300140.p0" }, "product_reference": "openshift4/ose-machine-config-operator:v4.6.0-202101300140.p0", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-mdns-publisher-rhel8:v4.6.0-202101300140.p0 as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8:v4.6.0-202101300140.p0" }, "product_reference": "openshift4/ose-mdns-publisher-rhel8:v4.6.0-202101300140.p0", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-multus-admission-controller:v4.6.0-202101300140.p0 as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller:v4.6.0-202101300140.p0" }, "product_reference": "openshift4/ose-multus-admission-controller:v4.6.0-202101300140.p0", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-multus-cni:v4.6.0-202101300140.p0 as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-multus-cni:v4.6.0-202101300140.p0" }, "product_reference": "openshift4/ose-multus-cni:v4.6.0-202101300140.p0", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-multus-route-override-cni-rhel8:v4.6.0-202101300140.p0 as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8:v4.6.0-202101300140.p0" }, "product_reference": "openshift4/ose-multus-route-override-cni-rhel8:v4.6.0-202101300140.p0", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-multus-whereabouts-ipam-cni-rhel8:v4.6.0-202101300140.p0 as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8:v4.6.0-202101300140.p0" }, "product_reference": "openshift4/ose-multus-whereabouts-ipam-cni-rhel8:v4.6.0-202101300140.p0", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-must-gather:v4.6.0-202101301510.p0 as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-must-gather:v4.6.0-202101301510.p0" }, "product_reference": "openshift4/ose-must-gather:v4.6.0-202101301510.p0", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-network-metrics-daemon-rhel8:v4.6.0-202101300140.p0 as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8:v4.6.0-202101300140.p0" }, "product_reference": "openshift4/ose-network-metrics-daemon-rhel8:v4.6.0-202101300140.p0", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-oauth-apiserver-rhel8:v4.6.0-202101300140.p0 as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8:v4.6.0-202101300140.p0" }, "product_reference": "openshift4/ose-oauth-apiserver-rhel8:v4.6.0-202101300140.p0", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-oauth-proxy:v4.6.0-202101300140.p0 as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-oauth-proxy:v4.6.0-202101300140.p0" }, "product_reference": "openshift4/ose-oauth-proxy:v4.6.0-202101300140.p0", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-oauth-server-rhel8:v4.6.0-202101300140.p0 as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-oauth-server-rhel8:v4.6.0-202101300140.p0" }, "product_reference": "openshift4/ose-oauth-server-rhel8:v4.6.0-202101300140.p0", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-openshift-apiserver-rhel8:v4.6.0-202101300850.p0 as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8:v4.6.0-202101300850.p0" }, "product_reference": "openshift4/ose-openshift-apiserver-rhel8:v4.6.0-202101300850.p0", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-openshift-controller-manager-rhel8:v4.6.0-202101300140.p0 as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8:v4.6.0-202101300140.p0" }, "product_reference": "openshift4/ose-openshift-controller-manager-rhel8:v4.6.0-202101300140.p0", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-openshift-state-metrics-rhel8:v4.6.0-202101300140.p0 as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-openshift-state-metrics-rhel8:v4.6.0-202101300140.p0" }, "product_reference": "openshift4/ose-openshift-state-metrics-rhel8:v4.6.0-202101300140.p0", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-openstack-machine-controllers:v4.6.0-202101300140.p0 as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-openstack-machine-controllers:v4.6.0-202101300140.p0" }, "product_reference": "openshift4/ose-openstack-machine-controllers:v4.6.0-202101300140.p0", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-operator-lifecycle-manager:v4.6.0-202101300140.p0 as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager:v4.6.0-202101300140.p0" }, "product_reference": "openshift4/ose-operator-lifecycle-manager:v4.6.0-202101300140.p0", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-operator-marketplace:v4.6.0-202101300140.p0 as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-operator-marketplace:v4.6.0-202101300140.p0" }, "product_reference": "openshift4/ose-operator-marketplace:v4.6.0-202101300140.p0", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-operator-registry:v4.6.0-202101300140.p0 as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-operator-registry:v4.6.0-202101300140.p0" }, "product_reference": "openshift4/ose-operator-registry:v4.6.0-202101300140.p0", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-ovirt-machine-controllers-rhel8:v4.6.0-202101300140.p0 as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-ovirt-machine-controllers-rhel8:v4.6.0-202101300140.p0" }, "product_reference": "openshift4/ose-ovirt-machine-controllers-rhel8:v4.6.0-202101300140.p0", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-ovn-kubernetes:v4.6.0-202101301510.p0 as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-ovn-kubernetes:v4.6.0-202101301510.p0" }, "product_reference": "openshift4/ose-ovn-kubernetes:v4.6.0-202101301510.p0", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-pod:v4.6.0-202101300140.p0 as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-pod:v4.6.0-202101300140.p0" }, "product_reference": "openshift4/ose-pod:v4.6.0-202101300140.p0", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-prom-label-proxy:v4.6.0-202101300140.p0 as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-prom-label-proxy:v4.6.0-202101300140.p0" }, "product_reference": "openshift4/ose-prom-label-proxy:v4.6.0-202101300140.p0", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-prometheus-alertmanager:v4.6.0-202101300140.p0 as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-prometheus-alertmanager:v4.6.0-202101300140.p0" }, "product_reference": "openshift4/ose-prometheus-alertmanager:v4.6.0-202101300140.p0", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-prometheus-config-reloader:v4.6.0-202101300140.p0 as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-prometheus-config-reloader:v4.6.0-202101300140.p0" }, "product_reference": "openshift4/ose-prometheus-config-reloader:v4.6.0-202101300140.p0", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-prometheus-node-exporter:v4.6.0-202101300140.p0 as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-prometheus-node-exporter:v4.6.0-202101300140.p0" }, "product_reference": "openshift4/ose-prometheus-node-exporter:v4.6.0-202101300140.p0", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-prometheus-operator:v4.6.0-202101300140.p0 as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-prometheus-operator:v4.6.0-202101300140.p0" }, "product_reference": "openshift4/ose-prometheus-operator:v4.6.0-202101300140.p0", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-prometheus:v4.6.0-202101300140.p0 as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-prometheus:v4.6.0-202101300140.p0" }, "product_reference": "openshift4/ose-prometheus:v4.6.0-202101300140.p0", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-sdn-rhel8:v4.6.0-202101300140.p0 as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-sdn-rhel8:v4.6.0-202101300140.p0" }, "product_reference": "openshift4/ose-sdn-rhel8:v4.6.0-202101300140.p0", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-service-ca-operator:v4.6.0-202101300140.p0 as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-service-ca-operator:v4.6.0-202101300140.p0" }, "product_reference": "openshift4/ose-service-ca-operator:v4.6.0-202101300140.p0", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-telemeter:v4.6.0-202101300140.p0 as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-telemeter:v4.6.0-202101300140.p0" }, "product_reference": "openshift4/ose-telemeter:v4.6.0-202101300140.p0", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-tests:v4.6.0-202101301510.p0 as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-tests:v4.6.0-202101301510.p0" }, "product_reference": "openshift4/ose-tests:v4.6.0-202101301510.p0", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-thanos-rhel8:v4.6.0-202101300140.p0 as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-thanos-rhel8:v4.6.0-202101300140.p0" }, "product_reference": "openshift4/ose-thanos-rhel8:v4.6.0-202101300140.p0", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-tools-rhel8:v4.6.0-202101301510.p0 as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-tools-rhel8:v4.6.0-202101301510.p0" }, "product_reference": "openshift4/ose-tools-rhel8:v4.6.0-202101301510.p0", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ovirt-csi-driver-rhel7:v4.6.0-202101300140.p0 as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ovirt-csi-driver-rhel7:v4.6.0-202101300140.p0" }, "product_reference": "openshift4/ovirt-csi-driver-rhel7:v4.6.0-202101300140.p0", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ovirt-csi-driver-rhel8-operator:v4.6.0-202101300140.p0 as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ovirt-csi-driver-rhel8-operator:v4.6.0-202101300140.p0" }, "product_reference": "openshift4/ovirt-csi-driver-rhel8-operator:v4.6.0-202101300140.p0", "relates_to_product_reference": "8Base-RHOSE-4.6" } ] }, "vulnerabilities": [ { "acknowledgments": [ { "names": [ "OpenVPN" ] }, { "names": [ "Karthikeyan Bhargavan", "Ga\u00ebtan Leurent" ], "organization": "Inria", "summary": "Acknowledged by upstream." } ], "cve": "CVE-2016-2183", "cwe": { "id": "CWE-327", "name": "Use of a Broken or Risky Cryptographic Algorithm" }, "discovery_date": "2016-08-18T00:00:00Z", "flags": [ { "label": "component_not_present", "product_ids": [ "8Base-RHOSE-4.6:openshift4/ose-aws-ebs-csi-driver-rhel8-operator:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-aws-ebs-csi-driver-rhel8:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-aws-machine-controllers:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-aws-pod-identity-webhook-rhel8:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-azure-machine-controllers:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-baremetal-installer-rhel8:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-cli-artifacts:v4.6.0-202101301510.p0", "8Base-RHOSE-4.6:openshift4/ose-cli:v4.6.0-202101301510.p0", "8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-bootstrap:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator:v4.6.0-202101301510.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-ingress-operator:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-monitoring-operator:v4.6.0-202101300850.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-network-operator:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-node-tuning-operator:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-update-keys:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-version-operator:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-configmap-reloader:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-console-operator:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-console:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-container-networking-plugins-rhel8:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-coredns:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-driver-manila-rhel8-operator:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-driver-manila-rhel8:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-driver-nfs-rhel8:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-deployer:v4.6.0-202101301510.p0", "8Base-RHOSE-4.6:openshift4/ose-docker-builder:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-docker-registry:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-gcp-machine-controllers-rhel8:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-grafana:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-haproxy-router:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-hyperkube:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-insights-rhel8-operator:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-installer-artifacts:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-installer:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-ironic-hardware-inventory-recorder-rhel8:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-ironic-inspector-rhel8:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-ironic-ipa-downloader-rhel8:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-ironic-machine-os-downloader-rhel8:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-ironic-rhel8:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-ironic-static-ip-manager-rhel8:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-jenkins-agent-base:v4.6.0-202101301510.p0", "8Base-RHOSE-4.6:openshift4/ose-jenkins-agent-maven:v4.6.0-202101301510.p0", "8Base-RHOSE-4.6:openshift4/ose-jenkins-agent-nodejs-12-rhel8:v4.6.0-202101301510.p0", "8Base-RHOSE-4.6:openshift4/ose-jenkins:v4.6.0-202101301510.p0", "8Base-RHOSE-4.6:openshift4/ose-k8s-prometheus-adapter:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-keepalived-ipfailover:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-kube-proxy:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-kube-state-metrics:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-kuryr-cni-rhel8:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-kuryr-controller-rhel8:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-libvirt-machine-controllers:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-machine-api-operator:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-machine-config-operator:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-multus-cni:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-must-gather:v4.6.0-202101301510.p0", "8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-oauth-proxy:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-oauth-server-rhel8:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8:v4.6.0-202101300850.p0", "8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-openshift-state-metrics-rhel8:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-openstack-machine-controllers:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-operator-marketplace:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-operator-registry:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-ovirt-machine-controllers-rhel8:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-ovn-kubernetes:v4.6.0-202101301510.p0", "8Base-RHOSE-4.6:openshift4/ose-pod:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-prom-label-proxy:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-prometheus-alertmanager:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-prometheus-config-reloader:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-prometheus-node-exporter:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-prometheus-operator:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-prometheus:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-sdn-rhel8:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-service-ca-operator:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-telemeter:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-tests:v4.6.0-202101301510.p0", "8Base-RHOSE-4.6:openshift4/ose-thanos-rhel8:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-tools-rhel8:v4.6.0-202101301510.p0", "8Base-RHOSE-4.6:openshift4/ovirt-csi-driver-rhel7:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ovirt-csi-driver-rhel8-operator:v4.6.0-202101300140.p0" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla", "text": "https://bugzilla.redhat.com/show_bug.cgi?id=1369383" } ], "notes": [ { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" }, { "category": "description", "text": "A flaw was found in the way the DES/3DES cipher was used as part of the TLS/SSL protocol. A man-in-the-middle attacker could use this flaw to recover some plaintext data by capturing large amounts of encrypted traffic between TLS/SSL server and client if the communication used a DES/3DES based ciphersuite.", "title": "Vulnerability description" }, { "category": "summary", "text": "SSL/TLS: Birthday attack against 64-bit block ciphers (SWEET32)", "title": "Vulnerability summary" } ], "product_status": { "fixed": [ "8Base-RHOSE-4.6:openshift4/ose-etcd:v4.6.0-202101300140.p0" ], "known_not_affected": [ "8Base-RHOSE-4.6:openshift4/ose-aws-ebs-csi-driver-rhel8-operator:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-aws-ebs-csi-driver-rhel8:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-aws-machine-controllers:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-aws-pod-identity-webhook-rhel8:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-azure-machine-controllers:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-baremetal-installer-rhel8:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-cli-artifacts:v4.6.0-202101301510.p0", "8Base-RHOSE-4.6:openshift4/ose-cli:v4.6.0-202101301510.p0", "8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-bootstrap:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator:v4.6.0-202101301510.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-ingress-operator:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-monitoring-operator:v4.6.0-202101300850.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-network-operator:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-node-tuning-operator:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-update-keys:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-version-operator:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-configmap-reloader:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-console-operator:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-console:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-container-networking-plugins-rhel8:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-coredns:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-driver-manila-rhel8-operator:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-driver-manila-rhel8:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-driver-nfs-rhel8:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-deployer:v4.6.0-202101301510.p0", "8Base-RHOSE-4.6:openshift4/ose-docker-builder:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-docker-registry:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-gcp-machine-controllers-rhel8:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-grafana:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-haproxy-router:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-hyperkube:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-insights-rhel8-operator:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-installer-artifacts:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-installer:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-ironic-hardware-inventory-recorder-rhel8:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-ironic-inspector-rhel8:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-ironic-ipa-downloader-rhel8:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-ironic-machine-os-downloader-rhel8:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-ironic-rhel8:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-ironic-static-ip-manager-rhel8:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-jenkins-agent-base:v4.6.0-202101301510.p0", "8Base-RHOSE-4.6:openshift4/ose-jenkins-agent-maven:v4.6.0-202101301510.p0", "8Base-RHOSE-4.6:openshift4/ose-jenkins-agent-nodejs-12-rhel8:v4.6.0-202101301510.p0", "8Base-RHOSE-4.6:openshift4/ose-jenkins:v4.6.0-202101301510.p0", "8Base-RHOSE-4.6:openshift4/ose-k8s-prometheus-adapter:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-keepalived-ipfailover:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-kube-proxy:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-kube-state-metrics:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-kuryr-cni-rhel8:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-kuryr-controller-rhel8:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-libvirt-machine-controllers:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-machine-api-operator:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-machine-config-operator:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-multus-cni:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-must-gather:v4.6.0-202101301510.p0", "8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-oauth-proxy:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-oauth-server-rhel8:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8:v4.6.0-202101300850.p0", "8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-openshift-state-metrics-rhel8:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-openstack-machine-controllers:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-operator-marketplace:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-operator-registry:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-ovirt-machine-controllers-rhel8:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-ovn-kubernetes:v4.6.0-202101301510.p0", "8Base-RHOSE-4.6:openshift4/ose-pod:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-prom-label-proxy:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-prometheus-alertmanager:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-prometheus-config-reloader:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-prometheus-node-exporter:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-prometheus-operator:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-prometheus:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-sdn-rhel8:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-service-ca-operator:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-telemeter:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-tests:v4.6.0-202101301510.p0", "8Base-RHOSE-4.6:openshift4/ose-thanos-rhel8:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-tools-rhel8:v4.6.0-202101301510.p0", "8Base-RHOSE-4.6:openshift4/ovirt-csi-driver-rhel7:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ovirt-csi-driver-rhel8-operator:v4.6.0-202101300140.p0" ] }, "references": [ { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2016-2183", "url": "https://www.cve.org/CVERecord?id=CVE-2016-2183" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-2183", "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-2183" }, { "category": "external", "summary": "https://access.redhat.com/articles/2548661", "url": "https://access.redhat.com/articles/2548661" }, { "category": "external", "summary": "https://access.redhat.com/errata/RHSA-2016:1940", "url": "https://access.redhat.com/errata/RHSA-2016:1940" }, { "category": "external", "summary": "https://sweet32.info/", "url": "https://sweet32.info/" }, { "category": "external", "summary": "CVE-2016-2183", "url": "https://access.redhat.com/security/cve/CVE-2016-2183" }, { "category": "external", "summary": "bz#1369383: CVE-2016-2183 SSL/TLS: Birthday attack against 64-bit block ciphers (SWEET32)", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1369383" } ], "release_date": "2016-08-24T00:00:00Z", "remediations": [ { "category": "vendor_fix", "details": "For OpenShift Container Platform 4.6 see the following documentation, which\nwill be updated shortly for this release, for important instructions on how\nto upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.6/release_notes/ocp-4-6-release-notes.html\n\nDetails on how to access this content are available at\nhttps://docs.openshift.com/container-platform/4.6/updating/updating-cluster-cli.html.", "product_ids": [ "8Base-RHOSE-4.6:openshift4/ose-etcd:v4.6.0-202101300140.p0" ], "url": "https://access.redhat.com/errata/RHSA-2021:0308" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "availabilityRequirement": "NOT_DEFINED", "baseScore": 4.3, "collateralDamagePotential": "NOT_DEFINED", "confidentialityImpact": "PARTIAL", "confidentialityRequirement": "NOT_DEFINED", "environmentalScore": 0.0, "exploitability": "NOT_DEFINED", "integrityImpact": "NONE", "integrityRequirement": "NOT_DEFINED", "remediationLevel": "NOT_DEFINED", "reportConfidence": "NOT_DEFINED", "targetDistribution": "NOT_DEFINED", "temporalScore": 0.0, "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0" }, "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.0" }, "products": [ "8Base-RHOSE-4.6:openshift4/ose-etcd:v4.6.0-202101300140.p0" ] } ], "threats": [ { "category": "impact", "date": "2016-08-18T00:00:00Z", "details": "Moderate" } ], "title": "CVE-2016-2183 SSL/TLS: Birthday attack against 64-bit block ciphers (SWEET32)" }, { "cve": "CVE-2021-3344", "cwe": { "id": "CWE-522", "name": "Insufficiently Protected Credentials" }, "discovery_date": "2021-01-28T00:00:00Z", "flags": [ { "label": "component_not_present", "product_ids": [ "8Base-RHOSE-4.6:openshift4/ose-aws-ebs-csi-driver-rhel8-operator:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-aws-ebs-csi-driver-rhel8:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-aws-machine-controllers:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-aws-pod-identity-webhook-rhel8:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-azure-machine-controllers:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-baremetal-installer-rhel8:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-cli-artifacts:v4.6.0-202101301510.p0", "8Base-RHOSE-4.6:openshift4/ose-cli:v4.6.0-202101301510.p0", "8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-bootstrap:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator:v4.6.0-202101301510.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-ingress-operator:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-monitoring-operator:v4.6.0-202101300850.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-network-operator:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-node-tuning-operator:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-update-keys:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-version-operator:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-configmap-reloader:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-console-operator:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-console:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-container-networking-plugins-rhel8:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-coredns:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-driver-manila-rhel8-operator:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-driver-manila-rhel8:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-driver-nfs-rhel8:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-deployer:v4.6.0-202101301510.p0", "8Base-RHOSE-4.6:openshift4/ose-docker-registry:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-etcd:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-gcp-machine-controllers-rhel8:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-grafana:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-haproxy-router:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-hyperkube:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-insights-rhel8-operator:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-installer-artifacts:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-installer:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-ironic-hardware-inventory-recorder-rhel8:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-ironic-inspector-rhel8:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-ironic-ipa-downloader-rhel8:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-ironic-machine-os-downloader-rhel8:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-ironic-rhel8:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-ironic-static-ip-manager-rhel8:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-jenkins-agent-base:v4.6.0-202101301510.p0", "8Base-RHOSE-4.6:openshift4/ose-jenkins-agent-maven:v4.6.0-202101301510.p0", "8Base-RHOSE-4.6:openshift4/ose-jenkins-agent-nodejs-12-rhel8:v4.6.0-202101301510.p0", "8Base-RHOSE-4.6:openshift4/ose-jenkins:v4.6.0-202101301510.p0", "8Base-RHOSE-4.6:openshift4/ose-k8s-prometheus-adapter:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-keepalived-ipfailover:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-kube-proxy:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-kube-state-metrics:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-kuryr-cni-rhel8:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-kuryr-controller-rhel8:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-libvirt-machine-controllers:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-machine-api-operator:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-machine-config-operator:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-multus-cni:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-must-gather:v4.6.0-202101301510.p0", "8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-oauth-proxy:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-oauth-server-rhel8:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8:v4.6.0-202101300850.p0", "8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-openshift-state-metrics-rhel8:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-openstack-machine-controllers:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-operator-marketplace:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-operator-registry:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-ovirt-machine-controllers-rhel8:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-ovn-kubernetes:v4.6.0-202101301510.p0", "8Base-RHOSE-4.6:openshift4/ose-pod:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-prom-label-proxy:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-prometheus-alertmanager:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-prometheus-config-reloader:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-prometheus-node-exporter:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-prometheus-operator:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-prometheus:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-sdn-rhel8:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-service-ca-operator:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-telemeter:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-tests:v4.6.0-202101301510.p0", "8Base-RHOSE-4.6:openshift4/ose-thanos-rhel8:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-tools-rhel8:v4.6.0-202101301510.p0", "8Base-RHOSE-4.6:openshift4/ovirt-csi-driver-rhel7:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ovirt-csi-driver-rhel8-operator:v4.6.0-202101300140.p0" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla", "text": "https://bugzilla.redhat.com/show_bug.cgi?id=1921450" } ], "notes": [ { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" }, { "category": "description", "text": "A privilege escalation flaw was found in OpenShift builder. During build time, credentials outside the build context are automatically mounted into the container image under construction. An OpenShift user, able to execute code during build time inside this container can re-use the credentials to overwrite arbitrary container images in internal registries and/or escalate their privileges. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.", "title": "Vulnerability description" }, { "category": "summary", "text": "openshift/builder: privilege escalation during container image builds via mounted secrets", "title": "Vulnerability summary" } ], "product_status": { "fixed": [ "8Base-RHOSE-4.6:openshift4/ose-docker-builder:v4.6.0-202101300140.p0" ], "known_not_affected": [ "8Base-RHOSE-4.6:openshift4/ose-aws-ebs-csi-driver-rhel8-operator:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-aws-ebs-csi-driver-rhel8:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-aws-machine-controllers:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-aws-pod-identity-webhook-rhel8:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-azure-machine-controllers:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-baremetal-installer-rhel8:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-cli-artifacts:v4.6.0-202101301510.p0", "8Base-RHOSE-4.6:openshift4/ose-cli:v4.6.0-202101301510.p0", "8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-bootstrap:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator:v4.6.0-202101301510.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-ingress-operator:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-monitoring-operator:v4.6.0-202101300850.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-network-operator:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-node-tuning-operator:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-update-keys:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-version-operator:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-configmap-reloader:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-console-operator:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-console:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-container-networking-plugins-rhel8:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-coredns:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-driver-manila-rhel8-operator:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-driver-manila-rhel8:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-driver-nfs-rhel8:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-deployer:v4.6.0-202101301510.p0", "8Base-RHOSE-4.6:openshift4/ose-docker-registry:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-etcd:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-gcp-machine-controllers-rhel8:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-grafana:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-haproxy-router:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-hyperkube:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-insights-rhel8-operator:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-installer-artifacts:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-installer:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-ironic-hardware-inventory-recorder-rhel8:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-ironic-inspector-rhel8:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-ironic-ipa-downloader-rhel8:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-ironic-machine-os-downloader-rhel8:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-ironic-rhel8:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-ironic-static-ip-manager-rhel8:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-jenkins-agent-base:v4.6.0-202101301510.p0", "8Base-RHOSE-4.6:openshift4/ose-jenkins-agent-maven:v4.6.0-202101301510.p0", "8Base-RHOSE-4.6:openshift4/ose-jenkins-agent-nodejs-12-rhel8:v4.6.0-202101301510.p0", "8Base-RHOSE-4.6:openshift4/ose-jenkins:v4.6.0-202101301510.p0", "8Base-RHOSE-4.6:openshift4/ose-k8s-prometheus-adapter:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-keepalived-ipfailover:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-kube-proxy:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-kube-state-metrics:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-kuryr-cni-rhel8:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-kuryr-controller-rhel8:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-libvirt-machine-controllers:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-machine-api-operator:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-machine-config-operator:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-multus-cni:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-must-gather:v4.6.0-202101301510.p0", "8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-oauth-proxy:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-oauth-server-rhel8:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8:v4.6.0-202101300850.p0", "8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-openshift-state-metrics-rhel8:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-openstack-machine-controllers:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-operator-marketplace:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-operator-registry:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-ovirt-machine-controllers-rhel8:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-ovn-kubernetes:v4.6.0-202101301510.p0", "8Base-RHOSE-4.6:openshift4/ose-pod:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-prom-label-proxy:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-prometheus-alertmanager:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-prometheus-config-reloader:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-prometheus-node-exporter:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-prometheus-operator:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-prometheus:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-sdn-rhel8:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-service-ca-operator:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-telemeter:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-tests:v4.6.0-202101301510.p0", "8Base-RHOSE-4.6:openshift4/ose-thanos-rhel8:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-tools-rhel8:v4.6.0-202101301510.p0", "8Base-RHOSE-4.6:openshift4/ovirt-csi-driver-rhel7:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ovirt-csi-driver-rhel8-operator:v4.6.0-202101300140.p0" ] }, "references": [ { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2021-3344", "url": "https://www.cve.org/CVERecord?id=CVE-2021-3344" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-3344", "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-3344" }, { "category": "external", "summary": "CVE-2021-3344", "url": "https://access.redhat.com/security/cve/CVE-2021-3344" }, { "category": "external", "summary": "bz#1921450: CVE-2021-3344 openshift/builder: privilege escalation during container image builds via mounted secrets", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1921450" } ], "release_date": "2021-02-08T00:00:00Z", "remediations": [ { "category": "vendor_fix", "details": "For OpenShift Container Platform 4.6 see the following documentation, which\nwill be updated shortly for this release, for important instructions on how\nto upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.6/release_notes/ocp-4-6-release-notes.html\n\nDetails on how to access this content are available at\nhttps://docs.openshift.com/container-platform/4.6/updating/updating-cluster-cli.html.", "product_ids": [ "8Base-RHOSE-4.6:openshift4/ose-docker-builder:v4.6.0-202101300140.p0" ], "url": "https://access.redhat.com/errata/RHSA-2021:0308" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "8Base-RHOSE-4.6:openshift4/ose-docker-builder:v4.6.0-202101300140.p0" ] } ], "threats": [ { "category": "impact", "date": "2021-01-28T00:00:00Z", "details": "Important" } ], "title": "CVE-2021-3344 openshift/builder: privilege escalation during container image builds via mounted secrets" }, { "cve": "CVE-2021-20198", "cwe": { "id": "CWE-306", "name": "Missing Authentication for Critical Function" }, "discovery_date": "2021-01-27T00:00:00Z", "flags": [ { "label": "component_not_present", "product_ids": [ "8Base-RHOSE-4.6:openshift4/ose-aws-ebs-csi-driver-rhel8-operator:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-aws-ebs-csi-driver-rhel8:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-aws-machine-controllers:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-aws-pod-identity-webhook-rhel8:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-azure-machine-controllers:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-baremetal-installer-rhel8:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-cli-artifacts:v4.6.0-202101301510.p0", "8Base-RHOSE-4.6:openshift4/ose-cli:v4.6.0-202101301510.p0", "8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-bootstrap:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator:v4.6.0-202101301510.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-ingress-operator:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-monitoring-operator:v4.6.0-202101300850.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-network-operator:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-node-tuning-operator:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-update-keys:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-version-operator:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-configmap-reloader:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-console-operator:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-console:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-container-networking-plugins-rhel8:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-coredns:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-driver-manila-rhel8-operator:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-driver-manila-rhel8:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-driver-nfs-rhel8:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-deployer:v4.6.0-202101301510.p0", "8Base-RHOSE-4.6:openshift4/ose-docker-builder:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-docker-registry:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-etcd:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-gcp-machine-controllers-rhel8:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-grafana:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-haproxy-router:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-hyperkube:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-insights-rhel8-operator:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-installer-artifacts:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-ironic-hardware-inventory-recorder-rhel8:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-ironic-inspector-rhel8:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-ironic-ipa-downloader-rhel8:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-ironic-machine-os-downloader-rhel8:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-ironic-rhel8:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-ironic-static-ip-manager-rhel8:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-jenkins-agent-base:v4.6.0-202101301510.p0", "8Base-RHOSE-4.6:openshift4/ose-jenkins-agent-maven:v4.6.0-202101301510.p0", "8Base-RHOSE-4.6:openshift4/ose-jenkins-agent-nodejs-12-rhel8:v4.6.0-202101301510.p0", "8Base-RHOSE-4.6:openshift4/ose-jenkins:v4.6.0-202101301510.p0", "8Base-RHOSE-4.6:openshift4/ose-k8s-prometheus-adapter:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-keepalived-ipfailover:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-kube-proxy:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-kube-state-metrics:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-kuryr-cni-rhel8:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-kuryr-controller-rhel8:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-libvirt-machine-controllers:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-machine-api-operator:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-machine-config-operator:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-multus-cni:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-must-gather:v4.6.0-202101301510.p0", "8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-oauth-proxy:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-oauth-server-rhel8:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8:v4.6.0-202101300850.p0", "8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-openshift-state-metrics-rhel8:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-openstack-machine-controllers:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-operator-marketplace:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-operator-registry:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-ovirt-machine-controllers-rhel8:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-ovn-kubernetes:v4.6.0-202101301510.p0", "8Base-RHOSE-4.6:openshift4/ose-pod:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-prom-label-proxy:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-prometheus-alertmanager:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-prometheus-config-reloader:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-prometheus-node-exporter:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-prometheus-operator:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-prometheus:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-sdn-rhel8:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-service-ca-operator:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-telemeter:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-tests:v4.6.0-202101301510.p0", "8Base-RHOSE-4.6:openshift4/ose-thanos-rhel8:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-tools-rhel8:v4.6.0-202101301510.p0", "8Base-RHOSE-4.6:openshift4/ovirt-csi-driver-rhel7:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ovirt-csi-driver-rhel8-operator:v4.6.0-202101300140.p0" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla", "text": "https://bugzilla.redhat.com/show_bug.cgi?id=1920764" } ], "notes": [ { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" }, { "category": "description", "text": "A flaw was found in the OpenShift Installer. During installation of OpenShift Container Platform 4 clusters, bootstrap nodes are provisioned with anonymous authentication enabled on kubelet port 10250. A remote attacker able to reach this port during installation can make unauthenticated `/exec` requests to execute arbitrary commands within running containers. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.", "title": "Vulnerability description" }, { "category": "summary", "text": "openshift/installer: Bootstrap nodes allow anonymous authentication on kubelet port 10250", "title": "Vulnerability summary" } ], "product_status": { "fixed": [ "8Base-RHOSE-4.6:openshift4/ose-installer:v4.6.0-202101300140.p0" ], "known_not_affected": [ "8Base-RHOSE-4.6:openshift4/ose-aws-ebs-csi-driver-rhel8-operator:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-aws-ebs-csi-driver-rhel8:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-aws-machine-controllers:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-aws-pod-identity-webhook-rhel8:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-azure-machine-controllers:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-baremetal-installer-rhel8:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-cli-artifacts:v4.6.0-202101301510.p0", "8Base-RHOSE-4.6:openshift4/ose-cli:v4.6.0-202101301510.p0", "8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-bootstrap:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator:v4.6.0-202101301510.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-ingress-operator:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-monitoring-operator:v4.6.0-202101300850.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-network-operator:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-node-tuning-operator:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-update-keys:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-version-operator:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-configmap-reloader:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-console-operator:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-console:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-container-networking-plugins-rhel8:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-coredns:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-driver-manila-rhel8-operator:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-driver-manila-rhel8:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-driver-nfs-rhel8:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-deployer:v4.6.0-202101301510.p0", "8Base-RHOSE-4.6:openshift4/ose-docker-builder:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-docker-registry:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-etcd:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-gcp-machine-controllers-rhel8:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-grafana:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-haproxy-router:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-hyperkube:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-insights-rhel8-operator:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-installer-artifacts:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-ironic-hardware-inventory-recorder-rhel8:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-ironic-inspector-rhel8:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-ironic-ipa-downloader-rhel8:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-ironic-machine-os-downloader-rhel8:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-ironic-rhel8:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-ironic-static-ip-manager-rhel8:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-jenkins-agent-base:v4.6.0-202101301510.p0", "8Base-RHOSE-4.6:openshift4/ose-jenkins-agent-maven:v4.6.0-202101301510.p0", "8Base-RHOSE-4.6:openshift4/ose-jenkins-agent-nodejs-12-rhel8:v4.6.0-202101301510.p0", "8Base-RHOSE-4.6:openshift4/ose-jenkins:v4.6.0-202101301510.p0", "8Base-RHOSE-4.6:openshift4/ose-k8s-prometheus-adapter:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-keepalived-ipfailover:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-kube-proxy:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-kube-state-metrics:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-kuryr-cni-rhel8:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-kuryr-controller-rhel8:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-libvirt-machine-controllers:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-machine-api-operator:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-machine-config-operator:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-multus-cni:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-must-gather:v4.6.0-202101301510.p0", "8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-oauth-proxy:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-oauth-server-rhel8:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8:v4.6.0-202101300850.p0", "8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-openshift-state-metrics-rhel8:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-openstack-machine-controllers:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-operator-marketplace:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-operator-registry:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-ovirt-machine-controllers-rhel8:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-ovn-kubernetes:v4.6.0-202101301510.p0", "8Base-RHOSE-4.6:openshift4/ose-pod:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-prom-label-proxy:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-prometheus-alertmanager:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-prometheus-config-reloader:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-prometheus-node-exporter:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-prometheus-operator:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-prometheus:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-sdn-rhel8:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-service-ca-operator:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-telemeter:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-tests:v4.6.0-202101301510.p0", "8Base-RHOSE-4.6:openshift4/ose-thanos-rhel8:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ose-tools-rhel8:v4.6.0-202101301510.p0", "8Base-RHOSE-4.6:openshift4/ovirt-csi-driver-rhel7:v4.6.0-202101300140.p0", "8Base-RHOSE-4.6:openshift4/ovirt-csi-driver-rhel8-operator:v4.6.0-202101300140.p0" ] }, "references": [ { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2021-20198", "url": "https://www.cve.org/CVERecord?id=CVE-2021-20198" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-20198", "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-20198" }, { "category": "external", "summary": "CVE-2021-20198", "url": "https://access.redhat.com/security/cve/CVE-2021-20198" }, { "category": "external", "summary": "bz#1920764: CVE-2021-20198 openshift/installer: Bootstrap nodes allow anonymous authentication on kubelet port 10250", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1920764" } ], "release_date": "2021-02-08T00:00:00Z", "remediations": [ { "category": "vendor_fix", "details": "For OpenShift Container Platform 4.6 see the following documentation, which\nwill be updated shortly for this release, for important instructions on how\nto upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.6/release_notes/ocp-4-6-release-notes.html\n\nDetails on how to access this content are available at\nhttps://docs.openshift.com/container-platform/4.6/updating/updating-cluster-cli.html.", "product_ids": [ "8Base-RHOSE-4.6:openshift4/ose-installer:v4.6.0-202101300140.p0" ], "url": "https://access.redhat.com/errata/RHSA-2021:0308" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "8Base-RHOSE-4.6:openshift4/ose-installer:v4.6.0-202101300140.p0" ] } ], "threats": [ { "category": "impact", "date": "2021-01-27T00:00:00Z", "details": "Important" } ], "title": "CVE-2021-20198 openshift/installer: Bootstrap nodes allow anonymous authentication on kubelet port 10250" } ] }
rhsa-2017_2708
Vulnerability from csaf_redhat
Notes
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Important" }, "category": "csaf_vex", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "An update is now available for Red Hat JBoss Core Services.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", "title": "Topic" }, { "category": "general", "text": "Red Hat JBoss Core Services is a set of supplementary software for Red Hat JBoss middleware products. This software, such as Apache HTTP Server, is common to multiple JBoss middleware products, and is packaged under Red Hat JBoss Core Services to allow for faster distribution of updates, and for a more consistent update experience.\n\nThis release of Red Hat JBoss Core Services Apache HTTP Server 2.4.23 Service Pack 2 serves as an update for Red Hat JBoss Core Services Apache HTTP Server 2.4.23 Service Pack 1, and includes bug fixes, which are documented in the Release Notes document linked to in the References.\n\nSecurity Fix(es):\n\n* It was discovered that the httpd\u0027s mod_auth_digest module did not properly initialize memory before using it when processing certain headers related to digest authentication. A remote attacker could possibly use this flaw to disclose potentially sensitive information or cause httpd child process to crash by sending specially crafted requests to a server. (CVE-2017-9788)\n\n* It was discovered that in httpd 2.4, the internal API function ap_some_auth_required() could incorrectly indicate that a request was authenticated even when no authentication was used. An httpd module using this API function could consequently allow access that should have been denied. (CVE-2015-3185)\n\n* A flaw was found in the way the DES/3DES cipher was used as part of the TLS/SSL protocol. A man-in-the-middle attacker could use this flaw to recover some plaintext data by capturing large amounts of encrypted traffic between TLS/SSL server and client if the communication used a DES/3DES based ciphersuite. (CVE-2016-2183)\n\nRed Hat would like to thank OpenVPN for reporting CVE-2016-2183. Upstream acknowledges Karthikeyan Bhargavan (Inria) and Ga\u00ebtan Leurent (Inria) as the original reporters of CVE-2016-2183.", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat offerings.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHSA-2017:2708", "url": "https://access.redhat.com/errata/RHSA-2017:2708" }, { "category": "external", "summary": "https://access.redhat.com/security/updates/classification/#important", "url": "https://access.redhat.com/security/updates/classification/#important" }, { "category": "external", "summary": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?product=core.service.apachehttp\u0026downloadType=securityPatches\u0026version=2.4.23", "url": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?product=core.service.apachehttp\u0026downloadType=securityPatches\u0026version=2.4.23" }, { "category": "external", "summary": "https://access.redhat.com/documentation/en/red-hat-jboss-core-services/", "url": "https://access.redhat.com/documentation/en/red-hat-jboss-core-services/" }, { "category": "external", "summary": "1243888", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1243888" }, { "category": "external", "summary": "1369383", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1369383" }, { "category": "external", "summary": "1470748", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1470748" }, { "category": "external", "summary": "JBCS-329", "url": "https://issues.redhat.com/browse/JBCS-329" }, { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/data/csaf/v2/advisories/2017/rhsa-2017_2708.json" } ], "title": "Red Hat Security Advisory: Red Hat JBoss Core Services security update", "tracking": { "current_release_date": "2024-09-13T16:49:29+00:00", "generator": { "date": "2024-09-13T16:49:29+00:00", "engine": { "name": "Red Hat SDEngine", "version": "3.33.3" } }, "id": "RHSA-2017:2708", "initial_release_date": "2017-09-13T16:37:52+00:00", "revision_history": [ { "date": "2017-09-13T16:37:52+00:00", "number": "1", "summary": "Initial version" }, { "date": "2017-09-13T16:37:52+00:00", "number": "2", "summary": "Last updated version" }, { "date": "2024-09-13T16:49:29+00:00", "number": "3", "summary": "Last generated version" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "Red Hat JBoss Core Services 1", "product": { "name": "Red Hat JBoss Core Services 1", "product_id": "Red Hat JBoss Core Services 1", "product_identification_helper": { "cpe": "cpe:/a:redhat:jboss_core_services:1" } } } ], "category": "product_family", "name": "Red Hat JBoss Core Services" } ], "category": "vendor", "name": "Red Hat" } ] }, "vulnerabilities": [ { "cve": "CVE-2015-3185", "cwe": { "id": "CWE-287", "name": "Improper Authentication" }, "discovery_date": "2015-07-16T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1243888" } ], "notes": [ { "category": "description", "text": "It was discovered that in httpd 2.4, the internal API function ap_some_auth_required() could incorrectly indicate that a request was authenticated even when no authentication was used. An httpd module using this API function could consequently allow access that should have been denied.", "title": "Vulnerability description" }, { "category": "summary", "text": "httpd: ap_some_auth_required() does not properly indicate authenticated request in 2.4", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red Hat JBoss Core Services 1" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2015-3185" }, { "category": "external", "summary": "RHBZ#1243888", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1243888" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2015-3185", "url": "https://www.cve.org/CVERecord?id=CVE-2015-3185" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2015-3185", "url": "https://nvd.nist.gov/vuln/detail/CVE-2015-3185" }, { "category": "external", "summary": "http://httpd.apache.org/security/vulnerabilities_24.html#2.4.16", "url": "http://httpd.apache.org/security/vulnerabilities_24.html#2.4.16" } ], "release_date": "2015-07-15T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "Red Hat JBoss Core Services 1" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2017:2708" } ], "scores": [ { "cvss_v2": { "accessComplexity": "HIGH", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 2.6, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:H/Au:N/C:N/I:N/A:P", "version": "2.0" }, "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 3.7, "baseSeverity": "LOW", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L", "version": "3.0" }, "products": [ "Red Hat JBoss Core Services 1" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "httpd: ap_some_auth_required() does not properly indicate authenticated request in 2.4" }, { "acknowledgments": [ { "names": [ "OpenVPN" ] }, { "names": [ "Karthikeyan Bhargavan", "Ga\u00ebtan Leurent" ], "organization": "Inria", "summary": "Acknowledged by upstream." } ], "cve": "CVE-2016-2183", "cwe": { "id": "CWE-327", "name": "Use of a Broken or Risky Cryptographic Algorithm" }, "discovery_date": "2016-08-18T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1369383" } ], "notes": [ { "category": "description", "text": "A flaw was found in the way the DES/3DES cipher was used as part of the TLS/SSL protocol. A man-in-the-middle attacker could use this flaw to recover some plaintext data by capturing large amounts of encrypted traffic between TLS/SSL server and client if the communication used a DES/3DES based ciphersuite.", "title": "Vulnerability description" }, { "category": "summary", "text": "SSL/TLS: Birthday attack against 64-bit block ciphers (SWEET32)", "title": "Vulnerability summary" }, { "category": "other", "text": "OpenSSL security update RHSA-2016:1940 mitigates this issue by lowering priority of DES cipher suites so they are not preferred over cipher suites using AES. For compatibility reasons, DES cipher suites remain enabled by default and included in the set of cipher suites identified by the HIGH cipher string. Future updates may move them to MEDIUM or not enable them by default.\n\nNSS addressed this issue by implementing limits on the amount of plain text which can be encrypted by using the same key. Once the limit is reached, the keys will need to be re-negotiated manually. This change will be available in nss-3.27.\n\nGnuTLS is not affected by this issue, since it prioritizes AES before 3DES in the cipher list.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red Hat JBoss Core Services 1" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2016-2183" }, { "category": "external", "summary": "RHBZ#1369383", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1369383" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2016-2183", "url": "https://www.cve.org/CVERecord?id=CVE-2016-2183" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-2183", "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-2183" }, { "category": "external", "summary": "https://access.redhat.com/articles/2548661", "url": "https://access.redhat.com/articles/2548661" }, { "category": "external", "summary": "https://access.redhat.com/errata/RHSA-2016:1940", "url": "https://access.redhat.com/errata/RHSA-2016:1940" }, { "category": "external", "summary": "https://sweet32.info/", "url": "https://sweet32.info/" } ], "release_date": "2016-08-24T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "Red Hat JBoss Core Services 1" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2017:2708" }, { "category": "workaround", "details": "1.SSL/TLS configurations should prefer AES over DES. Versions of OpenSSL shipped with Red Hat Enterprise Linux 6 and 7 already do so. In the version of OpenSSL shipped with Red Hat Enterprise Linux 5, 3DES is listed below the AES-256 cipher and above the AES-128 cipher, therefore AES-256 based ciphersuite should not be disabled on the server.\n2. Servers using OpenSSL, should not disable AES-128 and AES-256 ciphersuites. Versions of Apache shipped with Red Hat Enterprise Linux use the default cipher string, in which AES is preferred over DES/3DES based ciphersuites.\n\nFor JBoss Middleware, and Java mitigations, please review this knowledge base article:\n\nhttps://access.redhat.com/articles/2598471\n\nThis can be mitigated on OpenShift Container Platform (OCP) by disabling the vulnerable TLS cipher suite in the applicable component. TLS configuration options for OCP are described here:\n\nhttps://access.redhat.com/articles/5348961", "product_ids": [ "Red Hat JBoss Core Services 1" ] } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0" }, "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.0" }, "products": [ "Red Hat JBoss Core Services 1" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "SSL/TLS: Birthday attack against 64-bit block ciphers (SWEET32)" }, { "cve": "CVE-2017-9788", "cwe": { "id": "CWE-456", "name": "Missing Initialization of a Variable" }, "discovery_date": "2017-07-13T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1470748" } ], "notes": [ { "category": "description", "text": "It was discovered that the httpd\u0027s mod_auth_digest module did not properly initialize memory before using it when processing certain headers related to digest authentication. A remote attacker could possibly use this flaw to disclose potentially sensitive information or cause httpd child process to crash by sending specially crafted requests to a server.", "title": "Vulnerability description" }, { "category": "summary", "text": "httpd: Uninitialized memory reflection in mod_auth_digest", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red Hat JBoss Core Services 1" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2017-9788" }, { "category": "external", "summary": "RHBZ#1470748", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1470748" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2017-9788", "url": "https://www.cve.org/CVERecord?id=CVE-2017-9788" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-9788", "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-9788" }, { "category": "external", "summary": "https://httpd.apache.org/security/vulnerabilities_22.html#2.2.34", "url": "https://httpd.apache.org/security/vulnerabilities_22.html#2.2.34" }, { "category": "external", "summary": "https://httpd.apache.org/security/vulnerabilities_24.html#2.4.27", "url": "https://httpd.apache.org/security/vulnerabilities_24.html#2.4.27" } ], "release_date": "2017-07-11T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "Red Hat JBoss Core Services 1" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2017:2708" }, { "category": "workaround", "details": "If you do not use digest authentication, do not load the \"auth_digest_module\".\n\nFor example, on RHEL 7, this can be done by commenting out or removing the\n\"LoadModule auth_digest_module modules/mod_auth_digest.so\"\nline within the /etc/httpd/conf.modules.d/00-base.conf configuration file and restarting the service.\n\nYou can then use the \"httpd -t -D DUMP_MODULES\" command to verify that the module is no longer loaded.", "product_ids": [ "Red Hat JBoss Core Services 1" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 4.8, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:L", "version": "3.0" }, "products": [ "Red Hat JBoss Core Services 1" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "httpd: Uninitialized memory reflection in mod_auth_digest" } ] }
rhsa-2021_2438
Vulnerability from csaf_redhat
Notes
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Moderate" }, "category": "csaf_vex", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 2023 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "Red Hat OpenShift Container Platform release 4.8.2 is now available with\nupdates to packages and images that fix several bugs and add enhancements.\n\nThis release includes a security update for Red Hat OpenShift Container Platform 4.8.\n\nRed Hat Product Security has rated this update as having a security impact\nof Moderate. A Common Vulnerability Scoring System (CVSS) base score, which\ngives a detailed severity rating, is available for each vulnerability from\nthe CVE link(s) in the References section.", "title": "Topic" }, { "category": "general", "text": "Red Hat OpenShift Container Platform is Red Hat\u0027s cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments.\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nThis advisory contains the container images for Red Hat OpenShift Container Platform 4.8.2. See the following advisory for the RPM packages for this release:\n\nhttps://access.redhat.com/errata/RHSA-2021:2437\n\nSpace precludes documenting all of the container images in this advisory. See the following Release Notes documentation, which will be updated shortly for this release, for details about these changes:\n\nhttps://docs.openshift.com/container-platform/4.8/release_notes/ocp-4-8-release-notes.html\n\nSecurity Fix(es):\n\n* SSL/TLS: Birthday attack against 64-bit block ciphers (SWEET32) (CVE-2016-2183)\n\n* gogo/protobuf: plugin/unmarshal/unmarshal.go lacks certain index validation (CVE-2021-3121)\n\n* nodejs-y18n: prototype pollution vulnerability (CVE-2020-7774)\n\n* etcd: Large slice causes panic in decodeRecord method (CVE-2020-15106)\n\n* etcd: DoS in wal/wal.go (CVE-2020-15112)\n\n* etcd: directories created via os.MkdirAll are not checked for permissions (CVE-2020-15113)\n\n* etcd: gateway can include itself as an endpoint resulting in resource exhaustion and leads to DoS (CVE-2020-15114)\n\n* etcd: no authentication is performed against endpoints provided in the --endpoints flag (CVE-2020-15136)\n\n* jwt-go: access restriction bypass vulnerability (CVE-2020-26160)\n\n* nodejs-glob-parent: Regular expression denial of service (CVE-2020-28469)\n\n* nodejs-lodash: ReDoS via the toNumber, trim and trimEnd functions (CVE-2020-28500)\n\n* golang.org/x/text: Panic in language.ParseAcceptLanguage while processing bcp47 tag (CVE-2020-28852)\n\n* golang: crypto/elliptic: incorrect operations on the P-224 curve (CVE-2021-3114)\n\n* containernetworking-cni: Arbitrary path injection via type field in CNI configuration (CVE-2021-20206)\n\n* containers/storage: DoS via malicious image (CVE-2021-20291)\n\n* prometheus: open redirect under the /new endpoint (CVE-2021-29622)\n\n* golang: x/net/html: infinite loop in ParseFragment (CVE-2021-33194)\n\n* go.elastic.co/apm: leaks sensitive HTTP headers during panic (CVE-2021-22133)\n\nSpace precludes listing in detail the following additional CVEs fixes: (CVE-2021-27292), (CVE-2021-28092), (CVE-2021-29059), (CVE-2021-23382), (CVE-2021-26539), (CVE-2021-26540), (CVE-2021-23337), (CVE-2021-23362) and (CVE-2021-23368)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nAdditional Changes:\n\nYou may download the oc tool and use it to inspect release image metadata as follows:\n\n(For x86_64 architecture)\n\n $ oc adm release info quay.io/openshift-release-dev/ocp-release:4.8.2-x86_64\n\nThe image digest is ssha256:0e82d17ababc79b10c10c5186920232810aeccbccf2a74c691487090a2c98ebc\n\n(For s390x architecture)\n\n $ oc adm release info quay.io/openshift-release-dev/ocp-release:4.8.2-s390x\n\nThe image digest is sha256:a284c5c3fa21b06a6a65d82be1dc7e58f378aa280acd38742fb167a26b91ecb5\n\n(For ppc64le architecture)\n\n $ oc adm release info quay.io/openshift-release-dev/ocp-release:4.8.2-ppc64le\n\nThe image digest is sha256:da989b8e28bccadbb535c2b9b7d3597146d14d254895cd35f544774f374cdd0f\n\nAll OpenShift Container Platform 4.8 users are advised to upgrade to these updated packages and images when they are available in the appropriate release channel. To check for available updates, use the OpenShift Console or the CLI oc command. Instructions for upgrading a cluster are available\nat https://docs.openshift.com/container-platform/4.8/updating/updating-cluster-between-minor.html#understanding-upgrade-channels_updating-cluster-between-minor", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat offerings.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHSA-2021:2438", "url": "https://access.redhat.com/errata/RHSA-2021:2438" }, { "category": "external", "summary": "https://access.redhat.com/security/updates/classification/#moderate", "url": "https://access.redhat.com/security/updates/classification/#moderate" }, { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/data/csaf/v2/advisories/2021/rhsa-2021_2438.json" } ], "title": "Red Hat Security Advisory: OpenShift Container Platform 4.8.2 bug fix and security update", "tracking": { "current_release_date": "2021-07-27T22:30:00Z", "generator": { "date": "2023-07-01T05:02:00Z", "engine": { "name": "Red Hat SDEngine", "version": "3.18.0" } }, "id": "RHSA-2021:2438", "initial_release_date": "2021-07-27T22:30:00Z", "revision_history": [ { "date": "2021-07-27T22:30:00Z", "number": "1", "summary": "Current version" } ], "status": "final", "version": "1" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "Red Hat OpenShift Container Platform 4.8", "product": { "name": "Red Hat OpenShift Container Platform 4.8", "product_id": "8Base-RHOSE-4.8", "product_identification_helper": { "cpe": "cpe:/a:redhat:openshift:4.8::el8" } } } ], "category": "product_family", "name": "Red Hat OpenShift Enterprise" }, { "category": "product_version", "name": "openshift4/driver-toolkit-rhel8:v4.8.0-202107210116.p0.git.37de0e6.assembly.stream", "product": { "name": "openshift4/driver-toolkit-rhel8:v4.8.0-202107210116.p0.git.37de0e6.assembly.stream", "product_id": "openshift4/driver-toolkit-rhel8:v4.8.0-202107210116.p0.git.37de0e6.assembly.stream" } }, { "category": "product_version", "name": "openshift4/egress-router-cni-rhel8:v4.8.0-202106291913.p0.git.016bea1.assembly.stream", "product": { "name": "openshift4/egress-router-cni-rhel8:v4.8.0-202106291913.p0.git.016bea1.assembly.stream", "product_id": "openshift4/egress-router-cni-rhel8:v4.8.0-202106291913.p0.git.016bea1.assembly.stream" } }, { "category": "product_version", "name": "openshift4/network-tools-rhel8:v4.8.0-202106291913.p0.git.5ac3739.assembly.stream", "product": { "name": "openshift4/network-tools-rhel8:v4.8.0-202106291913.p0.git.5ac3739.assembly.stream", "product_id": "openshift4/network-tools-rhel8:v4.8.0-202106291913.p0.git.5ac3739.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-aws-ebs-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.d1fe616.assembly.stream", "product": { "name": "openshift4/ose-aws-ebs-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.d1fe616.assembly.stream", "product_id": "openshift4/ose-aws-ebs-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.d1fe616.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-aws-ebs-csi-driver-rhel8:v4.8.0-202106291913.p0.git.8c036e4.assembly.stream", "product": { "name": "openshift4/ose-aws-ebs-csi-driver-rhel8:v4.8.0-202106291913.p0.git.8c036e4.assembly.stream", "product_id": "openshift4/ose-aws-ebs-csi-driver-rhel8:v4.8.0-202106291913.p0.git.8c036e4.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-aws-machine-controllers:v4.8.0-202107131617.p0.git.4c66f3d.assembly.stream", "product": { "name": "openshift4/ose-aws-machine-controllers:v4.8.0-202107131617.p0.git.4c66f3d.assembly.stream", "product_id": "openshift4/ose-aws-machine-controllers:v4.8.0-202107131617.p0.git.4c66f3d.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-aws-pod-identity-webhook-rhel8:v4.8.0-202107081650.p0.git.2b8eee2.assembly.stream", "product": { "name": "openshift4/ose-aws-pod-identity-webhook-rhel8:v4.8.0-202107081650.p0.git.2b8eee2.assembly.stream", "product_id": "openshift4/ose-aws-pod-identity-webhook-rhel8:v4.8.0-202107081650.p0.git.2b8eee2.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-azure-disk-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.d3a3c29.assembly.stream", "product": { "name": "openshift4/ose-azure-disk-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.d3a3c29.assembly.stream", "product_id": "openshift4/ose-azure-disk-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.d3a3c29.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-azure-disk-csi-driver-rhel8:v4.8.0-202106291913.p0.git.2d461b3.assembly.stream", "product": { "name": "openshift4/ose-azure-disk-csi-driver-rhel8:v4.8.0-202106291913.p0.git.2d461b3.assembly.stream", "product_id": "openshift4/ose-azure-disk-csi-driver-rhel8:v4.8.0-202106291913.p0.git.2d461b3.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-azure-machine-controllers:v4.8.0-202106291913.p0.git.8301076.assembly.stream", "product": { "name": "openshift4/ose-azure-machine-controllers:v4.8.0-202106291913.p0.git.8301076.assembly.stream", "product_id": "openshift4/ose-azure-machine-controllers:v4.8.0-202106291913.p0.git.8301076.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-baremetal-installer-rhel8:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream", "product": { "name": "openshift4/ose-baremetal-installer-rhel8:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream", "product_id": "openshift4/ose-baremetal-installer-rhel8:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-baremetal-machine-controllers:v4.8.0-202106291913.p0.git.a60d493.assembly.stream", "product": { "name": "openshift4/ose-baremetal-machine-controllers:v4.8.0-202106291913.p0.git.a60d493.assembly.stream", "product_id": "openshift4/ose-baremetal-machine-controllers:v4.8.0-202106291913.p0.git.a60d493.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-baremetal-rhel8-operator:v4.8.0-202106291913.p0.git.015024f.assembly.stream", "product": { "name": "openshift4/ose-baremetal-rhel8-operator:v4.8.0-202106291913.p0.git.015024f.assembly.stream", "product_id": "openshift4/ose-baremetal-rhel8-operator:v4.8.0-202106291913.p0.git.015024f.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-baremetal-runtimecfg-rhel8:v4.8.0-202106291913.p0.git.c8b1456.assembly.stream", "product": { "name": "openshift4/ose-baremetal-runtimecfg-rhel8:v4.8.0-202106291913.p0.git.c8b1456.assembly.stream", "product_id": "openshift4/ose-baremetal-runtimecfg-rhel8:v4.8.0-202106291913.p0.git.c8b1456.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-cli-artifacts:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "product": { "name": "openshift4/ose-cli-artifacts:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "product_id": "openshift4/ose-cli-artifacts:v4.8.0-202106291725.p0.git.1077b05.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-cli:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "product": { "name": "openshift4/ose-cli:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "product_id": "openshift4/ose-cli:v4.8.0-202106291725.p0.git.1077b05.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-cloud-credential-operator:v4.8.0-202106291913.p0.git.b8932e9.assembly.stream", "product": { "name": "openshift4/ose-cloud-credential-operator:v4.8.0-202106291913.p0.git.b8932e9.assembly.stream", "product_id": "openshift4/ose-cloud-credential-operator:v4.8.0-202106291913.p0.git.b8932e9.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-cluster-authentication-operator:v4.8.0-202106302318.p0.git.0ec8dd7.assembly.stream", "product": { "name": "openshift4/ose-cluster-authentication-operator:v4.8.0-202106302318.p0.git.0ec8dd7.assembly.stream", "product_id": "openshift4/ose-cluster-authentication-operator:v4.8.0-202106302318.p0.git.0ec8dd7.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-cluster-autoscaler-operator:v4.8.0-202106291913.p0.git.fdae5ba.assembly.stream", "product": { "name": "openshift4/ose-cluster-autoscaler-operator:v4.8.0-202106291913.p0.git.fdae5ba.assembly.stream", "product_id": "openshift4/ose-cluster-autoscaler-operator:v4.8.0-202106291913.p0.git.fdae5ba.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-cluster-autoscaler:v4.8.0-202107152024.p0.git.7bbde4c.assembly.stream", "product": { "name": "openshift4/ose-cluster-autoscaler:v4.8.0-202107152024.p0.git.7bbde4c.assembly.stream", "product_id": "openshift4/ose-cluster-autoscaler:v4.8.0-202107152024.p0.git.7bbde4c.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-cluster-baremetal-operator-rhel8:v4.8.0-202106291913.p0.git.04a2ae2.assembly.stream", "product": { "name": "openshift4/ose-cluster-baremetal-operator-rhel8:v4.8.0-202106291913.p0.git.04a2ae2.assembly.stream", "product_id": "openshift4/ose-cluster-baremetal-operator-rhel8:v4.8.0-202106291913.p0.git.04a2ae2.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-cluster-bootstrap:v4.8.0-202106291913.p0.git.1af395b.assembly.stream", "product": { "name": "openshift4/ose-cluster-bootstrap:v4.8.0-202106291913.p0.git.1af395b.assembly.stream", "product_id": "openshift4/ose-cluster-bootstrap:v4.8.0-202106291913.p0.git.1af395b.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-cluster-config-operator:v4.8.0-202106291913.p0.git.c102241.assembly.stream", "product": { "name": "openshift4/ose-cluster-config-operator:v4.8.0-202106291913.p0.git.c102241.assembly.stream", "product_id": "openshift4/ose-cluster-config-operator:v4.8.0-202106291913.p0.git.c102241.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator:v4.8.0-202106291913.p0.git.07b3f81.assembly.stream", "product": { "name": "openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator:v4.8.0-202106291913.p0.git.07b3f81.assembly.stream", "product_id": "openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator:v4.8.0-202106291913.p0.git.07b3f81.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-cluster-dns-operator:v4.8.0-202107010313.p0.git.fdb2ebe.assembly.stream", "product": { "name": "openshift4/ose-cluster-dns-operator:v4.8.0-202107010313.p0.git.fdb2ebe.assembly.stream", "product_id": "openshift4/ose-cluster-dns-operator:v4.8.0-202107010313.p0.git.fdb2ebe.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-cluster-etcd-rhel8-operator:v4.8.0-202106291913.p0.git.300bdf3.assembly.stream", "product": { "name": "openshift4/ose-cluster-etcd-rhel8-operator:v4.8.0-202106291913.p0.git.300bdf3.assembly.stream", "product_id": "openshift4/ose-cluster-etcd-rhel8-operator:v4.8.0-202106291913.p0.git.300bdf3.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-cluster-image-registry-operator:v4.8.0-202106291913.p0.git.f09049a.assembly.stream", "product": { "name": "openshift4/ose-cluster-image-registry-operator:v4.8.0-202106291913.p0.git.f09049a.assembly.stream", "product_id": "openshift4/ose-cluster-image-registry-operator:v4.8.0-202106291913.p0.git.f09049a.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-cluster-ingress-operator:v4.8.0-202106291913.p0.git.e9e6295.assembly.stream", "product": { "name": "openshift4/ose-cluster-ingress-operator:v4.8.0-202106291913.p0.git.e9e6295.assembly.stream", "product_id": "openshift4/ose-cluster-ingress-operator:v4.8.0-202106291913.p0.git.e9e6295.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-cluster-kube-apiserver-operator:v4.8.0-202106291913.p0.git.d928754.assembly.stream", "product": { "name": "openshift4/ose-cluster-kube-apiserver-operator:v4.8.0-202106291913.p0.git.d928754.assembly.stream", "product_id": "openshift4/ose-cluster-kube-apiserver-operator:v4.8.0-202106291913.p0.git.d928754.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-cluster-kube-controller-manager-operator:v4.8.0-202107141920.p0.git.9dc35db.assembly.stream", "product": { "name": "openshift4/ose-cluster-kube-controller-manager-operator:v4.8.0-202107141920.p0.git.9dc35db.assembly.stream", "product_id": "openshift4/ose-cluster-kube-controller-manager-operator:v4.8.0-202107141920.p0.git.9dc35db.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-cluster-kube-scheduler-operator:v4.8.0-202106291913.p0.git.170a5a6.assembly.stream", "product": { "name": "openshift4/ose-cluster-kube-scheduler-operator:v4.8.0-202106291913.p0.git.170a5a6.assembly.stream", "product_id": "openshift4/ose-cluster-kube-scheduler-operator:v4.8.0-202106291913.p0.git.170a5a6.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator:v4.8.0-202106291913.p0.git.c4f4f8b.assembly.stream", "product": { "name": "openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator:v4.8.0-202106291913.p0.git.c4f4f8b.assembly.stream", "product_id": "openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator:v4.8.0-202106291913.p0.git.c4f4f8b.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-cluster-machine-approver:v4.8.0-202106291913.p0.git.724abd2.assembly.stream", "product": { "name": "openshift4/ose-cluster-machine-approver:v4.8.0-202106291913.p0.git.724abd2.assembly.stream", "product_id": "openshift4/ose-cluster-machine-approver:v4.8.0-202106291913.p0.git.724abd2.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-cluster-monitoring-operator:v4.8.0-202107151437.p0.git.5cfe241.assembly.stream", "product": { "name": "openshift4/ose-cluster-monitoring-operator:v4.8.0-202107151437.p0.git.5cfe241.assembly.stream", "product_id": "openshift4/ose-cluster-monitoring-operator:v4.8.0-202107151437.p0.git.5cfe241.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-cluster-network-operator:v4.8.0-202106291913.p0.git.a5ebd1e.assembly.stream", "product": { "name": "openshift4/ose-cluster-network-operator:v4.8.0-202106291913.p0.git.a5ebd1e.assembly.stream", "product_id": "openshift4/ose-cluster-network-operator:v4.8.0-202106291913.p0.git.a5ebd1e.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-cluster-node-tuning-operator:v4.8.0-202107091725.p0.git.6be3f67.assembly.stream", "product": { "name": "openshift4/ose-cluster-node-tuning-operator:v4.8.0-202107091725.p0.git.6be3f67.assembly.stream", "product_id": "openshift4/ose-cluster-node-tuning-operator:v4.8.0-202107091725.p0.git.6be3f67.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-cluster-openshift-apiserver-operator:v4.8.0-202106291913.p0.git.683d004.assembly.stream", "product": { "name": "openshift4/ose-cluster-openshift-apiserver-operator:v4.8.0-202106291913.p0.git.683d004.assembly.stream", "product_id": "openshift4/ose-cluster-openshift-apiserver-operator:v4.8.0-202106291913.p0.git.683d004.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-cluster-openshift-controller-manager-operator:v4.8.0-202106291913.p0.git.286c157.assembly.stream", "product": { "name": "openshift4/ose-cluster-openshift-controller-manager-operator:v4.8.0-202106291913.p0.git.286c157.assembly.stream", "product_id": "openshift4/ose-cluster-openshift-controller-manager-operator:v4.8.0-202106291913.p0.git.286c157.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-cluster-policy-controller-rhel8:v4.8.0-202106291913.p0.git.ec46ea5.assembly.stream", "product": { "name": "openshift4/ose-cluster-policy-controller-rhel8:v4.8.0-202106291913.p0.git.ec46ea5.assembly.stream", "product_id": "openshift4/ose-cluster-policy-controller-rhel8:v4.8.0-202106291913.p0.git.ec46ea5.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-cluster-samples-operator:v4.8.0-202107152024.p0.git.31fb491.assembly.stream", "product": { "name": "openshift4/ose-cluster-samples-operator:v4.8.0-202107152024.p0.git.31fb491.assembly.stream", "product_id": "openshift4/ose-cluster-samples-operator:v4.8.0-202107152024.p0.git.31fb491.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-cluster-storage-operator:v4.8.0-202106291913.p0.git.0775fb6.assembly.stream", "product": { "name": "openshift4/ose-cluster-storage-operator:v4.8.0-202106291913.p0.git.0775fb6.assembly.stream", "product_id": "openshift4/ose-cluster-storage-operator:v4.8.0-202106291913.p0.git.0775fb6.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-cluster-update-keys:v4.8.0-202106152230.p0.git.87835b7.assembly.stream", "product": { "name": "openshift4/ose-cluster-update-keys:v4.8.0-202106152230.p0.git.87835b7.assembly.stream", "product_id": "openshift4/ose-cluster-update-keys:v4.8.0-202106152230.p0.git.87835b7.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-cluster-version-operator:v4.8.0-202106291913.p0.git.ea6e779.assembly.stream", "product": { "name": "openshift4/ose-cluster-version-operator:v4.8.0-202106291913.p0.git.ea6e779.assembly.stream", "product_id": "openshift4/ose-cluster-version-operator:v4.8.0-202106291913.p0.git.ea6e779.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-configmap-reloader:v4.8.0-202106291913.p0.git.abc5c26.assembly.stream", "product": { "name": "openshift4/ose-configmap-reloader:v4.8.0-202106291913.p0.git.abc5c26.assembly.stream", "product_id": "openshift4/ose-configmap-reloader:v4.8.0-202106291913.p0.git.abc5c26.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-console-operator:v4.8.0-202106291913.p0.git.b5cf3e0.assembly.stream", "product": { "name": "openshift4/ose-console-operator:v4.8.0-202106291913.p0.git.b5cf3e0.assembly.stream", "product_id": "openshift4/ose-console-operator:v4.8.0-202106291913.p0.git.b5cf3e0.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-console:v4.8.0-202107010336.p0.git.188a490.assembly.stream", "product": { "name": "openshift4/ose-console:v4.8.0-202107010336.p0.git.188a490.assembly.stream", "product_id": "openshift4/ose-console:v4.8.0-202107010336.p0.git.188a490.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-container-networking-plugins-rhel8:v4.8.0-202106291913.p0.git.a8801b0.assembly.stream", "product": { "name": "openshift4/ose-container-networking-plugins-rhel8:v4.8.0-202106291913.p0.git.a8801b0.assembly.stream", "product_id": "openshift4/ose-container-networking-plugins-rhel8:v4.8.0-202106291913.p0.git.a8801b0.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-coredns:v4.8.0-202106291913.p0.git.642b46e.assembly.stream", "product": { "name": "openshift4/ose-coredns:v4.8.0-202106291913.p0.git.642b46e.assembly.stream", "product_id": "openshift4/ose-coredns:v4.8.0-202106291913.p0.git.642b46e.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-csi-driver-manila-rhel8-operator:v4.8.0-202106291913.p0.git.7e86252.assembly.stream", "product": { "name": "openshift4/ose-csi-driver-manila-rhel8-operator:v4.8.0-202106291913.p0.git.7e86252.assembly.stream", "product_id": "openshift4/ose-csi-driver-manila-rhel8-operator:v4.8.0-202106291913.p0.git.7e86252.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-csi-driver-manila-rhel8:v4.8.0-202106291913.p0.git.3579ead.assembly.stream", "product": { "name": "openshift4/ose-csi-driver-manila-rhel8:v4.8.0-202106291913.p0.git.3579ead.assembly.stream", "product_id": "openshift4/ose-csi-driver-manila-rhel8:v4.8.0-202106291913.p0.git.3579ead.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-csi-driver-nfs-rhel8:v4.8.0-202106291913.p0.git.9404d34.assembly.stream", "product": { "name": "openshift4/ose-csi-driver-nfs-rhel8:v4.8.0-202106291913.p0.git.9404d34.assembly.stream", "product_id": "openshift4/ose-csi-driver-nfs-rhel8:v4.8.0-202106291913.p0.git.9404d34.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-csi-external-attacher-rhel8:v4.8.0-202106291913.p0.git.596da63.assembly.stream", "product": { "name": "openshift4/ose-csi-external-attacher-rhel8:v4.8.0-202106291913.p0.git.596da63.assembly.stream", "product_id": "openshift4/ose-csi-external-attacher-rhel8:v4.8.0-202106291913.p0.git.596da63.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-csi-external-attacher:v4.8.0-202106291913.p0.git.596da63.assembly.stream", "product": { "name": "openshift4/ose-csi-external-attacher:v4.8.0-202106291913.p0.git.596da63.assembly.stream", "product_id": "openshift4/ose-csi-external-attacher:v4.8.0-202106291913.p0.git.596da63.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-csi-external-provisioner-rhel8:v4.8.0-202106291913.p0.git.3ea7e68.assembly.stream", "product": { "name": "openshift4/ose-csi-external-provisioner-rhel8:v4.8.0-202106291913.p0.git.3ea7e68.assembly.stream", "product_id": "openshift4/ose-csi-external-provisioner-rhel8:v4.8.0-202106291913.p0.git.3ea7e68.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-csi-external-provisioner:v4.8.0-202106291913.p0.git.3ea7e68.assembly.stream", "product": { "name": "openshift4/ose-csi-external-provisioner:v4.8.0-202106291913.p0.git.3ea7e68.assembly.stream", "product_id": "openshift4/ose-csi-external-provisioner:v4.8.0-202106291913.p0.git.3ea7e68.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-csi-external-resizer-rhel8:v4.8.0-202106291913.p0.git.b5dd2b3.assembly.stream", "product": { "name": "openshift4/ose-csi-external-resizer-rhel8:v4.8.0-202106291913.p0.git.b5dd2b3.assembly.stream", "product_id": "openshift4/ose-csi-external-resizer-rhel8:v4.8.0-202106291913.p0.git.b5dd2b3.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-csi-external-resizer:v4.8.0-202106291913.p0.git.b5dd2b3.assembly.stream", "product": { "name": "openshift4/ose-csi-external-resizer:v4.8.0-202106291913.p0.git.b5dd2b3.assembly.stream", "product_id": "openshift4/ose-csi-external-resizer:v4.8.0-202106291913.p0.git.b5dd2b3.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-csi-external-snapshotter-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "product": { "name": "openshift4/ose-csi-external-snapshotter-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "product_id": "openshift4/ose-csi-external-snapshotter-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-csi-external-snapshotter:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "product": { "name": "openshift4/ose-csi-external-snapshotter:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "product_id": "openshift4/ose-csi-external-snapshotter:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-csi-livenessprobe-rhel8:v4.8.0-202106291913.p0.git.a29b115.assembly.stream", "product": { "name": "openshift4/ose-csi-livenessprobe-rhel8:v4.8.0-202106291913.p0.git.a29b115.assembly.stream", "product_id": "openshift4/ose-csi-livenessprobe-rhel8:v4.8.0-202106291913.p0.git.a29b115.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-csi-livenessprobe:v4.8.0-202106291913.p0.git.a29b115.assembly.stream", "product": { "name": "openshift4/ose-csi-livenessprobe:v4.8.0-202106291913.p0.git.a29b115.assembly.stream", "product_id": "openshift4/ose-csi-livenessprobe:v4.8.0-202106291913.p0.git.a29b115.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-csi-node-driver-registrar-rhel8:v4.8.0-202106291913.p0.git.0519730.assembly.stream", "product": { "name": "openshift4/ose-csi-node-driver-registrar-rhel8:v4.8.0-202106291913.p0.git.0519730.assembly.stream", "product_id": "openshift4/ose-csi-node-driver-registrar-rhel8:v4.8.0-202106291913.p0.git.0519730.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-csi-node-driver-registrar:v4.8.0-202106291913.p0.git.0519730.assembly.stream", "product": { "name": "openshift4/ose-csi-node-driver-registrar:v4.8.0-202106291913.p0.git.0519730.assembly.stream", "product_id": "openshift4/ose-csi-node-driver-registrar:v4.8.0-202106291913.p0.git.0519730.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-csi-snapshot-controller-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "product": { "name": "openshift4/ose-csi-snapshot-controller-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "product_id": "openshift4/ose-csi-snapshot-controller-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-csi-snapshot-controller:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "product": { "name": "openshift4/ose-csi-snapshot-controller:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "product_id": "openshift4/ose-csi-snapshot-controller:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-csi-snapshot-validation-webhook-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "product": { "name": "openshift4/ose-csi-snapshot-validation-webhook-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "product_id": "openshift4/ose-csi-snapshot-validation-webhook-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-deployer:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "product": { "name": "openshift4/ose-deployer:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "product_id": "openshift4/ose-deployer:v4.8.0-202106291725.p0.git.1077b05.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-docker-builder:v4.8.0-202107152024.p0.git.70b7b95.assembly.stream", "product": { "name": "openshift4/ose-docker-builder:v4.8.0-202107152024.p0.git.70b7b95.assembly.stream", "product_id": "openshift4/ose-docker-builder:v4.8.0-202107152024.p0.git.70b7b95.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-docker-registry:v4.8.0-202106291913.p0.git.a87e6c5.assembly.stream", "product": { "name": "openshift4/ose-docker-registry:v4.8.0-202106291913.p0.git.a87e6c5.assembly.stream", "product_id": "openshift4/ose-docker-registry:v4.8.0-202106291913.p0.git.a87e6c5.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-etcd:v4.8.0-202106152230.p0.git.aefa6bf.assembly.stream", "product": { "name": "openshift4/ose-etcd:v4.8.0-202106152230.p0.git.aefa6bf.assembly.stream", "product_id": "openshift4/ose-etcd:v4.8.0-202106152230.p0.git.aefa6bf.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-gcp-machine-controllers-rhel8:v4.8.0-202106291913.p0.git.34db56e.assembly.stream", "product": { "name": "openshift4/ose-gcp-machine-controllers-rhel8:v4.8.0-202106291913.p0.git.34db56e.assembly.stream", "product_id": "openshift4/ose-gcp-machine-controllers-rhel8:v4.8.0-202106291913.p0.git.34db56e.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-gcp-pd-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.35ebe86.assembly.stream", "product": { "name": "openshift4/ose-gcp-pd-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.35ebe86.assembly.stream", "product_id": "openshift4/ose-gcp-pd-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.35ebe86.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-gcp-pd-csi-driver-rhel8:v4.8.0-202106291913.p0.git.0b61889.assembly.stream", "product": { "name": "openshift4/ose-gcp-pd-csi-driver-rhel8:v4.8.0-202106291913.p0.git.0b61889.assembly.stream", "product_id": "openshift4/ose-gcp-pd-csi-driver-rhel8:v4.8.0-202106291913.p0.git.0b61889.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-grafana:v4.8.0-202106291913.p0.git.b987e4b.assembly.stream", "product": { "name": "openshift4/ose-grafana:v4.8.0-202106291913.p0.git.b987e4b.assembly.stream", "product_id": "openshift4/ose-grafana:v4.8.0-202106291913.p0.git.b987e4b.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-haproxy-router:v4.8.0-202106291913.p0.git.207d546.assembly.stream", "product": { "name": "openshift4/ose-haproxy-router:v4.8.0-202106291913.p0.git.207d546.assembly.stream", "product_id": "openshift4/ose-haproxy-router:v4.8.0-202106291913.p0.git.207d546.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-hyperkube:v4.8.0-202107161820.p0.git.051ac4f.assembly.stream", "product": { "name": "openshift4/ose-hyperkube:v4.8.0-202107161820.p0.git.051ac4f.assembly.stream", "product_id": "openshift4/ose-hyperkube:v4.8.0-202107161820.p0.git.051ac4f.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-insights-rhel8-operator:v4.8.0-202106291913.p0.git.2040a71.assembly.stream", "product": { "name": "openshift4/ose-insights-rhel8-operator:v4.8.0-202106291913.p0.git.2040a71.assembly.stream", "product_id": "openshift4/ose-insights-rhel8-operator:v4.8.0-202106291913.p0.git.2040a71.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-installer-artifacts:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream", "product": { "name": "openshift4/ose-installer-artifacts:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream", "product_id": "openshift4/ose-installer-artifacts:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-installer:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream", "product": { "name": "openshift4/ose-installer:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream", "product_id": "openshift4/ose-installer:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-ironic-hardware-inventory-recorder-rhel8:v4.8.0-202107191801.p0.git.61c4cc7.assembly.stream", "product": { "name": "openshift4/ose-ironic-hardware-inventory-recorder-rhel8:v4.8.0-202107191801.p0.git.61c4cc7.assembly.stream", "product_id": "openshift4/ose-ironic-hardware-inventory-recorder-rhel8:v4.8.0-202107191801.p0.git.61c4cc7.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-ironic-inspector-rhel8:v4.8.0-202107191302.p0.git.9aafd07.assembly.stream", "product": { "name": "openshift4/ose-ironic-inspector-rhel8:v4.8.0-202107191302.p0.git.9aafd07.assembly.stream", "product_id": "openshift4/ose-ironic-inspector-rhel8:v4.8.0-202107191302.p0.git.9aafd07.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-ironic-ipa-downloader-rhel8:v4.8.0-202107152024.p0.git.ba87832.assembly.stream", "product": { "name": "openshift4/ose-ironic-ipa-downloader-rhel8:v4.8.0-202107152024.p0.git.ba87832.assembly.stream", "product_id": "openshift4/ose-ironic-ipa-downloader-rhel8:v4.8.0-202107152024.p0.git.ba87832.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-ironic-machine-os-downloader-rhel8:v4.8.0-202107152024.p0.git.71967e7.assembly.stream", "product": { "name": "openshift4/ose-ironic-machine-os-downloader-rhel8:v4.8.0-202107152024.p0.git.71967e7.assembly.stream", "product_id": "openshift4/ose-ironic-machine-os-downloader-rhel8:v4.8.0-202107152024.p0.git.71967e7.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-ironic-rhel8:v4.8.0-202107191302.p0.git.227b76b.assembly.stream", "product": { "name": "openshift4/ose-ironic-rhel8:v4.8.0-202107191302.p0.git.227b76b.assembly.stream", "product_id": "openshift4/ose-ironic-rhel8:v4.8.0-202107191302.p0.git.227b76b.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-ironic-static-ip-manager-rhel8:v4.8.0-202107152024.p0.git.d2e40e3.assembly.stream", "product": { "name": "openshift4/ose-ironic-static-ip-manager-rhel8:v4.8.0-202107152024.p0.git.d2e40e3.assembly.stream", "product_id": "openshift4/ose-ironic-static-ip-manager-rhel8:v4.8.0-202107152024.p0.git.d2e40e3.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-jenkins-agent-base:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "product": { "name": "openshift4/ose-jenkins-agent-base:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "product_id": "openshift4/ose-jenkins-agent-base:v4.8.0-202106291913.p0.git.6c68667.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-jenkins-agent-maven:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "product": { "name": "openshift4/ose-jenkins-agent-maven:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "product_id": "openshift4/ose-jenkins-agent-maven:v4.8.0-202106291913.p0.git.6c68667.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-jenkins-agent-nodejs-12-rhel8:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "product": { "name": "openshift4/ose-jenkins-agent-nodejs-12-rhel8:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "product_id": "openshift4/ose-jenkins-agent-nodejs-12-rhel8:v4.8.0-202106291913.p0.git.6c68667.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-jenkins:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "product": { "name": "openshift4/ose-jenkins:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "product_id": "openshift4/ose-jenkins:v4.8.0-202106291913.p0.git.6c68667.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-k8s-prometheus-adapter:v4.8.0-202106291913.p0.git.2856bc2.assembly.stream", "product": { "name": "openshift4/ose-k8s-prometheus-adapter:v4.8.0-202106291913.p0.git.2856bc2.assembly.stream", "product_id": "openshift4/ose-k8s-prometheus-adapter:v4.8.0-202106291913.p0.git.2856bc2.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-keepalived-ipfailover:v4.8.0-202106152230.p0.git.ad38e11.assembly.stream", "product": { "name": "openshift4/ose-keepalived-ipfailover:v4.8.0-202106152230.p0.git.ad38e11.assembly.stream", "product_id": "openshift4/ose-keepalived-ipfailover:v4.8.0-202106152230.p0.git.ad38e11.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-kube-proxy:v4.8.0-202106291913.p0.git.00d84a9.assembly.stream", "product": { "name": "openshift4/ose-kube-proxy:v4.8.0-202106291913.p0.git.00d84a9.assembly.stream", "product_id": "openshift4/ose-kube-proxy:v4.8.0-202106291913.p0.git.00d84a9.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-kube-state-metrics:v4.8.0-202106291913.p0.git.9471662.assembly.stream", "product": { "name": "openshift4/ose-kube-state-metrics:v4.8.0-202106291913.p0.git.9471662.assembly.stream", "product_id": "openshift4/ose-kube-state-metrics:v4.8.0-202106291913.p0.git.9471662.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-kube-storage-version-migrator-rhel8:v4.8.0-202106291913.p0.git.901a6d2.assembly.stream", "product": { "name": "openshift4/ose-kube-storage-version-migrator-rhel8:v4.8.0-202106291913.p0.git.901a6d2.assembly.stream", "product_id": "openshift4/ose-kube-storage-version-migrator-rhel8:v4.8.0-202106291913.p0.git.901a6d2.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-kuryr-cni-rhel8:v4.8.0-202107191610.p0.git.8a4c2d8.assembly.stream", "product": { "name": "openshift4/ose-kuryr-cni-rhel8:v4.8.0-202107191610.p0.git.8a4c2d8.assembly.stream", "product_id": "openshift4/ose-kuryr-cni-rhel8:v4.8.0-202107191610.p0.git.8a4c2d8.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-kuryr-controller-rhel8:v4.8.0-202107191610.p0.git.8a4c2d8.assembly.stream", "product": { "name": "openshift4/ose-kuryr-controller-rhel8:v4.8.0-202107191610.p0.git.8a4c2d8.assembly.stream", "product_id": "openshift4/ose-kuryr-controller-rhel8:v4.8.0-202107191610.p0.git.8a4c2d8.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-libvirt-machine-controllers:v4.8.0-202106291913.p0.git.1a48d4b.assembly.stream", "product": { "name": "openshift4/ose-libvirt-machine-controllers:v4.8.0-202106291913.p0.git.1a48d4b.assembly.stream", "product_id": "openshift4/ose-libvirt-machine-controllers:v4.8.0-202106291913.p0.git.1a48d4b.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-machine-api-operator:v4.8.0-202107091016.p0.git.1155220.assembly.stream", "product": { "name": "openshift4/ose-machine-api-operator:v4.8.0-202107091016.p0.git.1155220.assembly.stream", "product_id": "openshift4/ose-machine-api-operator:v4.8.0-202107091016.p0.git.1155220.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-machine-config-operator:v4.8.0-202107011817.p0.git.29813c8.assembly.stream", "product": { "name": "openshift4/ose-machine-config-operator:v4.8.0-202107011817.p0.git.29813c8.assembly.stream", "product_id": "openshift4/ose-machine-config-operator:v4.8.0-202107011817.p0.git.29813c8.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-mdns-publisher-rhel8:v4.8.0-202106291913.p0.git.2c42cc4.assembly.stream", "product": { "name": "openshift4/ose-mdns-publisher-rhel8:v4.8.0-202106291913.p0.git.2c42cc4.assembly.stream", "product_id": "openshift4/ose-mdns-publisher-rhel8:v4.8.0-202106291913.p0.git.2c42cc4.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-multus-admission-controller:v4.8.0-202106291913.p0.git.a7312f5.assembly.stream", "product": { "name": "openshift4/ose-multus-admission-controller:v4.8.0-202106291913.p0.git.a7312f5.assembly.stream", "product_id": "openshift4/ose-multus-admission-controller:v4.8.0-202106291913.p0.git.a7312f5.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-multus-cni:v4.8.0-202106291913.p0.git.0c97234.assembly.stream", "product": { "name": "openshift4/ose-multus-cni:v4.8.0-202106291913.p0.git.0c97234.assembly.stream", "product_id": "openshift4/ose-multus-cni:v4.8.0-202106291913.p0.git.0c97234.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-multus-networkpolicy-rhel8:v4.8.0-202106291913.p0.git.187ad91.assembly.stream", "product": { "name": "openshift4/ose-multus-networkpolicy-rhel8:v4.8.0-202106291913.p0.git.187ad91.assembly.stream", "product_id": "openshift4/ose-multus-networkpolicy-rhel8:v4.8.0-202106291913.p0.git.187ad91.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-multus-route-override-cni-rhel8:v4.8.0-202107152024.p0.git.1662c3e.assembly.stream", "product": { "name": "openshift4/ose-multus-route-override-cni-rhel8:v4.8.0-202107152024.p0.git.1662c3e.assembly.stream", "product_id": "openshift4/ose-multus-route-override-cni-rhel8:v4.8.0-202107152024.p0.git.1662c3e.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-multus-whereabouts-ipam-cni-rhel8:v4.8.0-202107152024.p0.git.9a05258.assembly.stream", "product": { "name": "openshift4/ose-multus-whereabouts-ipam-cni-rhel8:v4.8.0-202107152024.p0.git.9a05258.assembly.stream", "product_id": "openshift4/ose-multus-whereabouts-ipam-cni-rhel8:v4.8.0-202107152024.p0.git.9a05258.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-must-gather:v4.8.0-202106291913.p0.git.cc7e2a5.assembly.stream", "product": { "name": "openshift4/ose-must-gather:v4.8.0-202106291913.p0.git.cc7e2a5.assembly.stream", "product_id": "openshift4/ose-must-gather:v4.8.0-202106291913.p0.git.cc7e2a5.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-network-metrics-daemon-rhel8:v4.8.0-202106291913.p0.git.f02c63a.assembly.stream", "product": { "name": "openshift4/ose-network-metrics-daemon-rhel8:v4.8.0-202106291913.p0.git.f02c63a.assembly.stream", "product_id": "openshift4/ose-network-metrics-daemon-rhel8:v4.8.0-202106291913.p0.git.f02c63a.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-oauth-apiserver-rhel8:v4.8.0-202106291913.p0.git.09435a5.assembly.stream", "product": { "name": "openshift4/ose-oauth-apiserver-rhel8:v4.8.0-202106291913.p0.git.09435a5.assembly.stream", "product_id": "openshift4/ose-oauth-apiserver-rhel8:v4.8.0-202106291913.p0.git.09435a5.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-oauth-proxy:v4.8.0-202107152024.p0.git.3fc0d89.assembly.stream", "product": { "name": "openshift4/ose-oauth-proxy:v4.8.0-202107152024.p0.git.3fc0d89.assembly.stream", "product_id": "openshift4/ose-oauth-proxy:v4.8.0-202107152024.p0.git.3fc0d89.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-oauth-server-rhel8:v4.8.0-202106291913.p0.git.374e2ee.assembly.stream", "product": { "name": "openshift4/ose-oauth-server-rhel8:v4.8.0-202106291913.p0.git.374e2ee.assembly.stream", "product_id": "openshift4/ose-oauth-server-rhel8:v4.8.0-202106291913.p0.git.374e2ee.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-openshift-apiserver-rhel8:v4.8.0-202106291913.p0.git.3949869.assembly.stream", "product": { "name": "openshift4/ose-openshift-apiserver-rhel8:v4.8.0-202106291913.p0.git.3949869.assembly.stream", "product_id": "openshift4/ose-openshift-apiserver-rhel8:v4.8.0-202106291913.p0.git.3949869.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-openshift-controller-manager-rhel8:v4.8.0-202106291913.p0.git.2e25328.assembly.stream", "product": { "name": "openshift4/ose-openshift-controller-manager-rhel8:v4.8.0-202106291913.p0.git.2e25328.assembly.stream", "product_id": "openshift4/ose-openshift-controller-manager-rhel8:v4.8.0-202106291913.p0.git.2e25328.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-openshift-state-metrics-rhel8:v4.8.0-202106291913.p0.git.1014291.assembly.stream", "product": { "name": "openshift4/ose-openshift-state-metrics-rhel8:v4.8.0-202106291913.p0.git.1014291.assembly.stream", "product_id": "openshift4/ose-openshift-state-metrics-rhel8:v4.8.0-202106291913.p0.git.1014291.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-openstack-cinder-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.1184ace.assembly.stream", "product": { "name": "openshift4/ose-openstack-cinder-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.1184ace.assembly.stream", "product_id": "openshift4/ose-openstack-cinder-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.1184ace.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-openstack-cinder-csi-driver-rhel8:v4.8.0-202106291913.p0.git.3579ead.assembly.stream", "product": { "name": "openshift4/ose-openstack-cinder-csi-driver-rhel8:v4.8.0-202106291913.p0.git.3579ead.assembly.stream", "product_id": "openshift4/ose-openstack-cinder-csi-driver-rhel8:v4.8.0-202106291913.p0.git.3579ead.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-openstack-machine-controllers:v4.8.0-202106291913.p0.git.3024c78.assembly.stream", "product": { "name": "openshift4/ose-openstack-machine-controllers:v4.8.0-202106291913.p0.git.3024c78.assembly.stream", "product_id": "openshift4/ose-openstack-machine-controllers:v4.8.0-202106291913.p0.git.3024c78.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-operator-lifecycle-manager:v4.8.0-202107160028.p0.git.2b803dd.assembly.stream", "product": { "name": "openshift4/ose-operator-lifecycle-manager:v4.8.0-202107160028.p0.git.2b803dd.assembly.stream", "product_id": "openshift4/ose-operator-lifecycle-manager:v4.8.0-202107160028.p0.git.2b803dd.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-operator-marketplace:v4.8.0-202106291913.p0.git.e39ff59.assembly.stream", "product": { "name": "openshift4/ose-operator-marketplace:v4.8.0-202106291913.p0.git.e39ff59.assembly.stream", "product_id": "openshift4/ose-operator-marketplace:v4.8.0-202106291913.p0.git.e39ff59.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-operator-registry:v4.8.0-202107160028.p0.git.2b803dd.assembly.stream", "product": { "name": "openshift4/ose-operator-registry:v4.8.0-202107160028.p0.git.2b803dd.assembly.stream", "product_id": "openshift4/ose-operator-registry:v4.8.0-202107160028.p0.git.2b803dd.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-ovirt-machine-controllers-rhel8:v4.8.0-202106291913.p0.git.86c1675.assembly.stream", "product": { "name": "openshift4/ose-ovirt-machine-controllers-rhel8:v4.8.0-202106291913.p0.git.86c1675.assembly.stream", "product_id": "openshift4/ose-ovirt-machine-controllers-rhel8:v4.8.0-202106291913.p0.git.86c1675.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-ovn-kubernetes:v4.8.0-202106291913.p0.git.dbc67b5.assembly.stream", "product": { "name": "openshift4/ose-ovn-kubernetes:v4.8.0-202106291913.p0.git.dbc67b5.assembly.stream", "product_id": "openshift4/ose-ovn-kubernetes:v4.8.0-202106291913.p0.git.dbc67b5.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-pod:v4.8.0-202107161820.p0.git.051ac4f.assembly.stream", "product": { "name": "openshift4/ose-pod:v4.8.0-202107161820.p0.git.051ac4f.assembly.stream", "product_id": "openshift4/ose-pod:v4.8.0-202107161820.p0.git.051ac4f.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-prom-label-proxy:v4.8.0-202106291913.p0.git.2faeb40.assembly.stream", "product": { "name": "openshift4/ose-prom-label-proxy:v4.8.0-202106291913.p0.git.2faeb40.assembly.stream", "product_id": "openshift4/ose-prom-label-proxy:v4.8.0-202106291913.p0.git.2faeb40.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-prometheus-alertmanager:v4.8.0-202106291913.p0.git.7b5ac87.assembly.stream", "product": { "name": "openshift4/ose-prometheus-alertmanager:v4.8.0-202106291913.p0.git.7b5ac87.assembly.stream", "product_id": "openshift4/ose-prometheus-alertmanager:v4.8.0-202106291913.p0.git.7b5ac87.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-prometheus-config-reloader:v4.8.0-202106291913.p0.git.9d679a1.assembly.stream", "product": { "name": "openshift4/ose-prometheus-config-reloader:v4.8.0-202106291913.p0.git.9d679a1.assembly.stream", "product_id": "openshift4/ose-prometheus-config-reloader:v4.8.0-202106291913.p0.git.9d679a1.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-prometheus-node-exporter:v4.8.0-202106291913.p0.git.c926449.assembly.stream", "product": { "name": "openshift4/ose-prometheus-node-exporter:v4.8.0-202106291913.p0.git.c926449.assembly.stream", "product_id": "openshift4/ose-prometheus-node-exporter:v4.8.0-202106291913.p0.git.c926449.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-prometheus-operator:v4.8.0-202106291913.p0.git.9d679a1.assembly.stream", "product": { "name": "openshift4/ose-prometheus-operator:v4.8.0-202106291913.p0.git.9d679a1.assembly.stream", "product_id": "openshift4/ose-prometheus-operator:v4.8.0-202106291913.p0.git.9d679a1.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-prometheus:v4.8.0-202106291913.p0.git.f3beb88.assembly.stream", "product": { "name": "openshift4/ose-prometheus:v4.8.0-202106291913.p0.git.f3beb88.assembly.stream", "product_id": "openshift4/ose-prometheus:v4.8.0-202106291913.p0.git.f3beb88.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-sdn-rhel8:v4.8.0-202106291913.p0.git.00d84a9.assembly.stream", "product": { "name": "openshift4/ose-sdn-rhel8:v4.8.0-202106291913.p0.git.00d84a9.assembly.stream", "product_id": "openshift4/ose-sdn-rhel8:v4.8.0-202106291913.p0.git.00d84a9.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-service-ca-operator:v4.8.0-202107131132.p0.git.bcc6df4.assembly.stream", "product": { "name": "openshift4/ose-service-ca-operator:v4.8.0-202107131132.p0.git.bcc6df4.assembly.stream", "product_id": "openshift4/ose-service-ca-operator:v4.8.0-202107131132.p0.git.bcc6df4.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-telemeter:v4.8.0-202106291913.p0.git.d6ceb8a.assembly.stream", "product": { "name": "openshift4/ose-telemeter:v4.8.0-202106291913.p0.git.d6ceb8a.assembly.stream", "product_id": "openshift4/ose-telemeter:v4.8.0-202106291913.p0.git.d6ceb8a.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-tests:v4.8.0-202107131424.p0.git.0d958c3.assembly.stream", "product": { "name": "openshift4/ose-tests:v4.8.0-202107131424.p0.git.0d958c3.assembly.stream", "product_id": "openshift4/ose-tests:v4.8.0-202107131424.p0.git.0d958c3.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-thanos-rhel8:v4.8.0-202106291913.p0.git.c358e96.assembly.stream", "product": { "name": "openshift4/ose-thanos-rhel8:v4.8.0-202106291913.p0.git.c358e96.assembly.stream", "product_id": "openshift4/ose-thanos-rhel8:v4.8.0-202106291913.p0.git.c358e96.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-tools-rhel8:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "product": { "name": "openshift4/ose-tools-rhel8:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "product_id": "openshift4/ose-tools-rhel8:v4.8.0-202106291725.p0.git.1077b05.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-vmware-vsphere-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.edbdd69.assembly.stream", "product": { "name": "openshift4/ose-vmware-vsphere-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.edbdd69.assembly.stream", "product_id": "openshift4/ose-vmware-vsphere-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.edbdd69.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-vmware-vsphere-csi-driver-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream", "product": { "name": "openshift4/ose-vmware-vsphere-csi-driver-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream", "product_id": "openshift4/ose-vmware-vsphere-csi-driver-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-vsphere-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.edbdd69.assembly.stream", "product": { "name": "openshift4/ose-vsphere-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.edbdd69.assembly.stream", "product_id": "openshift4/ose-vsphere-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.edbdd69.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-vsphere-csi-driver-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream", "product": { "name": "openshift4/ose-vsphere-csi-driver-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream", "product_id": "openshift4/ose-vsphere-csi-driver-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-vsphere-csi-driver-syncer-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream", "product": { "name": "openshift4/ose-vsphere-csi-driver-syncer-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream", "product_id": "openshift4/ose-vsphere-csi-driver-syncer-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-vsphere-problem-detector-rhel8:v4.8.0-202106291913.p0.git.bf6f4fa.assembly.stream", "product": { "name": "openshift4/ose-vsphere-problem-detector-rhel8:v4.8.0-202106291913.p0.git.bf6f4fa.assembly.stream", "product_id": "openshift4/ose-vsphere-problem-detector-rhel8:v4.8.0-202106291913.p0.git.bf6f4fa.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ovirt-csi-driver-rhel7:v4.8.0-202106291913.p0.git.b1d4ec3.assembly.stream", "product": { "name": "openshift4/ovirt-csi-driver-rhel7:v4.8.0-202106291913.p0.git.b1d4ec3.assembly.stream", "product_id": "openshift4/ovirt-csi-driver-rhel7:v4.8.0-202106291913.p0.git.b1d4ec3.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ovirt-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.7b6cd3d.assembly.stream", "product": { "name": "openshift4/ovirt-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.7b6cd3d.assembly.stream", "product_id": "openshift4/ovirt-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.7b6cd3d.assembly.stream" } } ], "category": "vendor", "name": "Red Hat" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "openshift4/driver-toolkit-rhel8:v4.8.0-202107210116.p0.git.37de0e6.assembly.stream as a component of Red Hat OpenShift Container Platform 4.8", "product_id": "8Base-RHOSE-4.8:openshift4/driver-toolkit-rhel8:v4.8.0-202107210116.p0.git.37de0e6.assembly.stream" }, "product_reference": "openshift4/driver-toolkit-rhel8:v4.8.0-202107210116.p0.git.37de0e6.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.8" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/egress-router-cni-rhel8:v4.8.0-202106291913.p0.git.016bea1.assembly.stream as a component of Red Hat OpenShift Container Platform 4.8", "product_id": "8Base-RHOSE-4.8:openshift4/egress-router-cni-rhel8:v4.8.0-202106291913.p0.git.016bea1.assembly.stream" }, "product_reference": "openshift4/egress-router-cni-rhel8:v4.8.0-202106291913.p0.git.016bea1.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.8" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/network-tools-rhel8:v4.8.0-202106291913.p0.git.5ac3739.assembly.stream as a component of Red Hat OpenShift Container Platform 4.8", "product_id": "8Base-RHOSE-4.8:openshift4/network-tools-rhel8:v4.8.0-202106291913.p0.git.5ac3739.assembly.stream" }, "product_reference": "openshift4/network-tools-rhel8:v4.8.0-202106291913.p0.git.5ac3739.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.8" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-aws-ebs-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.d1fe616.assembly.stream as a component of Red Hat OpenShift Container Platform 4.8", "product_id": "8Base-RHOSE-4.8:openshift4/ose-aws-ebs-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.d1fe616.assembly.stream" }, "product_reference": "openshift4/ose-aws-ebs-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.d1fe616.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.8" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-aws-ebs-csi-driver-rhel8:v4.8.0-202106291913.p0.git.8c036e4.assembly.stream as a component of Red Hat OpenShift Container Platform 4.8", "product_id": "8Base-RHOSE-4.8:openshift4/ose-aws-ebs-csi-driver-rhel8:v4.8.0-202106291913.p0.git.8c036e4.assembly.stream" }, "product_reference": "openshift4/ose-aws-ebs-csi-driver-rhel8:v4.8.0-202106291913.p0.git.8c036e4.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.8" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-aws-machine-controllers:v4.8.0-202107131617.p0.git.4c66f3d.assembly.stream as a component of Red Hat OpenShift Container Platform 4.8", "product_id": "8Base-RHOSE-4.8:openshift4/ose-aws-machine-controllers:v4.8.0-202107131617.p0.git.4c66f3d.assembly.stream" }, "product_reference": "openshift4/ose-aws-machine-controllers:v4.8.0-202107131617.p0.git.4c66f3d.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.8" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-aws-pod-identity-webhook-rhel8:v4.8.0-202107081650.p0.git.2b8eee2.assembly.stream as a component of Red Hat OpenShift Container Platform 4.8", "product_id": "8Base-RHOSE-4.8:openshift4/ose-aws-pod-identity-webhook-rhel8:v4.8.0-202107081650.p0.git.2b8eee2.assembly.stream" }, "product_reference": "openshift4/ose-aws-pod-identity-webhook-rhel8:v4.8.0-202107081650.p0.git.2b8eee2.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.8" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-azure-disk-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.d3a3c29.assembly.stream as a component of Red Hat OpenShift Container Platform 4.8", "product_id": "8Base-RHOSE-4.8:openshift4/ose-azure-disk-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.d3a3c29.assembly.stream" }, "product_reference": "openshift4/ose-azure-disk-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.d3a3c29.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.8" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-azure-disk-csi-driver-rhel8:v4.8.0-202106291913.p0.git.2d461b3.assembly.stream as a component of Red Hat OpenShift Container Platform 4.8", "product_id": "8Base-RHOSE-4.8:openshift4/ose-azure-disk-csi-driver-rhel8:v4.8.0-202106291913.p0.git.2d461b3.assembly.stream" }, "product_reference": "openshift4/ose-azure-disk-csi-driver-rhel8:v4.8.0-202106291913.p0.git.2d461b3.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.8" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-azure-machine-controllers:v4.8.0-202106291913.p0.git.8301076.assembly.stream as a component of Red Hat OpenShift Container Platform 4.8", "product_id": "8Base-RHOSE-4.8:openshift4/ose-azure-machine-controllers:v4.8.0-202106291913.p0.git.8301076.assembly.stream" }, "product_reference": "openshift4/ose-azure-machine-controllers:v4.8.0-202106291913.p0.git.8301076.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.8" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-baremetal-installer-rhel8:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream as a component of Red Hat OpenShift Container Platform 4.8", "product_id": "8Base-RHOSE-4.8:openshift4/ose-baremetal-installer-rhel8:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream" }, "product_reference": "openshift4/ose-baremetal-installer-rhel8:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.8" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-baremetal-machine-controllers:v4.8.0-202106291913.p0.git.a60d493.assembly.stream as a component of Red Hat OpenShift Container Platform 4.8", "product_id": "8Base-RHOSE-4.8:openshift4/ose-baremetal-machine-controllers:v4.8.0-202106291913.p0.git.a60d493.assembly.stream" }, "product_reference": "openshift4/ose-baremetal-machine-controllers:v4.8.0-202106291913.p0.git.a60d493.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.8" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-baremetal-rhel8-operator:v4.8.0-202106291913.p0.git.015024f.assembly.stream as a component of Red Hat OpenShift Container Platform 4.8", "product_id": "8Base-RHOSE-4.8:openshift4/ose-baremetal-rhel8-operator:v4.8.0-202106291913.p0.git.015024f.assembly.stream" }, "product_reference": "openshift4/ose-baremetal-rhel8-operator:v4.8.0-202106291913.p0.git.015024f.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.8" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-baremetal-runtimecfg-rhel8:v4.8.0-202106291913.p0.git.c8b1456.assembly.stream as a component of Red Hat OpenShift Container Platform 4.8", "product_id": "8Base-RHOSE-4.8:openshift4/ose-baremetal-runtimecfg-rhel8:v4.8.0-202106291913.p0.git.c8b1456.assembly.stream" }, "product_reference": "openshift4/ose-baremetal-runtimecfg-rhel8:v4.8.0-202106291913.p0.git.c8b1456.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.8" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-cli-artifacts:v4.8.0-202106291725.p0.git.1077b05.assembly.stream as a component of Red Hat OpenShift Container Platform 4.8", "product_id": "8Base-RHOSE-4.8:openshift4/ose-cli-artifacts:v4.8.0-202106291725.p0.git.1077b05.assembly.stream" }, "product_reference": "openshift4/ose-cli-artifacts:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.8" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-cli:v4.8.0-202106291725.p0.git.1077b05.assembly.stream as a component of Red Hat OpenShift Container Platform 4.8", "product_id": "8Base-RHOSE-4.8:openshift4/ose-cli:v4.8.0-202106291725.p0.git.1077b05.assembly.stream" }, "product_reference": "openshift4/ose-cli:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.8" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-cloud-credential-operator:v4.8.0-202106291913.p0.git.b8932e9.assembly.stream as a component of Red Hat OpenShift Container Platform 4.8", "product_id": "8Base-RHOSE-4.8:openshift4/ose-cloud-credential-operator:v4.8.0-202106291913.p0.git.b8932e9.assembly.stream" }, "product_reference": "openshift4/ose-cloud-credential-operator:v4.8.0-202106291913.p0.git.b8932e9.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.8" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-cluster-authentication-operator:v4.8.0-202106302318.p0.git.0ec8dd7.assembly.stream as a component of Red Hat OpenShift Container Platform 4.8", "product_id": "8Base-RHOSE-4.8:openshift4/ose-cluster-authentication-operator:v4.8.0-202106302318.p0.git.0ec8dd7.assembly.stream" }, "product_reference": "openshift4/ose-cluster-authentication-operator:v4.8.0-202106302318.p0.git.0ec8dd7.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.8" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-cluster-autoscaler-operator:v4.8.0-202106291913.p0.git.fdae5ba.assembly.stream as a component of Red Hat OpenShift Container Platform 4.8", "product_id": "8Base-RHOSE-4.8:openshift4/ose-cluster-autoscaler-operator:v4.8.0-202106291913.p0.git.fdae5ba.assembly.stream" }, "product_reference": "openshift4/ose-cluster-autoscaler-operator:v4.8.0-202106291913.p0.git.fdae5ba.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.8" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-cluster-autoscaler:v4.8.0-202107152024.p0.git.7bbde4c.assembly.stream as a component of Red Hat OpenShift Container Platform 4.8", "product_id": "8Base-RHOSE-4.8:openshift4/ose-cluster-autoscaler:v4.8.0-202107152024.p0.git.7bbde4c.assembly.stream" }, "product_reference": "openshift4/ose-cluster-autoscaler:v4.8.0-202107152024.p0.git.7bbde4c.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.8" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-cluster-baremetal-operator-rhel8:v4.8.0-202106291913.p0.git.04a2ae2.assembly.stream as a component of Red Hat OpenShift Container Platform 4.8", "product_id": "8Base-RHOSE-4.8:openshift4/ose-cluster-baremetal-operator-rhel8:v4.8.0-202106291913.p0.git.04a2ae2.assembly.stream" }, "product_reference": "openshift4/ose-cluster-baremetal-operator-rhel8:v4.8.0-202106291913.p0.git.04a2ae2.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.8" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-cluster-bootstrap:v4.8.0-202106291913.p0.git.1af395b.assembly.stream as a component of Red Hat OpenShift Container Platform 4.8", "product_id": "8Base-RHOSE-4.8:openshift4/ose-cluster-bootstrap:v4.8.0-202106291913.p0.git.1af395b.assembly.stream" }, "product_reference": "openshift4/ose-cluster-bootstrap:v4.8.0-202106291913.p0.git.1af395b.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.8" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-cluster-config-operator:v4.8.0-202106291913.p0.git.c102241.assembly.stream as a component of Red Hat OpenShift Container Platform 4.8", "product_id": "8Base-RHOSE-4.8:openshift4/ose-cluster-config-operator:v4.8.0-202106291913.p0.git.c102241.assembly.stream" }, "product_reference": "openshift4/ose-cluster-config-operator:v4.8.0-202106291913.p0.git.c102241.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.8" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator:v4.8.0-202106291913.p0.git.07b3f81.assembly.stream as a component of Red Hat OpenShift Container Platform 4.8", "product_id": "8Base-RHOSE-4.8:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator:v4.8.0-202106291913.p0.git.07b3f81.assembly.stream" }, "product_reference": "openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator:v4.8.0-202106291913.p0.git.07b3f81.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.8" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-cluster-dns-operator:v4.8.0-202107010313.p0.git.fdb2ebe.assembly.stream as a component of Red Hat OpenShift Container Platform 4.8", "product_id": "8Base-RHOSE-4.8:openshift4/ose-cluster-dns-operator:v4.8.0-202107010313.p0.git.fdb2ebe.assembly.stream" }, "product_reference": "openshift4/ose-cluster-dns-operator:v4.8.0-202107010313.p0.git.fdb2ebe.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.8" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-cluster-etcd-rhel8-operator:v4.8.0-202106291913.p0.git.300bdf3.assembly.stream as a component of Red Hat OpenShift Container Platform 4.8", "product_id": "8Base-RHOSE-4.8:openshift4/ose-cluster-etcd-rhel8-operator:v4.8.0-202106291913.p0.git.300bdf3.assembly.stream" }, "product_reference": "openshift4/ose-cluster-etcd-rhel8-operator:v4.8.0-202106291913.p0.git.300bdf3.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.8" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-cluster-image-registry-operator:v4.8.0-202106291913.p0.git.f09049a.assembly.stream as a component of Red Hat OpenShift Container Platform 4.8", "product_id": "8Base-RHOSE-4.8:openshift4/ose-cluster-image-registry-operator:v4.8.0-202106291913.p0.git.f09049a.assembly.stream" }, "product_reference": "openshift4/ose-cluster-image-registry-operator:v4.8.0-202106291913.p0.git.f09049a.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.8" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-cluster-ingress-operator:v4.8.0-202106291913.p0.git.e9e6295.assembly.stream as a component of Red Hat OpenShift Container Platform 4.8", "product_id": "8Base-RHOSE-4.8:openshift4/ose-cluster-ingress-operator:v4.8.0-202106291913.p0.git.e9e6295.assembly.stream" }, "product_reference": "openshift4/ose-cluster-ingress-operator:v4.8.0-202106291913.p0.git.e9e6295.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.8" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-cluster-kube-apiserver-operator:v4.8.0-202106291913.p0.git.d928754.assembly.stream as a component of Red Hat OpenShift Container Platform 4.8", "product_id": "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-apiserver-operator:v4.8.0-202106291913.p0.git.d928754.assembly.stream" }, "product_reference": "openshift4/ose-cluster-kube-apiserver-operator:v4.8.0-202106291913.p0.git.d928754.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.8" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-cluster-kube-controller-manager-operator:v4.8.0-202107141920.p0.git.9dc35db.assembly.stream as a component of Red Hat OpenShift Container Platform 4.8", "product_id": "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-controller-manager-operator:v4.8.0-202107141920.p0.git.9dc35db.assembly.stream" }, "product_reference": "openshift4/ose-cluster-kube-controller-manager-operator:v4.8.0-202107141920.p0.git.9dc35db.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.8" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-cluster-kube-scheduler-operator:v4.8.0-202106291913.p0.git.170a5a6.assembly.stream as a component of Red Hat OpenShift Container Platform 4.8", "product_id": "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-scheduler-operator:v4.8.0-202106291913.p0.git.170a5a6.assembly.stream" }, "product_reference": "openshift4/ose-cluster-kube-scheduler-operator:v4.8.0-202106291913.p0.git.170a5a6.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.8" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator:v4.8.0-202106291913.p0.git.c4f4f8b.assembly.stream as a component of Red Hat OpenShift Container Platform 4.8", "product_id": "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator:v4.8.0-202106291913.p0.git.c4f4f8b.assembly.stream" }, "product_reference": "openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator:v4.8.0-202106291913.p0.git.c4f4f8b.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.8" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-cluster-machine-approver:v4.8.0-202106291913.p0.git.724abd2.assembly.stream as a component of Red Hat OpenShift Container Platform 4.8", "product_id": "8Base-RHOSE-4.8:openshift4/ose-cluster-machine-approver:v4.8.0-202106291913.p0.git.724abd2.assembly.stream" }, "product_reference": "openshift4/ose-cluster-machine-approver:v4.8.0-202106291913.p0.git.724abd2.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.8" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-cluster-monitoring-operator:v4.8.0-202107151437.p0.git.5cfe241.assembly.stream as a component of Red Hat OpenShift Container Platform 4.8", "product_id": "8Base-RHOSE-4.8:openshift4/ose-cluster-monitoring-operator:v4.8.0-202107151437.p0.git.5cfe241.assembly.stream" }, "product_reference": "openshift4/ose-cluster-monitoring-operator:v4.8.0-202107151437.p0.git.5cfe241.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.8" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-cluster-network-operator:v4.8.0-202106291913.p0.git.a5ebd1e.assembly.stream as a component of Red Hat OpenShift Container Platform 4.8", "product_id": "8Base-RHOSE-4.8:openshift4/ose-cluster-network-operator:v4.8.0-202106291913.p0.git.a5ebd1e.assembly.stream" }, "product_reference": "openshift4/ose-cluster-network-operator:v4.8.0-202106291913.p0.git.a5ebd1e.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.8" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-cluster-node-tuning-operator:v4.8.0-202107091725.p0.git.6be3f67.assembly.stream as a component of Red Hat OpenShift Container Platform 4.8", "product_id": "8Base-RHOSE-4.8:openshift4/ose-cluster-node-tuning-operator:v4.8.0-202107091725.p0.git.6be3f67.assembly.stream" }, "product_reference": "openshift4/ose-cluster-node-tuning-operator:v4.8.0-202107091725.p0.git.6be3f67.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.8" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-cluster-openshift-apiserver-operator:v4.8.0-202106291913.p0.git.683d004.assembly.stream as a component of Red Hat OpenShift Container Platform 4.8", "product_id": "8Base-RHOSE-4.8:openshift4/ose-cluster-openshift-apiserver-operator:v4.8.0-202106291913.p0.git.683d004.assembly.stream" }, "product_reference": "openshift4/ose-cluster-openshift-apiserver-operator:v4.8.0-202106291913.p0.git.683d004.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.8" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-cluster-openshift-controller-manager-operator:v4.8.0-202106291913.p0.git.286c157.assembly.stream as a component of Red Hat OpenShift Container Platform 4.8", "product_id": "8Base-RHOSE-4.8:openshift4/ose-cluster-openshift-controller-manager-operator:v4.8.0-202106291913.p0.git.286c157.assembly.stream" }, "product_reference": "openshift4/ose-cluster-openshift-controller-manager-operator:v4.8.0-202106291913.p0.git.286c157.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.8" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-cluster-policy-controller-rhel8:v4.8.0-202106291913.p0.git.ec46ea5.assembly.stream as a component of Red Hat OpenShift Container Platform 4.8", "product_id": "8Base-RHOSE-4.8:openshift4/ose-cluster-policy-controller-rhel8:v4.8.0-202106291913.p0.git.ec46ea5.assembly.stream" }, "product_reference": "openshift4/ose-cluster-policy-controller-rhel8:v4.8.0-202106291913.p0.git.ec46ea5.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.8" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-cluster-samples-operator:v4.8.0-202107152024.p0.git.31fb491.assembly.stream as a component of Red Hat OpenShift Container Platform 4.8", "product_id": "8Base-RHOSE-4.8:openshift4/ose-cluster-samples-operator:v4.8.0-202107152024.p0.git.31fb491.assembly.stream" }, "product_reference": "openshift4/ose-cluster-samples-operator:v4.8.0-202107152024.p0.git.31fb491.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.8" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-cluster-storage-operator:v4.8.0-202106291913.p0.git.0775fb6.assembly.stream as a component of Red Hat OpenShift Container Platform 4.8", "product_id": "8Base-RHOSE-4.8:openshift4/ose-cluster-storage-operator:v4.8.0-202106291913.p0.git.0775fb6.assembly.stream" }, "product_reference": "openshift4/ose-cluster-storage-operator:v4.8.0-202106291913.p0.git.0775fb6.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.8" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-cluster-update-keys:v4.8.0-202106152230.p0.git.87835b7.assembly.stream as a component of Red Hat OpenShift Container Platform 4.8", "product_id": "8Base-RHOSE-4.8:openshift4/ose-cluster-update-keys:v4.8.0-202106152230.p0.git.87835b7.assembly.stream" }, "product_reference": "openshift4/ose-cluster-update-keys:v4.8.0-202106152230.p0.git.87835b7.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.8" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-cluster-version-operator:v4.8.0-202106291913.p0.git.ea6e779.assembly.stream as a component of Red Hat OpenShift Container Platform 4.8", "product_id": "8Base-RHOSE-4.8:openshift4/ose-cluster-version-operator:v4.8.0-202106291913.p0.git.ea6e779.assembly.stream" }, "product_reference": "openshift4/ose-cluster-version-operator:v4.8.0-202106291913.p0.git.ea6e779.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.8" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-configmap-reloader:v4.8.0-202106291913.p0.git.abc5c26.assembly.stream as a component of Red Hat OpenShift Container Platform 4.8", "product_id": "8Base-RHOSE-4.8:openshift4/ose-configmap-reloader:v4.8.0-202106291913.p0.git.abc5c26.assembly.stream" }, "product_reference": "openshift4/ose-configmap-reloader:v4.8.0-202106291913.p0.git.abc5c26.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.8" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-console-operator:v4.8.0-202106291913.p0.git.b5cf3e0.assembly.stream as a component of Red Hat OpenShift Container Platform 4.8", "product_id": "8Base-RHOSE-4.8:openshift4/ose-console-operator:v4.8.0-202106291913.p0.git.b5cf3e0.assembly.stream" }, "product_reference": "openshift4/ose-console-operator:v4.8.0-202106291913.p0.git.b5cf3e0.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.8" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-console:v4.8.0-202107010336.p0.git.188a490.assembly.stream as a component of Red Hat OpenShift Container Platform 4.8", "product_id": "8Base-RHOSE-4.8:openshift4/ose-console:v4.8.0-202107010336.p0.git.188a490.assembly.stream" }, "product_reference": "openshift4/ose-console:v4.8.0-202107010336.p0.git.188a490.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.8" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-container-networking-plugins-rhel8:v4.8.0-202106291913.p0.git.a8801b0.assembly.stream as a component of Red Hat OpenShift Container Platform 4.8", "product_id": "8Base-RHOSE-4.8:openshift4/ose-container-networking-plugins-rhel8:v4.8.0-202106291913.p0.git.a8801b0.assembly.stream" }, "product_reference": "openshift4/ose-container-networking-plugins-rhel8:v4.8.0-202106291913.p0.git.a8801b0.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.8" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-coredns:v4.8.0-202106291913.p0.git.642b46e.assembly.stream as a component of Red Hat OpenShift Container Platform 4.8", "product_id": "8Base-RHOSE-4.8:openshift4/ose-coredns:v4.8.0-202106291913.p0.git.642b46e.assembly.stream" }, "product_reference": "openshift4/ose-coredns:v4.8.0-202106291913.p0.git.642b46e.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.8" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-csi-driver-manila-rhel8-operator:v4.8.0-202106291913.p0.git.7e86252.assembly.stream as a component of Red Hat OpenShift Container Platform 4.8", "product_id": "8Base-RHOSE-4.8:openshift4/ose-csi-driver-manila-rhel8-operator:v4.8.0-202106291913.p0.git.7e86252.assembly.stream" }, "product_reference": "openshift4/ose-csi-driver-manila-rhel8-operator:v4.8.0-202106291913.p0.git.7e86252.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.8" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-csi-driver-manila-rhel8:v4.8.0-202106291913.p0.git.3579ead.assembly.stream as a component of Red Hat OpenShift Container Platform 4.8", "product_id": "8Base-RHOSE-4.8:openshift4/ose-csi-driver-manila-rhel8:v4.8.0-202106291913.p0.git.3579ead.assembly.stream" }, "product_reference": "openshift4/ose-csi-driver-manila-rhel8:v4.8.0-202106291913.p0.git.3579ead.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.8" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-csi-driver-nfs-rhel8:v4.8.0-202106291913.p0.git.9404d34.assembly.stream as a component of Red Hat OpenShift Container Platform 4.8", "product_id": "8Base-RHOSE-4.8:openshift4/ose-csi-driver-nfs-rhel8:v4.8.0-202106291913.p0.git.9404d34.assembly.stream" }, "product_reference": "openshift4/ose-csi-driver-nfs-rhel8:v4.8.0-202106291913.p0.git.9404d34.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.8" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-csi-external-attacher-rhel8:v4.8.0-202106291913.p0.git.596da63.assembly.stream as a component of Red Hat OpenShift Container Platform 4.8", "product_id": "8Base-RHOSE-4.8:openshift4/ose-csi-external-attacher-rhel8:v4.8.0-202106291913.p0.git.596da63.assembly.stream" }, "product_reference": "openshift4/ose-csi-external-attacher-rhel8:v4.8.0-202106291913.p0.git.596da63.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.8" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-csi-external-attacher:v4.8.0-202106291913.p0.git.596da63.assembly.stream as a component of Red Hat OpenShift Container Platform 4.8", "product_id": "8Base-RHOSE-4.8:openshift4/ose-csi-external-attacher:v4.8.0-202106291913.p0.git.596da63.assembly.stream" }, "product_reference": "openshift4/ose-csi-external-attacher:v4.8.0-202106291913.p0.git.596da63.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.8" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-csi-external-provisioner-rhel8:v4.8.0-202106291913.p0.git.3ea7e68.assembly.stream as a component of Red Hat OpenShift Container Platform 4.8", "product_id": "8Base-RHOSE-4.8:openshift4/ose-csi-external-provisioner-rhel8:v4.8.0-202106291913.p0.git.3ea7e68.assembly.stream" }, "product_reference": "openshift4/ose-csi-external-provisioner-rhel8:v4.8.0-202106291913.p0.git.3ea7e68.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.8" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-csi-external-provisioner:v4.8.0-202106291913.p0.git.3ea7e68.assembly.stream as a component of Red Hat OpenShift Container Platform 4.8", "product_id": "8Base-RHOSE-4.8:openshift4/ose-csi-external-provisioner:v4.8.0-202106291913.p0.git.3ea7e68.assembly.stream" }, "product_reference": "openshift4/ose-csi-external-provisioner:v4.8.0-202106291913.p0.git.3ea7e68.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.8" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-csi-external-resizer-rhel8:v4.8.0-202106291913.p0.git.b5dd2b3.assembly.stream as a component of Red Hat OpenShift Container Platform 4.8", "product_id": "8Base-RHOSE-4.8:openshift4/ose-csi-external-resizer-rhel8:v4.8.0-202106291913.p0.git.b5dd2b3.assembly.stream" }, "product_reference": "openshift4/ose-csi-external-resizer-rhel8:v4.8.0-202106291913.p0.git.b5dd2b3.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.8" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-csi-external-resizer:v4.8.0-202106291913.p0.git.b5dd2b3.assembly.stream as a component of Red Hat OpenShift Container Platform 4.8", "product_id": "8Base-RHOSE-4.8:openshift4/ose-csi-external-resizer:v4.8.0-202106291913.p0.git.b5dd2b3.assembly.stream" }, "product_reference": "openshift4/ose-csi-external-resizer:v4.8.0-202106291913.p0.git.b5dd2b3.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.8" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-csi-external-snapshotter-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream as a component of Red Hat OpenShift Container Platform 4.8", "product_id": "8Base-RHOSE-4.8:openshift4/ose-csi-external-snapshotter-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream" }, "product_reference": "openshift4/ose-csi-external-snapshotter-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.8" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-csi-external-snapshotter:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream as a component of Red Hat OpenShift Container Platform 4.8", "product_id": "8Base-RHOSE-4.8:openshift4/ose-csi-external-snapshotter:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream" }, "product_reference": "openshift4/ose-csi-external-snapshotter:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.8" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-csi-livenessprobe-rhel8:v4.8.0-202106291913.p0.git.a29b115.assembly.stream as a component of Red Hat OpenShift Container Platform 4.8", "product_id": "8Base-RHOSE-4.8:openshift4/ose-csi-livenessprobe-rhel8:v4.8.0-202106291913.p0.git.a29b115.assembly.stream" }, "product_reference": "openshift4/ose-csi-livenessprobe-rhel8:v4.8.0-202106291913.p0.git.a29b115.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.8" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-csi-livenessprobe:v4.8.0-202106291913.p0.git.a29b115.assembly.stream as a component of Red Hat OpenShift Container Platform 4.8", "product_id": "8Base-RHOSE-4.8:openshift4/ose-csi-livenessprobe:v4.8.0-202106291913.p0.git.a29b115.assembly.stream" }, "product_reference": "openshift4/ose-csi-livenessprobe:v4.8.0-202106291913.p0.git.a29b115.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.8" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-csi-node-driver-registrar-rhel8:v4.8.0-202106291913.p0.git.0519730.assembly.stream as a component of Red Hat OpenShift Container Platform 4.8", "product_id": "8Base-RHOSE-4.8:openshift4/ose-csi-node-driver-registrar-rhel8:v4.8.0-202106291913.p0.git.0519730.assembly.stream" }, "product_reference": "openshift4/ose-csi-node-driver-registrar-rhel8:v4.8.0-202106291913.p0.git.0519730.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.8" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-csi-node-driver-registrar:v4.8.0-202106291913.p0.git.0519730.assembly.stream as a component of Red Hat OpenShift Container Platform 4.8", "product_id": "8Base-RHOSE-4.8:openshift4/ose-csi-node-driver-registrar:v4.8.0-202106291913.p0.git.0519730.assembly.stream" }, "product_reference": "openshift4/ose-csi-node-driver-registrar:v4.8.0-202106291913.p0.git.0519730.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.8" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-csi-snapshot-controller-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream as a component of Red Hat OpenShift Container Platform 4.8", "product_id": "8Base-RHOSE-4.8:openshift4/ose-csi-snapshot-controller-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream" }, "product_reference": "openshift4/ose-csi-snapshot-controller-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.8" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-csi-snapshot-controller:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream as a component of Red Hat OpenShift Container Platform 4.8", "product_id": "8Base-RHOSE-4.8:openshift4/ose-csi-snapshot-controller:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream" }, "product_reference": "openshift4/ose-csi-snapshot-controller:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.8" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-csi-snapshot-validation-webhook-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream as a component of Red Hat OpenShift Container Platform 4.8", "product_id": "8Base-RHOSE-4.8:openshift4/ose-csi-snapshot-validation-webhook-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream" }, "product_reference": "openshift4/ose-csi-snapshot-validation-webhook-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.8" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-deployer:v4.8.0-202106291725.p0.git.1077b05.assembly.stream as a component of Red Hat OpenShift Container Platform 4.8", "product_id": "8Base-RHOSE-4.8:openshift4/ose-deployer:v4.8.0-202106291725.p0.git.1077b05.assembly.stream" }, "product_reference": "openshift4/ose-deployer:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.8" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-docker-builder:v4.8.0-202107152024.p0.git.70b7b95.assembly.stream as a component of Red Hat OpenShift Container Platform 4.8", "product_id": "8Base-RHOSE-4.8:openshift4/ose-docker-builder:v4.8.0-202107152024.p0.git.70b7b95.assembly.stream" }, "product_reference": "openshift4/ose-docker-builder:v4.8.0-202107152024.p0.git.70b7b95.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.8" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-docker-registry:v4.8.0-202106291913.p0.git.a87e6c5.assembly.stream as a component of Red Hat OpenShift Container Platform 4.8", "product_id": "8Base-RHOSE-4.8:openshift4/ose-docker-registry:v4.8.0-202106291913.p0.git.a87e6c5.assembly.stream" }, "product_reference": "openshift4/ose-docker-registry:v4.8.0-202106291913.p0.git.a87e6c5.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.8" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-etcd:v4.8.0-202106152230.p0.git.aefa6bf.assembly.stream as a component of Red Hat OpenShift Container Platform 4.8", "product_id": "8Base-RHOSE-4.8:openshift4/ose-etcd:v4.8.0-202106152230.p0.git.aefa6bf.assembly.stream" }, "product_reference": "openshift4/ose-etcd:v4.8.0-202106152230.p0.git.aefa6bf.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.8" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-gcp-machine-controllers-rhel8:v4.8.0-202106291913.p0.git.34db56e.assembly.stream as a component of Red Hat OpenShift Container Platform 4.8", "product_id": "8Base-RHOSE-4.8:openshift4/ose-gcp-machine-controllers-rhel8:v4.8.0-202106291913.p0.git.34db56e.assembly.stream" }, "product_reference": "openshift4/ose-gcp-machine-controllers-rhel8:v4.8.0-202106291913.p0.git.34db56e.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.8" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-gcp-pd-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.35ebe86.assembly.stream as a component of Red Hat OpenShift Container Platform 4.8", "product_id": "8Base-RHOSE-4.8:openshift4/ose-gcp-pd-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.35ebe86.assembly.stream" }, "product_reference": "openshift4/ose-gcp-pd-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.35ebe86.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.8" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-gcp-pd-csi-driver-rhel8:v4.8.0-202106291913.p0.git.0b61889.assembly.stream as a component of Red Hat OpenShift Container Platform 4.8", "product_id": "8Base-RHOSE-4.8:openshift4/ose-gcp-pd-csi-driver-rhel8:v4.8.0-202106291913.p0.git.0b61889.assembly.stream" }, "product_reference": "openshift4/ose-gcp-pd-csi-driver-rhel8:v4.8.0-202106291913.p0.git.0b61889.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.8" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-grafana:v4.8.0-202106291913.p0.git.b987e4b.assembly.stream as a component of Red Hat OpenShift Container Platform 4.8", "product_id": "8Base-RHOSE-4.8:openshift4/ose-grafana:v4.8.0-202106291913.p0.git.b987e4b.assembly.stream" }, "product_reference": "openshift4/ose-grafana:v4.8.0-202106291913.p0.git.b987e4b.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.8" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-haproxy-router:v4.8.0-202106291913.p0.git.207d546.assembly.stream as a component of Red Hat OpenShift Container Platform 4.8", "product_id": "8Base-RHOSE-4.8:openshift4/ose-haproxy-router:v4.8.0-202106291913.p0.git.207d546.assembly.stream" }, "product_reference": "openshift4/ose-haproxy-router:v4.8.0-202106291913.p0.git.207d546.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.8" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-hyperkube:v4.8.0-202107161820.p0.git.051ac4f.assembly.stream as a component of Red Hat OpenShift Container Platform 4.8", "product_id": "8Base-RHOSE-4.8:openshift4/ose-hyperkube:v4.8.0-202107161820.p0.git.051ac4f.assembly.stream" }, "product_reference": "openshift4/ose-hyperkube:v4.8.0-202107161820.p0.git.051ac4f.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.8" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-insights-rhel8-operator:v4.8.0-202106291913.p0.git.2040a71.assembly.stream as a component of Red Hat OpenShift Container Platform 4.8", "product_id": "8Base-RHOSE-4.8:openshift4/ose-insights-rhel8-operator:v4.8.0-202106291913.p0.git.2040a71.assembly.stream" }, "product_reference": "openshift4/ose-insights-rhel8-operator:v4.8.0-202106291913.p0.git.2040a71.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.8" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-installer-artifacts:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream as a component of Red Hat OpenShift Container Platform 4.8", "product_id": "8Base-RHOSE-4.8:openshift4/ose-installer-artifacts:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream" }, "product_reference": "openshift4/ose-installer-artifacts:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.8" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-installer:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream as a component of Red Hat OpenShift Container Platform 4.8", "product_id": "8Base-RHOSE-4.8:openshift4/ose-installer:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream" }, "product_reference": "openshift4/ose-installer:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.8" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-ironic-hardware-inventory-recorder-rhel8:v4.8.0-202107191801.p0.git.61c4cc7.assembly.stream as a component of Red Hat OpenShift Container Platform 4.8", "product_id": "8Base-RHOSE-4.8:openshift4/ose-ironic-hardware-inventory-recorder-rhel8:v4.8.0-202107191801.p0.git.61c4cc7.assembly.stream" }, "product_reference": "openshift4/ose-ironic-hardware-inventory-recorder-rhel8:v4.8.0-202107191801.p0.git.61c4cc7.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.8" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-ironic-inspector-rhel8:v4.8.0-202107191302.p0.git.9aafd07.assembly.stream as a component of Red Hat OpenShift Container Platform 4.8", "product_id": "8Base-RHOSE-4.8:openshift4/ose-ironic-inspector-rhel8:v4.8.0-202107191302.p0.git.9aafd07.assembly.stream" }, "product_reference": "openshift4/ose-ironic-inspector-rhel8:v4.8.0-202107191302.p0.git.9aafd07.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.8" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-ironic-ipa-downloader-rhel8:v4.8.0-202107152024.p0.git.ba87832.assembly.stream as a component of Red Hat OpenShift Container Platform 4.8", "product_id": "8Base-RHOSE-4.8:openshift4/ose-ironic-ipa-downloader-rhel8:v4.8.0-202107152024.p0.git.ba87832.assembly.stream" }, "product_reference": "openshift4/ose-ironic-ipa-downloader-rhel8:v4.8.0-202107152024.p0.git.ba87832.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.8" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-ironic-machine-os-downloader-rhel8:v4.8.0-202107152024.p0.git.71967e7.assembly.stream as a component of Red Hat OpenShift Container Platform 4.8", "product_id": "8Base-RHOSE-4.8:openshift4/ose-ironic-machine-os-downloader-rhel8:v4.8.0-202107152024.p0.git.71967e7.assembly.stream" }, "product_reference": "openshift4/ose-ironic-machine-os-downloader-rhel8:v4.8.0-202107152024.p0.git.71967e7.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.8" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-ironic-rhel8:v4.8.0-202107191302.p0.git.227b76b.assembly.stream as a component of Red Hat OpenShift Container Platform 4.8", "product_id": "8Base-RHOSE-4.8:openshift4/ose-ironic-rhel8:v4.8.0-202107191302.p0.git.227b76b.assembly.stream" }, "product_reference": "openshift4/ose-ironic-rhel8:v4.8.0-202107191302.p0.git.227b76b.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.8" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-ironic-static-ip-manager-rhel8:v4.8.0-202107152024.p0.git.d2e40e3.assembly.stream as a component of Red Hat OpenShift Container Platform 4.8", "product_id": "8Base-RHOSE-4.8:openshift4/ose-ironic-static-ip-manager-rhel8:v4.8.0-202107152024.p0.git.d2e40e3.assembly.stream" }, "product_reference": "openshift4/ose-ironic-static-ip-manager-rhel8:v4.8.0-202107152024.p0.git.d2e40e3.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.8" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-jenkins-agent-base:v4.8.0-202106291913.p0.git.6c68667.assembly.stream as a component of Red Hat OpenShift Container Platform 4.8", "product_id": "8Base-RHOSE-4.8:openshift4/ose-jenkins-agent-base:v4.8.0-202106291913.p0.git.6c68667.assembly.stream" }, "product_reference": "openshift4/ose-jenkins-agent-base:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.8" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-jenkins-agent-maven:v4.8.0-202106291913.p0.git.6c68667.assembly.stream as a component of Red Hat OpenShift Container Platform 4.8", "product_id": "8Base-RHOSE-4.8:openshift4/ose-jenkins-agent-maven:v4.8.0-202106291913.p0.git.6c68667.assembly.stream" }, "product_reference": "openshift4/ose-jenkins-agent-maven:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.8" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-jenkins-agent-nodejs-12-rhel8:v4.8.0-202106291913.p0.git.6c68667.assembly.stream as a component of Red Hat OpenShift Container Platform 4.8", "product_id": "8Base-RHOSE-4.8:openshift4/ose-jenkins-agent-nodejs-12-rhel8:v4.8.0-202106291913.p0.git.6c68667.assembly.stream" }, "product_reference": "openshift4/ose-jenkins-agent-nodejs-12-rhel8:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.8" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-jenkins:v4.8.0-202106291913.p0.git.6c68667.assembly.stream as a component of Red Hat OpenShift Container Platform 4.8", "product_id": "8Base-RHOSE-4.8:openshift4/ose-jenkins:v4.8.0-202106291913.p0.git.6c68667.assembly.stream" }, "product_reference": "openshift4/ose-jenkins:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.8" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-k8s-prometheus-adapter:v4.8.0-202106291913.p0.git.2856bc2.assembly.stream as a component of Red Hat OpenShift Container Platform 4.8", "product_id": "8Base-RHOSE-4.8:openshift4/ose-k8s-prometheus-adapter:v4.8.0-202106291913.p0.git.2856bc2.assembly.stream" }, "product_reference": "openshift4/ose-k8s-prometheus-adapter:v4.8.0-202106291913.p0.git.2856bc2.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.8" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-keepalived-ipfailover:v4.8.0-202106152230.p0.git.ad38e11.assembly.stream as a component of Red Hat OpenShift Container Platform 4.8", "product_id": "8Base-RHOSE-4.8:openshift4/ose-keepalived-ipfailover:v4.8.0-202106152230.p0.git.ad38e11.assembly.stream" }, "product_reference": "openshift4/ose-keepalived-ipfailover:v4.8.0-202106152230.p0.git.ad38e11.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.8" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-kube-proxy:v4.8.0-202106291913.p0.git.00d84a9.assembly.stream as a component of Red Hat OpenShift Container Platform 4.8", "product_id": "8Base-RHOSE-4.8:openshift4/ose-kube-proxy:v4.8.0-202106291913.p0.git.00d84a9.assembly.stream" }, "product_reference": "openshift4/ose-kube-proxy:v4.8.0-202106291913.p0.git.00d84a9.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.8" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-kube-state-metrics:v4.8.0-202106291913.p0.git.9471662.assembly.stream as a component of Red Hat OpenShift Container Platform 4.8", "product_id": "8Base-RHOSE-4.8:openshift4/ose-kube-state-metrics:v4.8.0-202106291913.p0.git.9471662.assembly.stream" }, "product_reference": "openshift4/ose-kube-state-metrics:v4.8.0-202106291913.p0.git.9471662.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.8" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-kube-storage-version-migrator-rhel8:v4.8.0-202106291913.p0.git.901a6d2.assembly.stream as a component of Red Hat OpenShift Container Platform 4.8", "product_id": "8Base-RHOSE-4.8:openshift4/ose-kube-storage-version-migrator-rhel8:v4.8.0-202106291913.p0.git.901a6d2.assembly.stream" }, "product_reference": "openshift4/ose-kube-storage-version-migrator-rhel8:v4.8.0-202106291913.p0.git.901a6d2.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.8" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-kuryr-cni-rhel8:v4.8.0-202107191610.p0.git.8a4c2d8.assembly.stream as a component of Red Hat OpenShift Container Platform 4.8", "product_id": "8Base-RHOSE-4.8:openshift4/ose-kuryr-cni-rhel8:v4.8.0-202107191610.p0.git.8a4c2d8.assembly.stream" }, "product_reference": "openshift4/ose-kuryr-cni-rhel8:v4.8.0-202107191610.p0.git.8a4c2d8.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.8" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-kuryr-controller-rhel8:v4.8.0-202107191610.p0.git.8a4c2d8.assembly.stream as a component of Red Hat OpenShift Container Platform 4.8", "product_id": "8Base-RHOSE-4.8:openshift4/ose-kuryr-controller-rhel8:v4.8.0-202107191610.p0.git.8a4c2d8.assembly.stream" }, "product_reference": "openshift4/ose-kuryr-controller-rhel8:v4.8.0-202107191610.p0.git.8a4c2d8.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.8" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-libvirt-machine-controllers:v4.8.0-202106291913.p0.git.1a48d4b.assembly.stream as a component of Red Hat OpenShift Container Platform 4.8", "product_id": "8Base-RHOSE-4.8:openshift4/ose-libvirt-machine-controllers:v4.8.0-202106291913.p0.git.1a48d4b.assembly.stream" }, "product_reference": "openshift4/ose-libvirt-machine-controllers:v4.8.0-202106291913.p0.git.1a48d4b.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.8" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-machine-api-operator:v4.8.0-202107091016.p0.git.1155220.assembly.stream as a component of Red Hat OpenShift Container Platform 4.8", "product_id": "8Base-RHOSE-4.8:openshift4/ose-machine-api-operator:v4.8.0-202107091016.p0.git.1155220.assembly.stream" }, "product_reference": "openshift4/ose-machine-api-operator:v4.8.0-202107091016.p0.git.1155220.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.8" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-machine-config-operator:v4.8.0-202107011817.p0.git.29813c8.assembly.stream as a component of Red Hat OpenShift Container Platform 4.8", "product_id": "8Base-RHOSE-4.8:openshift4/ose-machine-config-operator:v4.8.0-202107011817.p0.git.29813c8.assembly.stream" }, "product_reference": "openshift4/ose-machine-config-operator:v4.8.0-202107011817.p0.git.29813c8.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.8" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-mdns-publisher-rhel8:v4.8.0-202106291913.p0.git.2c42cc4.assembly.stream as a component of Red Hat OpenShift Container Platform 4.8", "product_id": "8Base-RHOSE-4.8:openshift4/ose-mdns-publisher-rhel8:v4.8.0-202106291913.p0.git.2c42cc4.assembly.stream" }, "product_reference": "openshift4/ose-mdns-publisher-rhel8:v4.8.0-202106291913.p0.git.2c42cc4.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.8" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-multus-admission-controller:v4.8.0-202106291913.p0.git.a7312f5.assembly.stream as a component of Red Hat OpenShift Container Platform 4.8", "product_id": "8Base-RHOSE-4.8:openshift4/ose-multus-admission-controller:v4.8.0-202106291913.p0.git.a7312f5.assembly.stream" }, "product_reference": "openshift4/ose-multus-admission-controller:v4.8.0-202106291913.p0.git.a7312f5.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.8" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-multus-cni:v4.8.0-202106291913.p0.git.0c97234.assembly.stream as a component of Red Hat OpenShift Container Platform 4.8", "product_id": "8Base-RHOSE-4.8:openshift4/ose-multus-cni:v4.8.0-202106291913.p0.git.0c97234.assembly.stream" }, "product_reference": "openshift4/ose-multus-cni:v4.8.0-202106291913.p0.git.0c97234.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.8" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-multus-networkpolicy-rhel8:v4.8.0-202106291913.p0.git.187ad91.assembly.stream as a component of Red Hat OpenShift Container Platform 4.8", "product_id": "8Base-RHOSE-4.8:openshift4/ose-multus-networkpolicy-rhel8:v4.8.0-202106291913.p0.git.187ad91.assembly.stream" }, "product_reference": "openshift4/ose-multus-networkpolicy-rhel8:v4.8.0-202106291913.p0.git.187ad91.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.8" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-multus-route-override-cni-rhel8:v4.8.0-202107152024.p0.git.1662c3e.assembly.stream as a component of Red Hat OpenShift Container Platform 4.8", "product_id": "8Base-RHOSE-4.8:openshift4/ose-multus-route-override-cni-rhel8:v4.8.0-202107152024.p0.git.1662c3e.assembly.stream" }, "product_reference": "openshift4/ose-multus-route-override-cni-rhel8:v4.8.0-202107152024.p0.git.1662c3e.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.8" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-multus-whereabouts-ipam-cni-rhel8:v4.8.0-202107152024.p0.git.9a05258.assembly.stream as a component of Red Hat OpenShift Container Platform 4.8", "product_id": "8Base-RHOSE-4.8:openshift4/ose-multus-whereabouts-ipam-cni-rhel8:v4.8.0-202107152024.p0.git.9a05258.assembly.stream" }, "product_reference": "openshift4/ose-multus-whereabouts-ipam-cni-rhel8:v4.8.0-202107152024.p0.git.9a05258.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.8" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-must-gather:v4.8.0-202106291913.p0.git.cc7e2a5.assembly.stream as a component of Red Hat OpenShift Container Platform 4.8", "product_id": "8Base-RHOSE-4.8:openshift4/ose-must-gather:v4.8.0-202106291913.p0.git.cc7e2a5.assembly.stream" }, "product_reference": "openshift4/ose-must-gather:v4.8.0-202106291913.p0.git.cc7e2a5.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.8" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-network-metrics-daemon-rhel8:v4.8.0-202106291913.p0.git.f02c63a.assembly.stream as a component of Red Hat OpenShift Container Platform 4.8", "product_id": "8Base-RHOSE-4.8:openshift4/ose-network-metrics-daemon-rhel8:v4.8.0-202106291913.p0.git.f02c63a.assembly.stream" }, "product_reference": "openshift4/ose-network-metrics-daemon-rhel8:v4.8.0-202106291913.p0.git.f02c63a.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.8" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-oauth-apiserver-rhel8:v4.8.0-202106291913.p0.git.09435a5.assembly.stream as a component of Red Hat OpenShift Container Platform 4.8", "product_id": "8Base-RHOSE-4.8:openshift4/ose-oauth-apiserver-rhel8:v4.8.0-202106291913.p0.git.09435a5.assembly.stream" }, "product_reference": "openshift4/ose-oauth-apiserver-rhel8:v4.8.0-202106291913.p0.git.09435a5.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.8" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-oauth-proxy:v4.8.0-202107152024.p0.git.3fc0d89.assembly.stream as a component of Red Hat OpenShift Container Platform 4.8", "product_id": "8Base-RHOSE-4.8:openshift4/ose-oauth-proxy:v4.8.0-202107152024.p0.git.3fc0d89.assembly.stream" }, "product_reference": "openshift4/ose-oauth-proxy:v4.8.0-202107152024.p0.git.3fc0d89.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.8" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-oauth-server-rhel8:v4.8.0-202106291913.p0.git.374e2ee.assembly.stream as a component of Red Hat OpenShift Container Platform 4.8", "product_id": "8Base-RHOSE-4.8:openshift4/ose-oauth-server-rhel8:v4.8.0-202106291913.p0.git.374e2ee.assembly.stream" }, "product_reference": "openshift4/ose-oauth-server-rhel8:v4.8.0-202106291913.p0.git.374e2ee.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.8" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-openshift-apiserver-rhel8:v4.8.0-202106291913.p0.git.3949869.assembly.stream as a component of Red Hat OpenShift Container Platform 4.8", "product_id": "8Base-RHOSE-4.8:openshift4/ose-openshift-apiserver-rhel8:v4.8.0-202106291913.p0.git.3949869.assembly.stream" }, "product_reference": "openshift4/ose-openshift-apiserver-rhel8:v4.8.0-202106291913.p0.git.3949869.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.8" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-openshift-controller-manager-rhel8:v4.8.0-202106291913.p0.git.2e25328.assembly.stream as a component of Red Hat OpenShift Container Platform 4.8", "product_id": "8Base-RHOSE-4.8:openshift4/ose-openshift-controller-manager-rhel8:v4.8.0-202106291913.p0.git.2e25328.assembly.stream" }, "product_reference": "openshift4/ose-openshift-controller-manager-rhel8:v4.8.0-202106291913.p0.git.2e25328.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.8" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-openshift-state-metrics-rhel8:v4.8.0-202106291913.p0.git.1014291.assembly.stream as a component of Red Hat OpenShift Container Platform 4.8", "product_id": "8Base-RHOSE-4.8:openshift4/ose-openshift-state-metrics-rhel8:v4.8.0-202106291913.p0.git.1014291.assembly.stream" }, "product_reference": "openshift4/ose-openshift-state-metrics-rhel8:v4.8.0-202106291913.p0.git.1014291.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.8" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-openstack-cinder-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.1184ace.assembly.stream as a component of Red Hat OpenShift Container Platform 4.8", "product_id": "8Base-RHOSE-4.8:openshift4/ose-openstack-cinder-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.1184ace.assembly.stream" }, "product_reference": "openshift4/ose-openstack-cinder-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.1184ace.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.8" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-openstack-cinder-csi-driver-rhel8:v4.8.0-202106291913.p0.git.3579ead.assembly.stream as a component of Red Hat OpenShift Container Platform 4.8", "product_id": "8Base-RHOSE-4.8:openshift4/ose-openstack-cinder-csi-driver-rhel8:v4.8.0-202106291913.p0.git.3579ead.assembly.stream" }, "product_reference": "openshift4/ose-openstack-cinder-csi-driver-rhel8:v4.8.0-202106291913.p0.git.3579ead.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.8" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-openstack-machine-controllers:v4.8.0-202106291913.p0.git.3024c78.assembly.stream as a component of Red Hat OpenShift Container Platform 4.8", "product_id": "8Base-RHOSE-4.8:openshift4/ose-openstack-machine-controllers:v4.8.0-202106291913.p0.git.3024c78.assembly.stream" }, "product_reference": "openshift4/ose-openstack-machine-controllers:v4.8.0-202106291913.p0.git.3024c78.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.8" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-operator-lifecycle-manager:v4.8.0-202107160028.p0.git.2b803dd.assembly.stream as a component of Red Hat OpenShift Container Platform 4.8", "product_id": "8Base-RHOSE-4.8:openshift4/ose-operator-lifecycle-manager:v4.8.0-202107160028.p0.git.2b803dd.assembly.stream" }, "product_reference": "openshift4/ose-operator-lifecycle-manager:v4.8.0-202107160028.p0.git.2b803dd.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.8" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-operator-marketplace:v4.8.0-202106291913.p0.git.e39ff59.assembly.stream as a component of Red Hat OpenShift Container Platform 4.8", "product_id": "8Base-RHOSE-4.8:openshift4/ose-operator-marketplace:v4.8.0-202106291913.p0.git.e39ff59.assembly.stream" }, "product_reference": "openshift4/ose-operator-marketplace:v4.8.0-202106291913.p0.git.e39ff59.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.8" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-operator-registry:v4.8.0-202107160028.p0.git.2b803dd.assembly.stream as a component of Red Hat OpenShift Container Platform 4.8", "product_id": "8Base-RHOSE-4.8:openshift4/ose-operator-registry:v4.8.0-202107160028.p0.git.2b803dd.assembly.stream" }, "product_reference": "openshift4/ose-operator-registry:v4.8.0-202107160028.p0.git.2b803dd.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.8" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-ovirt-machine-controllers-rhel8:v4.8.0-202106291913.p0.git.86c1675.assembly.stream as a component of Red Hat OpenShift Container Platform 4.8", "product_id": "8Base-RHOSE-4.8:openshift4/ose-ovirt-machine-controllers-rhel8:v4.8.0-202106291913.p0.git.86c1675.assembly.stream" }, "product_reference": "openshift4/ose-ovirt-machine-controllers-rhel8:v4.8.0-202106291913.p0.git.86c1675.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.8" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-ovn-kubernetes:v4.8.0-202106291913.p0.git.dbc67b5.assembly.stream as a component of Red Hat OpenShift Container Platform 4.8", "product_id": "8Base-RHOSE-4.8:openshift4/ose-ovn-kubernetes:v4.8.0-202106291913.p0.git.dbc67b5.assembly.stream" }, "product_reference": "openshift4/ose-ovn-kubernetes:v4.8.0-202106291913.p0.git.dbc67b5.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.8" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-pod:v4.8.0-202107161820.p0.git.051ac4f.assembly.stream as a component of Red Hat OpenShift Container Platform 4.8", "product_id": "8Base-RHOSE-4.8:openshift4/ose-pod:v4.8.0-202107161820.p0.git.051ac4f.assembly.stream" }, "product_reference": "openshift4/ose-pod:v4.8.0-202107161820.p0.git.051ac4f.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.8" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-prom-label-proxy:v4.8.0-202106291913.p0.git.2faeb40.assembly.stream as a component of Red Hat OpenShift Container Platform 4.8", "product_id": "8Base-RHOSE-4.8:openshift4/ose-prom-label-proxy:v4.8.0-202106291913.p0.git.2faeb40.assembly.stream" }, "product_reference": "openshift4/ose-prom-label-proxy:v4.8.0-202106291913.p0.git.2faeb40.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.8" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-prometheus-alertmanager:v4.8.0-202106291913.p0.git.7b5ac87.assembly.stream as a component of Red Hat OpenShift Container Platform 4.8", "product_id": "8Base-RHOSE-4.8:openshift4/ose-prometheus-alertmanager:v4.8.0-202106291913.p0.git.7b5ac87.assembly.stream" }, "product_reference": "openshift4/ose-prometheus-alertmanager:v4.8.0-202106291913.p0.git.7b5ac87.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.8" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-prometheus-config-reloader:v4.8.0-202106291913.p0.git.9d679a1.assembly.stream as a component of Red Hat OpenShift Container Platform 4.8", "product_id": "8Base-RHOSE-4.8:openshift4/ose-prometheus-config-reloader:v4.8.0-202106291913.p0.git.9d679a1.assembly.stream" }, "product_reference": "openshift4/ose-prometheus-config-reloader:v4.8.0-202106291913.p0.git.9d679a1.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.8" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-prometheus-node-exporter:v4.8.0-202106291913.p0.git.c926449.assembly.stream as a component of Red Hat OpenShift Container Platform 4.8", "product_id": "8Base-RHOSE-4.8:openshift4/ose-prometheus-node-exporter:v4.8.0-202106291913.p0.git.c926449.assembly.stream" }, "product_reference": "openshift4/ose-prometheus-node-exporter:v4.8.0-202106291913.p0.git.c926449.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.8" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-prometheus-operator:v4.8.0-202106291913.p0.git.9d679a1.assembly.stream as a component of Red Hat OpenShift Container Platform 4.8", "product_id": "8Base-RHOSE-4.8:openshift4/ose-prometheus-operator:v4.8.0-202106291913.p0.git.9d679a1.assembly.stream" }, "product_reference": "openshift4/ose-prometheus-operator:v4.8.0-202106291913.p0.git.9d679a1.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.8" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-prometheus:v4.8.0-202106291913.p0.git.f3beb88.assembly.stream as a component of Red Hat OpenShift Container Platform 4.8", "product_id": "8Base-RHOSE-4.8:openshift4/ose-prometheus:v4.8.0-202106291913.p0.git.f3beb88.assembly.stream" }, "product_reference": "openshift4/ose-prometheus:v4.8.0-202106291913.p0.git.f3beb88.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.8" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-sdn-rhel8:v4.8.0-202106291913.p0.git.00d84a9.assembly.stream as a component of Red Hat OpenShift Container Platform 4.8", "product_id": "8Base-RHOSE-4.8:openshift4/ose-sdn-rhel8:v4.8.0-202106291913.p0.git.00d84a9.assembly.stream" }, "product_reference": "openshift4/ose-sdn-rhel8:v4.8.0-202106291913.p0.git.00d84a9.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.8" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-service-ca-operator:v4.8.0-202107131132.p0.git.bcc6df4.assembly.stream as a component of Red Hat OpenShift Container Platform 4.8", "product_id": "8Base-RHOSE-4.8:openshift4/ose-service-ca-operator:v4.8.0-202107131132.p0.git.bcc6df4.assembly.stream" }, "product_reference": "openshift4/ose-service-ca-operator:v4.8.0-202107131132.p0.git.bcc6df4.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.8" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-telemeter:v4.8.0-202106291913.p0.git.d6ceb8a.assembly.stream as a component of Red Hat OpenShift Container Platform 4.8", "product_id": "8Base-RHOSE-4.8:openshift4/ose-telemeter:v4.8.0-202106291913.p0.git.d6ceb8a.assembly.stream" }, "product_reference": "openshift4/ose-telemeter:v4.8.0-202106291913.p0.git.d6ceb8a.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.8" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-tests:v4.8.0-202107131424.p0.git.0d958c3.assembly.stream as a component of Red Hat OpenShift Container Platform 4.8", "product_id": "8Base-RHOSE-4.8:openshift4/ose-tests:v4.8.0-202107131424.p0.git.0d958c3.assembly.stream" }, "product_reference": "openshift4/ose-tests:v4.8.0-202107131424.p0.git.0d958c3.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.8" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-thanos-rhel8:v4.8.0-202106291913.p0.git.c358e96.assembly.stream as a component of Red Hat OpenShift Container Platform 4.8", "product_id": "8Base-RHOSE-4.8:openshift4/ose-thanos-rhel8:v4.8.0-202106291913.p0.git.c358e96.assembly.stream" }, "product_reference": "openshift4/ose-thanos-rhel8:v4.8.0-202106291913.p0.git.c358e96.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.8" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-tools-rhel8:v4.8.0-202106291725.p0.git.1077b05.assembly.stream as a component of Red Hat OpenShift Container Platform 4.8", "product_id": "8Base-RHOSE-4.8:openshift4/ose-tools-rhel8:v4.8.0-202106291725.p0.git.1077b05.assembly.stream" }, "product_reference": "openshift4/ose-tools-rhel8:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.8" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-vmware-vsphere-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.edbdd69.assembly.stream as a component of Red Hat OpenShift Container Platform 4.8", "product_id": "8Base-RHOSE-4.8:openshift4/ose-vmware-vsphere-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.edbdd69.assembly.stream" }, "product_reference": "openshift4/ose-vmware-vsphere-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.edbdd69.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.8" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-vmware-vsphere-csi-driver-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream as a component of Red Hat OpenShift Container Platform 4.8", "product_id": "8Base-RHOSE-4.8:openshift4/ose-vmware-vsphere-csi-driver-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream" }, "product_reference": "openshift4/ose-vmware-vsphere-csi-driver-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.8" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-vsphere-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.edbdd69.assembly.stream as a component of Red Hat OpenShift Container Platform 4.8", "product_id": "8Base-RHOSE-4.8:openshift4/ose-vsphere-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.edbdd69.assembly.stream" }, "product_reference": "openshift4/ose-vsphere-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.edbdd69.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.8" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-vsphere-csi-driver-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream as a component of Red Hat OpenShift Container Platform 4.8", "product_id": "8Base-RHOSE-4.8:openshift4/ose-vsphere-csi-driver-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream" }, "product_reference": "openshift4/ose-vsphere-csi-driver-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.8" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-vsphere-csi-driver-syncer-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream as a component of Red Hat OpenShift Container Platform 4.8", "product_id": "8Base-RHOSE-4.8:openshift4/ose-vsphere-csi-driver-syncer-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream" }, "product_reference": "openshift4/ose-vsphere-csi-driver-syncer-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.8" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-vsphere-problem-detector-rhel8:v4.8.0-202106291913.p0.git.bf6f4fa.assembly.stream as a component of Red Hat OpenShift Container Platform 4.8", "product_id": "8Base-RHOSE-4.8:openshift4/ose-vsphere-problem-detector-rhel8:v4.8.0-202106291913.p0.git.bf6f4fa.assembly.stream" }, "product_reference": "openshift4/ose-vsphere-problem-detector-rhel8:v4.8.0-202106291913.p0.git.bf6f4fa.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.8" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ovirt-csi-driver-rhel7:v4.8.0-202106291913.p0.git.b1d4ec3.assembly.stream as a component of Red Hat OpenShift Container Platform 4.8", "product_id": "8Base-RHOSE-4.8:openshift4/ovirt-csi-driver-rhel7:v4.8.0-202106291913.p0.git.b1d4ec3.assembly.stream" }, "product_reference": "openshift4/ovirt-csi-driver-rhel7:v4.8.0-202106291913.p0.git.b1d4ec3.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.8" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ovirt-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.7b6cd3d.assembly.stream as a component of Red Hat OpenShift Container Platform 4.8", "product_id": "8Base-RHOSE-4.8:openshift4/ovirt-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.7b6cd3d.assembly.stream" }, "product_reference": "openshift4/ovirt-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.7b6cd3d.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.8" } ] }, "vulnerabilities": [ { "acknowledgments": [ { "names": [ "OpenVPN" ] }, { "names": [ "Karthikeyan Bhargavan", "Ga\u00ebtan Leurent" ], "organization": "Inria", "summary": "Acknowledged by upstream." } ], "cve": "CVE-2016-2183", "cwe": { "id": "CWE-327", "name": "Use of a Broken or Risky Cryptographic Algorithm" }, "discovery_date": "2016-08-18T00:00:00Z", "flags": [ { "label": "component_not_present", "product_ids": [ "8Base-RHOSE-4.8:openshift4/driver-toolkit-rhel8:v4.8.0-202107210116.p0.git.37de0e6.assembly.stream", "8Base-RHOSE-4.8:openshift4/egress-router-cni-rhel8:v4.8.0-202106291913.p0.git.016bea1.assembly.stream", "8Base-RHOSE-4.8:openshift4/network-tools-rhel8:v4.8.0-202106291913.p0.git.5ac3739.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-ebs-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.d1fe616.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-ebs-csi-driver-rhel8:v4.8.0-202106291913.p0.git.8c036e4.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-machine-controllers:v4.8.0-202107131617.p0.git.4c66f3d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-pod-identity-webhook-rhel8:v4.8.0-202107081650.p0.git.2b8eee2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-azure-disk-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.d3a3c29.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-azure-disk-csi-driver-rhel8:v4.8.0-202106291913.p0.git.2d461b3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-azure-machine-controllers:v4.8.0-202106291913.p0.git.8301076.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-installer-rhel8:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-machine-controllers:v4.8.0-202106291913.p0.git.a60d493.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-rhel8-operator:v4.8.0-202106291913.p0.git.015024f.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-runtimecfg-rhel8:v4.8.0-202106291913.p0.git.c8b1456.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cli-artifacts:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cli:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cloud-credential-operator:v4.8.0-202106291913.p0.git.b8932e9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-authentication-operator:v4.8.0-202106302318.p0.git.0ec8dd7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-autoscaler-operator:v4.8.0-202106291913.p0.git.fdae5ba.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-autoscaler:v4.8.0-202107152024.p0.git.7bbde4c.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-baremetal-operator-rhel8:v4.8.0-202106291913.p0.git.04a2ae2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-bootstrap:v4.8.0-202106291913.p0.git.1af395b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-config-operator:v4.8.0-202106291913.p0.git.c102241.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator:v4.8.0-202106291913.p0.git.07b3f81.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-dns-operator:v4.8.0-202107010313.p0.git.fdb2ebe.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-etcd-rhel8-operator:v4.8.0-202106291913.p0.git.300bdf3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-image-registry-operator:v4.8.0-202106291913.p0.git.f09049a.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-ingress-operator:v4.8.0-202106291913.p0.git.e9e6295.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-apiserver-operator:v4.8.0-202106291913.p0.git.d928754.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-controller-manager-operator:v4.8.0-202107141920.p0.git.9dc35db.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-scheduler-operator:v4.8.0-202106291913.p0.git.170a5a6.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator:v4.8.0-202106291913.p0.git.c4f4f8b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-machine-approver:v4.8.0-202106291913.p0.git.724abd2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-monitoring-operator:v4.8.0-202107151437.p0.git.5cfe241.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-network-operator:v4.8.0-202106291913.p0.git.a5ebd1e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-node-tuning-operator:v4.8.0-202107091725.p0.git.6be3f67.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-openshift-apiserver-operator:v4.8.0-202106291913.p0.git.683d004.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-openshift-controller-manager-operator:v4.8.0-202106291913.p0.git.286c157.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-policy-controller-rhel8:v4.8.0-202106291913.p0.git.ec46ea5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-samples-operator:v4.8.0-202107152024.p0.git.31fb491.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-storage-operator:v4.8.0-202106291913.p0.git.0775fb6.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-update-keys:v4.8.0-202106152230.p0.git.87835b7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-version-operator:v4.8.0-202106291913.p0.git.ea6e779.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-configmap-reloader:v4.8.0-202106291913.p0.git.abc5c26.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-console-operator:v4.8.0-202106291913.p0.git.b5cf3e0.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-console:v4.8.0-202107010336.p0.git.188a490.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-container-networking-plugins-rhel8:v4.8.0-202106291913.p0.git.a8801b0.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-coredns:v4.8.0-202106291913.p0.git.642b46e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-driver-manila-rhel8-operator:v4.8.0-202106291913.p0.git.7e86252.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-driver-manila-rhel8:v4.8.0-202106291913.p0.git.3579ead.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-driver-nfs-rhel8:v4.8.0-202106291913.p0.git.9404d34.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-attacher-rhel8:v4.8.0-202106291913.p0.git.596da63.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-attacher:v4.8.0-202106291913.p0.git.596da63.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-provisioner-rhel8:v4.8.0-202106291913.p0.git.3ea7e68.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-provisioner:v4.8.0-202106291913.p0.git.3ea7e68.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-resizer-rhel8:v4.8.0-202106291913.p0.git.b5dd2b3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-resizer:v4.8.0-202106291913.p0.git.b5dd2b3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-snapshotter-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-snapshotter:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-livenessprobe-rhel8:v4.8.0-202106291913.p0.git.a29b115.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-livenessprobe:v4.8.0-202106291913.p0.git.a29b115.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-node-driver-registrar-rhel8:v4.8.0-202106291913.p0.git.0519730.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-node-driver-registrar:v4.8.0-202106291913.p0.git.0519730.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-snapshot-controller-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-snapshot-controller:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-snapshot-validation-webhook-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-deployer:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-docker-builder:v4.8.0-202107152024.p0.git.70b7b95.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-docker-registry:v4.8.0-202106291913.p0.git.a87e6c5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-etcd:v4.8.0-202106152230.p0.git.aefa6bf.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-gcp-machine-controllers-rhel8:v4.8.0-202106291913.p0.git.34db56e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-gcp-pd-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.35ebe86.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-gcp-pd-csi-driver-rhel8:v4.8.0-202106291913.p0.git.0b61889.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-grafana:v4.8.0-202106291913.p0.git.b987e4b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-haproxy-router:v4.8.0-202106291913.p0.git.207d546.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-insights-rhel8-operator:v4.8.0-202106291913.p0.git.2040a71.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-installer-artifacts:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-installer:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-hardware-inventory-recorder-rhel8:v4.8.0-202107191801.p0.git.61c4cc7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-inspector-rhel8:v4.8.0-202107191302.p0.git.9aafd07.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-ipa-downloader-rhel8:v4.8.0-202107152024.p0.git.ba87832.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-machine-os-downloader-rhel8:v4.8.0-202107152024.p0.git.71967e7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-rhel8:v4.8.0-202107191302.p0.git.227b76b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-static-ip-manager-rhel8:v4.8.0-202107152024.p0.git.d2e40e3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins-agent-base:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins-agent-maven:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins-agent-nodejs-12-rhel8:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-k8s-prometheus-adapter:v4.8.0-202106291913.p0.git.2856bc2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-keepalived-ipfailover:v4.8.0-202106152230.p0.git.ad38e11.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kube-proxy:v4.8.0-202106291913.p0.git.00d84a9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kube-state-metrics:v4.8.0-202106291913.p0.git.9471662.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kube-storage-version-migrator-rhel8:v4.8.0-202106291913.p0.git.901a6d2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kuryr-cni-rhel8:v4.8.0-202107191610.p0.git.8a4c2d8.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kuryr-controller-rhel8:v4.8.0-202107191610.p0.git.8a4c2d8.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-libvirt-machine-controllers:v4.8.0-202106291913.p0.git.1a48d4b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-machine-api-operator:v4.8.0-202107091016.p0.git.1155220.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-mdns-publisher-rhel8:v4.8.0-202106291913.p0.git.2c42cc4.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-admission-controller:v4.8.0-202106291913.p0.git.a7312f5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-cni:v4.8.0-202106291913.p0.git.0c97234.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-networkpolicy-rhel8:v4.8.0-202106291913.p0.git.187ad91.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-route-override-cni-rhel8:v4.8.0-202107152024.p0.git.1662c3e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-whereabouts-ipam-cni-rhel8:v4.8.0-202107152024.p0.git.9a05258.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-must-gather:v4.8.0-202106291913.p0.git.cc7e2a5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-network-metrics-daemon-rhel8:v4.8.0-202106291913.p0.git.f02c63a.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-oauth-apiserver-rhel8:v4.8.0-202106291913.p0.git.09435a5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-oauth-proxy:v4.8.0-202107152024.p0.git.3fc0d89.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-oauth-server-rhel8:v4.8.0-202106291913.p0.git.374e2ee.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openshift-apiserver-rhel8:v4.8.0-202106291913.p0.git.3949869.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openshift-controller-manager-rhel8:v4.8.0-202106291913.p0.git.2e25328.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openshift-state-metrics-rhel8:v4.8.0-202106291913.p0.git.1014291.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openstack-cinder-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.1184ace.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openstack-cinder-csi-driver-rhel8:v4.8.0-202106291913.p0.git.3579ead.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openstack-machine-controllers:v4.8.0-202106291913.p0.git.3024c78.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-operator-lifecycle-manager:v4.8.0-202107160028.p0.git.2b803dd.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-operator-marketplace:v4.8.0-202106291913.p0.git.e39ff59.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-operator-registry:v4.8.0-202107160028.p0.git.2b803dd.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ovirt-machine-controllers-rhel8:v4.8.0-202106291913.p0.git.86c1675.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ovn-kubernetes:v4.8.0-202106291913.p0.git.dbc67b5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-pod:v4.8.0-202107161820.p0.git.051ac4f.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prom-label-proxy:v4.8.0-202106291913.p0.git.2faeb40.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-alertmanager:v4.8.0-202106291913.p0.git.7b5ac87.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-config-reloader:v4.8.0-202106291913.p0.git.9d679a1.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-node-exporter:v4.8.0-202106291913.p0.git.c926449.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-operator:v4.8.0-202106291913.p0.git.9d679a1.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus:v4.8.0-202106291913.p0.git.f3beb88.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-sdn-rhel8:v4.8.0-202106291913.p0.git.00d84a9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-service-ca-operator:v4.8.0-202107131132.p0.git.bcc6df4.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-telemeter:v4.8.0-202106291913.p0.git.d6ceb8a.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-tests:v4.8.0-202107131424.p0.git.0d958c3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-thanos-rhel8:v4.8.0-202106291913.p0.git.c358e96.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-tools-rhel8:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vmware-vsphere-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.edbdd69.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vmware-vsphere-csi-driver-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.edbdd69.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-csi-driver-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-csi-driver-syncer-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-problem-detector-rhel8:v4.8.0-202106291913.p0.git.bf6f4fa.assembly.stream", "8Base-RHOSE-4.8:openshift4/ovirt-csi-driver-rhel7:v4.8.0-202106291913.p0.git.b1d4ec3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ovirt-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.7b6cd3d.assembly.stream" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla", "text": "https://bugzilla.redhat.com/show_bug.cgi?id=1369383" } ], "notes": [ { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" }, { "category": "description", "text": "A flaw was found in the way the DES/3DES cipher was used as part of the TLS/SSL protocol. A man-in-the-middle attacker could use this flaw to recover some plaintext data by capturing large amounts of encrypted traffic between TLS/SSL server and client if the communication used a DES/3DES based ciphersuite.", "title": "Vulnerability description" }, { "category": "summary", "text": "SSL/TLS: Birthday attack against 64-bit block ciphers (SWEET32)", "title": "Vulnerability summary" } ], "product_status": { "fixed": [ "8Base-RHOSE-4.8:openshift4/ose-hyperkube:v4.8.0-202107161820.p0.git.051ac4f.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-machine-config-operator:v4.8.0-202107011817.p0.git.29813c8.assembly.stream" ], "known_not_affected": [ "8Base-RHOSE-4.8:openshift4/driver-toolkit-rhel8:v4.8.0-202107210116.p0.git.37de0e6.assembly.stream", "8Base-RHOSE-4.8:openshift4/egress-router-cni-rhel8:v4.8.0-202106291913.p0.git.016bea1.assembly.stream", "8Base-RHOSE-4.8:openshift4/network-tools-rhel8:v4.8.0-202106291913.p0.git.5ac3739.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-ebs-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.d1fe616.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-ebs-csi-driver-rhel8:v4.8.0-202106291913.p0.git.8c036e4.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-machine-controllers:v4.8.0-202107131617.p0.git.4c66f3d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-pod-identity-webhook-rhel8:v4.8.0-202107081650.p0.git.2b8eee2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-azure-disk-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.d3a3c29.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-azure-disk-csi-driver-rhel8:v4.8.0-202106291913.p0.git.2d461b3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-azure-machine-controllers:v4.8.0-202106291913.p0.git.8301076.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-installer-rhel8:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-machine-controllers:v4.8.0-202106291913.p0.git.a60d493.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-rhel8-operator:v4.8.0-202106291913.p0.git.015024f.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-runtimecfg-rhel8:v4.8.0-202106291913.p0.git.c8b1456.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cli-artifacts:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cli:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cloud-credential-operator:v4.8.0-202106291913.p0.git.b8932e9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-authentication-operator:v4.8.0-202106302318.p0.git.0ec8dd7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-autoscaler-operator:v4.8.0-202106291913.p0.git.fdae5ba.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-autoscaler:v4.8.0-202107152024.p0.git.7bbde4c.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-baremetal-operator-rhel8:v4.8.0-202106291913.p0.git.04a2ae2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-bootstrap:v4.8.0-202106291913.p0.git.1af395b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-config-operator:v4.8.0-202106291913.p0.git.c102241.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator:v4.8.0-202106291913.p0.git.07b3f81.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-dns-operator:v4.8.0-202107010313.p0.git.fdb2ebe.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-etcd-rhel8-operator:v4.8.0-202106291913.p0.git.300bdf3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-image-registry-operator:v4.8.0-202106291913.p0.git.f09049a.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-ingress-operator:v4.8.0-202106291913.p0.git.e9e6295.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-apiserver-operator:v4.8.0-202106291913.p0.git.d928754.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-controller-manager-operator:v4.8.0-202107141920.p0.git.9dc35db.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-scheduler-operator:v4.8.0-202106291913.p0.git.170a5a6.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator:v4.8.0-202106291913.p0.git.c4f4f8b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-machine-approver:v4.8.0-202106291913.p0.git.724abd2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-monitoring-operator:v4.8.0-202107151437.p0.git.5cfe241.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-network-operator:v4.8.0-202106291913.p0.git.a5ebd1e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-node-tuning-operator:v4.8.0-202107091725.p0.git.6be3f67.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-openshift-apiserver-operator:v4.8.0-202106291913.p0.git.683d004.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-openshift-controller-manager-operator:v4.8.0-202106291913.p0.git.286c157.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-policy-controller-rhel8:v4.8.0-202106291913.p0.git.ec46ea5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-samples-operator:v4.8.0-202107152024.p0.git.31fb491.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-storage-operator:v4.8.0-202106291913.p0.git.0775fb6.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-update-keys:v4.8.0-202106152230.p0.git.87835b7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-version-operator:v4.8.0-202106291913.p0.git.ea6e779.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-configmap-reloader:v4.8.0-202106291913.p0.git.abc5c26.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-console-operator:v4.8.0-202106291913.p0.git.b5cf3e0.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-console:v4.8.0-202107010336.p0.git.188a490.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-container-networking-plugins-rhel8:v4.8.0-202106291913.p0.git.a8801b0.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-coredns:v4.8.0-202106291913.p0.git.642b46e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-driver-manila-rhel8-operator:v4.8.0-202106291913.p0.git.7e86252.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-driver-manila-rhel8:v4.8.0-202106291913.p0.git.3579ead.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-driver-nfs-rhel8:v4.8.0-202106291913.p0.git.9404d34.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-attacher-rhel8:v4.8.0-202106291913.p0.git.596da63.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-attacher:v4.8.0-202106291913.p0.git.596da63.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-provisioner-rhel8:v4.8.0-202106291913.p0.git.3ea7e68.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-provisioner:v4.8.0-202106291913.p0.git.3ea7e68.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-resizer-rhel8:v4.8.0-202106291913.p0.git.b5dd2b3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-resizer:v4.8.0-202106291913.p0.git.b5dd2b3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-snapshotter-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-snapshotter:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-livenessprobe-rhel8:v4.8.0-202106291913.p0.git.a29b115.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-livenessprobe:v4.8.0-202106291913.p0.git.a29b115.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-node-driver-registrar-rhel8:v4.8.0-202106291913.p0.git.0519730.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-node-driver-registrar:v4.8.0-202106291913.p0.git.0519730.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-snapshot-controller-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-snapshot-controller:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-snapshot-validation-webhook-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-deployer:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-docker-builder:v4.8.0-202107152024.p0.git.70b7b95.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-docker-registry:v4.8.0-202106291913.p0.git.a87e6c5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-etcd:v4.8.0-202106152230.p0.git.aefa6bf.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-gcp-machine-controllers-rhel8:v4.8.0-202106291913.p0.git.34db56e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-gcp-pd-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.35ebe86.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-gcp-pd-csi-driver-rhel8:v4.8.0-202106291913.p0.git.0b61889.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-grafana:v4.8.0-202106291913.p0.git.b987e4b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-haproxy-router:v4.8.0-202106291913.p0.git.207d546.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-insights-rhel8-operator:v4.8.0-202106291913.p0.git.2040a71.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-installer-artifacts:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-installer:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-hardware-inventory-recorder-rhel8:v4.8.0-202107191801.p0.git.61c4cc7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-inspector-rhel8:v4.8.0-202107191302.p0.git.9aafd07.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-ipa-downloader-rhel8:v4.8.0-202107152024.p0.git.ba87832.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-machine-os-downloader-rhel8:v4.8.0-202107152024.p0.git.71967e7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-rhel8:v4.8.0-202107191302.p0.git.227b76b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-static-ip-manager-rhel8:v4.8.0-202107152024.p0.git.d2e40e3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins-agent-base:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins-agent-maven:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins-agent-nodejs-12-rhel8:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-k8s-prometheus-adapter:v4.8.0-202106291913.p0.git.2856bc2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-keepalived-ipfailover:v4.8.0-202106152230.p0.git.ad38e11.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kube-proxy:v4.8.0-202106291913.p0.git.00d84a9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kube-state-metrics:v4.8.0-202106291913.p0.git.9471662.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kube-storage-version-migrator-rhel8:v4.8.0-202106291913.p0.git.901a6d2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kuryr-cni-rhel8:v4.8.0-202107191610.p0.git.8a4c2d8.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kuryr-controller-rhel8:v4.8.0-202107191610.p0.git.8a4c2d8.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-libvirt-machine-controllers:v4.8.0-202106291913.p0.git.1a48d4b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-machine-api-operator:v4.8.0-202107091016.p0.git.1155220.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-mdns-publisher-rhel8:v4.8.0-202106291913.p0.git.2c42cc4.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-admission-controller:v4.8.0-202106291913.p0.git.a7312f5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-cni:v4.8.0-202106291913.p0.git.0c97234.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-networkpolicy-rhel8:v4.8.0-202106291913.p0.git.187ad91.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-route-override-cni-rhel8:v4.8.0-202107152024.p0.git.1662c3e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-whereabouts-ipam-cni-rhel8:v4.8.0-202107152024.p0.git.9a05258.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-must-gather:v4.8.0-202106291913.p0.git.cc7e2a5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-network-metrics-daemon-rhel8:v4.8.0-202106291913.p0.git.f02c63a.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-oauth-apiserver-rhel8:v4.8.0-202106291913.p0.git.09435a5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-oauth-proxy:v4.8.0-202107152024.p0.git.3fc0d89.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-oauth-server-rhel8:v4.8.0-202106291913.p0.git.374e2ee.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openshift-apiserver-rhel8:v4.8.0-202106291913.p0.git.3949869.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openshift-controller-manager-rhel8:v4.8.0-202106291913.p0.git.2e25328.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openshift-state-metrics-rhel8:v4.8.0-202106291913.p0.git.1014291.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openstack-cinder-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.1184ace.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openstack-cinder-csi-driver-rhel8:v4.8.0-202106291913.p0.git.3579ead.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openstack-machine-controllers:v4.8.0-202106291913.p0.git.3024c78.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-operator-lifecycle-manager:v4.8.0-202107160028.p0.git.2b803dd.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-operator-marketplace:v4.8.0-202106291913.p0.git.e39ff59.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-operator-registry:v4.8.0-202107160028.p0.git.2b803dd.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ovirt-machine-controllers-rhel8:v4.8.0-202106291913.p0.git.86c1675.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ovn-kubernetes:v4.8.0-202106291913.p0.git.dbc67b5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-pod:v4.8.0-202107161820.p0.git.051ac4f.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prom-label-proxy:v4.8.0-202106291913.p0.git.2faeb40.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-alertmanager:v4.8.0-202106291913.p0.git.7b5ac87.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-config-reloader:v4.8.0-202106291913.p0.git.9d679a1.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-node-exporter:v4.8.0-202106291913.p0.git.c926449.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-operator:v4.8.0-202106291913.p0.git.9d679a1.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus:v4.8.0-202106291913.p0.git.f3beb88.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-sdn-rhel8:v4.8.0-202106291913.p0.git.00d84a9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-service-ca-operator:v4.8.0-202107131132.p0.git.bcc6df4.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-telemeter:v4.8.0-202106291913.p0.git.d6ceb8a.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-tests:v4.8.0-202107131424.p0.git.0d958c3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-thanos-rhel8:v4.8.0-202106291913.p0.git.c358e96.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-tools-rhel8:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vmware-vsphere-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.edbdd69.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vmware-vsphere-csi-driver-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.edbdd69.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-csi-driver-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-csi-driver-syncer-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-problem-detector-rhel8:v4.8.0-202106291913.p0.git.bf6f4fa.assembly.stream", "8Base-RHOSE-4.8:openshift4/ovirt-csi-driver-rhel7:v4.8.0-202106291913.p0.git.b1d4ec3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ovirt-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.7b6cd3d.assembly.stream" ] }, "references": [ { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2016-2183", "url": "https://www.cve.org/CVERecord?id=CVE-2016-2183" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-2183", "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-2183" }, { "category": "external", "summary": "https://access.redhat.com/articles/2548661", "url": "https://access.redhat.com/articles/2548661" }, { "category": "external", "summary": "https://access.redhat.com/errata/RHSA-2016:1940", "url": "https://access.redhat.com/errata/RHSA-2016:1940" }, { "category": "external", "summary": "https://sweet32.info/", "url": "https://sweet32.info/" }, { "category": "external", "summary": "CVE-2016-2183", "url": "https://access.redhat.com/security/cve/CVE-2016-2183" }, { "category": "external", "summary": "bz#1369383: CVE-2016-2183 SSL/TLS: Birthday attack against 64-bit block ciphers (SWEET32)", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1369383" } ], "release_date": "2016-08-24T00:00:00Z", "remediations": [ { "category": "vendor_fix", "details": "For OpenShift Container Platform 4.8 see the following documentation, which\nwill be updated shortly for this release, for important instructions on how\nto upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.8/release_notes/ocp-4-8-release-notes.html\n\nDetails on how to access this content are available at\nhttps://docs.openshift.com/container-platform/4.8/updating/updating-cluster-cli.html", "product_ids": [ "8Base-RHOSE-4.8:openshift4/ose-hyperkube:v4.8.0-202107161820.p0.git.051ac4f.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-machine-config-operator:v4.8.0-202107011817.p0.git.29813c8.assembly.stream" ], "url": "https://access.redhat.com/errata/RHSA-2021:2438" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "availabilityRequirement": "NOT_DEFINED", "baseScore": 4.3, "collateralDamagePotential": "NOT_DEFINED", "confidentialityImpact": "PARTIAL", "confidentialityRequirement": "NOT_DEFINED", "environmentalScore": 0.0, "exploitability": "NOT_DEFINED", "integrityImpact": "NONE", "integrityRequirement": "NOT_DEFINED", "remediationLevel": "NOT_DEFINED", "reportConfidence": "NOT_DEFINED", "targetDistribution": "NOT_DEFINED", "temporalScore": 0.0, "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0" }, "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.0" }, "products": [ "8Base-RHOSE-4.8:openshift4/ose-hyperkube:v4.8.0-202107161820.p0.git.051ac4f.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-machine-config-operator:v4.8.0-202107011817.p0.git.29813c8.assembly.stream" ] } ], "threats": [ { "category": "impact", "date": "2016-08-18T00:00:00Z", "details": "Moderate" } ], "title": "CVE-2016-2183 SSL/TLS: Birthday attack against 64-bit block ciphers (SWEET32)" }, { "cve": "CVE-2020-7774", "cwe": { "id": "CWE-915", "name": "Improperly Controlled Modification of Dynamically-Determined Object Attributes" }, "discovery_date": "2020-11-17T00:00:00Z", "flags": [ { "label": "component_not_present", "product_ids": [ "8Base-RHOSE-4.8:openshift4/driver-toolkit-rhel8:v4.8.0-202107210116.p0.git.37de0e6.assembly.stream", "8Base-RHOSE-4.8:openshift4/egress-router-cni-rhel8:v4.8.0-202106291913.p0.git.016bea1.assembly.stream", "8Base-RHOSE-4.8:openshift4/network-tools-rhel8:v4.8.0-202106291913.p0.git.5ac3739.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-ebs-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.d1fe616.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-ebs-csi-driver-rhel8:v4.8.0-202106291913.p0.git.8c036e4.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-machine-controllers:v4.8.0-202107131617.p0.git.4c66f3d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-pod-identity-webhook-rhel8:v4.8.0-202107081650.p0.git.2b8eee2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-azure-disk-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.d3a3c29.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-azure-disk-csi-driver-rhel8:v4.8.0-202106291913.p0.git.2d461b3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-azure-machine-controllers:v4.8.0-202106291913.p0.git.8301076.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-installer-rhel8:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-machine-controllers:v4.8.0-202106291913.p0.git.a60d493.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-rhel8-operator:v4.8.0-202106291913.p0.git.015024f.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-runtimecfg-rhel8:v4.8.0-202106291913.p0.git.c8b1456.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cli-artifacts:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cli:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cloud-credential-operator:v4.8.0-202106291913.p0.git.b8932e9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-authentication-operator:v4.8.0-202106302318.p0.git.0ec8dd7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-autoscaler-operator:v4.8.0-202106291913.p0.git.fdae5ba.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-autoscaler:v4.8.0-202107152024.p0.git.7bbde4c.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-baremetal-operator-rhel8:v4.8.0-202106291913.p0.git.04a2ae2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-bootstrap:v4.8.0-202106291913.p0.git.1af395b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-config-operator:v4.8.0-202106291913.p0.git.c102241.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator:v4.8.0-202106291913.p0.git.07b3f81.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-dns-operator:v4.8.0-202107010313.p0.git.fdb2ebe.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-etcd-rhel8-operator:v4.8.0-202106291913.p0.git.300bdf3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-image-registry-operator:v4.8.0-202106291913.p0.git.f09049a.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-ingress-operator:v4.8.0-202106291913.p0.git.e9e6295.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-apiserver-operator:v4.8.0-202106291913.p0.git.d928754.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-controller-manager-operator:v4.8.0-202107141920.p0.git.9dc35db.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-scheduler-operator:v4.8.0-202106291913.p0.git.170a5a6.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator:v4.8.0-202106291913.p0.git.c4f4f8b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-machine-approver:v4.8.0-202106291913.p0.git.724abd2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-monitoring-operator:v4.8.0-202107151437.p0.git.5cfe241.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-network-operator:v4.8.0-202106291913.p0.git.a5ebd1e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-node-tuning-operator:v4.8.0-202107091725.p0.git.6be3f67.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-openshift-apiserver-operator:v4.8.0-202106291913.p0.git.683d004.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-openshift-controller-manager-operator:v4.8.0-202106291913.p0.git.286c157.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-policy-controller-rhel8:v4.8.0-202106291913.p0.git.ec46ea5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-samples-operator:v4.8.0-202107152024.p0.git.31fb491.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-storage-operator:v4.8.0-202106291913.p0.git.0775fb6.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-update-keys:v4.8.0-202106152230.p0.git.87835b7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-version-operator:v4.8.0-202106291913.p0.git.ea6e779.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-configmap-reloader:v4.8.0-202106291913.p0.git.abc5c26.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-console-operator:v4.8.0-202106291913.p0.git.b5cf3e0.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-console:v4.8.0-202107010336.p0.git.188a490.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-container-networking-plugins-rhel8:v4.8.0-202106291913.p0.git.a8801b0.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-coredns:v4.8.0-202106291913.p0.git.642b46e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-driver-manila-rhel8-operator:v4.8.0-202106291913.p0.git.7e86252.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-driver-manila-rhel8:v4.8.0-202106291913.p0.git.3579ead.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-driver-nfs-rhel8:v4.8.0-202106291913.p0.git.9404d34.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-attacher-rhel8:v4.8.0-202106291913.p0.git.596da63.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-attacher:v4.8.0-202106291913.p0.git.596da63.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-provisioner-rhel8:v4.8.0-202106291913.p0.git.3ea7e68.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-provisioner:v4.8.0-202106291913.p0.git.3ea7e68.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-resizer-rhel8:v4.8.0-202106291913.p0.git.b5dd2b3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-resizer:v4.8.0-202106291913.p0.git.b5dd2b3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-snapshotter-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-snapshotter:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-livenessprobe-rhel8:v4.8.0-202106291913.p0.git.a29b115.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-livenessprobe:v4.8.0-202106291913.p0.git.a29b115.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-node-driver-registrar-rhel8:v4.8.0-202106291913.p0.git.0519730.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-node-driver-registrar:v4.8.0-202106291913.p0.git.0519730.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-snapshot-controller-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-snapshot-controller:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-snapshot-validation-webhook-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-deployer:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-docker-builder:v4.8.0-202107152024.p0.git.70b7b95.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-docker-registry:v4.8.0-202106291913.p0.git.a87e6c5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-etcd:v4.8.0-202106152230.p0.git.aefa6bf.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-gcp-machine-controllers-rhel8:v4.8.0-202106291913.p0.git.34db56e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-gcp-pd-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.35ebe86.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-gcp-pd-csi-driver-rhel8:v4.8.0-202106291913.p0.git.0b61889.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-grafana:v4.8.0-202106291913.p0.git.b987e4b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-haproxy-router:v4.8.0-202106291913.p0.git.207d546.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-hyperkube:v4.8.0-202107161820.p0.git.051ac4f.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-insights-rhel8-operator:v4.8.0-202106291913.p0.git.2040a71.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-installer-artifacts:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-installer:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-hardware-inventory-recorder-rhel8:v4.8.0-202107191801.p0.git.61c4cc7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-inspector-rhel8:v4.8.0-202107191302.p0.git.9aafd07.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-ipa-downloader-rhel8:v4.8.0-202107152024.p0.git.ba87832.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-machine-os-downloader-rhel8:v4.8.0-202107152024.p0.git.71967e7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-rhel8:v4.8.0-202107191302.p0.git.227b76b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-static-ip-manager-rhel8:v4.8.0-202107152024.p0.git.d2e40e3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins-agent-base:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins-agent-maven:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins-agent-nodejs-12-rhel8:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-k8s-prometheus-adapter:v4.8.0-202106291913.p0.git.2856bc2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-keepalived-ipfailover:v4.8.0-202106152230.p0.git.ad38e11.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kube-proxy:v4.8.0-202106291913.p0.git.00d84a9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kube-state-metrics:v4.8.0-202106291913.p0.git.9471662.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kube-storage-version-migrator-rhel8:v4.8.0-202106291913.p0.git.901a6d2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kuryr-cni-rhel8:v4.8.0-202107191610.p0.git.8a4c2d8.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kuryr-controller-rhel8:v4.8.0-202107191610.p0.git.8a4c2d8.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-libvirt-machine-controllers:v4.8.0-202106291913.p0.git.1a48d4b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-machine-api-operator:v4.8.0-202107091016.p0.git.1155220.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-machine-config-operator:v4.8.0-202107011817.p0.git.29813c8.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-mdns-publisher-rhel8:v4.8.0-202106291913.p0.git.2c42cc4.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-admission-controller:v4.8.0-202106291913.p0.git.a7312f5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-cni:v4.8.0-202106291913.p0.git.0c97234.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-networkpolicy-rhel8:v4.8.0-202106291913.p0.git.187ad91.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-route-override-cni-rhel8:v4.8.0-202107152024.p0.git.1662c3e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-whereabouts-ipam-cni-rhel8:v4.8.0-202107152024.p0.git.9a05258.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-must-gather:v4.8.0-202106291913.p0.git.cc7e2a5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-network-metrics-daemon-rhel8:v4.8.0-202106291913.p0.git.f02c63a.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-oauth-apiserver-rhel8:v4.8.0-202106291913.p0.git.09435a5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-oauth-proxy:v4.8.0-202107152024.p0.git.3fc0d89.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-oauth-server-rhel8:v4.8.0-202106291913.p0.git.374e2ee.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openshift-apiserver-rhel8:v4.8.0-202106291913.p0.git.3949869.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openshift-controller-manager-rhel8:v4.8.0-202106291913.p0.git.2e25328.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openshift-state-metrics-rhel8:v4.8.0-202106291913.p0.git.1014291.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openstack-cinder-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.1184ace.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openstack-cinder-csi-driver-rhel8:v4.8.0-202106291913.p0.git.3579ead.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openstack-machine-controllers:v4.8.0-202106291913.p0.git.3024c78.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-operator-lifecycle-manager:v4.8.0-202107160028.p0.git.2b803dd.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-operator-marketplace:v4.8.0-202106291913.p0.git.e39ff59.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-operator-registry:v4.8.0-202107160028.p0.git.2b803dd.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ovirt-machine-controllers-rhel8:v4.8.0-202106291913.p0.git.86c1675.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ovn-kubernetes:v4.8.0-202106291913.p0.git.dbc67b5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-pod:v4.8.0-202107161820.p0.git.051ac4f.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prom-label-proxy:v4.8.0-202106291913.p0.git.2faeb40.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-alertmanager:v4.8.0-202106291913.p0.git.7b5ac87.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-config-reloader:v4.8.0-202106291913.p0.git.9d679a1.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-node-exporter:v4.8.0-202106291913.p0.git.c926449.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-operator:v4.8.0-202106291913.p0.git.9d679a1.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus:v4.8.0-202106291913.p0.git.f3beb88.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-sdn-rhel8:v4.8.0-202106291913.p0.git.00d84a9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-service-ca-operator:v4.8.0-202107131132.p0.git.bcc6df4.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-telemeter:v4.8.0-202106291913.p0.git.d6ceb8a.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-tests:v4.8.0-202107131424.p0.git.0d958c3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-tools-rhel8:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vmware-vsphere-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.edbdd69.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vmware-vsphere-csi-driver-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.edbdd69.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-csi-driver-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-csi-driver-syncer-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-problem-detector-rhel8:v4.8.0-202106291913.p0.git.bf6f4fa.assembly.stream", "8Base-RHOSE-4.8:openshift4/ovirt-csi-driver-rhel7:v4.8.0-202106291913.p0.git.b1d4ec3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ovirt-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.7b6cd3d.assembly.stream" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla", "text": "https://bugzilla.redhat.com/show_bug.cgi?id=1898680" } ], "notes": [ { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" }, { "category": "description", "text": "A flaw was found in nodejs-y18n. There is a prototype pollution vulnerability in y18n\u0027s locale functionality. If an attacker is able to provide untrusted input via locale, they may be able to cause denial of service or in rare circumstances, impact to data integrity or confidentiality.", "title": "Vulnerability description" }, { "category": "summary", "text": "nodejs-y18n: prototype pollution vulnerability", "title": "Vulnerability summary" } ], "product_status": { "fixed": [ "8Base-RHOSE-4.8:openshift4/ose-thanos-rhel8:v4.8.0-202106291913.p0.git.c358e96.assembly.stream" ], "known_not_affected": [ "8Base-RHOSE-4.8:openshift4/driver-toolkit-rhel8:v4.8.0-202107210116.p0.git.37de0e6.assembly.stream", "8Base-RHOSE-4.8:openshift4/egress-router-cni-rhel8:v4.8.0-202106291913.p0.git.016bea1.assembly.stream", "8Base-RHOSE-4.8:openshift4/network-tools-rhel8:v4.8.0-202106291913.p0.git.5ac3739.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-ebs-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.d1fe616.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-ebs-csi-driver-rhel8:v4.8.0-202106291913.p0.git.8c036e4.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-machine-controllers:v4.8.0-202107131617.p0.git.4c66f3d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-pod-identity-webhook-rhel8:v4.8.0-202107081650.p0.git.2b8eee2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-azure-disk-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.d3a3c29.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-azure-disk-csi-driver-rhel8:v4.8.0-202106291913.p0.git.2d461b3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-azure-machine-controllers:v4.8.0-202106291913.p0.git.8301076.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-installer-rhel8:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-machine-controllers:v4.8.0-202106291913.p0.git.a60d493.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-rhel8-operator:v4.8.0-202106291913.p0.git.015024f.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-runtimecfg-rhel8:v4.8.0-202106291913.p0.git.c8b1456.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cli-artifacts:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cli:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cloud-credential-operator:v4.8.0-202106291913.p0.git.b8932e9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-authentication-operator:v4.8.0-202106302318.p0.git.0ec8dd7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-autoscaler-operator:v4.8.0-202106291913.p0.git.fdae5ba.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-autoscaler:v4.8.0-202107152024.p0.git.7bbde4c.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-baremetal-operator-rhel8:v4.8.0-202106291913.p0.git.04a2ae2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-bootstrap:v4.8.0-202106291913.p0.git.1af395b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-config-operator:v4.8.0-202106291913.p0.git.c102241.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator:v4.8.0-202106291913.p0.git.07b3f81.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-dns-operator:v4.8.0-202107010313.p0.git.fdb2ebe.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-etcd-rhel8-operator:v4.8.0-202106291913.p0.git.300bdf3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-image-registry-operator:v4.8.0-202106291913.p0.git.f09049a.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-ingress-operator:v4.8.0-202106291913.p0.git.e9e6295.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-apiserver-operator:v4.8.0-202106291913.p0.git.d928754.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-controller-manager-operator:v4.8.0-202107141920.p0.git.9dc35db.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-scheduler-operator:v4.8.0-202106291913.p0.git.170a5a6.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator:v4.8.0-202106291913.p0.git.c4f4f8b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-machine-approver:v4.8.0-202106291913.p0.git.724abd2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-monitoring-operator:v4.8.0-202107151437.p0.git.5cfe241.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-network-operator:v4.8.0-202106291913.p0.git.a5ebd1e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-node-tuning-operator:v4.8.0-202107091725.p0.git.6be3f67.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-openshift-apiserver-operator:v4.8.0-202106291913.p0.git.683d004.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-openshift-controller-manager-operator:v4.8.0-202106291913.p0.git.286c157.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-policy-controller-rhel8:v4.8.0-202106291913.p0.git.ec46ea5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-samples-operator:v4.8.0-202107152024.p0.git.31fb491.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-storage-operator:v4.8.0-202106291913.p0.git.0775fb6.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-update-keys:v4.8.0-202106152230.p0.git.87835b7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-version-operator:v4.8.0-202106291913.p0.git.ea6e779.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-configmap-reloader:v4.8.0-202106291913.p0.git.abc5c26.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-console-operator:v4.8.0-202106291913.p0.git.b5cf3e0.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-console:v4.8.0-202107010336.p0.git.188a490.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-container-networking-plugins-rhel8:v4.8.0-202106291913.p0.git.a8801b0.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-coredns:v4.8.0-202106291913.p0.git.642b46e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-driver-manila-rhel8-operator:v4.8.0-202106291913.p0.git.7e86252.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-driver-manila-rhel8:v4.8.0-202106291913.p0.git.3579ead.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-driver-nfs-rhel8:v4.8.0-202106291913.p0.git.9404d34.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-attacher-rhel8:v4.8.0-202106291913.p0.git.596da63.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-attacher:v4.8.0-202106291913.p0.git.596da63.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-provisioner-rhel8:v4.8.0-202106291913.p0.git.3ea7e68.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-provisioner:v4.8.0-202106291913.p0.git.3ea7e68.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-resizer-rhel8:v4.8.0-202106291913.p0.git.b5dd2b3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-resizer:v4.8.0-202106291913.p0.git.b5dd2b3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-snapshotter-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-snapshotter:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-livenessprobe-rhel8:v4.8.0-202106291913.p0.git.a29b115.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-livenessprobe:v4.8.0-202106291913.p0.git.a29b115.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-node-driver-registrar-rhel8:v4.8.0-202106291913.p0.git.0519730.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-node-driver-registrar:v4.8.0-202106291913.p0.git.0519730.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-snapshot-controller-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-snapshot-controller:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-snapshot-validation-webhook-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-deployer:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-docker-builder:v4.8.0-202107152024.p0.git.70b7b95.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-docker-registry:v4.8.0-202106291913.p0.git.a87e6c5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-etcd:v4.8.0-202106152230.p0.git.aefa6bf.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-gcp-machine-controllers-rhel8:v4.8.0-202106291913.p0.git.34db56e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-gcp-pd-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.35ebe86.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-gcp-pd-csi-driver-rhel8:v4.8.0-202106291913.p0.git.0b61889.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-grafana:v4.8.0-202106291913.p0.git.b987e4b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-haproxy-router:v4.8.0-202106291913.p0.git.207d546.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-hyperkube:v4.8.0-202107161820.p0.git.051ac4f.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-insights-rhel8-operator:v4.8.0-202106291913.p0.git.2040a71.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-installer-artifacts:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-installer:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-hardware-inventory-recorder-rhel8:v4.8.0-202107191801.p0.git.61c4cc7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-inspector-rhel8:v4.8.0-202107191302.p0.git.9aafd07.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-ipa-downloader-rhel8:v4.8.0-202107152024.p0.git.ba87832.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-machine-os-downloader-rhel8:v4.8.0-202107152024.p0.git.71967e7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-rhel8:v4.8.0-202107191302.p0.git.227b76b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-static-ip-manager-rhel8:v4.8.0-202107152024.p0.git.d2e40e3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins-agent-base:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins-agent-maven:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins-agent-nodejs-12-rhel8:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-k8s-prometheus-adapter:v4.8.0-202106291913.p0.git.2856bc2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-keepalived-ipfailover:v4.8.0-202106152230.p0.git.ad38e11.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kube-proxy:v4.8.0-202106291913.p0.git.00d84a9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kube-state-metrics:v4.8.0-202106291913.p0.git.9471662.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kube-storage-version-migrator-rhel8:v4.8.0-202106291913.p0.git.901a6d2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kuryr-cni-rhel8:v4.8.0-202107191610.p0.git.8a4c2d8.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kuryr-controller-rhel8:v4.8.0-202107191610.p0.git.8a4c2d8.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-libvirt-machine-controllers:v4.8.0-202106291913.p0.git.1a48d4b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-machine-api-operator:v4.8.0-202107091016.p0.git.1155220.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-machine-config-operator:v4.8.0-202107011817.p0.git.29813c8.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-mdns-publisher-rhel8:v4.8.0-202106291913.p0.git.2c42cc4.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-admission-controller:v4.8.0-202106291913.p0.git.a7312f5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-cni:v4.8.0-202106291913.p0.git.0c97234.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-networkpolicy-rhel8:v4.8.0-202106291913.p0.git.187ad91.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-route-override-cni-rhel8:v4.8.0-202107152024.p0.git.1662c3e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-whereabouts-ipam-cni-rhel8:v4.8.0-202107152024.p0.git.9a05258.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-must-gather:v4.8.0-202106291913.p0.git.cc7e2a5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-network-metrics-daemon-rhel8:v4.8.0-202106291913.p0.git.f02c63a.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-oauth-apiserver-rhel8:v4.8.0-202106291913.p0.git.09435a5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-oauth-proxy:v4.8.0-202107152024.p0.git.3fc0d89.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-oauth-server-rhel8:v4.8.0-202106291913.p0.git.374e2ee.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openshift-apiserver-rhel8:v4.8.0-202106291913.p0.git.3949869.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openshift-controller-manager-rhel8:v4.8.0-202106291913.p0.git.2e25328.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openshift-state-metrics-rhel8:v4.8.0-202106291913.p0.git.1014291.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openstack-cinder-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.1184ace.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openstack-cinder-csi-driver-rhel8:v4.8.0-202106291913.p0.git.3579ead.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openstack-machine-controllers:v4.8.0-202106291913.p0.git.3024c78.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-operator-lifecycle-manager:v4.8.0-202107160028.p0.git.2b803dd.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-operator-marketplace:v4.8.0-202106291913.p0.git.e39ff59.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-operator-registry:v4.8.0-202107160028.p0.git.2b803dd.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ovirt-machine-controllers-rhel8:v4.8.0-202106291913.p0.git.86c1675.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ovn-kubernetes:v4.8.0-202106291913.p0.git.dbc67b5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-pod:v4.8.0-202107161820.p0.git.051ac4f.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prom-label-proxy:v4.8.0-202106291913.p0.git.2faeb40.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-alertmanager:v4.8.0-202106291913.p0.git.7b5ac87.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-config-reloader:v4.8.0-202106291913.p0.git.9d679a1.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-node-exporter:v4.8.0-202106291913.p0.git.c926449.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-operator:v4.8.0-202106291913.p0.git.9d679a1.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus:v4.8.0-202106291913.p0.git.f3beb88.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-sdn-rhel8:v4.8.0-202106291913.p0.git.00d84a9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-service-ca-operator:v4.8.0-202107131132.p0.git.bcc6df4.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-telemeter:v4.8.0-202106291913.p0.git.d6ceb8a.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-tests:v4.8.0-202107131424.p0.git.0d958c3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-tools-rhel8:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vmware-vsphere-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.edbdd69.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vmware-vsphere-csi-driver-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.edbdd69.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-csi-driver-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-csi-driver-syncer-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-problem-detector-rhel8:v4.8.0-202106291913.p0.git.bf6f4fa.assembly.stream", "8Base-RHOSE-4.8:openshift4/ovirt-csi-driver-rhel7:v4.8.0-202106291913.p0.git.b1d4ec3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ovirt-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.7b6cd3d.assembly.stream" ] }, "references": [ { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2020-7774", "url": "https://www.cve.org/CVERecord?id=CVE-2020-7774" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-7774", "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-7774" }, { "category": "external", "summary": "https://snyk.io/vuln/SNYK-JS-Y18N-1021887", "url": "https://snyk.io/vuln/SNYK-JS-Y18N-1021887" }, { "category": "external", "summary": "CVE-2020-7774", "url": "https://access.redhat.com/security/cve/CVE-2020-7774" }, { "category": "external", "summary": "bz#1898680: CVE-2020-7774 nodejs-y18n: prototype pollution vulnerability", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1898680" } ], "release_date": "2020-10-25T00:00:00Z", "remediations": [ { "category": "vendor_fix", "details": "For OpenShift Container Platform 4.8 see the following documentation, which\nwill be updated shortly for this release, for important instructions on how\nto upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.8/release_notes/ocp-4-8-release-notes.html\n\nDetails on how to access this content are available at\nhttps://docs.openshift.com/container-platform/4.8/updating/updating-cluster-cli.html", "product_ids": [ "8Base-RHOSE-4.8:openshift4/ose-thanos-rhel8:v4.8.0-202106291913.p0.git.c358e96.assembly.stream" ], "url": "https://access.redhat.com/errata/RHSA-2021:2438" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 7.3, "baseSeverity": "HIGH", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L", "version": "3.1" }, "products": [ "8Base-RHOSE-4.8:openshift4/ose-thanos-rhel8:v4.8.0-202106291913.p0.git.c358e96.assembly.stream" ] } ], "threats": [ { "category": "impact", "date": "2020-11-17T00:00:00Z", "details": "Moderate" } ], "title": "CVE-2020-7774 nodejs-y18n: prototype pollution vulnerability" }, { "cve": "CVE-2020-15106", "cwe": { "id": "CWE-400", "name": "Uncontrolled Resource Consumption" }, "discovery_date": "2020-08-06T00:00:00Z", "flags": [ { "label": "component_not_present", "product_ids": [ "8Base-RHOSE-4.8:openshift4/driver-toolkit-rhel8:v4.8.0-202107210116.p0.git.37de0e6.assembly.stream", "8Base-RHOSE-4.8:openshift4/egress-router-cni-rhel8:v4.8.0-202106291913.p0.git.016bea1.assembly.stream", "8Base-RHOSE-4.8:openshift4/network-tools-rhel8:v4.8.0-202106291913.p0.git.5ac3739.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-ebs-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.d1fe616.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-ebs-csi-driver-rhel8:v4.8.0-202106291913.p0.git.8c036e4.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-machine-controllers:v4.8.0-202107131617.p0.git.4c66f3d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-pod-identity-webhook-rhel8:v4.8.0-202107081650.p0.git.2b8eee2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-azure-disk-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.d3a3c29.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-azure-disk-csi-driver-rhel8:v4.8.0-202106291913.p0.git.2d461b3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-azure-machine-controllers:v4.8.0-202106291913.p0.git.8301076.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-installer-rhel8:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-machine-controllers:v4.8.0-202106291913.p0.git.a60d493.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-rhel8-operator:v4.8.0-202106291913.p0.git.015024f.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-runtimecfg-rhel8:v4.8.0-202106291913.p0.git.c8b1456.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cli-artifacts:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cli:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cloud-credential-operator:v4.8.0-202106291913.p0.git.b8932e9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-authentication-operator:v4.8.0-202106302318.p0.git.0ec8dd7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-autoscaler-operator:v4.8.0-202106291913.p0.git.fdae5ba.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-autoscaler:v4.8.0-202107152024.p0.git.7bbde4c.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-baremetal-operator-rhel8:v4.8.0-202106291913.p0.git.04a2ae2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-bootstrap:v4.8.0-202106291913.p0.git.1af395b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-config-operator:v4.8.0-202106291913.p0.git.c102241.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator:v4.8.0-202106291913.p0.git.07b3f81.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-dns-operator:v4.8.0-202107010313.p0.git.fdb2ebe.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-etcd-rhel8-operator:v4.8.0-202106291913.p0.git.300bdf3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-image-registry-operator:v4.8.0-202106291913.p0.git.f09049a.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-ingress-operator:v4.8.0-202106291913.p0.git.e9e6295.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-apiserver-operator:v4.8.0-202106291913.p0.git.d928754.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-controller-manager-operator:v4.8.0-202107141920.p0.git.9dc35db.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-scheduler-operator:v4.8.0-202106291913.p0.git.170a5a6.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator:v4.8.0-202106291913.p0.git.c4f4f8b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-machine-approver:v4.8.0-202106291913.p0.git.724abd2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-monitoring-operator:v4.8.0-202107151437.p0.git.5cfe241.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-network-operator:v4.8.0-202106291913.p0.git.a5ebd1e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-node-tuning-operator:v4.8.0-202107091725.p0.git.6be3f67.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-openshift-apiserver-operator:v4.8.0-202106291913.p0.git.683d004.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-openshift-controller-manager-operator:v4.8.0-202106291913.p0.git.286c157.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-policy-controller-rhel8:v4.8.0-202106291913.p0.git.ec46ea5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-samples-operator:v4.8.0-202107152024.p0.git.31fb491.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-storage-operator:v4.8.0-202106291913.p0.git.0775fb6.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-update-keys:v4.8.0-202106152230.p0.git.87835b7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-version-operator:v4.8.0-202106291913.p0.git.ea6e779.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-configmap-reloader:v4.8.0-202106291913.p0.git.abc5c26.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-console-operator:v4.8.0-202106291913.p0.git.b5cf3e0.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-console:v4.8.0-202107010336.p0.git.188a490.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-container-networking-plugins-rhel8:v4.8.0-202106291913.p0.git.a8801b0.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-coredns:v4.8.0-202106291913.p0.git.642b46e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-driver-manila-rhel8-operator:v4.8.0-202106291913.p0.git.7e86252.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-driver-manila-rhel8:v4.8.0-202106291913.p0.git.3579ead.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-driver-nfs-rhel8:v4.8.0-202106291913.p0.git.9404d34.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-attacher-rhel8:v4.8.0-202106291913.p0.git.596da63.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-attacher:v4.8.0-202106291913.p0.git.596da63.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-provisioner-rhel8:v4.8.0-202106291913.p0.git.3ea7e68.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-provisioner:v4.8.0-202106291913.p0.git.3ea7e68.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-resizer-rhel8:v4.8.0-202106291913.p0.git.b5dd2b3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-resizer:v4.8.0-202106291913.p0.git.b5dd2b3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-snapshotter-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-snapshotter:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-livenessprobe-rhel8:v4.8.0-202106291913.p0.git.a29b115.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-livenessprobe:v4.8.0-202106291913.p0.git.a29b115.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-node-driver-registrar-rhel8:v4.8.0-202106291913.p0.git.0519730.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-node-driver-registrar:v4.8.0-202106291913.p0.git.0519730.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-snapshot-controller-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-snapshot-controller:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-snapshot-validation-webhook-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-deployer:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-docker-builder:v4.8.0-202107152024.p0.git.70b7b95.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-docker-registry:v4.8.0-202106291913.p0.git.a87e6c5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-gcp-machine-controllers-rhel8:v4.8.0-202106291913.p0.git.34db56e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-gcp-pd-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.35ebe86.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-gcp-pd-csi-driver-rhel8:v4.8.0-202106291913.p0.git.0b61889.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-grafana:v4.8.0-202106291913.p0.git.b987e4b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-haproxy-router:v4.8.0-202106291913.p0.git.207d546.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-hyperkube:v4.8.0-202107161820.p0.git.051ac4f.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-insights-rhel8-operator:v4.8.0-202106291913.p0.git.2040a71.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-installer-artifacts:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-installer:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-hardware-inventory-recorder-rhel8:v4.8.0-202107191801.p0.git.61c4cc7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-inspector-rhel8:v4.8.0-202107191302.p0.git.9aafd07.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-ipa-downloader-rhel8:v4.8.0-202107152024.p0.git.ba87832.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-machine-os-downloader-rhel8:v4.8.0-202107152024.p0.git.71967e7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-rhel8:v4.8.0-202107191302.p0.git.227b76b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-static-ip-manager-rhel8:v4.8.0-202107152024.p0.git.d2e40e3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins-agent-base:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins-agent-maven:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins-agent-nodejs-12-rhel8:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-k8s-prometheus-adapter:v4.8.0-202106291913.p0.git.2856bc2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-keepalived-ipfailover:v4.8.0-202106152230.p0.git.ad38e11.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kube-proxy:v4.8.0-202106291913.p0.git.00d84a9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kube-state-metrics:v4.8.0-202106291913.p0.git.9471662.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kube-storage-version-migrator-rhel8:v4.8.0-202106291913.p0.git.901a6d2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kuryr-cni-rhel8:v4.8.0-202107191610.p0.git.8a4c2d8.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kuryr-controller-rhel8:v4.8.0-202107191610.p0.git.8a4c2d8.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-libvirt-machine-controllers:v4.8.0-202106291913.p0.git.1a48d4b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-machine-api-operator:v4.8.0-202107091016.p0.git.1155220.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-machine-config-operator:v4.8.0-202107011817.p0.git.29813c8.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-mdns-publisher-rhel8:v4.8.0-202106291913.p0.git.2c42cc4.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-admission-controller:v4.8.0-202106291913.p0.git.a7312f5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-cni:v4.8.0-202106291913.p0.git.0c97234.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-networkpolicy-rhel8:v4.8.0-202106291913.p0.git.187ad91.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-route-override-cni-rhel8:v4.8.0-202107152024.p0.git.1662c3e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-whereabouts-ipam-cni-rhel8:v4.8.0-202107152024.p0.git.9a05258.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-must-gather:v4.8.0-202106291913.p0.git.cc7e2a5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-network-metrics-daemon-rhel8:v4.8.0-202106291913.p0.git.f02c63a.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-oauth-apiserver-rhel8:v4.8.0-202106291913.p0.git.09435a5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-oauth-proxy:v4.8.0-202107152024.p0.git.3fc0d89.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-oauth-server-rhel8:v4.8.0-202106291913.p0.git.374e2ee.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openshift-apiserver-rhel8:v4.8.0-202106291913.p0.git.3949869.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openshift-controller-manager-rhel8:v4.8.0-202106291913.p0.git.2e25328.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openshift-state-metrics-rhel8:v4.8.0-202106291913.p0.git.1014291.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openstack-cinder-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.1184ace.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openstack-cinder-csi-driver-rhel8:v4.8.0-202106291913.p0.git.3579ead.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openstack-machine-controllers:v4.8.0-202106291913.p0.git.3024c78.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-operator-lifecycle-manager:v4.8.0-202107160028.p0.git.2b803dd.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-operator-marketplace:v4.8.0-202106291913.p0.git.e39ff59.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-operator-registry:v4.8.0-202107160028.p0.git.2b803dd.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ovirt-machine-controllers-rhel8:v4.8.0-202106291913.p0.git.86c1675.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ovn-kubernetes:v4.8.0-202106291913.p0.git.dbc67b5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-pod:v4.8.0-202107161820.p0.git.051ac4f.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prom-label-proxy:v4.8.0-202106291913.p0.git.2faeb40.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-alertmanager:v4.8.0-202106291913.p0.git.7b5ac87.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-config-reloader:v4.8.0-202106291913.p0.git.9d679a1.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-node-exporter:v4.8.0-202106291913.p0.git.c926449.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-operator:v4.8.0-202106291913.p0.git.9d679a1.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus:v4.8.0-202106291913.p0.git.f3beb88.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-sdn-rhel8:v4.8.0-202106291913.p0.git.00d84a9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-service-ca-operator:v4.8.0-202107131132.p0.git.bcc6df4.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-telemeter:v4.8.0-202106291913.p0.git.d6ceb8a.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-tests:v4.8.0-202107131424.p0.git.0d958c3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-thanos-rhel8:v4.8.0-202106291913.p0.git.c358e96.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-tools-rhel8:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vmware-vsphere-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.edbdd69.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vmware-vsphere-csi-driver-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.edbdd69.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-csi-driver-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-csi-driver-syncer-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-problem-detector-rhel8:v4.8.0-202106291913.p0.git.bf6f4fa.assembly.stream", "8Base-RHOSE-4.8:openshift4/ovirt-csi-driver-rhel7:v4.8.0-202106291913.p0.git.b1d4ec3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ovirt-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.7b6cd3d.assembly.stream" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla", "text": "https://bugzilla.redhat.com/show_bug.cgi?id=1868883" } ], "notes": [ { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" }, { "category": "description", "text": "A flaw was found In etcd, where a large slice causes panic in the decodeRecord method. The size of a record is stored in the length field of a WAL file, and no additional validation is performed on this data. Therefore, it is possible to forge an extremely large frame size that can unintentionally panic at the expense of any RAFT participant trying to decode the WAL. The highest threat from this vulnerability is to system availability.", "title": "Vulnerability description" }, { "category": "summary", "text": "etcd: Large slice causes panic in decodeRecord method", "title": "Vulnerability summary" } ], "product_status": { "fixed": [ "8Base-RHOSE-4.8:openshift4/ose-etcd:v4.8.0-202106152230.p0.git.aefa6bf.assembly.stream" ], "known_not_affected": [ "8Base-RHOSE-4.8:openshift4/driver-toolkit-rhel8:v4.8.0-202107210116.p0.git.37de0e6.assembly.stream", "8Base-RHOSE-4.8:openshift4/egress-router-cni-rhel8:v4.8.0-202106291913.p0.git.016bea1.assembly.stream", "8Base-RHOSE-4.8:openshift4/network-tools-rhel8:v4.8.0-202106291913.p0.git.5ac3739.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-ebs-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.d1fe616.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-ebs-csi-driver-rhel8:v4.8.0-202106291913.p0.git.8c036e4.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-machine-controllers:v4.8.0-202107131617.p0.git.4c66f3d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-pod-identity-webhook-rhel8:v4.8.0-202107081650.p0.git.2b8eee2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-azure-disk-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.d3a3c29.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-azure-disk-csi-driver-rhel8:v4.8.0-202106291913.p0.git.2d461b3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-azure-machine-controllers:v4.8.0-202106291913.p0.git.8301076.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-installer-rhel8:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-machine-controllers:v4.8.0-202106291913.p0.git.a60d493.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-rhel8-operator:v4.8.0-202106291913.p0.git.015024f.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-runtimecfg-rhel8:v4.8.0-202106291913.p0.git.c8b1456.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cli-artifacts:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cli:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cloud-credential-operator:v4.8.0-202106291913.p0.git.b8932e9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-authentication-operator:v4.8.0-202106302318.p0.git.0ec8dd7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-autoscaler-operator:v4.8.0-202106291913.p0.git.fdae5ba.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-autoscaler:v4.8.0-202107152024.p0.git.7bbde4c.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-baremetal-operator-rhel8:v4.8.0-202106291913.p0.git.04a2ae2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-bootstrap:v4.8.0-202106291913.p0.git.1af395b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-config-operator:v4.8.0-202106291913.p0.git.c102241.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator:v4.8.0-202106291913.p0.git.07b3f81.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-dns-operator:v4.8.0-202107010313.p0.git.fdb2ebe.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-etcd-rhel8-operator:v4.8.0-202106291913.p0.git.300bdf3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-image-registry-operator:v4.8.0-202106291913.p0.git.f09049a.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-ingress-operator:v4.8.0-202106291913.p0.git.e9e6295.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-apiserver-operator:v4.8.0-202106291913.p0.git.d928754.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-controller-manager-operator:v4.8.0-202107141920.p0.git.9dc35db.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-scheduler-operator:v4.8.0-202106291913.p0.git.170a5a6.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator:v4.8.0-202106291913.p0.git.c4f4f8b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-machine-approver:v4.8.0-202106291913.p0.git.724abd2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-monitoring-operator:v4.8.0-202107151437.p0.git.5cfe241.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-network-operator:v4.8.0-202106291913.p0.git.a5ebd1e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-node-tuning-operator:v4.8.0-202107091725.p0.git.6be3f67.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-openshift-apiserver-operator:v4.8.0-202106291913.p0.git.683d004.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-openshift-controller-manager-operator:v4.8.0-202106291913.p0.git.286c157.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-policy-controller-rhel8:v4.8.0-202106291913.p0.git.ec46ea5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-samples-operator:v4.8.0-202107152024.p0.git.31fb491.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-storage-operator:v4.8.0-202106291913.p0.git.0775fb6.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-update-keys:v4.8.0-202106152230.p0.git.87835b7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-version-operator:v4.8.0-202106291913.p0.git.ea6e779.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-configmap-reloader:v4.8.0-202106291913.p0.git.abc5c26.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-console-operator:v4.8.0-202106291913.p0.git.b5cf3e0.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-console:v4.8.0-202107010336.p0.git.188a490.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-container-networking-plugins-rhel8:v4.8.0-202106291913.p0.git.a8801b0.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-coredns:v4.8.0-202106291913.p0.git.642b46e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-driver-manila-rhel8-operator:v4.8.0-202106291913.p0.git.7e86252.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-driver-manila-rhel8:v4.8.0-202106291913.p0.git.3579ead.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-driver-nfs-rhel8:v4.8.0-202106291913.p0.git.9404d34.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-attacher-rhel8:v4.8.0-202106291913.p0.git.596da63.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-attacher:v4.8.0-202106291913.p0.git.596da63.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-provisioner-rhel8:v4.8.0-202106291913.p0.git.3ea7e68.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-provisioner:v4.8.0-202106291913.p0.git.3ea7e68.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-resizer-rhel8:v4.8.0-202106291913.p0.git.b5dd2b3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-resizer:v4.8.0-202106291913.p0.git.b5dd2b3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-snapshotter-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-snapshotter:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-livenessprobe-rhel8:v4.8.0-202106291913.p0.git.a29b115.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-livenessprobe:v4.8.0-202106291913.p0.git.a29b115.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-node-driver-registrar-rhel8:v4.8.0-202106291913.p0.git.0519730.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-node-driver-registrar:v4.8.0-202106291913.p0.git.0519730.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-snapshot-controller-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-snapshot-controller:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-snapshot-validation-webhook-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-deployer:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-docker-builder:v4.8.0-202107152024.p0.git.70b7b95.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-docker-registry:v4.8.0-202106291913.p0.git.a87e6c5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-gcp-machine-controllers-rhel8:v4.8.0-202106291913.p0.git.34db56e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-gcp-pd-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.35ebe86.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-gcp-pd-csi-driver-rhel8:v4.8.0-202106291913.p0.git.0b61889.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-grafana:v4.8.0-202106291913.p0.git.b987e4b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-haproxy-router:v4.8.0-202106291913.p0.git.207d546.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-hyperkube:v4.8.0-202107161820.p0.git.051ac4f.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-insights-rhel8-operator:v4.8.0-202106291913.p0.git.2040a71.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-installer-artifacts:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-installer:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-hardware-inventory-recorder-rhel8:v4.8.0-202107191801.p0.git.61c4cc7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-inspector-rhel8:v4.8.0-202107191302.p0.git.9aafd07.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-ipa-downloader-rhel8:v4.8.0-202107152024.p0.git.ba87832.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-machine-os-downloader-rhel8:v4.8.0-202107152024.p0.git.71967e7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-rhel8:v4.8.0-202107191302.p0.git.227b76b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-static-ip-manager-rhel8:v4.8.0-202107152024.p0.git.d2e40e3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins-agent-base:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins-agent-maven:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins-agent-nodejs-12-rhel8:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-k8s-prometheus-adapter:v4.8.0-202106291913.p0.git.2856bc2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-keepalived-ipfailover:v4.8.0-202106152230.p0.git.ad38e11.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kube-proxy:v4.8.0-202106291913.p0.git.00d84a9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kube-state-metrics:v4.8.0-202106291913.p0.git.9471662.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kube-storage-version-migrator-rhel8:v4.8.0-202106291913.p0.git.901a6d2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kuryr-cni-rhel8:v4.8.0-202107191610.p0.git.8a4c2d8.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kuryr-controller-rhel8:v4.8.0-202107191610.p0.git.8a4c2d8.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-libvirt-machine-controllers:v4.8.0-202106291913.p0.git.1a48d4b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-machine-api-operator:v4.8.0-202107091016.p0.git.1155220.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-machine-config-operator:v4.8.0-202107011817.p0.git.29813c8.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-mdns-publisher-rhel8:v4.8.0-202106291913.p0.git.2c42cc4.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-admission-controller:v4.8.0-202106291913.p0.git.a7312f5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-cni:v4.8.0-202106291913.p0.git.0c97234.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-networkpolicy-rhel8:v4.8.0-202106291913.p0.git.187ad91.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-route-override-cni-rhel8:v4.8.0-202107152024.p0.git.1662c3e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-whereabouts-ipam-cni-rhel8:v4.8.0-202107152024.p0.git.9a05258.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-must-gather:v4.8.0-202106291913.p0.git.cc7e2a5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-network-metrics-daemon-rhel8:v4.8.0-202106291913.p0.git.f02c63a.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-oauth-apiserver-rhel8:v4.8.0-202106291913.p0.git.09435a5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-oauth-proxy:v4.8.0-202107152024.p0.git.3fc0d89.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-oauth-server-rhel8:v4.8.0-202106291913.p0.git.374e2ee.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openshift-apiserver-rhel8:v4.8.0-202106291913.p0.git.3949869.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openshift-controller-manager-rhel8:v4.8.0-202106291913.p0.git.2e25328.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openshift-state-metrics-rhel8:v4.8.0-202106291913.p0.git.1014291.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openstack-cinder-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.1184ace.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openstack-cinder-csi-driver-rhel8:v4.8.0-202106291913.p0.git.3579ead.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openstack-machine-controllers:v4.8.0-202106291913.p0.git.3024c78.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-operator-lifecycle-manager:v4.8.0-202107160028.p0.git.2b803dd.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-operator-marketplace:v4.8.0-202106291913.p0.git.e39ff59.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-operator-registry:v4.8.0-202107160028.p0.git.2b803dd.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ovirt-machine-controllers-rhel8:v4.8.0-202106291913.p0.git.86c1675.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ovn-kubernetes:v4.8.0-202106291913.p0.git.dbc67b5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-pod:v4.8.0-202107161820.p0.git.051ac4f.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prom-label-proxy:v4.8.0-202106291913.p0.git.2faeb40.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-alertmanager:v4.8.0-202106291913.p0.git.7b5ac87.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-config-reloader:v4.8.0-202106291913.p0.git.9d679a1.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-node-exporter:v4.8.0-202106291913.p0.git.c926449.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-operator:v4.8.0-202106291913.p0.git.9d679a1.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus:v4.8.0-202106291913.p0.git.f3beb88.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-sdn-rhel8:v4.8.0-202106291913.p0.git.00d84a9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-service-ca-operator:v4.8.0-202107131132.p0.git.bcc6df4.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-telemeter:v4.8.0-202106291913.p0.git.d6ceb8a.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-tests:v4.8.0-202107131424.p0.git.0d958c3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-thanos-rhel8:v4.8.0-202106291913.p0.git.c358e96.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-tools-rhel8:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vmware-vsphere-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.edbdd69.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vmware-vsphere-csi-driver-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.edbdd69.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-csi-driver-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-csi-driver-syncer-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-problem-detector-rhel8:v4.8.0-202106291913.p0.git.bf6f4fa.assembly.stream", "8Base-RHOSE-4.8:openshift4/ovirt-csi-driver-rhel7:v4.8.0-202106291913.p0.git.b1d4ec3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ovirt-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.7b6cd3d.assembly.stream" ] }, "references": [ { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2020-15106", "url": "https://www.cve.org/CVERecord?id=CVE-2020-15106" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-15106", "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-15106" }, { "category": "external", "summary": "https://github.com/etcd-io/etcd/security/advisories/GHSA-p4g4-wgrh-qrg2", "url": "https://github.com/etcd-io/etcd/security/advisories/GHSA-p4g4-wgrh-qrg2" }, { "category": "external", "summary": "CVE-2020-15106", "url": "https://access.redhat.com/security/cve/CVE-2020-15106" }, { "category": "external", "summary": "bz#1868883: CVE-2020-15106 etcd: Large slice causes panic in decodeRecord method", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1868883" } ], "release_date": "2020-08-05T00:00:00Z", "remediations": [ { "category": "vendor_fix", "details": "For OpenShift Container Platform 4.8 see the following documentation, which\nwill be updated shortly for this release, for important instructions on how\nto upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.8/release_notes/ocp-4-8-release-notes.html\n\nDetails on how to access this content are available at\nhttps://docs.openshift.com/container-platform/4.8/updating/updating-cluster-cli.html", "product_ids": [ "8Base-RHOSE-4.8:openshift4/ose-etcd:v4.8.0-202106152230.p0.git.aefa6bf.assembly.stream" ], "url": "https://access.redhat.com/errata/RHSA-2021:2438" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "8Base-RHOSE-4.8:openshift4/ose-etcd:v4.8.0-202106152230.p0.git.aefa6bf.assembly.stream" ] } ], "threats": [ { "category": "impact", "date": "2020-08-06T00:00:00Z", "details": "Moderate" } ], "title": "CVE-2020-15106 etcd: Large slice causes panic in decodeRecord method" }, { "cve": "CVE-2020-15112", "cwe": { "id": "CWE-400", "name": "Uncontrolled Resource Consumption" }, "discovery_date": "2020-08-05T00:00:00Z", "flags": [ { "label": "component_not_present", "product_ids": [ "8Base-RHOSE-4.8:openshift4/driver-toolkit-rhel8:v4.8.0-202107210116.p0.git.37de0e6.assembly.stream", "8Base-RHOSE-4.8:openshift4/egress-router-cni-rhel8:v4.8.0-202106291913.p0.git.016bea1.assembly.stream", "8Base-RHOSE-4.8:openshift4/network-tools-rhel8:v4.8.0-202106291913.p0.git.5ac3739.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-ebs-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.d1fe616.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-ebs-csi-driver-rhel8:v4.8.0-202106291913.p0.git.8c036e4.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-machine-controllers:v4.8.0-202107131617.p0.git.4c66f3d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-pod-identity-webhook-rhel8:v4.8.0-202107081650.p0.git.2b8eee2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-azure-disk-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.d3a3c29.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-azure-disk-csi-driver-rhel8:v4.8.0-202106291913.p0.git.2d461b3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-azure-machine-controllers:v4.8.0-202106291913.p0.git.8301076.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-installer-rhel8:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-machine-controllers:v4.8.0-202106291913.p0.git.a60d493.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-rhel8-operator:v4.8.0-202106291913.p0.git.015024f.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-runtimecfg-rhel8:v4.8.0-202106291913.p0.git.c8b1456.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cli-artifacts:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cli:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cloud-credential-operator:v4.8.0-202106291913.p0.git.b8932e9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-authentication-operator:v4.8.0-202106302318.p0.git.0ec8dd7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-autoscaler-operator:v4.8.0-202106291913.p0.git.fdae5ba.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-autoscaler:v4.8.0-202107152024.p0.git.7bbde4c.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-baremetal-operator-rhel8:v4.8.0-202106291913.p0.git.04a2ae2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-bootstrap:v4.8.0-202106291913.p0.git.1af395b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-config-operator:v4.8.0-202106291913.p0.git.c102241.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator:v4.8.0-202106291913.p0.git.07b3f81.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-dns-operator:v4.8.0-202107010313.p0.git.fdb2ebe.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-etcd-rhel8-operator:v4.8.0-202106291913.p0.git.300bdf3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-image-registry-operator:v4.8.0-202106291913.p0.git.f09049a.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-ingress-operator:v4.8.0-202106291913.p0.git.e9e6295.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-apiserver-operator:v4.8.0-202106291913.p0.git.d928754.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-controller-manager-operator:v4.8.0-202107141920.p0.git.9dc35db.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-scheduler-operator:v4.8.0-202106291913.p0.git.170a5a6.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator:v4.8.0-202106291913.p0.git.c4f4f8b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-machine-approver:v4.8.0-202106291913.p0.git.724abd2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-monitoring-operator:v4.8.0-202107151437.p0.git.5cfe241.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-network-operator:v4.8.0-202106291913.p0.git.a5ebd1e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-node-tuning-operator:v4.8.0-202107091725.p0.git.6be3f67.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-openshift-apiserver-operator:v4.8.0-202106291913.p0.git.683d004.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-openshift-controller-manager-operator:v4.8.0-202106291913.p0.git.286c157.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-policy-controller-rhel8:v4.8.0-202106291913.p0.git.ec46ea5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-samples-operator:v4.8.0-202107152024.p0.git.31fb491.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-storage-operator:v4.8.0-202106291913.p0.git.0775fb6.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-update-keys:v4.8.0-202106152230.p0.git.87835b7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-version-operator:v4.8.0-202106291913.p0.git.ea6e779.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-configmap-reloader:v4.8.0-202106291913.p0.git.abc5c26.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-console-operator:v4.8.0-202106291913.p0.git.b5cf3e0.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-console:v4.8.0-202107010336.p0.git.188a490.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-container-networking-plugins-rhel8:v4.8.0-202106291913.p0.git.a8801b0.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-coredns:v4.8.0-202106291913.p0.git.642b46e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-driver-manila-rhel8-operator:v4.8.0-202106291913.p0.git.7e86252.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-driver-manila-rhel8:v4.8.0-202106291913.p0.git.3579ead.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-driver-nfs-rhel8:v4.8.0-202106291913.p0.git.9404d34.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-attacher-rhel8:v4.8.0-202106291913.p0.git.596da63.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-attacher:v4.8.0-202106291913.p0.git.596da63.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-provisioner-rhel8:v4.8.0-202106291913.p0.git.3ea7e68.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-provisioner:v4.8.0-202106291913.p0.git.3ea7e68.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-resizer-rhel8:v4.8.0-202106291913.p0.git.b5dd2b3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-resizer:v4.8.0-202106291913.p0.git.b5dd2b3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-snapshotter-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-snapshotter:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-livenessprobe-rhel8:v4.8.0-202106291913.p0.git.a29b115.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-livenessprobe:v4.8.0-202106291913.p0.git.a29b115.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-node-driver-registrar-rhel8:v4.8.0-202106291913.p0.git.0519730.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-node-driver-registrar:v4.8.0-202106291913.p0.git.0519730.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-snapshot-controller-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-snapshot-controller:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-snapshot-validation-webhook-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-deployer:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-docker-builder:v4.8.0-202107152024.p0.git.70b7b95.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-docker-registry:v4.8.0-202106291913.p0.git.a87e6c5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-gcp-machine-controllers-rhel8:v4.8.0-202106291913.p0.git.34db56e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-gcp-pd-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.35ebe86.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-gcp-pd-csi-driver-rhel8:v4.8.0-202106291913.p0.git.0b61889.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-grafana:v4.8.0-202106291913.p0.git.b987e4b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-haproxy-router:v4.8.0-202106291913.p0.git.207d546.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-hyperkube:v4.8.0-202107161820.p0.git.051ac4f.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-insights-rhel8-operator:v4.8.0-202106291913.p0.git.2040a71.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-installer-artifacts:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-installer:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-hardware-inventory-recorder-rhel8:v4.8.0-202107191801.p0.git.61c4cc7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-inspector-rhel8:v4.8.0-202107191302.p0.git.9aafd07.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-ipa-downloader-rhel8:v4.8.0-202107152024.p0.git.ba87832.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-machine-os-downloader-rhel8:v4.8.0-202107152024.p0.git.71967e7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-rhel8:v4.8.0-202107191302.p0.git.227b76b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-static-ip-manager-rhel8:v4.8.0-202107152024.p0.git.d2e40e3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins-agent-base:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins-agent-maven:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins-agent-nodejs-12-rhel8:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-k8s-prometheus-adapter:v4.8.0-202106291913.p0.git.2856bc2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-keepalived-ipfailover:v4.8.0-202106152230.p0.git.ad38e11.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kube-proxy:v4.8.0-202106291913.p0.git.00d84a9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kube-state-metrics:v4.8.0-202106291913.p0.git.9471662.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kube-storage-version-migrator-rhel8:v4.8.0-202106291913.p0.git.901a6d2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kuryr-cni-rhel8:v4.8.0-202107191610.p0.git.8a4c2d8.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kuryr-controller-rhel8:v4.8.0-202107191610.p0.git.8a4c2d8.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-libvirt-machine-controllers:v4.8.0-202106291913.p0.git.1a48d4b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-machine-api-operator:v4.8.0-202107091016.p0.git.1155220.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-machine-config-operator:v4.8.0-202107011817.p0.git.29813c8.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-mdns-publisher-rhel8:v4.8.0-202106291913.p0.git.2c42cc4.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-admission-controller:v4.8.0-202106291913.p0.git.a7312f5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-cni:v4.8.0-202106291913.p0.git.0c97234.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-networkpolicy-rhel8:v4.8.0-202106291913.p0.git.187ad91.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-route-override-cni-rhel8:v4.8.0-202107152024.p0.git.1662c3e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-whereabouts-ipam-cni-rhel8:v4.8.0-202107152024.p0.git.9a05258.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-must-gather:v4.8.0-202106291913.p0.git.cc7e2a5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-network-metrics-daemon-rhel8:v4.8.0-202106291913.p0.git.f02c63a.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-oauth-apiserver-rhel8:v4.8.0-202106291913.p0.git.09435a5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-oauth-proxy:v4.8.0-202107152024.p0.git.3fc0d89.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-oauth-server-rhel8:v4.8.0-202106291913.p0.git.374e2ee.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openshift-apiserver-rhel8:v4.8.0-202106291913.p0.git.3949869.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openshift-controller-manager-rhel8:v4.8.0-202106291913.p0.git.2e25328.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openshift-state-metrics-rhel8:v4.8.0-202106291913.p0.git.1014291.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openstack-cinder-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.1184ace.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openstack-cinder-csi-driver-rhel8:v4.8.0-202106291913.p0.git.3579ead.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openstack-machine-controllers:v4.8.0-202106291913.p0.git.3024c78.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-operator-lifecycle-manager:v4.8.0-202107160028.p0.git.2b803dd.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-operator-marketplace:v4.8.0-202106291913.p0.git.e39ff59.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-operator-registry:v4.8.0-202107160028.p0.git.2b803dd.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ovirt-machine-controllers-rhel8:v4.8.0-202106291913.p0.git.86c1675.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ovn-kubernetes:v4.8.0-202106291913.p0.git.dbc67b5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-pod:v4.8.0-202107161820.p0.git.051ac4f.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prom-label-proxy:v4.8.0-202106291913.p0.git.2faeb40.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-alertmanager:v4.8.0-202106291913.p0.git.7b5ac87.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-config-reloader:v4.8.0-202106291913.p0.git.9d679a1.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-node-exporter:v4.8.0-202106291913.p0.git.c926449.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-operator:v4.8.0-202106291913.p0.git.9d679a1.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus:v4.8.0-202106291913.p0.git.f3beb88.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-sdn-rhel8:v4.8.0-202106291913.p0.git.00d84a9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-service-ca-operator:v4.8.0-202107131132.p0.git.bcc6df4.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-telemeter:v4.8.0-202106291913.p0.git.d6ceb8a.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-tests:v4.8.0-202107131424.p0.git.0d958c3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-thanos-rhel8:v4.8.0-202106291913.p0.git.c358e96.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-tools-rhel8:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vmware-vsphere-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.edbdd69.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vmware-vsphere-csi-driver-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.edbdd69.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-csi-driver-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-csi-driver-syncer-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-problem-detector-rhel8:v4.8.0-202106291913.p0.git.bf6f4fa.assembly.stream", "8Base-RHOSE-4.8:openshift4/ovirt-csi-driver-rhel7:v4.8.0-202106291913.p0.git.b1d4ec3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ovirt-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.7b6cd3d.assembly.stream" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla", "text": "https://bugzilla.redhat.com/show_bug.cgi?id=1868872" } ], "notes": [ { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" }, { "category": "description", "text": "A flaw was found in etcd, where it is possible to have an entry index greater than the number of entries in the ReadAll method in wal/wal.go. This can cause issues when WAL entries are being read during consensus, as an arbitrary etcd consensus participant can go down from a runtime panic when reading the entry. The highest threat from this vulnerability is to system availability.", "title": "Vulnerability description" }, { "category": "summary", "text": "etcd: DoS in wal/wal.go", "title": "Vulnerability summary" } ], "product_status": { "fixed": [ "8Base-RHOSE-4.8:openshift4/ose-etcd:v4.8.0-202106152230.p0.git.aefa6bf.assembly.stream" ], "known_not_affected": [ "8Base-RHOSE-4.8:openshift4/driver-toolkit-rhel8:v4.8.0-202107210116.p0.git.37de0e6.assembly.stream", "8Base-RHOSE-4.8:openshift4/egress-router-cni-rhel8:v4.8.0-202106291913.p0.git.016bea1.assembly.stream", "8Base-RHOSE-4.8:openshift4/network-tools-rhel8:v4.8.0-202106291913.p0.git.5ac3739.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-ebs-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.d1fe616.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-ebs-csi-driver-rhel8:v4.8.0-202106291913.p0.git.8c036e4.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-machine-controllers:v4.8.0-202107131617.p0.git.4c66f3d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-pod-identity-webhook-rhel8:v4.8.0-202107081650.p0.git.2b8eee2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-azure-disk-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.d3a3c29.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-azure-disk-csi-driver-rhel8:v4.8.0-202106291913.p0.git.2d461b3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-azure-machine-controllers:v4.8.0-202106291913.p0.git.8301076.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-installer-rhel8:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-machine-controllers:v4.8.0-202106291913.p0.git.a60d493.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-rhel8-operator:v4.8.0-202106291913.p0.git.015024f.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-runtimecfg-rhel8:v4.8.0-202106291913.p0.git.c8b1456.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cli-artifacts:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cli:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cloud-credential-operator:v4.8.0-202106291913.p0.git.b8932e9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-authentication-operator:v4.8.0-202106302318.p0.git.0ec8dd7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-autoscaler-operator:v4.8.0-202106291913.p0.git.fdae5ba.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-autoscaler:v4.8.0-202107152024.p0.git.7bbde4c.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-baremetal-operator-rhel8:v4.8.0-202106291913.p0.git.04a2ae2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-bootstrap:v4.8.0-202106291913.p0.git.1af395b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-config-operator:v4.8.0-202106291913.p0.git.c102241.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator:v4.8.0-202106291913.p0.git.07b3f81.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-dns-operator:v4.8.0-202107010313.p0.git.fdb2ebe.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-etcd-rhel8-operator:v4.8.0-202106291913.p0.git.300bdf3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-image-registry-operator:v4.8.0-202106291913.p0.git.f09049a.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-ingress-operator:v4.8.0-202106291913.p0.git.e9e6295.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-apiserver-operator:v4.8.0-202106291913.p0.git.d928754.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-controller-manager-operator:v4.8.0-202107141920.p0.git.9dc35db.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-scheduler-operator:v4.8.0-202106291913.p0.git.170a5a6.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator:v4.8.0-202106291913.p0.git.c4f4f8b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-machine-approver:v4.8.0-202106291913.p0.git.724abd2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-monitoring-operator:v4.8.0-202107151437.p0.git.5cfe241.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-network-operator:v4.8.0-202106291913.p0.git.a5ebd1e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-node-tuning-operator:v4.8.0-202107091725.p0.git.6be3f67.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-openshift-apiserver-operator:v4.8.0-202106291913.p0.git.683d004.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-openshift-controller-manager-operator:v4.8.0-202106291913.p0.git.286c157.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-policy-controller-rhel8:v4.8.0-202106291913.p0.git.ec46ea5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-samples-operator:v4.8.0-202107152024.p0.git.31fb491.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-storage-operator:v4.8.0-202106291913.p0.git.0775fb6.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-update-keys:v4.8.0-202106152230.p0.git.87835b7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-version-operator:v4.8.0-202106291913.p0.git.ea6e779.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-configmap-reloader:v4.8.0-202106291913.p0.git.abc5c26.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-console-operator:v4.8.0-202106291913.p0.git.b5cf3e0.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-console:v4.8.0-202107010336.p0.git.188a490.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-container-networking-plugins-rhel8:v4.8.0-202106291913.p0.git.a8801b0.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-coredns:v4.8.0-202106291913.p0.git.642b46e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-driver-manila-rhel8-operator:v4.8.0-202106291913.p0.git.7e86252.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-driver-manila-rhel8:v4.8.0-202106291913.p0.git.3579ead.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-driver-nfs-rhel8:v4.8.0-202106291913.p0.git.9404d34.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-attacher-rhel8:v4.8.0-202106291913.p0.git.596da63.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-attacher:v4.8.0-202106291913.p0.git.596da63.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-provisioner-rhel8:v4.8.0-202106291913.p0.git.3ea7e68.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-provisioner:v4.8.0-202106291913.p0.git.3ea7e68.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-resizer-rhel8:v4.8.0-202106291913.p0.git.b5dd2b3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-resizer:v4.8.0-202106291913.p0.git.b5dd2b3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-snapshotter-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-snapshotter:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-livenessprobe-rhel8:v4.8.0-202106291913.p0.git.a29b115.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-livenessprobe:v4.8.0-202106291913.p0.git.a29b115.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-node-driver-registrar-rhel8:v4.8.0-202106291913.p0.git.0519730.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-node-driver-registrar:v4.8.0-202106291913.p0.git.0519730.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-snapshot-controller-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-snapshot-controller:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-snapshot-validation-webhook-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-deployer:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-docker-builder:v4.8.0-202107152024.p0.git.70b7b95.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-docker-registry:v4.8.0-202106291913.p0.git.a87e6c5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-gcp-machine-controllers-rhel8:v4.8.0-202106291913.p0.git.34db56e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-gcp-pd-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.35ebe86.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-gcp-pd-csi-driver-rhel8:v4.8.0-202106291913.p0.git.0b61889.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-grafana:v4.8.0-202106291913.p0.git.b987e4b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-haproxy-router:v4.8.0-202106291913.p0.git.207d546.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-hyperkube:v4.8.0-202107161820.p0.git.051ac4f.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-insights-rhel8-operator:v4.8.0-202106291913.p0.git.2040a71.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-installer-artifacts:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-installer:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-hardware-inventory-recorder-rhel8:v4.8.0-202107191801.p0.git.61c4cc7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-inspector-rhel8:v4.8.0-202107191302.p0.git.9aafd07.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-ipa-downloader-rhel8:v4.8.0-202107152024.p0.git.ba87832.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-machine-os-downloader-rhel8:v4.8.0-202107152024.p0.git.71967e7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-rhel8:v4.8.0-202107191302.p0.git.227b76b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-static-ip-manager-rhel8:v4.8.0-202107152024.p0.git.d2e40e3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins-agent-base:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins-agent-maven:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins-agent-nodejs-12-rhel8:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-k8s-prometheus-adapter:v4.8.0-202106291913.p0.git.2856bc2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-keepalived-ipfailover:v4.8.0-202106152230.p0.git.ad38e11.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kube-proxy:v4.8.0-202106291913.p0.git.00d84a9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kube-state-metrics:v4.8.0-202106291913.p0.git.9471662.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kube-storage-version-migrator-rhel8:v4.8.0-202106291913.p0.git.901a6d2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kuryr-cni-rhel8:v4.8.0-202107191610.p0.git.8a4c2d8.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kuryr-controller-rhel8:v4.8.0-202107191610.p0.git.8a4c2d8.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-libvirt-machine-controllers:v4.8.0-202106291913.p0.git.1a48d4b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-machine-api-operator:v4.8.0-202107091016.p0.git.1155220.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-machine-config-operator:v4.8.0-202107011817.p0.git.29813c8.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-mdns-publisher-rhel8:v4.8.0-202106291913.p0.git.2c42cc4.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-admission-controller:v4.8.0-202106291913.p0.git.a7312f5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-cni:v4.8.0-202106291913.p0.git.0c97234.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-networkpolicy-rhel8:v4.8.0-202106291913.p0.git.187ad91.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-route-override-cni-rhel8:v4.8.0-202107152024.p0.git.1662c3e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-whereabouts-ipam-cni-rhel8:v4.8.0-202107152024.p0.git.9a05258.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-must-gather:v4.8.0-202106291913.p0.git.cc7e2a5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-network-metrics-daemon-rhel8:v4.8.0-202106291913.p0.git.f02c63a.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-oauth-apiserver-rhel8:v4.8.0-202106291913.p0.git.09435a5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-oauth-proxy:v4.8.0-202107152024.p0.git.3fc0d89.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-oauth-server-rhel8:v4.8.0-202106291913.p0.git.374e2ee.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openshift-apiserver-rhel8:v4.8.0-202106291913.p0.git.3949869.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openshift-controller-manager-rhel8:v4.8.0-202106291913.p0.git.2e25328.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openshift-state-metrics-rhel8:v4.8.0-202106291913.p0.git.1014291.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openstack-cinder-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.1184ace.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openstack-cinder-csi-driver-rhel8:v4.8.0-202106291913.p0.git.3579ead.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openstack-machine-controllers:v4.8.0-202106291913.p0.git.3024c78.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-operator-lifecycle-manager:v4.8.0-202107160028.p0.git.2b803dd.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-operator-marketplace:v4.8.0-202106291913.p0.git.e39ff59.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-operator-registry:v4.8.0-202107160028.p0.git.2b803dd.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ovirt-machine-controllers-rhel8:v4.8.0-202106291913.p0.git.86c1675.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ovn-kubernetes:v4.8.0-202106291913.p0.git.dbc67b5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-pod:v4.8.0-202107161820.p0.git.051ac4f.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prom-label-proxy:v4.8.0-202106291913.p0.git.2faeb40.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-alertmanager:v4.8.0-202106291913.p0.git.7b5ac87.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-config-reloader:v4.8.0-202106291913.p0.git.9d679a1.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-node-exporter:v4.8.0-202106291913.p0.git.c926449.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-operator:v4.8.0-202106291913.p0.git.9d679a1.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus:v4.8.0-202106291913.p0.git.f3beb88.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-sdn-rhel8:v4.8.0-202106291913.p0.git.00d84a9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-service-ca-operator:v4.8.0-202107131132.p0.git.bcc6df4.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-telemeter:v4.8.0-202106291913.p0.git.d6ceb8a.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-tests:v4.8.0-202107131424.p0.git.0d958c3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-thanos-rhel8:v4.8.0-202106291913.p0.git.c358e96.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-tools-rhel8:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vmware-vsphere-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.edbdd69.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vmware-vsphere-csi-driver-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.edbdd69.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-csi-driver-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-csi-driver-syncer-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-problem-detector-rhel8:v4.8.0-202106291913.p0.git.bf6f4fa.assembly.stream", "8Base-RHOSE-4.8:openshift4/ovirt-csi-driver-rhel7:v4.8.0-202106291913.p0.git.b1d4ec3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ovirt-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.7b6cd3d.assembly.stream" ] }, "references": [ { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2020-15112", "url": "https://www.cve.org/CVERecord?id=CVE-2020-15112" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-15112", "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-15112" }, { "category": "external", "summary": "https://github.com/etcd-io/etcd/security/advisories/GHSA-m332-53r6-2w93", "url": "https://github.com/etcd-io/etcd/security/advisories/GHSA-m332-53r6-2w93" }, { "category": "external", "summary": "CVE-2020-15112", "url": "https://access.redhat.com/security/cve/CVE-2020-15112" }, { "category": "external", "summary": "bz#1868872: CVE-2020-15112 etcd: DoS in wal/wal.go", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1868872" } ], "release_date": "2020-08-06T00:00:00Z", "remediations": [ { "category": "vendor_fix", "details": "For OpenShift Container Platform 4.8 see the following documentation, which\nwill be updated shortly for this release, for important instructions on how\nto upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.8/release_notes/ocp-4-8-release-notes.html\n\nDetails on how to access this content are available at\nhttps://docs.openshift.com/container-platform/4.8/updating/updating-cluster-cli.html", "product_ids": [ "8Base-RHOSE-4.8:openshift4/ose-etcd:v4.8.0-202106152230.p0.git.aefa6bf.assembly.stream" ], "url": "https://access.redhat.com/errata/RHSA-2021:2438" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "8Base-RHOSE-4.8:openshift4/ose-etcd:v4.8.0-202106152230.p0.git.aefa6bf.assembly.stream" ] } ], "threats": [ { "category": "impact", "date": "2020-08-05T00:00:00Z", "details": "Moderate" } ], "title": "CVE-2020-15112 etcd: DoS in wal/wal.go" }, { "cve": "CVE-2020-15113", "cwe": { "id": "CWE-285", "name": "Improper Authorization" }, "discovery_date": "2020-08-06T00:00:00Z", "flags": [ { "label": "component_not_present", "product_ids": [ "8Base-RHOSE-4.8:openshift4/driver-toolkit-rhel8:v4.8.0-202107210116.p0.git.37de0e6.assembly.stream", "8Base-RHOSE-4.8:openshift4/egress-router-cni-rhel8:v4.8.0-202106291913.p0.git.016bea1.assembly.stream", "8Base-RHOSE-4.8:openshift4/network-tools-rhel8:v4.8.0-202106291913.p0.git.5ac3739.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-ebs-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.d1fe616.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-ebs-csi-driver-rhel8:v4.8.0-202106291913.p0.git.8c036e4.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-machine-controllers:v4.8.0-202107131617.p0.git.4c66f3d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-pod-identity-webhook-rhel8:v4.8.0-202107081650.p0.git.2b8eee2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-azure-disk-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.d3a3c29.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-azure-disk-csi-driver-rhel8:v4.8.0-202106291913.p0.git.2d461b3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-azure-machine-controllers:v4.8.0-202106291913.p0.git.8301076.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-installer-rhel8:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-machine-controllers:v4.8.0-202106291913.p0.git.a60d493.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-rhel8-operator:v4.8.0-202106291913.p0.git.015024f.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-runtimecfg-rhel8:v4.8.0-202106291913.p0.git.c8b1456.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cli-artifacts:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cli:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cloud-credential-operator:v4.8.0-202106291913.p0.git.b8932e9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-authentication-operator:v4.8.0-202106302318.p0.git.0ec8dd7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-autoscaler-operator:v4.8.0-202106291913.p0.git.fdae5ba.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-autoscaler:v4.8.0-202107152024.p0.git.7bbde4c.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-baremetal-operator-rhel8:v4.8.0-202106291913.p0.git.04a2ae2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-bootstrap:v4.8.0-202106291913.p0.git.1af395b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-config-operator:v4.8.0-202106291913.p0.git.c102241.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator:v4.8.0-202106291913.p0.git.07b3f81.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-dns-operator:v4.8.0-202107010313.p0.git.fdb2ebe.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-etcd-rhel8-operator:v4.8.0-202106291913.p0.git.300bdf3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-image-registry-operator:v4.8.0-202106291913.p0.git.f09049a.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-ingress-operator:v4.8.0-202106291913.p0.git.e9e6295.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-apiserver-operator:v4.8.0-202106291913.p0.git.d928754.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-controller-manager-operator:v4.8.0-202107141920.p0.git.9dc35db.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-scheduler-operator:v4.8.0-202106291913.p0.git.170a5a6.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator:v4.8.0-202106291913.p0.git.c4f4f8b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-machine-approver:v4.8.0-202106291913.p0.git.724abd2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-monitoring-operator:v4.8.0-202107151437.p0.git.5cfe241.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-network-operator:v4.8.0-202106291913.p0.git.a5ebd1e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-node-tuning-operator:v4.8.0-202107091725.p0.git.6be3f67.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-openshift-apiserver-operator:v4.8.0-202106291913.p0.git.683d004.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-openshift-controller-manager-operator:v4.8.0-202106291913.p0.git.286c157.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-policy-controller-rhel8:v4.8.0-202106291913.p0.git.ec46ea5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-samples-operator:v4.8.0-202107152024.p0.git.31fb491.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-storage-operator:v4.8.0-202106291913.p0.git.0775fb6.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-update-keys:v4.8.0-202106152230.p0.git.87835b7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-version-operator:v4.8.0-202106291913.p0.git.ea6e779.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-configmap-reloader:v4.8.0-202106291913.p0.git.abc5c26.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-console-operator:v4.8.0-202106291913.p0.git.b5cf3e0.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-console:v4.8.0-202107010336.p0.git.188a490.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-container-networking-plugins-rhel8:v4.8.0-202106291913.p0.git.a8801b0.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-coredns:v4.8.0-202106291913.p0.git.642b46e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-driver-manila-rhel8-operator:v4.8.0-202106291913.p0.git.7e86252.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-driver-manila-rhel8:v4.8.0-202106291913.p0.git.3579ead.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-driver-nfs-rhel8:v4.8.0-202106291913.p0.git.9404d34.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-attacher-rhel8:v4.8.0-202106291913.p0.git.596da63.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-attacher:v4.8.0-202106291913.p0.git.596da63.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-provisioner-rhel8:v4.8.0-202106291913.p0.git.3ea7e68.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-provisioner:v4.8.0-202106291913.p0.git.3ea7e68.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-resizer-rhel8:v4.8.0-202106291913.p0.git.b5dd2b3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-resizer:v4.8.0-202106291913.p0.git.b5dd2b3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-snapshotter-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-snapshotter:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-livenessprobe-rhel8:v4.8.0-202106291913.p0.git.a29b115.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-livenessprobe:v4.8.0-202106291913.p0.git.a29b115.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-node-driver-registrar-rhel8:v4.8.0-202106291913.p0.git.0519730.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-node-driver-registrar:v4.8.0-202106291913.p0.git.0519730.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-snapshot-controller-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-snapshot-controller:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-snapshot-validation-webhook-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-deployer:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-docker-builder:v4.8.0-202107152024.p0.git.70b7b95.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-docker-registry:v4.8.0-202106291913.p0.git.a87e6c5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-gcp-machine-controllers-rhel8:v4.8.0-202106291913.p0.git.34db56e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-gcp-pd-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.35ebe86.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-gcp-pd-csi-driver-rhel8:v4.8.0-202106291913.p0.git.0b61889.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-grafana:v4.8.0-202106291913.p0.git.b987e4b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-haproxy-router:v4.8.0-202106291913.p0.git.207d546.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-hyperkube:v4.8.0-202107161820.p0.git.051ac4f.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-insights-rhel8-operator:v4.8.0-202106291913.p0.git.2040a71.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-installer-artifacts:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-installer:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-hardware-inventory-recorder-rhel8:v4.8.0-202107191801.p0.git.61c4cc7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-inspector-rhel8:v4.8.0-202107191302.p0.git.9aafd07.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-ipa-downloader-rhel8:v4.8.0-202107152024.p0.git.ba87832.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-machine-os-downloader-rhel8:v4.8.0-202107152024.p0.git.71967e7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-rhel8:v4.8.0-202107191302.p0.git.227b76b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-static-ip-manager-rhel8:v4.8.0-202107152024.p0.git.d2e40e3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins-agent-base:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins-agent-maven:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins-agent-nodejs-12-rhel8:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-k8s-prometheus-adapter:v4.8.0-202106291913.p0.git.2856bc2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-keepalived-ipfailover:v4.8.0-202106152230.p0.git.ad38e11.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kube-proxy:v4.8.0-202106291913.p0.git.00d84a9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kube-state-metrics:v4.8.0-202106291913.p0.git.9471662.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kube-storage-version-migrator-rhel8:v4.8.0-202106291913.p0.git.901a6d2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kuryr-cni-rhel8:v4.8.0-202107191610.p0.git.8a4c2d8.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kuryr-controller-rhel8:v4.8.0-202107191610.p0.git.8a4c2d8.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-libvirt-machine-controllers:v4.8.0-202106291913.p0.git.1a48d4b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-machine-api-operator:v4.8.0-202107091016.p0.git.1155220.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-machine-config-operator:v4.8.0-202107011817.p0.git.29813c8.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-mdns-publisher-rhel8:v4.8.0-202106291913.p0.git.2c42cc4.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-admission-controller:v4.8.0-202106291913.p0.git.a7312f5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-cni:v4.8.0-202106291913.p0.git.0c97234.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-networkpolicy-rhel8:v4.8.0-202106291913.p0.git.187ad91.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-route-override-cni-rhel8:v4.8.0-202107152024.p0.git.1662c3e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-whereabouts-ipam-cni-rhel8:v4.8.0-202107152024.p0.git.9a05258.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-must-gather:v4.8.0-202106291913.p0.git.cc7e2a5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-network-metrics-daemon-rhel8:v4.8.0-202106291913.p0.git.f02c63a.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-oauth-apiserver-rhel8:v4.8.0-202106291913.p0.git.09435a5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-oauth-proxy:v4.8.0-202107152024.p0.git.3fc0d89.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-oauth-server-rhel8:v4.8.0-202106291913.p0.git.374e2ee.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openshift-apiserver-rhel8:v4.8.0-202106291913.p0.git.3949869.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openshift-controller-manager-rhel8:v4.8.0-202106291913.p0.git.2e25328.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openshift-state-metrics-rhel8:v4.8.0-202106291913.p0.git.1014291.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openstack-cinder-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.1184ace.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openstack-cinder-csi-driver-rhel8:v4.8.0-202106291913.p0.git.3579ead.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openstack-machine-controllers:v4.8.0-202106291913.p0.git.3024c78.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-operator-lifecycle-manager:v4.8.0-202107160028.p0.git.2b803dd.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-operator-marketplace:v4.8.0-202106291913.p0.git.e39ff59.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-operator-registry:v4.8.0-202107160028.p0.git.2b803dd.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ovirt-machine-controllers-rhel8:v4.8.0-202106291913.p0.git.86c1675.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ovn-kubernetes:v4.8.0-202106291913.p0.git.dbc67b5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-pod:v4.8.0-202107161820.p0.git.051ac4f.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prom-label-proxy:v4.8.0-202106291913.p0.git.2faeb40.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-alertmanager:v4.8.0-202106291913.p0.git.7b5ac87.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-config-reloader:v4.8.0-202106291913.p0.git.9d679a1.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-node-exporter:v4.8.0-202106291913.p0.git.c926449.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-operator:v4.8.0-202106291913.p0.git.9d679a1.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus:v4.8.0-202106291913.p0.git.f3beb88.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-sdn-rhel8:v4.8.0-202106291913.p0.git.00d84a9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-service-ca-operator:v4.8.0-202107131132.p0.git.bcc6df4.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-telemeter:v4.8.0-202106291913.p0.git.d6ceb8a.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-tests:v4.8.0-202107131424.p0.git.0d958c3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-thanos-rhel8:v4.8.0-202106291913.p0.git.c358e96.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-tools-rhel8:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vmware-vsphere-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.edbdd69.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vmware-vsphere-csi-driver-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.edbdd69.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-csi-driver-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-csi-driver-syncer-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-problem-detector-rhel8:v4.8.0-202106291913.p0.git.bf6f4fa.assembly.stream", "8Base-RHOSE-4.8:openshift4/ovirt-csi-driver-rhel7:v4.8.0-202106291913.p0.git.b1d4ec3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ovirt-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.7b6cd3d.assembly.stream" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla", "text": "https://bugzilla.redhat.com/show_bug.cgi?id=1868870" } ], "notes": [ { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" }, { "category": "description", "text": "A flaw was found in etcd. Certain directory paths are created with restricted access permissions (700) by using the os.MkdirAll. This function does not perform any permission checks when a given directory path exists already.", "title": "Vulnerability description" }, { "category": "summary", "text": "etcd: directories created via os.MkdirAll are not checked for permissions", "title": "Vulnerability summary" } ], "product_status": { "fixed": [ "8Base-RHOSE-4.8:openshift4/ose-etcd:v4.8.0-202106152230.p0.git.aefa6bf.assembly.stream" ], "known_not_affected": [ "8Base-RHOSE-4.8:openshift4/driver-toolkit-rhel8:v4.8.0-202107210116.p0.git.37de0e6.assembly.stream", "8Base-RHOSE-4.8:openshift4/egress-router-cni-rhel8:v4.8.0-202106291913.p0.git.016bea1.assembly.stream", "8Base-RHOSE-4.8:openshift4/network-tools-rhel8:v4.8.0-202106291913.p0.git.5ac3739.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-ebs-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.d1fe616.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-ebs-csi-driver-rhel8:v4.8.0-202106291913.p0.git.8c036e4.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-machine-controllers:v4.8.0-202107131617.p0.git.4c66f3d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-pod-identity-webhook-rhel8:v4.8.0-202107081650.p0.git.2b8eee2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-azure-disk-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.d3a3c29.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-azure-disk-csi-driver-rhel8:v4.8.0-202106291913.p0.git.2d461b3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-azure-machine-controllers:v4.8.0-202106291913.p0.git.8301076.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-installer-rhel8:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-machine-controllers:v4.8.0-202106291913.p0.git.a60d493.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-rhel8-operator:v4.8.0-202106291913.p0.git.015024f.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-runtimecfg-rhel8:v4.8.0-202106291913.p0.git.c8b1456.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cli-artifacts:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cli:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cloud-credential-operator:v4.8.0-202106291913.p0.git.b8932e9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-authentication-operator:v4.8.0-202106302318.p0.git.0ec8dd7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-autoscaler-operator:v4.8.0-202106291913.p0.git.fdae5ba.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-autoscaler:v4.8.0-202107152024.p0.git.7bbde4c.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-baremetal-operator-rhel8:v4.8.0-202106291913.p0.git.04a2ae2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-bootstrap:v4.8.0-202106291913.p0.git.1af395b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-config-operator:v4.8.0-202106291913.p0.git.c102241.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator:v4.8.0-202106291913.p0.git.07b3f81.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-dns-operator:v4.8.0-202107010313.p0.git.fdb2ebe.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-etcd-rhel8-operator:v4.8.0-202106291913.p0.git.300bdf3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-image-registry-operator:v4.8.0-202106291913.p0.git.f09049a.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-ingress-operator:v4.8.0-202106291913.p0.git.e9e6295.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-apiserver-operator:v4.8.0-202106291913.p0.git.d928754.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-controller-manager-operator:v4.8.0-202107141920.p0.git.9dc35db.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-scheduler-operator:v4.8.0-202106291913.p0.git.170a5a6.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator:v4.8.0-202106291913.p0.git.c4f4f8b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-machine-approver:v4.8.0-202106291913.p0.git.724abd2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-monitoring-operator:v4.8.0-202107151437.p0.git.5cfe241.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-network-operator:v4.8.0-202106291913.p0.git.a5ebd1e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-node-tuning-operator:v4.8.0-202107091725.p0.git.6be3f67.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-openshift-apiserver-operator:v4.8.0-202106291913.p0.git.683d004.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-openshift-controller-manager-operator:v4.8.0-202106291913.p0.git.286c157.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-policy-controller-rhel8:v4.8.0-202106291913.p0.git.ec46ea5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-samples-operator:v4.8.0-202107152024.p0.git.31fb491.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-storage-operator:v4.8.0-202106291913.p0.git.0775fb6.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-update-keys:v4.8.0-202106152230.p0.git.87835b7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-version-operator:v4.8.0-202106291913.p0.git.ea6e779.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-configmap-reloader:v4.8.0-202106291913.p0.git.abc5c26.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-console-operator:v4.8.0-202106291913.p0.git.b5cf3e0.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-console:v4.8.0-202107010336.p0.git.188a490.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-container-networking-plugins-rhel8:v4.8.0-202106291913.p0.git.a8801b0.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-coredns:v4.8.0-202106291913.p0.git.642b46e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-driver-manila-rhel8-operator:v4.8.0-202106291913.p0.git.7e86252.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-driver-manila-rhel8:v4.8.0-202106291913.p0.git.3579ead.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-driver-nfs-rhel8:v4.8.0-202106291913.p0.git.9404d34.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-attacher-rhel8:v4.8.0-202106291913.p0.git.596da63.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-attacher:v4.8.0-202106291913.p0.git.596da63.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-provisioner-rhel8:v4.8.0-202106291913.p0.git.3ea7e68.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-provisioner:v4.8.0-202106291913.p0.git.3ea7e68.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-resizer-rhel8:v4.8.0-202106291913.p0.git.b5dd2b3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-resizer:v4.8.0-202106291913.p0.git.b5dd2b3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-snapshotter-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-snapshotter:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-livenessprobe-rhel8:v4.8.0-202106291913.p0.git.a29b115.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-livenessprobe:v4.8.0-202106291913.p0.git.a29b115.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-node-driver-registrar-rhel8:v4.8.0-202106291913.p0.git.0519730.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-node-driver-registrar:v4.8.0-202106291913.p0.git.0519730.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-snapshot-controller-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-snapshot-controller:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-snapshot-validation-webhook-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-deployer:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-docker-builder:v4.8.0-202107152024.p0.git.70b7b95.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-docker-registry:v4.8.0-202106291913.p0.git.a87e6c5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-gcp-machine-controllers-rhel8:v4.8.0-202106291913.p0.git.34db56e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-gcp-pd-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.35ebe86.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-gcp-pd-csi-driver-rhel8:v4.8.0-202106291913.p0.git.0b61889.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-grafana:v4.8.0-202106291913.p0.git.b987e4b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-haproxy-router:v4.8.0-202106291913.p0.git.207d546.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-hyperkube:v4.8.0-202107161820.p0.git.051ac4f.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-insights-rhel8-operator:v4.8.0-202106291913.p0.git.2040a71.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-installer-artifacts:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-installer:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-hardware-inventory-recorder-rhel8:v4.8.0-202107191801.p0.git.61c4cc7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-inspector-rhel8:v4.8.0-202107191302.p0.git.9aafd07.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-ipa-downloader-rhel8:v4.8.0-202107152024.p0.git.ba87832.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-machine-os-downloader-rhel8:v4.8.0-202107152024.p0.git.71967e7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-rhel8:v4.8.0-202107191302.p0.git.227b76b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-static-ip-manager-rhel8:v4.8.0-202107152024.p0.git.d2e40e3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins-agent-base:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins-agent-maven:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins-agent-nodejs-12-rhel8:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-k8s-prometheus-adapter:v4.8.0-202106291913.p0.git.2856bc2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-keepalived-ipfailover:v4.8.0-202106152230.p0.git.ad38e11.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kube-proxy:v4.8.0-202106291913.p0.git.00d84a9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kube-state-metrics:v4.8.0-202106291913.p0.git.9471662.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kube-storage-version-migrator-rhel8:v4.8.0-202106291913.p0.git.901a6d2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kuryr-cni-rhel8:v4.8.0-202107191610.p0.git.8a4c2d8.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kuryr-controller-rhel8:v4.8.0-202107191610.p0.git.8a4c2d8.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-libvirt-machine-controllers:v4.8.0-202106291913.p0.git.1a48d4b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-machine-api-operator:v4.8.0-202107091016.p0.git.1155220.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-machine-config-operator:v4.8.0-202107011817.p0.git.29813c8.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-mdns-publisher-rhel8:v4.8.0-202106291913.p0.git.2c42cc4.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-admission-controller:v4.8.0-202106291913.p0.git.a7312f5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-cni:v4.8.0-202106291913.p0.git.0c97234.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-networkpolicy-rhel8:v4.8.0-202106291913.p0.git.187ad91.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-route-override-cni-rhel8:v4.8.0-202107152024.p0.git.1662c3e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-whereabouts-ipam-cni-rhel8:v4.8.0-202107152024.p0.git.9a05258.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-must-gather:v4.8.0-202106291913.p0.git.cc7e2a5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-network-metrics-daemon-rhel8:v4.8.0-202106291913.p0.git.f02c63a.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-oauth-apiserver-rhel8:v4.8.0-202106291913.p0.git.09435a5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-oauth-proxy:v4.8.0-202107152024.p0.git.3fc0d89.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-oauth-server-rhel8:v4.8.0-202106291913.p0.git.374e2ee.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openshift-apiserver-rhel8:v4.8.0-202106291913.p0.git.3949869.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openshift-controller-manager-rhel8:v4.8.0-202106291913.p0.git.2e25328.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openshift-state-metrics-rhel8:v4.8.0-202106291913.p0.git.1014291.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openstack-cinder-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.1184ace.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openstack-cinder-csi-driver-rhel8:v4.8.0-202106291913.p0.git.3579ead.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openstack-machine-controllers:v4.8.0-202106291913.p0.git.3024c78.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-operator-lifecycle-manager:v4.8.0-202107160028.p0.git.2b803dd.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-operator-marketplace:v4.8.0-202106291913.p0.git.e39ff59.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-operator-registry:v4.8.0-202107160028.p0.git.2b803dd.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ovirt-machine-controllers-rhel8:v4.8.0-202106291913.p0.git.86c1675.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ovn-kubernetes:v4.8.0-202106291913.p0.git.dbc67b5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-pod:v4.8.0-202107161820.p0.git.051ac4f.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prom-label-proxy:v4.8.0-202106291913.p0.git.2faeb40.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-alertmanager:v4.8.0-202106291913.p0.git.7b5ac87.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-config-reloader:v4.8.0-202106291913.p0.git.9d679a1.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-node-exporter:v4.8.0-202106291913.p0.git.c926449.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-operator:v4.8.0-202106291913.p0.git.9d679a1.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus:v4.8.0-202106291913.p0.git.f3beb88.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-sdn-rhel8:v4.8.0-202106291913.p0.git.00d84a9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-service-ca-operator:v4.8.0-202107131132.p0.git.bcc6df4.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-telemeter:v4.8.0-202106291913.p0.git.d6ceb8a.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-tests:v4.8.0-202107131424.p0.git.0d958c3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-thanos-rhel8:v4.8.0-202106291913.p0.git.c358e96.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-tools-rhel8:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vmware-vsphere-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.edbdd69.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vmware-vsphere-csi-driver-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.edbdd69.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-csi-driver-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-csi-driver-syncer-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-problem-detector-rhel8:v4.8.0-202106291913.p0.git.bf6f4fa.assembly.stream", "8Base-RHOSE-4.8:openshift4/ovirt-csi-driver-rhel7:v4.8.0-202106291913.p0.git.b1d4ec3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ovirt-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.7b6cd3d.assembly.stream" ] }, "references": [ { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2020-15113", "url": "https://www.cve.org/CVERecord?id=CVE-2020-15113" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-15113", "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-15113" }, { "category": "external", "summary": "https://github.com/etcd-io/etcd/security/advisories/GHSA-chh6-ppwq-jh92", "url": "https://github.com/etcd-io/etcd/security/advisories/GHSA-chh6-ppwq-jh92" }, { "category": "external", "summary": "CVE-2020-15113", "url": "https://access.redhat.com/security/cve/CVE-2020-15113" }, { "category": "external", "summary": "bz#1868870: CVE-2020-15113 etcd: directories created via os.MkdirAll are not checked for permissions", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1868870" } ], "release_date": "2020-08-05T00:00:00Z", "remediations": [ { "category": "vendor_fix", "details": "For OpenShift Container Platform 4.8 see the following documentation, which\nwill be updated shortly for this release, for important instructions on how\nto upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.8/release_notes/ocp-4-8-release-notes.html\n\nDetails on how to access this content are available at\nhttps://docs.openshift.com/container-platform/4.8/updating/updating-cluster-cli.html", "product_ids": [ "8Base-RHOSE-4.8:openshift4/ose-etcd:v4.8.0-202106152230.p0.git.aefa6bf.assembly.stream" ], "url": "https://access.redhat.com/errata/RHSA-2021:2438" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 7.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N", "version": "3.1" }, "products": [ "8Base-RHOSE-4.8:openshift4/ose-etcd:v4.8.0-202106152230.p0.git.aefa6bf.assembly.stream" ] } ], "threats": [ { "category": "impact", "date": "2020-08-06T00:00:00Z", "details": "Moderate" } ], "title": "CVE-2020-15113 etcd: directories created via os.MkdirAll are not checked for permissions" }, { "cve": "CVE-2020-15114", "cwe": { "id": "CWE-400", "name": "Uncontrolled Resource Consumption" }, "discovery_date": "2020-08-06T00:00:00Z", "flags": [ { "label": "component_not_present", "product_ids": [ "8Base-RHOSE-4.8:openshift4/driver-toolkit-rhel8:v4.8.0-202107210116.p0.git.37de0e6.assembly.stream", "8Base-RHOSE-4.8:openshift4/egress-router-cni-rhel8:v4.8.0-202106291913.p0.git.016bea1.assembly.stream", "8Base-RHOSE-4.8:openshift4/network-tools-rhel8:v4.8.0-202106291913.p0.git.5ac3739.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-ebs-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.d1fe616.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-ebs-csi-driver-rhel8:v4.8.0-202106291913.p0.git.8c036e4.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-machine-controllers:v4.8.0-202107131617.p0.git.4c66f3d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-pod-identity-webhook-rhel8:v4.8.0-202107081650.p0.git.2b8eee2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-azure-disk-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.d3a3c29.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-azure-disk-csi-driver-rhel8:v4.8.0-202106291913.p0.git.2d461b3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-azure-machine-controllers:v4.8.0-202106291913.p0.git.8301076.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-installer-rhel8:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-machine-controllers:v4.8.0-202106291913.p0.git.a60d493.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-rhel8-operator:v4.8.0-202106291913.p0.git.015024f.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-runtimecfg-rhel8:v4.8.0-202106291913.p0.git.c8b1456.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cli-artifacts:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cli:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cloud-credential-operator:v4.8.0-202106291913.p0.git.b8932e9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-authentication-operator:v4.8.0-202106302318.p0.git.0ec8dd7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-autoscaler-operator:v4.8.0-202106291913.p0.git.fdae5ba.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-autoscaler:v4.8.0-202107152024.p0.git.7bbde4c.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-baremetal-operator-rhel8:v4.8.0-202106291913.p0.git.04a2ae2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-bootstrap:v4.8.0-202106291913.p0.git.1af395b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-config-operator:v4.8.0-202106291913.p0.git.c102241.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator:v4.8.0-202106291913.p0.git.07b3f81.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-dns-operator:v4.8.0-202107010313.p0.git.fdb2ebe.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-etcd-rhel8-operator:v4.8.0-202106291913.p0.git.300bdf3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-image-registry-operator:v4.8.0-202106291913.p0.git.f09049a.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-ingress-operator:v4.8.0-202106291913.p0.git.e9e6295.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-apiserver-operator:v4.8.0-202106291913.p0.git.d928754.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-controller-manager-operator:v4.8.0-202107141920.p0.git.9dc35db.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-scheduler-operator:v4.8.0-202106291913.p0.git.170a5a6.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator:v4.8.0-202106291913.p0.git.c4f4f8b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-machine-approver:v4.8.0-202106291913.p0.git.724abd2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-monitoring-operator:v4.8.0-202107151437.p0.git.5cfe241.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-network-operator:v4.8.0-202106291913.p0.git.a5ebd1e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-node-tuning-operator:v4.8.0-202107091725.p0.git.6be3f67.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-openshift-apiserver-operator:v4.8.0-202106291913.p0.git.683d004.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-openshift-controller-manager-operator:v4.8.0-202106291913.p0.git.286c157.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-policy-controller-rhel8:v4.8.0-202106291913.p0.git.ec46ea5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-samples-operator:v4.8.0-202107152024.p0.git.31fb491.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-storage-operator:v4.8.0-202106291913.p0.git.0775fb6.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-update-keys:v4.8.0-202106152230.p0.git.87835b7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-version-operator:v4.8.0-202106291913.p0.git.ea6e779.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-configmap-reloader:v4.8.0-202106291913.p0.git.abc5c26.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-console-operator:v4.8.0-202106291913.p0.git.b5cf3e0.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-console:v4.8.0-202107010336.p0.git.188a490.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-container-networking-plugins-rhel8:v4.8.0-202106291913.p0.git.a8801b0.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-coredns:v4.8.0-202106291913.p0.git.642b46e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-driver-manila-rhel8-operator:v4.8.0-202106291913.p0.git.7e86252.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-driver-manila-rhel8:v4.8.0-202106291913.p0.git.3579ead.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-driver-nfs-rhel8:v4.8.0-202106291913.p0.git.9404d34.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-attacher-rhel8:v4.8.0-202106291913.p0.git.596da63.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-attacher:v4.8.0-202106291913.p0.git.596da63.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-provisioner-rhel8:v4.8.0-202106291913.p0.git.3ea7e68.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-provisioner:v4.8.0-202106291913.p0.git.3ea7e68.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-resizer-rhel8:v4.8.0-202106291913.p0.git.b5dd2b3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-resizer:v4.8.0-202106291913.p0.git.b5dd2b3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-snapshotter-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-snapshotter:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-livenessprobe-rhel8:v4.8.0-202106291913.p0.git.a29b115.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-livenessprobe:v4.8.0-202106291913.p0.git.a29b115.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-node-driver-registrar-rhel8:v4.8.0-202106291913.p0.git.0519730.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-node-driver-registrar:v4.8.0-202106291913.p0.git.0519730.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-snapshot-controller-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-snapshot-controller:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-snapshot-validation-webhook-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-deployer:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-docker-builder:v4.8.0-202107152024.p0.git.70b7b95.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-docker-registry:v4.8.0-202106291913.p0.git.a87e6c5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-gcp-machine-controllers-rhel8:v4.8.0-202106291913.p0.git.34db56e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-gcp-pd-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.35ebe86.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-gcp-pd-csi-driver-rhel8:v4.8.0-202106291913.p0.git.0b61889.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-grafana:v4.8.0-202106291913.p0.git.b987e4b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-haproxy-router:v4.8.0-202106291913.p0.git.207d546.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-hyperkube:v4.8.0-202107161820.p0.git.051ac4f.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-insights-rhel8-operator:v4.8.0-202106291913.p0.git.2040a71.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-installer-artifacts:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-installer:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-hardware-inventory-recorder-rhel8:v4.8.0-202107191801.p0.git.61c4cc7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-inspector-rhel8:v4.8.0-202107191302.p0.git.9aafd07.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-ipa-downloader-rhel8:v4.8.0-202107152024.p0.git.ba87832.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-machine-os-downloader-rhel8:v4.8.0-202107152024.p0.git.71967e7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-rhel8:v4.8.0-202107191302.p0.git.227b76b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-static-ip-manager-rhel8:v4.8.0-202107152024.p0.git.d2e40e3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins-agent-base:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins-agent-maven:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins-agent-nodejs-12-rhel8:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-k8s-prometheus-adapter:v4.8.0-202106291913.p0.git.2856bc2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-keepalived-ipfailover:v4.8.0-202106152230.p0.git.ad38e11.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kube-proxy:v4.8.0-202106291913.p0.git.00d84a9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kube-state-metrics:v4.8.0-202106291913.p0.git.9471662.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kube-storage-version-migrator-rhel8:v4.8.0-202106291913.p0.git.901a6d2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kuryr-cni-rhel8:v4.8.0-202107191610.p0.git.8a4c2d8.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kuryr-controller-rhel8:v4.8.0-202107191610.p0.git.8a4c2d8.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-libvirt-machine-controllers:v4.8.0-202106291913.p0.git.1a48d4b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-machine-api-operator:v4.8.0-202107091016.p0.git.1155220.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-machine-config-operator:v4.8.0-202107011817.p0.git.29813c8.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-mdns-publisher-rhel8:v4.8.0-202106291913.p0.git.2c42cc4.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-admission-controller:v4.8.0-202106291913.p0.git.a7312f5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-cni:v4.8.0-202106291913.p0.git.0c97234.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-networkpolicy-rhel8:v4.8.0-202106291913.p0.git.187ad91.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-route-override-cni-rhel8:v4.8.0-202107152024.p0.git.1662c3e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-whereabouts-ipam-cni-rhel8:v4.8.0-202107152024.p0.git.9a05258.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-must-gather:v4.8.0-202106291913.p0.git.cc7e2a5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-network-metrics-daemon-rhel8:v4.8.0-202106291913.p0.git.f02c63a.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-oauth-apiserver-rhel8:v4.8.0-202106291913.p0.git.09435a5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-oauth-proxy:v4.8.0-202107152024.p0.git.3fc0d89.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-oauth-server-rhel8:v4.8.0-202106291913.p0.git.374e2ee.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openshift-apiserver-rhel8:v4.8.0-202106291913.p0.git.3949869.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openshift-controller-manager-rhel8:v4.8.0-202106291913.p0.git.2e25328.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openshift-state-metrics-rhel8:v4.8.0-202106291913.p0.git.1014291.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openstack-cinder-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.1184ace.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openstack-cinder-csi-driver-rhel8:v4.8.0-202106291913.p0.git.3579ead.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openstack-machine-controllers:v4.8.0-202106291913.p0.git.3024c78.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-operator-lifecycle-manager:v4.8.0-202107160028.p0.git.2b803dd.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-operator-marketplace:v4.8.0-202106291913.p0.git.e39ff59.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-operator-registry:v4.8.0-202107160028.p0.git.2b803dd.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ovirt-machine-controllers-rhel8:v4.8.0-202106291913.p0.git.86c1675.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ovn-kubernetes:v4.8.0-202106291913.p0.git.dbc67b5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-pod:v4.8.0-202107161820.p0.git.051ac4f.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prom-label-proxy:v4.8.0-202106291913.p0.git.2faeb40.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-alertmanager:v4.8.0-202106291913.p0.git.7b5ac87.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-config-reloader:v4.8.0-202106291913.p0.git.9d679a1.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-node-exporter:v4.8.0-202106291913.p0.git.c926449.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-operator:v4.8.0-202106291913.p0.git.9d679a1.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus:v4.8.0-202106291913.p0.git.f3beb88.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-sdn-rhel8:v4.8.0-202106291913.p0.git.00d84a9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-service-ca-operator:v4.8.0-202107131132.p0.git.bcc6df4.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-telemeter:v4.8.0-202106291913.p0.git.d6ceb8a.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-tests:v4.8.0-202107131424.p0.git.0d958c3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-thanos-rhel8:v4.8.0-202106291913.p0.git.c358e96.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-tools-rhel8:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vmware-vsphere-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.edbdd69.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vmware-vsphere-csi-driver-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.edbdd69.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-csi-driver-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-csi-driver-syncer-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-problem-detector-rhel8:v4.8.0-202106291913.p0.git.bf6f4fa.assembly.stream", "8Base-RHOSE-4.8:openshift4/ovirt-csi-driver-rhel7:v4.8.0-202106291913.p0.git.b1d4ec3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ovirt-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.7b6cd3d.assembly.stream" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla", "text": "https://bugzilla.redhat.com/show_bug.cgi?id=1868874" } ], "notes": [ { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" }, { "category": "description", "text": "A flaw was found in etcd, where the etcd gateway is a simple TCP proxy that allows basic service discovery and access. However, it is possible to include the gateway address as an endpoint. This issue results in a denial of service since the endpoint can become stuck in a loop of requesting itself until there are no more available file descriptors to accept connections on the gateway. The highest threat from this vulnerability is to system availability.", "title": "Vulnerability description" }, { "category": "summary", "text": "etcd: gateway can include itself as an endpoint resulting in resource exhaustion and leads to DoS", "title": "Vulnerability summary" } ], "product_status": { "fixed": [ "8Base-RHOSE-4.8:openshift4/ose-etcd:v4.8.0-202106152230.p0.git.aefa6bf.assembly.stream" ], "known_not_affected": [ "8Base-RHOSE-4.8:openshift4/driver-toolkit-rhel8:v4.8.0-202107210116.p0.git.37de0e6.assembly.stream", "8Base-RHOSE-4.8:openshift4/egress-router-cni-rhel8:v4.8.0-202106291913.p0.git.016bea1.assembly.stream", "8Base-RHOSE-4.8:openshift4/network-tools-rhel8:v4.8.0-202106291913.p0.git.5ac3739.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-ebs-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.d1fe616.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-ebs-csi-driver-rhel8:v4.8.0-202106291913.p0.git.8c036e4.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-machine-controllers:v4.8.0-202107131617.p0.git.4c66f3d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-pod-identity-webhook-rhel8:v4.8.0-202107081650.p0.git.2b8eee2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-azure-disk-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.d3a3c29.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-azure-disk-csi-driver-rhel8:v4.8.0-202106291913.p0.git.2d461b3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-azure-machine-controllers:v4.8.0-202106291913.p0.git.8301076.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-installer-rhel8:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-machine-controllers:v4.8.0-202106291913.p0.git.a60d493.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-rhel8-operator:v4.8.0-202106291913.p0.git.015024f.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-runtimecfg-rhel8:v4.8.0-202106291913.p0.git.c8b1456.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cli-artifacts:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cli:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cloud-credential-operator:v4.8.0-202106291913.p0.git.b8932e9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-authentication-operator:v4.8.0-202106302318.p0.git.0ec8dd7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-autoscaler-operator:v4.8.0-202106291913.p0.git.fdae5ba.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-autoscaler:v4.8.0-202107152024.p0.git.7bbde4c.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-baremetal-operator-rhel8:v4.8.0-202106291913.p0.git.04a2ae2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-bootstrap:v4.8.0-202106291913.p0.git.1af395b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-config-operator:v4.8.0-202106291913.p0.git.c102241.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator:v4.8.0-202106291913.p0.git.07b3f81.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-dns-operator:v4.8.0-202107010313.p0.git.fdb2ebe.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-etcd-rhel8-operator:v4.8.0-202106291913.p0.git.300bdf3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-image-registry-operator:v4.8.0-202106291913.p0.git.f09049a.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-ingress-operator:v4.8.0-202106291913.p0.git.e9e6295.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-apiserver-operator:v4.8.0-202106291913.p0.git.d928754.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-controller-manager-operator:v4.8.0-202107141920.p0.git.9dc35db.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-scheduler-operator:v4.8.0-202106291913.p0.git.170a5a6.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator:v4.8.0-202106291913.p0.git.c4f4f8b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-machine-approver:v4.8.0-202106291913.p0.git.724abd2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-monitoring-operator:v4.8.0-202107151437.p0.git.5cfe241.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-network-operator:v4.8.0-202106291913.p0.git.a5ebd1e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-node-tuning-operator:v4.8.0-202107091725.p0.git.6be3f67.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-openshift-apiserver-operator:v4.8.0-202106291913.p0.git.683d004.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-openshift-controller-manager-operator:v4.8.0-202106291913.p0.git.286c157.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-policy-controller-rhel8:v4.8.0-202106291913.p0.git.ec46ea5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-samples-operator:v4.8.0-202107152024.p0.git.31fb491.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-storage-operator:v4.8.0-202106291913.p0.git.0775fb6.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-update-keys:v4.8.0-202106152230.p0.git.87835b7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-version-operator:v4.8.0-202106291913.p0.git.ea6e779.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-configmap-reloader:v4.8.0-202106291913.p0.git.abc5c26.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-console-operator:v4.8.0-202106291913.p0.git.b5cf3e0.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-console:v4.8.0-202107010336.p0.git.188a490.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-container-networking-plugins-rhel8:v4.8.0-202106291913.p0.git.a8801b0.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-coredns:v4.8.0-202106291913.p0.git.642b46e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-driver-manila-rhel8-operator:v4.8.0-202106291913.p0.git.7e86252.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-driver-manila-rhel8:v4.8.0-202106291913.p0.git.3579ead.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-driver-nfs-rhel8:v4.8.0-202106291913.p0.git.9404d34.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-attacher-rhel8:v4.8.0-202106291913.p0.git.596da63.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-attacher:v4.8.0-202106291913.p0.git.596da63.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-provisioner-rhel8:v4.8.0-202106291913.p0.git.3ea7e68.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-provisioner:v4.8.0-202106291913.p0.git.3ea7e68.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-resizer-rhel8:v4.8.0-202106291913.p0.git.b5dd2b3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-resizer:v4.8.0-202106291913.p0.git.b5dd2b3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-snapshotter-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-snapshotter:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-livenessprobe-rhel8:v4.8.0-202106291913.p0.git.a29b115.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-livenessprobe:v4.8.0-202106291913.p0.git.a29b115.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-node-driver-registrar-rhel8:v4.8.0-202106291913.p0.git.0519730.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-node-driver-registrar:v4.8.0-202106291913.p0.git.0519730.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-snapshot-controller-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-snapshot-controller:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-snapshot-validation-webhook-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-deployer:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-docker-builder:v4.8.0-202107152024.p0.git.70b7b95.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-docker-registry:v4.8.0-202106291913.p0.git.a87e6c5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-gcp-machine-controllers-rhel8:v4.8.0-202106291913.p0.git.34db56e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-gcp-pd-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.35ebe86.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-gcp-pd-csi-driver-rhel8:v4.8.0-202106291913.p0.git.0b61889.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-grafana:v4.8.0-202106291913.p0.git.b987e4b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-haproxy-router:v4.8.0-202106291913.p0.git.207d546.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-hyperkube:v4.8.0-202107161820.p0.git.051ac4f.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-insights-rhel8-operator:v4.8.0-202106291913.p0.git.2040a71.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-installer-artifacts:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-installer:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-hardware-inventory-recorder-rhel8:v4.8.0-202107191801.p0.git.61c4cc7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-inspector-rhel8:v4.8.0-202107191302.p0.git.9aafd07.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-ipa-downloader-rhel8:v4.8.0-202107152024.p0.git.ba87832.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-machine-os-downloader-rhel8:v4.8.0-202107152024.p0.git.71967e7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-rhel8:v4.8.0-202107191302.p0.git.227b76b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-static-ip-manager-rhel8:v4.8.0-202107152024.p0.git.d2e40e3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins-agent-base:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins-agent-maven:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins-agent-nodejs-12-rhel8:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-k8s-prometheus-adapter:v4.8.0-202106291913.p0.git.2856bc2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-keepalived-ipfailover:v4.8.0-202106152230.p0.git.ad38e11.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kube-proxy:v4.8.0-202106291913.p0.git.00d84a9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kube-state-metrics:v4.8.0-202106291913.p0.git.9471662.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kube-storage-version-migrator-rhel8:v4.8.0-202106291913.p0.git.901a6d2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kuryr-cni-rhel8:v4.8.0-202107191610.p0.git.8a4c2d8.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kuryr-controller-rhel8:v4.8.0-202107191610.p0.git.8a4c2d8.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-libvirt-machine-controllers:v4.8.0-202106291913.p0.git.1a48d4b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-machine-api-operator:v4.8.0-202107091016.p0.git.1155220.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-machine-config-operator:v4.8.0-202107011817.p0.git.29813c8.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-mdns-publisher-rhel8:v4.8.0-202106291913.p0.git.2c42cc4.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-admission-controller:v4.8.0-202106291913.p0.git.a7312f5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-cni:v4.8.0-202106291913.p0.git.0c97234.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-networkpolicy-rhel8:v4.8.0-202106291913.p0.git.187ad91.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-route-override-cni-rhel8:v4.8.0-202107152024.p0.git.1662c3e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-whereabouts-ipam-cni-rhel8:v4.8.0-202107152024.p0.git.9a05258.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-must-gather:v4.8.0-202106291913.p0.git.cc7e2a5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-network-metrics-daemon-rhel8:v4.8.0-202106291913.p0.git.f02c63a.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-oauth-apiserver-rhel8:v4.8.0-202106291913.p0.git.09435a5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-oauth-proxy:v4.8.0-202107152024.p0.git.3fc0d89.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-oauth-server-rhel8:v4.8.0-202106291913.p0.git.374e2ee.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openshift-apiserver-rhel8:v4.8.0-202106291913.p0.git.3949869.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openshift-controller-manager-rhel8:v4.8.0-202106291913.p0.git.2e25328.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openshift-state-metrics-rhel8:v4.8.0-202106291913.p0.git.1014291.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openstack-cinder-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.1184ace.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openstack-cinder-csi-driver-rhel8:v4.8.0-202106291913.p0.git.3579ead.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openstack-machine-controllers:v4.8.0-202106291913.p0.git.3024c78.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-operator-lifecycle-manager:v4.8.0-202107160028.p0.git.2b803dd.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-operator-marketplace:v4.8.0-202106291913.p0.git.e39ff59.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-operator-registry:v4.8.0-202107160028.p0.git.2b803dd.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ovirt-machine-controllers-rhel8:v4.8.0-202106291913.p0.git.86c1675.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ovn-kubernetes:v4.8.0-202106291913.p0.git.dbc67b5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-pod:v4.8.0-202107161820.p0.git.051ac4f.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prom-label-proxy:v4.8.0-202106291913.p0.git.2faeb40.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-alertmanager:v4.8.0-202106291913.p0.git.7b5ac87.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-config-reloader:v4.8.0-202106291913.p0.git.9d679a1.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-node-exporter:v4.8.0-202106291913.p0.git.c926449.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-operator:v4.8.0-202106291913.p0.git.9d679a1.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus:v4.8.0-202106291913.p0.git.f3beb88.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-sdn-rhel8:v4.8.0-202106291913.p0.git.00d84a9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-service-ca-operator:v4.8.0-202107131132.p0.git.bcc6df4.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-telemeter:v4.8.0-202106291913.p0.git.d6ceb8a.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-tests:v4.8.0-202107131424.p0.git.0d958c3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-thanos-rhel8:v4.8.0-202106291913.p0.git.c358e96.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-tools-rhel8:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vmware-vsphere-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.edbdd69.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vmware-vsphere-csi-driver-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.edbdd69.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-csi-driver-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-csi-driver-syncer-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-problem-detector-rhel8:v4.8.0-202106291913.p0.git.bf6f4fa.assembly.stream", "8Base-RHOSE-4.8:openshift4/ovirt-csi-driver-rhel7:v4.8.0-202106291913.p0.git.b1d4ec3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ovirt-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.7b6cd3d.assembly.stream" ] }, "references": [ { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2020-15114", "url": "https://www.cve.org/CVERecord?id=CVE-2020-15114" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-15114", "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-15114" }, { "category": "external", "summary": "https://github.com/etcd-io/etcd/security/advisories/GHSA-2xhq-gv6c-p224", "url": "https://github.com/etcd-io/etcd/security/advisories/GHSA-2xhq-gv6c-p224" }, { "category": "external", "summary": "CVE-2020-15114", "url": "https://access.redhat.com/security/cve/CVE-2020-15114" }, { "category": "external", "summary": "bz#1868874: CVE-2020-15114 etcd: gateway can include itself as an endpoint resulting in resource exhaustion and leads to DoS", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1868874" } ], "release_date": "2020-08-05T00:00:00Z", "remediations": [ { "category": "vendor_fix", "details": "For OpenShift Container Platform 4.8 see the following documentation, which\nwill be updated shortly for this release, for important instructions on how\nto upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.8/release_notes/ocp-4-8-release-notes.html\n\nDetails on how to access this content are available at\nhttps://docs.openshift.com/container-platform/4.8/updating/updating-cluster-cli.html", "product_ids": [ "8Base-RHOSE-4.8:openshift4/ose-etcd:v4.8.0-202106152230.p0.git.aefa6bf.assembly.stream" ], "url": "https://access.redhat.com/errata/RHSA-2021:2438" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.7, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H", "version": "3.1" }, "products": [ "8Base-RHOSE-4.8:openshift4/ose-etcd:v4.8.0-202106152230.p0.git.aefa6bf.assembly.stream" ] } ], "threats": [ { "category": "impact", "date": "2020-08-06T00:00:00Z", "details": "Moderate" } ], "title": "CVE-2020-15114 etcd: gateway can include itself as an endpoint resulting in resource exhaustion and leads to DoS" }, { "cve": "CVE-2020-15136", "cwe": { "id": "CWE-287", "name": "Improper Authentication" }, "discovery_date": "2020-08-06T00:00:00Z", "flags": [ { "label": "component_not_present", "product_ids": [ "8Base-RHOSE-4.8:openshift4/driver-toolkit-rhel8:v4.8.0-202107210116.p0.git.37de0e6.assembly.stream", "8Base-RHOSE-4.8:openshift4/egress-router-cni-rhel8:v4.8.0-202106291913.p0.git.016bea1.assembly.stream", "8Base-RHOSE-4.8:openshift4/network-tools-rhel8:v4.8.0-202106291913.p0.git.5ac3739.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-ebs-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.d1fe616.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-ebs-csi-driver-rhel8:v4.8.0-202106291913.p0.git.8c036e4.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-machine-controllers:v4.8.0-202107131617.p0.git.4c66f3d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-pod-identity-webhook-rhel8:v4.8.0-202107081650.p0.git.2b8eee2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-azure-disk-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.d3a3c29.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-azure-disk-csi-driver-rhel8:v4.8.0-202106291913.p0.git.2d461b3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-azure-machine-controllers:v4.8.0-202106291913.p0.git.8301076.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-installer-rhel8:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-machine-controllers:v4.8.0-202106291913.p0.git.a60d493.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-rhel8-operator:v4.8.0-202106291913.p0.git.015024f.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-runtimecfg-rhel8:v4.8.0-202106291913.p0.git.c8b1456.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cli-artifacts:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cli:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cloud-credential-operator:v4.8.0-202106291913.p0.git.b8932e9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-authentication-operator:v4.8.0-202106302318.p0.git.0ec8dd7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-autoscaler-operator:v4.8.0-202106291913.p0.git.fdae5ba.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-autoscaler:v4.8.0-202107152024.p0.git.7bbde4c.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-baremetal-operator-rhel8:v4.8.0-202106291913.p0.git.04a2ae2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-bootstrap:v4.8.0-202106291913.p0.git.1af395b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-config-operator:v4.8.0-202106291913.p0.git.c102241.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator:v4.8.0-202106291913.p0.git.07b3f81.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-dns-operator:v4.8.0-202107010313.p0.git.fdb2ebe.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-etcd-rhel8-operator:v4.8.0-202106291913.p0.git.300bdf3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-image-registry-operator:v4.8.0-202106291913.p0.git.f09049a.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-ingress-operator:v4.8.0-202106291913.p0.git.e9e6295.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-apiserver-operator:v4.8.0-202106291913.p0.git.d928754.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-controller-manager-operator:v4.8.0-202107141920.p0.git.9dc35db.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-scheduler-operator:v4.8.0-202106291913.p0.git.170a5a6.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator:v4.8.0-202106291913.p0.git.c4f4f8b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-machine-approver:v4.8.0-202106291913.p0.git.724abd2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-monitoring-operator:v4.8.0-202107151437.p0.git.5cfe241.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-network-operator:v4.8.0-202106291913.p0.git.a5ebd1e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-node-tuning-operator:v4.8.0-202107091725.p0.git.6be3f67.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-openshift-apiserver-operator:v4.8.0-202106291913.p0.git.683d004.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-openshift-controller-manager-operator:v4.8.0-202106291913.p0.git.286c157.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-policy-controller-rhel8:v4.8.0-202106291913.p0.git.ec46ea5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-samples-operator:v4.8.0-202107152024.p0.git.31fb491.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-storage-operator:v4.8.0-202106291913.p0.git.0775fb6.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-update-keys:v4.8.0-202106152230.p0.git.87835b7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-version-operator:v4.8.0-202106291913.p0.git.ea6e779.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-configmap-reloader:v4.8.0-202106291913.p0.git.abc5c26.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-console-operator:v4.8.0-202106291913.p0.git.b5cf3e0.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-console:v4.8.0-202107010336.p0.git.188a490.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-container-networking-plugins-rhel8:v4.8.0-202106291913.p0.git.a8801b0.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-coredns:v4.8.0-202106291913.p0.git.642b46e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-driver-manila-rhel8-operator:v4.8.0-202106291913.p0.git.7e86252.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-driver-manila-rhel8:v4.8.0-202106291913.p0.git.3579ead.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-driver-nfs-rhel8:v4.8.0-202106291913.p0.git.9404d34.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-attacher-rhel8:v4.8.0-202106291913.p0.git.596da63.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-attacher:v4.8.0-202106291913.p0.git.596da63.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-provisioner-rhel8:v4.8.0-202106291913.p0.git.3ea7e68.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-provisioner:v4.8.0-202106291913.p0.git.3ea7e68.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-resizer-rhel8:v4.8.0-202106291913.p0.git.b5dd2b3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-resizer:v4.8.0-202106291913.p0.git.b5dd2b3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-snapshotter-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-snapshotter:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-livenessprobe-rhel8:v4.8.0-202106291913.p0.git.a29b115.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-livenessprobe:v4.8.0-202106291913.p0.git.a29b115.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-node-driver-registrar-rhel8:v4.8.0-202106291913.p0.git.0519730.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-node-driver-registrar:v4.8.0-202106291913.p0.git.0519730.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-snapshot-controller-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-snapshot-controller:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-snapshot-validation-webhook-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-deployer:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-docker-builder:v4.8.0-202107152024.p0.git.70b7b95.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-docker-registry:v4.8.0-202106291913.p0.git.a87e6c5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-gcp-machine-controllers-rhel8:v4.8.0-202106291913.p0.git.34db56e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-gcp-pd-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.35ebe86.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-gcp-pd-csi-driver-rhel8:v4.8.0-202106291913.p0.git.0b61889.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-grafana:v4.8.0-202106291913.p0.git.b987e4b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-haproxy-router:v4.8.0-202106291913.p0.git.207d546.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-hyperkube:v4.8.0-202107161820.p0.git.051ac4f.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-insights-rhel8-operator:v4.8.0-202106291913.p0.git.2040a71.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-installer-artifacts:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-installer:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-hardware-inventory-recorder-rhel8:v4.8.0-202107191801.p0.git.61c4cc7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-inspector-rhel8:v4.8.0-202107191302.p0.git.9aafd07.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-ipa-downloader-rhel8:v4.8.0-202107152024.p0.git.ba87832.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-machine-os-downloader-rhel8:v4.8.0-202107152024.p0.git.71967e7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-rhel8:v4.8.0-202107191302.p0.git.227b76b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-static-ip-manager-rhel8:v4.8.0-202107152024.p0.git.d2e40e3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins-agent-base:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins-agent-maven:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins-agent-nodejs-12-rhel8:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-k8s-prometheus-adapter:v4.8.0-202106291913.p0.git.2856bc2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-keepalived-ipfailover:v4.8.0-202106152230.p0.git.ad38e11.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kube-proxy:v4.8.0-202106291913.p0.git.00d84a9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kube-state-metrics:v4.8.0-202106291913.p0.git.9471662.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kube-storage-version-migrator-rhel8:v4.8.0-202106291913.p0.git.901a6d2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kuryr-cni-rhel8:v4.8.0-202107191610.p0.git.8a4c2d8.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kuryr-controller-rhel8:v4.8.0-202107191610.p0.git.8a4c2d8.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-libvirt-machine-controllers:v4.8.0-202106291913.p0.git.1a48d4b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-machine-api-operator:v4.8.0-202107091016.p0.git.1155220.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-machine-config-operator:v4.8.0-202107011817.p0.git.29813c8.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-mdns-publisher-rhel8:v4.8.0-202106291913.p0.git.2c42cc4.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-admission-controller:v4.8.0-202106291913.p0.git.a7312f5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-cni:v4.8.0-202106291913.p0.git.0c97234.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-networkpolicy-rhel8:v4.8.0-202106291913.p0.git.187ad91.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-route-override-cni-rhel8:v4.8.0-202107152024.p0.git.1662c3e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-whereabouts-ipam-cni-rhel8:v4.8.0-202107152024.p0.git.9a05258.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-must-gather:v4.8.0-202106291913.p0.git.cc7e2a5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-network-metrics-daemon-rhel8:v4.8.0-202106291913.p0.git.f02c63a.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-oauth-apiserver-rhel8:v4.8.0-202106291913.p0.git.09435a5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-oauth-proxy:v4.8.0-202107152024.p0.git.3fc0d89.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-oauth-server-rhel8:v4.8.0-202106291913.p0.git.374e2ee.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openshift-apiserver-rhel8:v4.8.0-202106291913.p0.git.3949869.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openshift-controller-manager-rhel8:v4.8.0-202106291913.p0.git.2e25328.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openshift-state-metrics-rhel8:v4.8.0-202106291913.p0.git.1014291.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openstack-cinder-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.1184ace.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openstack-cinder-csi-driver-rhel8:v4.8.0-202106291913.p0.git.3579ead.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openstack-machine-controllers:v4.8.0-202106291913.p0.git.3024c78.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-operator-lifecycle-manager:v4.8.0-202107160028.p0.git.2b803dd.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-operator-marketplace:v4.8.0-202106291913.p0.git.e39ff59.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-operator-registry:v4.8.0-202107160028.p0.git.2b803dd.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ovirt-machine-controllers-rhel8:v4.8.0-202106291913.p0.git.86c1675.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ovn-kubernetes:v4.8.0-202106291913.p0.git.dbc67b5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-pod:v4.8.0-202107161820.p0.git.051ac4f.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prom-label-proxy:v4.8.0-202106291913.p0.git.2faeb40.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-alertmanager:v4.8.0-202106291913.p0.git.7b5ac87.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-config-reloader:v4.8.0-202106291913.p0.git.9d679a1.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-node-exporter:v4.8.0-202106291913.p0.git.c926449.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-operator:v4.8.0-202106291913.p0.git.9d679a1.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus:v4.8.0-202106291913.p0.git.f3beb88.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-sdn-rhel8:v4.8.0-202106291913.p0.git.00d84a9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-service-ca-operator:v4.8.0-202107131132.p0.git.bcc6df4.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-telemeter:v4.8.0-202106291913.p0.git.d6ceb8a.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-tests:v4.8.0-202107131424.p0.git.0d958c3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-thanos-rhel8:v4.8.0-202106291913.p0.git.c358e96.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-tools-rhel8:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vmware-vsphere-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.edbdd69.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vmware-vsphere-csi-driver-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.edbdd69.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-csi-driver-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-csi-driver-syncer-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-problem-detector-rhel8:v4.8.0-202106291913.p0.git.bf6f4fa.assembly.stream", "8Base-RHOSE-4.8:openshift4/ovirt-csi-driver-rhel7:v4.8.0-202106291913.p0.git.b1d4ec3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ovirt-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.7b6cd3d.assembly.stream" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla", "text": "https://bugzilla.redhat.com/show_bug.cgi?id=1868880" } ], "notes": [ { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" }, { "category": "description", "text": "A flaw was found in etcd. The gateway TLS authentication is only applied to endpoints detected in DNS SRV records. When starting a gateway, TLS authentication will only be attempted on endpoints identified in DNS SRV records for a given domain, which occurs in the discoverEndpoints function. No authentication is performed against endpoints provided in the --endpoints flag.", "title": "Vulnerability description" }, { "category": "summary", "text": "etcd: no authentication is performed against endpoints provided in the --endpoints flag", "title": "Vulnerability summary" } ], "product_status": { "fixed": [ "8Base-RHOSE-4.8:openshift4/ose-etcd:v4.8.0-202106152230.p0.git.aefa6bf.assembly.stream" ], "known_not_affected": [ "8Base-RHOSE-4.8:openshift4/driver-toolkit-rhel8:v4.8.0-202107210116.p0.git.37de0e6.assembly.stream", "8Base-RHOSE-4.8:openshift4/egress-router-cni-rhel8:v4.8.0-202106291913.p0.git.016bea1.assembly.stream", "8Base-RHOSE-4.8:openshift4/network-tools-rhel8:v4.8.0-202106291913.p0.git.5ac3739.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-ebs-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.d1fe616.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-ebs-csi-driver-rhel8:v4.8.0-202106291913.p0.git.8c036e4.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-machine-controllers:v4.8.0-202107131617.p0.git.4c66f3d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-pod-identity-webhook-rhel8:v4.8.0-202107081650.p0.git.2b8eee2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-azure-disk-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.d3a3c29.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-azure-disk-csi-driver-rhel8:v4.8.0-202106291913.p0.git.2d461b3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-azure-machine-controllers:v4.8.0-202106291913.p0.git.8301076.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-installer-rhel8:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-machine-controllers:v4.8.0-202106291913.p0.git.a60d493.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-rhel8-operator:v4.8.0-202106291913.p0.git.015024f.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-runtimecfg-rhel8:v4.8.0-202106291913.p0.git.c8b1456.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cli-artifacts:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cli:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cloud-credential-operator:v4.8.0-202106291913.p0.git.b8932e9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-authentication-operator:v4.8.0-202106302318.p0.git.0ec8dd7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-autoscaler-operator:v4.8.0-202106291913.p0.git.fdae5ba.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-autoscaler:v4.8.0-202107152024.p0.git.7bbde4c.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-baremetal-operator-rhel8:v4.8.0-202106291913.p0.git.04a2ae2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-bootstrap:v4.8.0-202106291913.p0.git.1af395b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-config-operator:v4.8.0-202106291913.p0.git.c102241.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator:v4.8.0-202106291913.p0.git.07b3f81.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-dns-operator:v4.8.0-202107010313.p0.git.fdb2ebe.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-etcd-rhel8-operator:v4.8.0-202106291913.p0.git.300bdf3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-image-registry-operator:v4.8.0-202106291913.p0.git.f09049a.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-ingress-operator:v4.8.0-202106291913.p0.git.e9e6295.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-apiserver-operator:v4.8.0-202106291913.p0.git.d928754.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-controller-manager-operator:v4.8.0-202107141920.p0.git.9dc35db.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-scheduler-operator:v4.8.0-202106291913.p0.git.170a5a6.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator:v4.8.0-202106291913.p0.git.c4f4f8b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-machine-approver:v4.8.0-202106291913.p0.git.724abd2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-monitoring-operator:v4.8.0-202107151437.p0.git.5cfe241.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-network-operator:v4.8.0-202106291913.p0.git.a5ebd1e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-node-tuning-operator:v4.8.0-202107091725.p0.git.6be3f67.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-openshift-apiserver-operator:v4.8.0-202106291913.p0.git.683d004.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-openshift-controller-manager-operator:v4.8.0-202106291913.p0.git.286c157.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-policy-controller-rhel8:v4.8.0-202106291913.p0.git.ec46ea5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-samples-operator:v4.8.0-202107152024.p0.git.31fb491.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-storage-operator:v4.8.0-202106291913.p0.git.0775fb6.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-update-keys:v4.8.0-202106152230.p0.git.87835b7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-version-operator:v4.8.0-202106291913.p0.git.ea6e779.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-configmap-reloader:v4.8.0-202106291913.p0.git.abc5c26.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-console-operator:v4.8.0-202106291913.p0.git.b5cf3e0.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-console:v4.8.0-202107010336.p0.git.188a490.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-container-networking-plugins-rhel8:v4.8.0-202106291913.p0.git.a8801b0.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-coredns:v4.8.0-202106291913.p0.git.642b46e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-driver-manila-rhel8-operator:v4.8.0-202106291913.p0.git.7e86252.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-driver-manila-rhel8:v4.8.0-202106291913.p0.git.3579ead.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-driver-nfs-rhel8:v4.8.0-202106291913.p0.git.9404d34.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-attacher-rhel8:v4.8.0-202106291913.p0.git.596da63.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-attacher:v4.8.0-202106291913.p0.git.596da63.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-provisioner-rhel8:v4.8.0-202106291913.p0.git.3ea7e68.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-provisioner:v4.8.0-202106291913.p0.git.3ea7e68.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-resizer-rhel8:v4.8.0-202106291913.p0.git.b5dd2b3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-resizer:v4.8.0-202106291913.p0.git.b5dd2b3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-snapshotter-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-snapshotter:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-livenessprobe-rhel8:v4.8.0-202106291913.p0.git.a29b115.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-livenessprobe:v4.8.0-202106291913.p0.git.a29b115.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-node-driver-registrar-rhel8:v4.8.0-202106291913.p0.git.0519730.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-node-driver-registrar:v4.8.0-202106291913.p0.git.0519730.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-snapshot-controller-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-snapshot-controller:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-snapshot-validation-webhook-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-deployer:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-docker-builder:v4.8.0-202107152024.p0.git.70b7b95.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-docker-registry:v4.8.0-202106291913.p0.git.a87e6c5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-gcp-machine-controllers-rhel8:v4.8.0-202106291913.p0.git.34db56e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-gcp-pd-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.35ebe86.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-gcp-pd-csi-driver-rhel8:v4.8.0-202106291913.p0.git.0b61889.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-grafana:v4.8.0-202106291913.p0.git.b987e4b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-haproxy-router:v4.8.0-202106291913.p0.git.207d546.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-hyperkube:v4.8.0-202107161820.p0.git.051ac4f.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-insights-rhel8-operator:v4.8.0-202106291913.p0.git.2040a71.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-installer-artifacts:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-installer:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-hardware-inventory-recorder-rhel8:v4.8.0-202107191801.p0.git.61c4cc7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-inspector-rhel8:v4.8.0-202107191302.p0.git.9aafd07.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-ipa-downloader-rhel8:v4.8.0-202107152024.p0.git.ba87832.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-machine-os-downloader-rhel8:v4.8.0-202107152024.p0.git.71967e7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-rhel8:v4.8.0-202107191302.p0.git.227b76b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-static-ip-manager-rhel8:v4.8.0-202107152024.p0.git.d2e40e3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins-agent-base:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins-agent-maven:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins-agent-nodejs-12-rhel8:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-k8s-prometheus-adapter:v4.8.0-202106291913.p0.git.2856bc2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-keepalived-ipfailover:v4.8.0-202106152230.p0.git.ad38e11.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kube-proxy:v4.8.0-202106291913.p0.git.00d84a9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kube-state-metrics:v4.8.0-202106291913.p0.git.9471662.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kube-storage-version-migrator-rhel8:v4.8.0-202106291913.p0.git.901a6d2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kuryr-cni-rhel8:v4.8.0-202107191610.p0.git.8a4c2d8.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kuryr-controller-rhel8:v4.8.0-202107191610.p0.git.8a4c2d8.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-libvirt-machine-controllers:v4.8.0-202106291913.p0.git.1a48d4b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-machine-api-operator:v4.8.0-202107091016.p0.git.1155220.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-machine-config-operator:v4.8.0-202107011817.p0.git.29813c8.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-mdns-publisher-rhel8:v4.8.0-202106291913.p0.git.2c42cc4.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-admission-controller:v4.8.0-202106291913.p0.git.a7312f5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-cni:v4.8.0-202106291913.p0.git.0c97234.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-networkpolicy-rhel8:v4.8.0-202106291913.p0.git.187ad91.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-route-override-cni-rhel8:v4.8.0-202107152024.p0.git.1662c3e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-whereabouts-ipam-cni-rhel8:v4.8.0-202107152024.p0.git.9a05258.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-must-gather:v4.8.0-202106291913.p0.git.cc7e2a5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-network-metrics-daemon-rhel8:v4.8.0-202106291913.p0.git.f02c63a.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-oauth-apiserver-rhel8:v4.8.0-202106291913.p0.git.09435a5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-oauth-proxy:v4.8.0-202107152024.p0.git.3fc0d89.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-oauth-server-rhel8:v4.8.0-202106291913.p0.git.374e2ee.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openshift-apiserver-rhel8:v4.8.0-202106291913.p0.git.3949869.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openshift-controller-manager-rhel8:v4.8.0-202106291913.p0.git.2e25328.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openshift-state-metrics-rhel8:v4.8.0-202106291913.p0.git.1014291.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openstack-cinder-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.1184ace.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openstack-cinder-csi-driver-rhel8:v4.8.0-202106291913.p0.git.3579ead.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openstack-machine-controllers:v4.8.0-202106291913.p0.git.3024c78.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-operator-lifecycle-manager:v4.8.0-202107160028.p0.git.2b803dd.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-operator-marketplace:v4.8.0-202106291913.p0.git.e39ff59.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-operator-registry:v4.8.0-202107160028.p0.git.2b803dd.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ovirt-machine-controllers-rhel8:v4.8.0-202106291913.p0.git.86c1675.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ovn-kubernetes:v4.8.0-202106291913.p0.git.dbc67b5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-pod:v4.8.0-202107161820.p0.git.051ac4f.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prom-label-proxy:v4.8.0-202106291913.p0.git.2faeb40.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-alertmanager:v4.8.0-202106291913.p0.git.7b5ac87.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-config-reloader:v4.8.0-202106291913.p0.git.9d679a1.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-node-exporter:v4.8.0-202106291913.p0.git.c926449.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-operator:v4.8.0-202106291913.p0.git.9d679a1.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus:v4.8.0-202106291913.p0.git.f3beb88.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-sdn-rhel8:v4.8.0-202106291913.p0.git.00d84a9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-service-ca-operator:v4.8.0-202107131132.p0.git.bcc6df4.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-telemeter:v4.8.0-202106291913.p0.git.d6ceb8a.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-tests:v4.8.0-202107131424.p0.git.0d958c3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-thanos-rhel8:v4.8.0-202106291913.p0.git.c358e96.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-tools-rhel8:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vmware-vsphere-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.edbdd69.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vmware-vsphere-csi-driver-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.edbdd69.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-csi-driver-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-csi-driver-syncer-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-problem-detector-rhel8:v4.8.0-202106291913.p0.git.bf6f4fa.assembly.stream", "8Base-RHOSE-4.8:openshift4/ovirt-csi-driver-rhel7:v4.8.0-202106291913.p0.git.b1d4ec3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ovirt-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.7b6cd3d.assembly.stream" ] }, "references": [ { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2020-15136", "url": "https://www.cve.org/CVERecord?id=CVE-2020-15136" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-15136", "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-15136" }, { "category": "external", "summary": "https://github.com/etcd-io/etcd/security/advisories/GHSA-wr2v-9rpq-c35q", "url": "https://github.com/etcd-io/etcd/security/advisories/GHSA-wr2v-9rpq-c35q" }, { "category": "external", "summary": "CVE-2020-15136", "url": "https://access.redhat.com/security/cve/CVE-2020-15136" }, { "category": "external", "summary": "bz#1868880: CVE-2020-15136 etcd: no authentication is performed against endpoints provided in the --endpoints flag", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1868880" } ], "release_date": "2020-08-05T00:00:00Z", "remediations": [ { "category": "vendor_fix", "details": "For OpenShift Container Platform 4.8 see the following documentation, which\nwill be updated shortly for this release, for important instructions on how\nto upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.8/release_notes/ocp-4-8-release-notes.html\n\nDetails on how to access this content are available at\nhttps://docs.openshift.com/container-platform/4.8/updating/updating-cluster-cli.html", "product_ids": [ "8Base-RHOSE-4.8:openshift4/ose-etcd:v4.8.0-202106152230.p0.git.aefa6bf.assembly.stream" ], "url": "https://access.redhat.com/errata/RHSA-2021:2438" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N", "version": "3.1" }, "products": [ "8Base-RHOSE-4.8:openshift4/ose-etcd:v4.8.0-202106152230.p0.git.aefa6bf.assembly.stream" ] } ], "threats": [ { "category": "impact", "date": "2020-08-06T00:00:00Z", "details": "Moderate" } ], "title": "CVE-2020-15136 etcd: no authentication is performed against endpoints provided in the --endpoints flag" }, { "cve": "CVE-2020-26160", "cwe": { "id": "CWE-284", "name": "Improper Access Control" }, "discovery_date": "2020-09-23T00:00:00Z", "flags": [ { "label": "component_not_present", "product_ids": [ "8Base-RHOSE-4.8:openshift4/driver-toolkit-rhel8:v4.8.0-202107210116.p0.git.37de0e6.assembly.stream", "8Base-RHOSE-4.8:openshift4/egress-router-cni-rhel8:v4.8.0-202106291913.p0.git.016bea1.assembly.stream", "8Base-RHOSE-4.8:openshift4/network-tools-rhel8:v4.8.0-202106291913.p0.git.5ac3739.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-ebs-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.d1fe616.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-ebs-csi-driver-rhel8:v4.8.0-202106291913.p0.git.8c036e4.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-machine-controllers:v4.8.0-202107131617.p0.git.4c66f3d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-pod-identity-webhook-rhel8:v4.8.0-202107081650.p0.git.2b8eee2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-azure-disk-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.d3a3c29.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-azure-disk-csi-driver-rhel8:v4.8.0-202106291913.p0.git.2d461b3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-azure-machine-controllers:v4.8.0-202106291913.p0.git.8301076.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-machine-controllers:v4.8.0-202106291913.p0.git.a60d493.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-rhel8-operator:v4.8.0-202106291913.p0.git.015024f.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-runtimecfg-rhel8:v4.8.0-202106291913.p0.git.c8b1456.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cli-artifacts:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cli:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cloud-credential-operator:v4.8.0-202106291913.p0.git.b8932e9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-authentication-operator:v4.8.0-202106302318.p0.git.0ec8dd7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-autoscaler-operator:v4.8.0-202106291913.p0.git.fdae5ba.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-autoscaler:v4.8.0-202107152024.p0.git.7bbde4c.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-baremetal-operator-rhel8:v4.8.0-202106291913.p0.git.04a2ae2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-bootstrap:v4.8.0-202106291913.p0.git.1af395b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-config-operator:v4.8.0-202106291913.p0.git.c102241.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator:v4.8.0-202106291913.p0.git.07b3f81.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-dns-operator:v4.8.0-202107010313.p0.git.fdb2ebe.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-etcd-rhel8-operator:v4.8.0-202106291913.p0.git.300bdf3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-image-registry-operator:v4.8.0-202106291913.p0.git.f09049a.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-ingress-operator:v4.8.0-202106291913.p0.git.e9e6295.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-apiserver-operator:v4.8.0-202106291913.p0.git.d928754.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-controller-manager-operator:v4.8.0-202107141920.p0.git.9dc35db.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-scheduler-operator:v4.8.0-202106291913.p0.git.170a5a6.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator:v4.8.0-202106291913.p0.git.c4f4f8b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-machine-approver:v4.8.0-202106291913.p0.git.724abd2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-monitoring-operator:v4.8.0-202107151437.p0.git.5cfe241.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-network-operator:v4.8.0-202106291913.p0.git.a5ebd1e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-node-tuning-operator:v4.8.0-202107091725.p0.git.6be3f67.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-openshift-apiserver-operator:v4.8.0-202106291913.p0.git.683d004.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-openshift-controller-manager-operator:v4.8.0-202106291913.p0.git.286c157.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-policy-controller-rhel8:v4.8.0-202106291913.p0.git.ec46ea5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-samples-operator:v4.8.0-202107152024.p0.git.31fb491.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-storage-operator:v4.8.0-202106291913.p0.git.0775fb6.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-update-keys:v4.8.0-202106152230.p0.git.87835b7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-version-operator:v4.8.0-202106291913.p0.git.ea6e779.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-configmap-reloader:v4.8.0-202106291913.p0.git.abc5c26.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-console-operator:v4.8.0-202106291913.p0.git.b5cf3e0.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-console:v4.8.0-202107010336.p0.git.188a490.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-container-networking-plugins-rhel8:v4.8.0-202106291913.p0.git.a8801b0.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-coredns:v4.8.0-202106291913.p0.git.642b46e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-driver-manila-rhel8-operator:v4.8.0-202106291913.p0.git.7e86252.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-driver-manila-rhel8:v4.8.0-202106291913.p0.git.3579ead.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-driver-nfs-rhel8:v4.8.0-202106291913.p0.git.9404d34.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-attacher-rhel8:v4.8.0-202106291913.p0.git.596da63.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-attacher:v4.8.0-202106291913.p0.git.596da63.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-provisioner-rhel8:v4.8.0-202106291913.p0.git.3ea7e68.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-provisioner:v4.8.0-202106291913.p0.git.3ea7e68.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-resizer-rhel8:v4.8.0-202106291913.p0.git.b5dd2b3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-resizer:v4.8.0-202106291913.p0.git.b5dd2b3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-snapshotter-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-snapshotter:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-livenessprobe-rhel8:v4.8.0-202106291913.p0.git.a29b115.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-livenessprobe:v4.8.0-202106291913.p0.git.a29b115.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-node-driver-registrar-rhel8:v4.8.0-202106291913.p0.git.0519730.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-node-driver-registrar:v4.8.0-202106291913.p0.git.0519730.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-snapshot-controller-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-snapshot-controller:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-snapshot-validation-webhook-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-deployer:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-docker-builder:v4.8.0-202107152024.p0.git.70b7b95.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-docker-registry:v4.8.0-202106291913.p0.git.a87e6c5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-gcp-machine-controllers-rhel8:v4.8.0-202106291913.p0.git.34db56e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-gcp-pd-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.35ebe86.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-gcp-pd-csi-driver-rhel8:v4.8.0-202106291913.p0.git.0b61889.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-grafana:v4.8.0-202106291913.p0.git.b987e4b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-haproxy-router:v4.8.0-202106291913.p0.git.207d546.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-hyperkube:v4.8.0-202107161820.p0.git.051ac4f.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-insights-rhel8-operator:v4.8.0-202106291913.p0.git.2040a71.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-installer-artifacts:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-installer:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-hardware-inventory-recorder-rhel8:v4.8.0-202107191801.p0.git.61c4cc7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-inspector-rhel8:v4.8.0-202107191302.p0.git.9aafd07.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-ipa-downloader-rhel8:v4.8.0-202107152024.p0.git.ba87832.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-machine-os-downloader-rhel8:v4.8.0-202107152024.p0.git.71967e7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-rhel8:v4.8.0-202107191302.p0.git.227b76b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-static-ip-manager-rhel8:v4.8.0-202107152024.p0.git.d2e40e3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins-agent-base:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins-agent-maven:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins-agent-nodejs-12-rhel8:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-k8s-prometheus-adapter:v4.8.0-202106291913.p0.git.2856bc2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-keepalived-ipfailover:v4.8.0-202106152230.p0.git.ad38e11.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kube-proxy:v4.8.0-202106291913.p0.git.00d84a9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kube-state-metrics:v4.8.0-202106291913.p0.git.9471662.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kube-storage-version-migrator-rhel8:v4.8.0-202106291913.p0.git.901a6d2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kuryr-cni-rhel8:v4.8.0-202107191610.p0.git.8a4c2d8.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kuryr-controller-rhel8:v4.8.0-202107191610.p0.git.8a4c2d8.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-libvirt-machine-controllers:v4.8.0-202106291913.p0.git.1a48d4b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-machine-api-operator:v4.8.0-202107091016.p0.git.1155220.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-machine-config-operator:v4.8.0-202107011817.p0.git.29813c8.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-mdns-publisher-rhel8:v4.8.0-202106291913.p0.git.2c42cc4.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-admission-controller:v4.8.0-202106291913.p0.git.a7312f5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-cni:v4.8.0-202106291913.p0.git.0c97234.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-networkpolicy-rhel8:v4.8.0-202106291913.p0.git.187ad91.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-route-override-cni-rhel8:v4.8.0-202107152024.p0.git.1662c3e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-whereabouts-ipam-cni-rhel8:v4.8.0-202107152024.p0.git.9a05258.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-must-gather:v4.8.0-202106291913.p0.git.cc7e2a5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-network-metrics-daemon-rhel8:v4.8.0-202106291913.p0.git.f02c63a.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-oauth-apiserver-rhel8:v4.8.0-202106291913.p0.git.09435a5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-oauth-proxy:v4.8.0-202107152024.p0.git.3fc0d89.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-oauth-server-rhel8:v4.8.0-202106291913.p0.git.374e2ee.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openshift-apiserver-rhel8:v4.8.0-202106291913.p0.git.3949869.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openshift-controller-manager-rhel8:v4.8.0-202106291913.p0.git.2e25328.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openshift-state-metrics-rhel8:v4.8.0-202106291913.p0.git.1014291.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openstack-cinder-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.1184ace.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openstack-cinder-csi-driver-rhel8:v4.8.0-202106291913.p0.git.3579ead.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openstack-machine-controllers:v4.8.0-202106291913.p0.git.3024c78.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-operator-lifecycle-manager:v4.8.0-202107160028.p0.git.2b803dd.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-operator-marketplace:v4.8.0-202106291913.p0.git.e39ff59.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-operator-registry:v4.8.0-202107160028.p0.git.2b803dd.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ovirt-machine-controllers-rhel8:v4.8.0-202106291913.p0.git.86c1675.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ovn-kubernetes:v4.8.0-202106291913.p0.git.dbc67b5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-pod:v4.8.0-202107161820.p0.git.051ac4f.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prom-label-proxy:v4.8.0-202106291913.p0.git.2faeb40.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-alertmanager:v4.8.0-202106291913.p0.git.7b5ac87.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-config-reloader:v4.8.0-202106291913.p0.git.9d679a1.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-node-exporter:v4.8.0-202106291913.p0.git.c926449.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-operator:v4.8.0-202106291913.p0.git.9d679a1.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus:v4.8.0-202106291913.p0.git.f3beb88.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-sdn-rhel8:v4.8.0-202106291913.p0.git.00d84a9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-service-ca-operator:v4.8.0-202107131132.p0.git.bcc6df4.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-telemeter:v4.8.0-202106291913.p0.git.d6ceb8a.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-tests:v4.8.0-202107131424.p0.git.0d958c3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-thanos-rhel8:v4.8.0-202106291913.p0.git.c358e96.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-tools-rhel8:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vmware-vsphere-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.edbdd69.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vmware-vsphere-csi-driver-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.edbdd69.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-csi-driver-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-csi-driver-syncer-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-problem-detector-rhel8:v4.8.0-202106291913.p0.git.bf6f4fa.assembly.stream", "8Base-RHOSE-4.8:openshift4/ovirt-csi-driver-rhel7:v4.8.0-202106291913.p0.git.b1d4ec3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ovirt-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.7b6cd3d.assembly.stream" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla", "text": "https://bugzilla.redhat.com/show_bug.cgi?id=1883371" } ], "notes": [ { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" }, { "category": "description", "text": "A vulnerability was found in jwt-go where it is vulnerable to Access Restriction Bypass if m[\"aud\"] happens to be []string{}, as allowed by the spec, the type assertion fails and the value of aud is \"\". This can cause audience verification to succeed even if the audiences being passed are incorrect if required is set to false.", "title": "Vulnerability description" }, { "category": "summary", "text": "jwt-go: access restriction bypass vulnerability", "title": "Vulnerability summary" } ], "product_status": { "fixed": [ "8Base-RHOSE-4.8:openshift4/ose-baremetal-installer-rhel8:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-etcd:v4.8.0-202106152230.p0.git.aefa6bf.assembly.stream" ], "known_not_affected": [ "8Base-RHOSE-4.8:openshift4/driver-toolkit-rhel8:v4.8.0-202107210116.p0.git.37de0e6.assembly.stream", "8Base-RHOSE-4.8:openshift4/egress-router-cni-rhel8:v4.8.0-202106291913.p0.git.016bea1.assembly.stream", "8Base-RHOSE-4.8:openshift4/network-tools-rhel8:v4.8.0-202106291913.p0.git.5ac3739.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-ebs-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.d1fe616.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-ebs-csi-driver-rhel8:v4.8.0-202106291913.p0.git.8c036e4.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-machine-controllers:v4.8.0-202107131617.p0.git.4c66f3d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-pod-identity-webhook-rhel8:v4.8.0-202107081650.p0.git.2b8eee2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-azure-disk-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.d3a3c29.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-azure-disk-csi-driver-rhel8:v4.8.0-202106291913.p0.git.2d461b3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-azure-machine-controllers:v4.8.0-202106291913.p0.git.8301076.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-machine-controllers:v4.8.0-202106291913.p0.git.a60d493.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-rhel8-operator:v4.8.0-202106291913.p0.git.015024f.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-runtimecfg-rhel8:v4.8.0-202106291913.p0.git.c8b1456.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cli-artifacts:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cli:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cloud-credential-operator:v4.8.0-202106291913.p0.git.b8932e9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-authentication-operator:v4.8.0-202106302318.p0.git.0ec8dd7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-autoscaler-operator:v4.8.0-202106291913.p0.git.fdae5ba.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-autoscaler:v4.8.0-202107152024.p0.git.7bbde4c.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-baremetal-operator-rhel8:v4.8.0-202106291913.p0.git.04a2ae2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-bootstrap:v4.8.0-202106291913.p0.git.1af395b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-config-operator:v4.8.0-202106291913.p0.git.c102241.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator:v4.8.0-202106291913.p0.git.07b3f81.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-dns-operator:v4.8.0-202107010313.p0.git.fdb2ebe.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-etcd-rhel8-operator:v4.8.0-202106291913.p0.git.300bdf3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-image-registry-operator:v4.8.0-202106291913.p0.git.f09049a.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-ingress-operator:v4.8.0-202106291913.p0.git.e9e6295.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-apiserver-operator:v4.8.0-202106291913.p0.git.d928754.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-controller-manager-operator:v4.8.0-202107141920.p0.git.9dc35db.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-scheduler-operator:v4.8.0-202106291913.p0.git.170a5a6.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator:v4.8.0-202106291913.p0.git.c4f4f8b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-machine-approver:v4.8.0-202106291913.p0.git.724abd2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-monitoring-operator:v4.8.0-202107151437.p0.git.5cfe241.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-network-operator:v4.8.0-202106291913.p0.git.a5ebd1e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-node-tuning-operator:v4.8.0-202107091725.p0.git.6be3f67.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-openshift-apiserver-operator:v4.8.0-202106291913.p0.git.683d004.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-openshift-controller-manager-operator:v4.8.0-202106291913.p0.git.286c157.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-policy-controller-rhel8:v4.8.0-202106291913.p0.git.ec46ea5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-samples-operator:v4.8.0-202107152024.p0.git.31fb491.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-storage-operator:v4.8.0-202106291913.p0.git.0775fb6.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-update-keys:v4.8.0-202106152230.p0.git.87835b7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-version-operator:v4.8.0-202106291913.p0.git.ea6e779.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-configmap-reloader:v4.8.0-202106291913.p0.git.abc5c26.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-console-operator:v4.8.0-202106291913.p0.git.b5cf3e0.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-console:v4.8.0-202107010336.p0.git.188a490.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-container-networking-plugins-rhel8:v4.8.0-202106291913.p0.git.a8801b0.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-coredns:v4.8.0-202106291913.p0.git.642b46e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-driver-manila-rhel8-operator:v4.8.0-202106291913.p0.git.7e86252.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-driver-manila-rhel8:v4.8.0-202106291913.p0.git.3579ead.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-driver-nfs-rhel8:v4.8.0-202106291913.p0.git.9404d34.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-attacher-rhel8:v4.8.0-202106291913.p0.git.596da63.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-attacher:v4.8.0-202106291913.p0.git.596da63.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-provisioner-rhel8:v4.8.0-202106291913.p0.git.3ea7e68.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-provisioner:v4.8.0-202106291913.p0.git.3ea7e68.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-resizer-rhel8:v4.8.0-202106291913.p0.git.b5dd2b3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-resizer:v4.8.0-202106291913.p0.git.b5dd2b3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-snapshotter-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-snapshotter:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-livenessprobe-rhel8:v4.8.0-202106291913.p0.git.a29b115.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-livenessprobe:v4.8.0-202106291913.p0.git.a29b115.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-node-driver-registrar-rhel8:v4.8.0-202106291913.p0.git.0519730.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-node-driver-registrar:v4.8.0-202106291913.p0.git.0519730.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-snapshot-controller-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-snapshot-controller:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-snapshot-validation-webhook-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-deployer:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-docker-builder:v4.8.0-202107152024.p0.git.70b7b95.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-docker-registry:v4.8.0-202106291913.p0.git.a87e6c5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-gcp-machine-controllers-rhel8:v4.8.0-202106291913.p0.git.34db56e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-gcp-pd-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.35ebe86.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-gcp-pd-csi-driver-rhel8:v4.8.0-202106291913.p0.git.0b61889.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-grafana:v4.8.0-202106291913.p0.git.b987e4b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-haproxy-router:v4.8.0-202106291913.p0.git.207d546.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-hyperkube:v4.8.0-202107161820.p0.git.051ac4f.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-insights-rhel8-operator:v4.8.0-202106291913.p0.git.2040a71.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-installer-artifacts:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-installer:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-hardware-inventory-recorder-rhel8:v4.8.0-202107191801.p0.git.61c4cc7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-inspector-rhel8:v4.8.0-202107191302.p0.git.9aafd07.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-ipa-downloader-rhel8:v4.8.0-202107152024.p0.git.ba87832.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-machine-os-downloader-rhel8:v4.8.0-202107152024.p0.git.71967e7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-rhel8:v4.8.0-202107191302.p0.git.227b76b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-static-ip-manager-rhel8:v4.8.0-202107152024.p0.git.d2e40e3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins-agent-base:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins-agent-maven:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins-agent-nodejs-12-rhel8:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-k8s-prometheus-adapter:v4.8.0-202106291913.p0.git.2856bc2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-keepalived-ipfailover:v4.8.0-202106152230.p0.git.ad38e11.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kube-proxy:v4.8.0-202106291913.p0.git.00d84a9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kube-state-metrics:v4.8.0-202106291913.p0.git.9471662.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kube-storage-version-migrator-rhel8:v4.8.0-202106291913.p0.git.901a6d2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kuryr-cni-rhel8:v4.8.0-202107191610.p0.git.8a4c2d8.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kuryr-controller-rhel8:v4.8.0-202107191610.p0.git.8a4c2d8.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-libvirt-machine-controllers:v4.8.0-202106291913.p0.git.1a48d4b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-machine-api-operator:v4.8.0-202107091016.p0.git.1155220.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-machine-config-operator:v4.8.0-202107011817.p0.git.29813c8.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-mdns-publisher-rhel8:v4.8.0-202106291913.p0.git.2c42cc4.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-admission-controller:v4.8.0-202106291913.p0.git.a7312f5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-cni:v4.8.0-202106291913.p0.git.0c97234.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-networkpolicy-rhel8:v4.8.0-202106291913.p0.git.187ad91.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-route-override-cni-rhel8:v4.8.0-202107152024.p0.git.1662c3e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-whereabouts-ipam-cni-rhel8:v4.8.0-202107152024.p0.git.9a05258.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-must-gather:v4.8.0-202106291913.p0.git.cc7e2a5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-network-metrics-daemon-rhel8:v4.8.0-202106291913.p0.git.f02c63a.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-oauth-apiserver-rhel8:v4.8.0-202106291913.p0.git.09435a5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-oauth-proxy:v4.8.0-202107152024.p0.git.3fc0d89.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-oauth-server-rhel8:v4.8.0-202106291913.p0.git.374e2ee.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openshift-apiserver-rhel8:v4.8.0-202106291913.p0.git.3949869.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openshift-controller-manager-rhel8:v4.8.0-202106291913.p0.git.2e25328.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openshift-state-metrics-rhel8:v4.8.0-202106291913.p0.git.1014291.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openstack-cinder-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.1184ace.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openstack-cinder-csi-driver-rhel8:v4.8.0-202106291913.p0.git.3579ead.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openstack-machine-controllers:v4.8.0-202106291913.p0.git.3024c78.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-operator-lifecycle-manager:v4.8.0-202107160028.p0.git.2b803dd.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-operator-marketplace:v4.8.0-202106291913.p0.git.e39ff59.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-operator-registry:v4.8.0-202107160028.p0.git.2b803dd.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ovirt-machine-controllers-rhel8:v4.8.0-202106291913.p0.git.86c1675.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ovn-kubernetes:v4.8.0-202106291913.p0.git.dbc67b5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-pod:v4.8.0-202107161820.p0.git.051ac4f.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prom-label-proxy:v4.8.0-202106291913.p0.git.2faeb40.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-alertmanager:v4.8.0-202106291913.p0.git.7b5ac87.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-config-reloader:v4.8.0-202106291913.p0.git.9d679a1.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-node-exporter:v4.8.0-202106291913.p0.git.c926449.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-operator:v4.8.0-202106291913.p0.git.9d679a1.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus:v4.8.0-202106291913.p0.git.f3beb88.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-sdn-rhel8:v4.8.0-202106291913.p0.git.00d84a9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-service-ca-operator:v4.8.0-202107131132.p0.git.bcc6df4.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-telemeter:v4.8.0-202106291913.p0.git.d6ceb8a.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-tests:v4.8.0-202107131424.p0.git.0d958c3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-thanos-rhel8:v4.8.0-202106291913.p0.git.c358e96.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-tools-rhel8:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vmware-vsphere-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.edbdd69.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vmware-vsphere-csi-driver-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.edbdd69.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-csi-driver-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-csi-driver-syncer-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-problem-detector-rhel8:v4.8.0-202106291913.p0.git.bf6f4fa.assembly.stream", "8Base-RHOSE-4.8:openshift4/ovirt-csi-driver-rhel7:v4.8.0-202106291913.p0.git.b1d4ec3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ovirt-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.7b6cd3d.assembly.stream" ] }, "references": [ { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2020-26160", "url": "https://www.cve.org/CVERecord?id=CVE-2020-26160" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-26160", "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-26160" }, { "category": "external", "summary": "https://snyk.io/vuln/SNYK-GOLANG-GITHUBCOMDGRIJALVAJWTGO-596515", "url": "https://snyk.io/vuln/SNYK-GOLANG-GITHUBCOMDGRIJALVAJWTGO-596515" }, { "category": "external", "summary": "CVE-2020-26160", "url": "https://access.redhat.com/security/cve/CVE-2020-26160" }, { "category": "external", "summary": "bz#1883371: CVE-2020-26160 jwt-go: access restriction bypass vulnerability", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1883371" } ], "release_date": "2020-09-15T00:00:00Z", "remediations": [ { "category": "vendor_fix", "details": "For OpenShift Container Platform 4.8 see the following documentation, which\nwill be updated shortly for this release, for important instructions on how\nto upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.8/release_notes/ocp-4-8-release-notes.html\n\nDetails on how to access this content are available at\nhttps://docs.openshift.com/container-platform/4.8/updating/updating-cluster-cli.html", "product_ids": [ "8Base-RHOSE-4.8:openshift4/ose-baremetal-installer-rhel8:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-etcd:v4.8.0-202106152230.p0.git.aefa6bf.assembly.stream" ], "url": "https://access.redhat.com/errata/RHSA-2021:2438" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1" }, "products": [ "8Base-RHOSE-4.8:openshift4/ose-baremetal-installer-rhel8:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-etcd:v4.8.0-202106152230.p0.git.aefa6bf.assembly.stream" ] } ], "threats": [ { "category": "impact", "date": "2020-09-23T00:00:00Z", "details": "Moderate" } ], "title": "CVE-2020-26160 jwt-go: access restriction bypass vulnerability" }, { "cve": "CVE-2020-28469", "cwe": { "id": "CWE-400", "name": "Uncontrolled Resource Consumption" }, "discovery_date": "2021-04-01T00:00:00Z", "flags": [ { "label": "component_not_present", "product_ids": [ "8Base-RHOSE-4.8:openshift4/driver-toolkit-rhel8:v4.8.0-202107210116.p0.git.37de0e6.assembly.stream", "8Base-RHOSE-4.8:openshift4/egress-router-cni-rhel8:v4.8.0-202106291913.p0.git.016bea1.assembly.stream", "8Base-RHOSE-4.8:openshift4/network-tools-rhel8:v4.8.0-202106291913.p0.git.5ac3739.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-ebs-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.d1fe616.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-ebs-csi-driver-rhel8:v4.8.0-202106291913.p0.git.8c036e4.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-machine-controllers:v4.8.0-202107131617.p0.git.4c66f3d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-pod-identity-webhook-rhel8:v4.8.0-202107081650.p0.git.2b8eee2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-azure-disk-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.d3a3c29.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-azure-disk-csi-driver-rhel8:v4.8.0-202106291913.p0.git.2d461b3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-azure-machine-controllers:v4.8.0-202106291913.p0.git.8301076.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-installer-rhel8:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-machine-controllers:v4.8.0-202106291913.p0.git.a60d493.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-rhel8-operator:v4.8.0-202106291913.p0.git.015024f.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-runtimecfg-rhel8:v4.8.0-202106291913.p0.git.c8b1456.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cli-artifacts:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cli:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cloud-credential-operator:v4.8.0-202106291913.p0.git.b8932e9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-authentication-operator:v4.8.0-202106302318.p0.git.0ec8dd7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-autoscaler-operator:v4.8.0-202106291913.p0.git.fdae5ba.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-autoscaler:v4.8.0-202107152024.p0.git.7bbde4c.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-baremetal-operator-rhel8:v4.8.0-202106291913.p0.git.04a2ae2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-bootstrap:v4.8.0-202106291913.p0.git.1af395b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-config-operator:v4.8.0-202106291913.p0.git.c102241.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator:v4.8.0-202106291913.p0.git.07b3f81.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-dns-operator:v4.8.0-202107010313.p0.git.fdb2ebe.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-etcd-rhel8-operator:v4.8.0-202106291913.p0.git.300bdf3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-image-registry-operator:v4.8.0-202106291913.p0.git.f09049a.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-ingress-operator:v4.8.0-202106291913.p0.git.e9e6295.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-apiserver-operator:v4.8.0-202106291913.p0.git.d928754.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-controller-manager-operator:v4.8.0-202107141920.p0.git.9dc35db.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-scheduler-operator:v4.8.0-202106291913.p0.git.170a5a6.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator:v4.8.0-202106291913.p0.git.c4f4f8b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-machine-approver:v4.8.0-202106291913.p0.git.724abd2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-monitoring-operator:v4.8.0-202107151437.p0.git.5cfe241.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-network-operator:v4.8.0-202106291913.p0.git.a5ebd1e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-node-tuning-operator:v4.8.0-202107091725.p0.git.6be3f67.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-openshift-apiserver-operator:v4.8.0-202106291913.p0.git.683d004.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-openshift-controller-manager-operator:v4.8.0-202106291913.p0.git.286c157.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-policy-controller-rhel8:v4.8.0-202106291913.p0.git.ec46ea5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-samples-operator:v4.8.0-202107152024.p0.git.31fb491.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-storage-operator:v4.8.0-202106291913.p0.git.0775fb6.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-update-keys:v4.8.0-202106152230.p0.git.87835b7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-version-operator:v4.8.0-202106291913.p0.git.ea6e779.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-configmap-reloader:v4.8.0-202106291913.p0.git.abc5c26.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-console-operator:v4.8.0-202106291913.p0.git.b5cf3e0.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-container-networking-plugins-rhel8:v4.8.0-202106291913.p0.git.a8801b0.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-coredns:v4.8.0-202106291913.p0.git.642b46e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-driver-manila-rhel8-operator:v4.8.0-202106291913.p0.git.7e86252.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-driver-manila-rhel8:v4.8.0-202106291913.p0.git.3579ead.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-driver-nfs-rhel8:v4.8.0-202106291913.p0.git.9404d34.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-attacher-rhel8:v4.8.0-202106291913.p0.git.596da63.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-attacher:v4.8.0-202106291913.p0.git.596da63.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-provisioner-rhel8:v4.8.0-202106291913.p0.git.3ea7e68.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-provisioner:v4.8.0-202106291913.p0.git.3ea7e68.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-resizer-rhel8:v4.8.0-202106291913.p0.git.b5dd2b3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-resizer:v4.8.0-202106291913.p0.git.b5dd2b3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-snapshotter-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-snapshotter:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-livenessprobe-rhel8:v4.8.0-202106291913.p0.git.a29b115.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-livenessprobe:v4.8.0-202106291913.p0.git.a29b115.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-node-driver-registrar-rhel8:v4.8.0-202106291913.p0.git.0519730.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-node-driver-registrar:v4.8.0-202106291913.p0.git.0519730.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-snapshot-controller-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-snapshot-controller:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-snapshot-validation-webhook-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-deployer:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-docker-builder:v4.8.0-202107152024.p0.git.70b7b95.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-docker-registry:v4.8.0-202106291913.p0.git.a87e6c5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-etcd:v4.8.0-202106152230.p0.git.aefa6bf.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-gcp-machine-controllers-rhel8:v4.8.0-202106291913.p0.git.34db56e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-gcp-pd-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.35ebe86.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-gcp-pd-csi-driver-rhel8:v4.8.0-202106291913.p0.git.0b61889.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-grafana:v4.8.0-202106291913.p0.git.b987e4b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-haproxy-router:v4.8.0-202106291913.p0.git.207d546.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-hyperkube:v4.8.0-202107161820.p0.git.051ac4f.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-insights-rhel8-operator:v4.8.0-202106291913.p0.git.2040a71.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-installer-artifacts:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-installer:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-hardware-inventory-recorder-rhel8:v4.8.0-202107191801.p0.git.61c4cc7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-inspector-rhel8:v4.8.0-202107191302.p0.git.9aafd07.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-ipa-downloader-rhel8:v4.8.0-202107152024.p0.git.ba87832.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-machine-os-downloader-rhel8:v4.8.0-202107152024.p0.git.71967e7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-rhel8:v4.8.0-202107191302.p0.git.227b76b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-static-ip-manager-rhel8:v4.8.0-202107152024.p0.git.d2e40e3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins-agent-base:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins-agent-maven:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins-agent-nodejs-12-rhel8:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-k8s-prometheus-adapter:v4.8.0-202106291913.p0.git.2856bc2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-keepalived-ipfailover:v4.8.0-202106152230.p0.git.ad38e11.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kube-proxy:v4.8.0-202106291913.p0.git.00d84a9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kube-state-metrics:v4.8.0-202106291913.p0.git.9471662.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kube-storage-version-migrator-rhel8:v4.8.0-202106291913.p0.git.901a6d2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kuryr-cni-rhel8:v4.8.0-202107191610.p0.git.8a4c2d8.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kuryr-controller-rhel8:v4.8.0-202107191610.p0.git.8a4c2d8.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-libvirt-machine-controllers:v4.8.0-202106291913.p0.git.1a48d4b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-machine-api-operator:v4.8.0-202107091016.p0.git.1155220.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-machine-config-operator:v4.8.0-202107011817.p0.git.29813c8.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-mdns-publisher-rhel8:v4.8.0-202106291913.p0.git.2c42cc4.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-admission-controller:v4.8.0-202106291913.p0.git.a7312f5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-cni:v4.8.0-202106291913.p0.git.0c97234.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-networkpolicy-rhel8:v4.8.0-202106291913.p0.git.187ad91.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-route-override-cni-rhel8:v4.8.0-202107152024.p0.git.1662c3e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-whereabouts-ipam-cni-rhel8:v4.8.0-202107152024.p0.git.9a05258.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-must-gather:v4.8.0-202106291913.p0.git.cc7e2a5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-network-metrics-daemon-rhel8:v4.8.0-202106291913.p0.git.f02c63a.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-oauth-apiserver-rhel8:v4.8.0-202106291913.p0.git.09435a5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-oauth-proxy:v4.8.0-202107152024.p0.git.3fc0d89.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-oauth-server-rhel8:v4.8.0-202106291913.p0.git.374e2ee.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openshift-apiserver-rhel8:v4.8.0-202106291913.p0.git.3949869.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openshift-controller-manager-rhel8:v4.8.0-202106291913.p0.git.2e25328.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openshift-state-metrics-rhel8:v4.8.0-202106291913.p0.git.1014291.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openstack-cinder-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.1184ace.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openstack-cinder-csi-driver-rhel8:v4.8.0-202106291913.p0.git.3579ead.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openstack-machine-controllers:v4.8.0-202106291913.p0.git.3024c78.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-operator-lifecycle-manager:v4.8.0-202107160028.p0.git.2b803dd.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-operator-marketplace:v4.8.0-202106291913.p0.git.e39ff59.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-operator-registry:v4.8.0-202107160028.p0.git.2b803dd.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ovirt-machine-controllers-rhel8:v4.8.0-202106291913.p0.git.86c1675.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ovn-kubernetes:v4.8.0-202106291913.p0.git.dbc67b5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-pod:v4.8.0-202107161820.p0.git.051ac4f.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prom-label-proxy:v4.8.0-202106291913.p0.git.2faeb40.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-alertmanager:v4.8.0-202106291913.p0.git.7b5ac87.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-config-reloader:v4.8.0-202106291913.p0.git.9d679a1.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-node-exporter:v4.8.0-202106291913.p0.git.c926449.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-operator:v4.8.0-202106291913.p0.git.9d679a1.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus:v4.8.0-202106291913.p0.git.f3beb88.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-sdn-rhel8:v4.8.0-202106291913.p0.git.00d84a9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-service-ca-operator:v4.8.0-202107131132.p0.git.bcc6df4.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-telemeter:v4.8.0-202106291913.p0.git.d6ceb8a.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-tests:v4.8.0-202107131424.p0.git.0d958c3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-thanos-rhel8:v4.8.0-202106291913.p0.git.c358e96.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-tools-rhel8:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vmware-vsphere-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.edbdd69.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vmware-vsphere-csi-driver-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.edbdd69.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-csi-driver-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-csi-driver-syncer-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-problem-detector-rhel8:v4.8.0-202106291913.p0.git.bf6f4fa.assembly.stream", "8Base-RHOSE-4.8:openshift4/ovirt-csi-driver-rhel7:v4.8.0-202106291913.p0.git.b1d4ec3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ovirt-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.7b6cd3d.assembly.stream" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla", "text": "https://bugzilla.redhat.com/show_bug.cgi?id=1945459" } ], "notes": [ { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" }, { "category": "description", "text": "A flaw was found in nodejs-glob-parent. The enclosure regex used to check for glob enclosures containing backslashes is vulnerable to Regular Expression Denial of Service attacks. This flaw allows an attacker to cause a denial of service if they can supply a malicious string to the glob-parent function. The highest threat from this vulnerability is to system availability.", "title": "Vulnerability description" }, { "category": "summary", "text": "nodejs-glob-parent: Regular expression denial of service", "title": "Vulnerability summary" } ], "product_status": { "fixed": [ "8Base-RHOSE-4.8:openshift4/ose-console:v4.8.0-202107010336.p0.git.188a490.assembly.stream" ], "known_not_affected": [ "8Base-RHOSE-4.8:openshift4/driver-toolkit-rhel8:v4.8.0-202107210116.p0.git.37de0e6.assembly.stream", "8Base-RHOSE-4.8:openshift4/egress-router-cni-rhel8:v4.8.0-202106291913.p0.git.016bea1.assembly.stream", "8Base-RHOSE-4.8:openshift4/network-tools-rhel8:v4.8.0-202106291913.p0.git.5ac3739.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-ebs-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.d1fe616.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-ebs-csi-driver-rhel8:v4.8.0-202106291913.p0.git.8c036e4.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-machine-controllers:v4.8.0-202107131617.p0.git.4c66f3d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-pod-identity-webhook-rhel8:v4.8.0-202107081650.p0.git.2b8eee2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-azure-disk-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.d3a3c29.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-azure-disk-csi-driver-rhel8:v4.8.0-202106291913.p0.git.2d461b3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-azure-machine-controllers:v4.8.0-202106291913.p0.git.8301076.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-installer-rhel8:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-machine-controllers:v4.8.0-202106291913.p0.git.a60d493.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-rhel8-operator:v4.8.0-202106291913.p0.git.015024f.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-runtimecfg-rhel8:v4.8.0-202106291913.p0.git.c8b1456.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cli-artifacts:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cli:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cloud-credential-operator:v4.8.0-202106291913.p0.git.b8932e9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-authentication-operator:v4.8.0-202106302318.p0.git.0ec8dd7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-autoscaler-operator:v4.8.0-202106291913.p0.git.fdae5ba.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-autoscaler:v4.8.0-202107152024.p0.git.7bbde4c.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-baremetal-operator-rhel8:v4.8.0-202106291913.p0.git.04a2ae2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-bootstrap:v4.8.0-202106291913.p0.git.1af395b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-config-operator:v4.8.0-202106291913.p0.git.c102241.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator:v4.8.0-202106291913.p0.git.07b3f81.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-dns-operator:v4.8.0-202107010313.p0.git.fdb2ebe.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-etcd-rhel8-operator:v4.8.0-202106291913.p0.git.300bdf3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-image-registry-operator:v4.8.0-202106291913.p0.git.f09049a.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-ingress-operator:v4.8.0-202106291913.p0.git.e9e6295.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-apiserver-operator:v4.8.0-202106291913.p0.git.d928754.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-controller-manager-operator:v4.8.0-202107141920.p0.git.9dc35db.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-scheduler-operator:v4.8.0-202106291913.p0.git.170a5a6.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator:v4.8.0-202106291913.p0.git.c4f4f8b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-machine-approver:v4.8.0-202106291913.p0.git.724abd2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-monitoring-operator:v4.8.0-202107151437.p0.git.5cfe241.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-network-operator:v4.8.0-202106291913.p0.git.a5ebd1e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-node-tuning-operator:v4.8.0-202107091725.p0.git.6be3f67.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-openshift-apiserver-operator:v4.8.0-202106291913.p0.git.683d004.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-openshift-controller-manager-operator:v4.8.0-202106291913.p0.git.286c157.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-policy-controller-rhel8:v4.8.0-202106291913.p0.git.ec46ea5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-samples-operator:v4.8.0-202107152024.p0.git.31fb491.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-storage-operator:v4.8.0-202106291913.p0.git.0775fb6.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-update-keys:v4.8.0-202106152230.p0.git.87835b7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-version-operator:v4.8.0-202106291913.p0.git.ea6e779.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-configmap-reloader:v4.8.0-202106291913.p0.git.abc5c26.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-console-operator:v4.8.0-202106291913.p0.git.b5cf3e0.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-container-networking-plugins-rhel8:v4.8.0-202106291913.p0.git.a8801b0.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-coredns:v4.8.0-202106291913.p0.git.642b46e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-driver-manila-rhel8-operator:v4.8.0-202106291913.p0.git.7e86252.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-driver-manila-rhel8:v4.8.0-202106291913.p0.git.3579ead.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-driver-nfs-rhel8:v4.8.0-202106291913.p0.git.9404d34.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-attacher-rhel8:v4.8.0-202106291913.p0.git.596da63.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-attacher:v4.8.0-202106291913.p0.git.596da63.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-provisioner-rhel8:v4.8.0-202106291913.p0.git.3ea7e68.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-provisioner:v4.8.0-202106291913.p0.git.3ea7e68.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-resizer-rhel8:v4.8.0-202106291913.p0.git.b5dd2b3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-resizer:v4.8.0-202106291913.p0.git.b5dd2b3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-snapshotter-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-snapshotter:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-livenessprobe-rhel8:v4.8.0-202106291913.p0.git.a29b115.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-livenessprobe:v4.8.0-202106291913.p0.git.a29b115.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-node-driver-registrar-rhel8:v4.8.0-202106291913.p0.git.0519730.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-node-driver-registrar:v4.8.0-202106291913.p0.git.0519730.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-snapshot-controller-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-snapshot-controller:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-snapshot-validation-webhook-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-deployer:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-docker-builder:v4.8.0-202107152024.p0.git.70b7b95.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-docker-registry:v4.8.0-202106291913.p0.git.a87e6c5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-etcd:v4.8.0-202106152230.p0.git.aefa6bf.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-gcp-machine-controllers-rhel8:v4.8.0-202106291913.p0.git.34db56e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-gcp-pd-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.35ebe86.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-gcp-pd-csi-driver-rhel8:v4.8.0-202106291913.p0.git.0b61889.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-grafana:v4.8.0-202106291913.p0.git.b987e4b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-haproxy-router:v4.8.0-202106291913.p0.git.207d546.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-hyperkube:v4.8.0-202107161820.p0.git.051ac4f.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-insights-rhel8-operator:v4.8.0-202106291913.p0.git.2040a71.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-installer-artifacts:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-installer:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-hardware-inventory-recorder-rhel8:v4.8.0-202107191801.p0.git.61c4cc7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-inspector-rhel8:v4.8.0-202107191302.p0.git.9aafd07.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-ipa-downloader-rhel8:v4.8.0-202107152024.p0.git.ba87832.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-machine-os-downloader-rhel8:v4.8.0-202107152024.p0.git.71967e7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-rhel8:v4.8.0-202107191302.p0.git.227b76b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-static-ip-manager-rhel8:v4.8.0-202107152024.p0.git.d2e40e3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins-agent-base:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins-agent-maven:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins-agent-nodejs-12-rhel8:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-k8s-prometheus-adapter:v4.8.0-202106291913.p0.git.2856bc2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-keepalived-ipfailover:v4.8.0-202106152230.p0.git.ad38e11.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kube-proxy:v4.8.0-202106291913.p0.git.00d84a9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kube-state-metrics:v4.8.0-202106291913.p0.git.9471662.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kube-storage-version-migrator-rhel8:v4.8.0-202106291913.p0.git.901a6d2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kuryr-cni-rhel8:v4.8.0-202107191610.p0.git.8a4c2d8.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kuryr-controller-rhel8:v4.8.0-202107191610.p0.git.8a4c2d8.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-libvirt-machine-controllers:v4.8.0-202106291913.p0.git.1a48d4b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-machine-api-operator:v4.8.0-202107091016.p0.git.1155220.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-machine-config-operator:v4.8.0-202107011817.p0.git.29813c8.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-mdns-publisher-rhel8:v4.8.0-202106291913.p0.git.2c42cc4.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-admission-controller:v4.8.0-202106291913.p0.git.a7312f5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-cni:v4.8.0-202106291913.p0.git.0c97234.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-networkpolicy-rhel8:v4.8.0-202106291913.p0.git.187ad91.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-route-override-cni-rhel8:v4.8.0-202107152024.p0.git.1662c3e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-whereabouts-ipam-cni-rhel8:v4.8.0-202107152024.p0.git.9a05258.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-must-gather:v4.8.0-202106291913.p0.git.cc7e2a5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-network-metrics-daemon-rhel8:v4.8.0-202106291913.p0.git.f02c63a.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-oauth-apiserver-rhel8:v4.8.0-202106291913.p0.git.09435a5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-oauth-proxy:v4.8.0-202107152024.p0.git.3fc0d89.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-oauth-server-rhel8:v4.8.0-202106291913.p0.git.374e2ee.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openshift-apiserver-rhel8:v4.8.0-202106291913.p0.git.3949869.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openshift-controller-manager-rhel8:v4.8.0-202106291913.p0.git.2e25328.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openshift-state-metrics-rhel8:v4.8.0-202106291913.p0.git.1014291.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openstack-cinder-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.1184ace.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openstack-cinder-csi-driver-rhel8:v4.8.0-202106291913.p0.git.3579ead.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openstack-machine-controllers:v4.8.0-202106291913.p0.git.3024c78.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-operator-lifecycle-manager:v4.8.0-202107160028.p0.git.2b803dd.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-operator-marketplace:v4.8.0-202106291913.p0.git.e39ff59.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-operator-registry:v4.8.0-202107160028.p0.git.2b803dd.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ovirt-machine-controllers-rhel8:v4.8.0-202106291913.p0.git.86c1675.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ovn-kubernetes:v4.8.0-202106291913.p0.git.dbc67b5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-pod:v4.8.0-202107161820.p0.git.051ac4f.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prom-label-proxy:v4.8.0-202106291913.p0.git.2faeb40.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-alertmanager:v4.8.0-202106291913.p0.git.7b5ac87.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-config-reloader:v4.8.0-202106291913.p0.git.9d679a1.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-node-exporter:v4.8.0-202106291913.p0.git.c926449.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-operator:v4.8.0-202106291913.p0.git.9d679a1.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus:v4.8.0-202106291913.p0.git.f3beb88.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-sdn-rhel8:v4.8.0-202106291913.p0.git.00d84a9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-service-ca-operator:v4.8.0-202107131132.p0.git.bcc6df4.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-telemeter:v4.8.0-202106291913.p0.git.d6ceb8a.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-tests:v4.8.0-202107131424.p0.git.0d958c3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-thanos-rhel8:v4.8.0-202106291913.p0.git.c358e96.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-tools-rhel8:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vmware-vsphere-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.edbdd69.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vmware-vsphere-csi-driver-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.edbdd69.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-csi-driver-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-csi-driver-syncer-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-problem-detector-rhel8:v4.8.0-202106291913.p0.git.bf6f4fa.assembly.stream", "8Base-RHOSE-4.8:openshift4/ovirt-csi-driver-rhel7:v4.8.0-202106291913.p0.git.b1d4ec3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ovirt-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.7b6cd3d.assembly.stream" ] }, "references": [ { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2020-28469", "url": "https://www.cve.org/CVERecord?id=CVE-2020-28469" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-28469", "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-28469" }, { "category": "external", "summary": "https://snyk.io/vuln/SNYK-JS-GLOBPARENT-1016905", "url": "https://snyk.io/vuln/SNYK-JS-GLOBPARENT-1016905" }, { "category": "external", "summary": "CVE-2020-28469", "url": "https://access.redhat.com/security/cve/CVE-2020-28469" }, { "category": "external", "summary": "bz#1945459: CVE-2020-28469 nodejs-glob-parent: Regular expression denial of service", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1945459" } ], "release_date": "2021-01-12T00:00:00Z", "remediations": [ { "category": "vendor_fix", "details": "For OpenShift Container Platform 4.8 see the following documentation, which\nwill be updated shortly for this release, for important instructions on how\nto upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.8/release_notes/ocp-4-8-release-notes.html\n\nDetails on how to access this content are available at\nhttps://docs.openshift.com/container-platform/4.8/updating/updating-cluster-cli.html", "product_ids": [ "8Base-RHOSE-4.8:openshift4/ose-console:v4.8.0-202107010336.p0.git.188a490.assembly.stream" ], "url": "https://access.redhat.com/errata/RHSA-2021:2438" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "8Base-RHOSE-4.8:openshift4/ose-console:v4.8.0-202107010336.p0.git.188a490.assembly.stream" ] } ], "threats": [ { "category": "impact", "date": "2021-04-01T00:00:00Z", "details": "Moderate" } ], "title": "CVE-2020-28469 nodejs-glob-parent: Regular expression denial of service" }, { "cve": "CVE-2020-28500", "cwe": { "id": "CWE-400", "name": "Uncontrolled Resource Consumption" }, "discovery_date": "2021-02-15T00:00:00Z", "flags": [ { "label": "component_not_present", "product_ids": [ "8Base-RHOSE-4.8:openshift4/driver-toolkit-rhel8:v4.8.0-202107210116.p0.git.37de0e6.assembly.stream", "8Base-RHOSE-4.8:openshift4/egress-router-cni-rhel8:v4.8.0-202106291913.p0.git.016bea1.assembly.stream", "8Base-RHOSE-4.8:openshift4/network-tools-rhel8:v4.8.0-202106291913.p0.git.5ac3739.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-ebs-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.d1fe616.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-ebs-csi-driver-rhel8:v4.8.0-202106291913.p0.git.8c036e4.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-machine-controllers:v4.8.0-202107131617.p0.git.4c66f3d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-pod-identity-webhook-rhel8:v4.8.0-202107081650.p0.git.2b8eee2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-azure-disk-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.d3a3c29.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-azure-disk-csi-driver-rhel8:v4.8.0-202106291913.p0.git.2d461b3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-azure-machine-controllers:v4.8.0-202106291913.p0.git.8301076.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-installer-rhel8:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-machine-controllers:v4.8.0-202106291913.p0.git.a60d493.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-rhel8-operator:v4.8.0-202106291913.p0.git.015024f.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-runtimecfg-rhel8:v4.8.0-202106291913.p0.git.c8b1456.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cli-artifacts:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cli:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cloud-credential-operator:v4.8.0-202106291913.p0.git.b8932e9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-authentication-operator:v4.8.0-202106302318.p0.git.0ec8dd7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-autoscaler-operator:v4.8.0-202106291913.p0.git.fdae5ba.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-autoscaler:v4.8.0-202107152024.p0.git.7bbde4c.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-baremetal-operator-rhel8:v4.8.0-202106291913.p0.git.04a2ae2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-bootstrap:v4.8.0-202106291913.p0.git.1af395b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-config-operator:v4.8.0-202106291913.p0.git.c102241.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator:v4.8.0-202106291913.p0.git.07b3f81.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-dns-operator:v4.8.0-202107010313.p0.git.fdb2ebe.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-etcd-rhel8-operator:v4.8.0-202106291913.p0.git.300bdf3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-image-registry-operator:v4.8.0-202106291913.p0.git.f09049a.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-ingress-operator:v4.8.0-202106291913.p0.git.e9e6295.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-apiserver-operator:v4.8.0-202106291913.p0.git.d928754.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-controller-manager-operator:v4.8.0-202107141920.p0.git.9dc35db.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-scheduler-operator:v4.8.0-202106291913.p0.git.170a5a6.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator:v4.8.0-202106291913.p0.git.c4f4f8b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-machine-approver:v4.8.0-202106291913.p0.git.724abd2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-monitoring-operator:v4.8.0-202107151437.p0.git.5cfe241.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-network-operator:v4.8.0-202106291913.p0.git.a5ebd1e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-node-tuning-operator:v4.8.0-202107091725.p0.git.6be3f67.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-openshift-apiserver-operator:v4.8.0-202106291913.p0.git.683d004.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-openshift-controller-manager-operator:v4.8.0-202106291913.p0.git.286c157.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-policy-controller-rhel8:v4.8.0-202106291913.p0.git.ec46ea5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-samples-operator:v4.8.0-202107152024.p0.git.31fb491.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-storage-operator:v4.8.0-202106291913.p0.git.0775fb6.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-update-keys:v4.8.0-202106152230.p0.git.87835b7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-version-operator:v4.8.0-202106291913.p0.git.ea6e779.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-configmap-reloader:v4.8.0-202106291913.p0.git.abc5c26.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-console-operator:v4.8.0-202106291913.p0.git.b5cf3e0.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-container-networking-plugins-rhel8:v4.8.0-202106291913.p0.git.a8801b0.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-coredns:v4.8.0-202106291913.p0.git.642b46e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-driver-manila-rhel8-operator:v4.8.0-202106291913.p0.git.7e86252.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-driver-manila-rhel8:v4.8.0-202106291913.p0.git.3579ead.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-driver-nfs-rhel8:v4.8.0-202106291913.p0.git.9404d34.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-attacher-rhel8:v4.8.0-202106291913.p0.git.596da63.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-attacher:v4.8.0-202106291913.p0.git.596da63.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-provisioner-rhel8:v4.8.0-202106291913.p0.git.3ea7e68.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-provisioner:v4.8.0-202106291913.p0.git.3ea7e68.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-resizer-rhel8:v4.8.0-202106291913.p0.git.b5dd2b3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-resizer:v4.8.0-202106291913.p0.git.b5dd2b3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-snapshotter-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-snapshotter:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-livenessprobe-rhel8:v4.8.0-202106291913.p0.git.a29b115.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-livenessprobe:v4.8.0-202106291913.p0.git.a29b115.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-node-driver-registrar-rhel8:v4.8.0-202106291913.p0.git.0519730.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-node-driver-registrar:v4.8.0-202106291913.p0.git.0519730.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-snapshot-controller-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-snapshot-controller:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-snapshot-validation-webhook-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-deployer:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-docker-builder:v4.8.0-202107152024.p0.git.70b7b95.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-docker-registry:v4.8.0-202106291913.p0.git.a87e6c5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-etcd:v4.8.0-202106152230.p0.git.aefa6bf.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-gcp-machine-controllers-rhel8:v4.8.0-202106291913.p0.git.34db56e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-gcp-pd-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.35ebe86.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-gcp-pd-csi-driver-rhel8:v4.8.0-202106291913.p0.git.0b61889.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-haproxy-router:v4.8.0-202106291913.p0.git.207d546.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-hyperkube:v4.8.0-202107161820.p0.git.051ac4f.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-insights-rhel8-operator:v4.8.0-202106291913.p0.git.2040a71.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-installer-artifacts:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-installer:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-hardware-inventory-recorder-rhel8:v4.8.0-202107191801.p0.git.61c4cc7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-inspector-rhel8:v4.8.0-202107191302.p0.git.9aafd07.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-ipa-downloader-rhel8:v4.8.0-202107152024.p0.git.ba87832.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-machine-os-downloader-rhel8:v4.8.0-202107152024.p0.git.71967e7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-rhel8:v4.8.0-202107191302.p0.git.227b76b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-static-ip-manager-rhel8:v4.8.0-202107152024.p0.git.d2e40e3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins-agent-base:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins-agent-maven:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins-agent-nodejs-12-rhel8:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-k8s-prometheus-adapter:v4.8.0-202106291913.p0.git.2856bc2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-keepalived-ipfailover:v4.8.0-202106152230.p0.git.ad38e11.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kube-proxy:v4.8.0-202106291913.p0.git.00d84a9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kube-state-metrics:v4.8.0-202106291913.p0.git.9471662.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kube-storage-version-migrator-rhel8:v4.8.0-202106291913.p0.git.901a6d2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kuryr-cni-rhel8:v4.8.0-202107191610.p0.git.8a4c2d8.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kuryr-controller-rhel8:v4.8.0-202107191610.p0.git.8a4c2d8.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-libvirt-machine-controllers:v4.8.0-202106291913.p0.git.1a48d4b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-machine-api-operator:v4.8.0-202107091016.p0.git.1155220.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-machine-config-operator:v4.8.0-202107011817.p0.git.29813c8.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-mdns-publisher-rhel8:v4.8.0-202106291913.p0.git.2c42cc4.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-admission-controller:v4.8.0-202106291913.p0.git.a7312f5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-cni:v4.8.0-202106291913.p0.git.0c97234.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-networkpolicy-rhel8:v4.8.0-202106291913.p0.git.187ad91.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-route-override-cni-rhel8:v4.8.0-202107152024.p0.git.1662c3e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-whereabouts-ipam-cni-rhel8:v4.8.0-202107152024.p0.git.9a05258.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-must-gather:v4.8.0-202106291913.p0.git.cc7e2a5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-network-metrics-daemon-rhel8:v4.8.0-202106291913.p0.git.f02c63a.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-oauth-apiserver-rhel8:v4.8.0-202106291913.p0.git.09435a5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-oauth-proxy:v4.8.0-202107152024.p0.git.3fc0d89.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-oauth-server-rhel8:v4.8.0-202106291913.p0.git.374e2ee.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openshift-apiserver-rhel8:v4.8.0-202106291913.p0.git.3949869.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openshift-controller-manager-rhel8:v4.8.0-202106291913.p0.git.2e25328.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openshift-state-metrics-rhel8:v4.8.0-202106291913.p0.git.1014291.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openstack-cinder-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.1184ace.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openstack-cinder-csi-driver-rhel8:v4.8.0-202106291913.p0.git.3579ead.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openstack-machine-controllers:v4.8.0-202106291913.p0.git.3024c78.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-operator-lifecycle-manager:v4.8.0-202107160028.p0.git.2b803dd.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-operator-marketplace:v4.8.0-202106291913.p0.git.e39ff59.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-operator-registry:v4.8.0-202107160028.p0.git.2b803dd.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ovirt-machine-controllers-rhel8:v4.8.0-202106291913.p0.git.86c1675.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ovn-kubernetes:v4.8.0-202106291913.p0.git.dbc67b5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-pod:v4.8.0-202107161820.p0.git.051ac4f.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prom-label-proxy:v4.8.0-202106291913.p0.git.2faeb40.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-alertmanager:v4.8.0-202106291913.p0.git.7b5ac87.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-config-reloader:v4.8.0-202106291913.p0.git.9d679a1.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-node-exporter:v4.8.0-202106291913.p0.git.c926449.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-operator:v4.8.0-202106291913.p0.git.9d679a1.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-sdn-rhel8:v4.8.0-202106291913.p0.git.00d84a9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-service-ca-operator:v4.8.0-202107131132.p0.git.bcc6df4.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-telemeter:v4.8.0-202106291913.p0.git.d6ceb8a.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-tests:v4.8.0-202107131424.p0.git.0d958c3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-tools-rhel8:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vmware-vsphere-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.edbdd69.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vmware-vsphere-csi-driver-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.edbdd69.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-csi-driver-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-csi-driver-syncer-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-problem-detector-rhel8:v4.8.0-202106291913.p0.git.bf6f4fa.assembly.stream", "8Base-RHOSE-4.8:openshift4/ovirt-csi-driver-rhel7:v4.8.0-202106291913.p0.git.b1d4ec3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ovirt-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.7b6cd3d.assembly.stream" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla", "text": "https://bugzilla.redhat.com/show_bug.cgi?id=1928954" } ], "notes": [ { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" }, { "category": "description", "text": "A flaw was found in nodejs-lodash. A Regular Expression Denial of Service (ReDoS) via the toNumber, trim and trimEnd functions is possible.", "title": "Vulnerability description" }, { "category": "summary", "text": "nodejs-lodash: ReDoS via the toNumber, trim and trimEnd functions", "title": "Vulnerability summary" } ], "product_status": { "fixed": [ "8Base-RHOSE-4.8:openshift4/ose-console:v4.8.0-202107010336.p0.git.188a490.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-grafana:v4.8.0-202106291913.p0.git.b987e4b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus:v4.8.0-202106291913.p0.git.f3beb88.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-thanos-rhel8:v4.8.0-202106291913.p0.git.c358e96.assembly.stream" ], "known_not_affected": [ "8Base-RHOSE-4.8:openshift4/driver-toolkit-rhel8:v4.8.0-202107210116.p0.git.37de0e6.assembly.stream", "8Base-RHOSE-4.8:openshift4/egress-router-cni-rhel8:v4.8.0-202106291913.p0.git.016bea1.assembly.stream", "8Base-RHOSE-4.8:openshift4/network-tools-rhel8:v4.8.0-202106291913.p0.git.5ac3739.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-ebs-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.d1fe616.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-ebs-csi-driver-rhel8:v4.8.0-202106291913.p0.git.8c036e4.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-machine-controllers:v4.8.0-202107131617.p0.git.4c66f3d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-pod-identity-webhook-rhel8:v4.8.0-202107081650.p0.git.2b8eee2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-azure-disk-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.d3a3c29.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-azure-disk-csi-driver-rhel8:v4.8.0-202106291913.p0.git.2d461b3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-azure-machine-controllers:v4.8.0-202106291913.p0.git.8301076.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-installer-rhel8:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-machine-controllers:v4.8.0-202106291913.p0.git.a60d493.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-rhel8-operator:v4.8.0-202106291913.p0.git.015024f.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-runtimecfg-rhel8:v4.8.0-202106291913.p0.git.c8b1456.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cli-artifacts:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cli:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cloud-credential-operator:v4.8.0-202106291913.p0.git.b8932e9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-authentication-operator:v4.8.0-202106302318.p0.git.0ec8dd7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-autoscaler-operator:v4.8.0-202106291913.p0.git.fdae5ba.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-autoscaler:v4.8.0-202107152024.p0.git.7bbde4c.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-baremetal-operator-rhel8:v4.8.0-202106291913.p0.git.04a2ae2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-bootstrap:v4.8.0-202106291913.p0.git.1af395b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-config-operator:v4.8.0-202106291913.p0.git.c102241.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator:v4.8.0-202106291913.p0.git.07b3f81.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-dns-operator:v4.8.0-202107010313.p0.git.fdb2ebe.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-etcd-rhel8-operator:v4.8.0-202106291913.p0.git.300bdf3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-image-registry-operator:v4.8.0-202106291913.p0.git.f09049a.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-ingress-operator:v4.8.0-202106291913.p0.git.e9e6295.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-apiserver-operator:v4.8.0-202106291913.p0.git.d928754.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-controller-manager-operator:v4.8.0-202107141920.p0.git.9dc35db.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-scheduler-operator:v4.8.0-202106291913.p0.git.170a5a6.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator:v4.8.0-202106291913.p0.git.c4f4f8b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-machine-approver:v4.8.0-202106291913.p0.git.724abd2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-monitoring-operator:v4.8.0-202107151437.p0.git.5cfe241.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-network-operator:v4.8.0-202106291913.p0.git.a5ebd1e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-node-tuning-operator:v4.8.0-202107091725.p0.git.6be3f67.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-openshift-apiserver-operator:v4.8.0-202106291913.p0.git.683d004.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-openshift-controller-manager-operator:v4.8.0-202106291913.p0.git.286c157.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-policy-controller-rhel8:v4.8.0-202106291913.p0.git.ec46ea5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-samples-operator:v4.8.0-202107152024.p0.git.31fb491.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-storage-operator:v4.8.0-202106291913.p0.git.0775fb6.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-update-keys:v4.8.0-202106152230.p0.git.87835b7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-version-operator:v4.8.0-202106291913.p0.git.ea6e779.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-configmap-reloader:v4.8.0-202106291913.p0.git.abc5c26.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-console-operator:v4.8.0-202106291913.p0.git.b5cf3e0.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-container-networking-plugins-rhel8:v4.8.0-202106291913.p0.git.a8801b0.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-coredns:v4.8.0-202106291913.p0.git.642b46e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-driver-manila-rhel8-operator:v4.8.0-202106291913.p0.git.7e86252.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-driver-manila-rhel8:v4.8.0-202106291913.p0.git.3579ead.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-driver-nfs-rhel8:v4.8.0-202106291913.p0.git.9404d34.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-attacher-rhel8:v4.8.0-202106291913.p0.git.596da63.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-attacher:v4.8.0-202106291913.p0.git.596da63.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-provisioner-rhel8:v4.8.0-202106291913.p0.git.3ea7e68.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-provisioner:v4.8.0-202106291913.p0.git.3ea7e68.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-resizer-rhel8:v4.8.0-202106291913.p0.git.b5dd2b3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-resizer:v4.8.0-202106291913.p0.git.b5dd2b3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-snapshotter-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-snapshotter:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-livenessprobe-rhel8:v4.8.0-202106291913.p0.git.a29b115.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-livenessprobe:v4.8.0-202106291913.p0.git.a29b115.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-node-driver-registrar-rhel8:v4.8.0-202106291913.p0.git.0519730.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-node-driver-registrar:v4.8.0-202106291913.p0.git.0519730.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-snapshot-controller-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-snapshot-controller:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-snapshot-validation-webhook-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-deployer:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-docker-builder:v4.8.0-202107152024.p0.git.70b7b95.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-docker-registry:v4.8.0-202106291913.p0.git.a87e6c5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-etcd:v4.8.0-202106152230.p0.git.aefa6bf.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-gcp-machine-controllers-rhel8:v4.8.0-202106291913.p0.git.34db56e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-gcp-pd-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.35ebe86.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-gcp-pd-csi-driver-rhel8:v4.8.0-202106291913.p0.git.0b61889.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-haproxy-router:v4.8.0-202106291913.p0.git.207d546.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-hyperkube:v4.8.0-202107161820.p0.git.051ac4f.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-insights-rhel8-operator:v4.8.0-202106291913.p0.git.2040a71.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-installer-artifacts:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-installer:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-hardware-inventory-recorder-rhel8:v4.8.0-202107191801.p0.git.61c4cc7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-inspector-rhel8:v4.8.0-202107191302.p0.git.9aafd07.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-ipa-downloader-rhel8:v4.8.0-202107152024.p0.git.ba87832.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-machine-os-downloader-rhel8:v4.8.0-202107152024.p0.git.71967e7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-rhel8:v4.8.0-202107191302.p0.git.227b76b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-static-ip-manager-rhel8:v4.8.0-202107152024.p0.git.d2e40e3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins-agent-base:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins-agent-maven:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins-agent-nodejs-12-rhel8:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-k8s-prometheus-adapter:v4.8.0-202106291913.p0.git.2856bc2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-keepalived-ipfailover:v4.8.0-202106152230.p0.git.ad38e11.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kube-proxy:v4.8.0-202106291913.p0.git.00d84a9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kube-state-metrics:v4.8.0-202106291913.p0.git.9471662.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kube-storage-version-migrator-rhel8:v4.8.0-202106291913.p0.git.901a6d2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kuryr-cni-rhel8:v4.8.0-202107191610.p0.git.8a4c2d8.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kuryr-controller-rhel8:v4.8.0-202107191610.p0.git.8a4c2d8.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-libvirt-machine-controllers:v4.8.0-202106291913.p0.git.1a48d4b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-machine-api-operator:v4.8.0-202107091016.p0.git.1155220.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-machine-config-operator:v4.8.0-202107011817.p0.git.29813c8.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-mdns-publisher-rhel8:v4.8.0-202106291913.p0.git.2c42cc4.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-admission-controller:v4.8.0-202106291913.p0.git.a7312f5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-cni:v4.8.0-202106291913.p0.git.0c97234.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-networkpolicy-rhel8:v4.8.0-202106291913.p0.git.187ad91.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-route-override-cni-rhel8:v4.8.0-202107152024.p0.git.1662c3e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-whereabouts-ipam-cni-rhel8:v4.8.0-202107152024.p0.git.9a05258.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-must-gather:v4.8.0-202106291913.p0.git.cc7e2a5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-network-metrics-daemon-rhel8:v4.8.0-202106291913.p0.git.f02c63a.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-oauth-apiserver-rhel8:v4.8.0-202106291913.p0.git.09435a5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-oauth-proxy:v4.8.0-202107152024.p0.git.3fc0d89.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-oauth-server-rhel8:v4.8.0-202106291913.p0.git.374e2ee.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openshift-apiserver-rhel8:v4.8.0-202106291913.p0.git.3949869.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openshift-controller-manager-rhel8:v4.8.0-202106291913.p0.git.2e25328.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openshift-state-metrics-rhel8:v4.8.0-202106291913.p0.git.1014291.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openstack-cinder-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.1184ace.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openstack-cinder-csi-driver-rhel8:v4.8.0-202106291913.p0.git.3579ead.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openstack-machine-controllers:v4.8.0-202106291913.p0.git.3024c78.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-operator-lifecycle-manager:v4.8.0-202107160028.p0.git.2b803dd.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-operator-marketplace:v4.8.0-202106291913.p0.git.e39ff59.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-operator-registry:v4.8.0-202107160028.p0.git.2b803dd.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ovirt-machine-controllers-rhel8:v4.8.0-202106291913.p0.git.86c1675.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ovn-kubernetes:v4.8.0-202106291913.p0.git.dbc67b5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-pod:v4.8.0-202107161820.p0.git.051ac4f.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prom-label-proxy:v4.8.0-202106291913.p0.git.2faeb40.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-alertmanager:v4.8.0-202106291913.p0.git.7b5ac87.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-config-reloader:v4.8.0-202106291913.p0.git.9d679a1.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-node-exporter:v4.8.0-202106291913.p0.git.c926449.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-operator:v4.8.0-202106291913.p0.git.9d679a1.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-sdn-rhel8:v4.8.0-202106291913.p0.git.00d84a9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-service-ca-operator:v4.8.0-202107131132.p0.git.bcc6df4.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-telemeter:v4.8.0-202106291913.p0.git.d6ceb8a.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-tests:v4.8.0-202107131424.p0.git.0d958c3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-tools-rhel8:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vmware-vsphere-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.edbdd69.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vmware-vsphere-csi-driver-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.edbdd69.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-csi-driver-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-csi-driver-syncer-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-problem-detector-rhel8:v4.8.0-202106291913.p0.git.bf6f4fa.assembly.stream", "8Base-RHOSE-4.8:openshift4/ovirt-csi-driver-rhel7:v4.8.0-202106291913.p0.git.b1d4ec3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ovirt-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.7b6cd3d.assembly.stream" ] }, "references": [ { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2020-28500", "url": "https://www.cve.org/CVERecord?id=CVE-2020-28500" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-28500", "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-28500" }, { "category": "external", "summary": "https://snyk.io/vuln/SNYK-JS-LODASH-1018905", "url": "https://snyk.io/vuln/SNYK-JS-LODASH-1018905" }, { "category": "external", "summary": "CVE-2020-28500", "url": "https://access.redhat.com/security/cve/CVE-2020-28500" }, { "category": "external", "summary": "bz#1928954: CVE-2020-28500 nodejs-lodash: ReDoS via the toNumber, trim and trimEnd functions", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1928954" } ], "release_date": "2021-02-15T00:00:00Z", "remediations": [ { "category": "vendor_fix", "details": "For OpenShift Container Platform 4.8 see the following documentation, which\nwill be updated shortly for this release, for important instructions on how\nto upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.8/release_notes/ocp-4-8-release-notes.html\n\nDetails on how to access this content are available at\nhttps://docs.openshift.com/container-platform/4.8/updating/updating-cluster-cli.html", "product_ids": [ "8Base-RHOSE-4.8:openshift4/ose-console:v4.8.0-202107010336.p0.git.188a490.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-grafana:v4.8.0-202106291913.p0.git.b987e4b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus:v4.8.0-202106291913.p0.git.f3beb88.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-thanos-rhel8:v4.8.0-202106291913.p0.git.c358e96.assembly.stream" ], "url": "https://access.redhat.com/errata/RHSA-2021:2438" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "version": "3.1" }, "products": [ "8Base-RHOSE-4.8:openshift4/ose-console:v4.8.0-202107010336.p0.git.188a490.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-grafana:v4.8.0-202106291913.p0.git.b987e4b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus:v4.8.0-202106291913.p0.git.f3beb88.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-thanos-rhel8:v4.8.0-202106291913.p0.git.c358e96.assembly.stream" ] } ], "threats": [ { "category": "impact", "date": "2021-02-15T00:00:00Z", "details": "Moderate" } ], "title": "CVE-2020-28500 nodejs-lodash: ReDoS via the toNumber, trim and trimEnd functions" }, { "cve": "CVE-2020-28852", "cwe": { "id": "CWE-129", "name": "Improper Validation of Array Index" }, "discovery_date": "2021-01-02T00:00:00Z", "flags": [ { "label": "component_not_present", "product_ids": [ "8Base-RHOSE-4.8:openshift4/driver-toolkit-rhel8:v4.8.0-202107210116.p0.git.37de0e6.assembly.stream", "8Base-RHOSE-4.8:openshift4/egress-router-cni-rhel8:v4.8.0-202106291913.p0.git.016bea1.assembly.stream", "8Base-RHOSE-4.8:openshift4/network-tools-rhel8:v4.8.0-202106291913.p0.git.5ac3739.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-ebs-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.d1fe616.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-ebs-csi-driver-rhel8:v4.8.0-202106291913.p0.git.8c036e4.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-machine-controllers:v4.8.0-202107131617.p0.git.4c66f3d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-pod-identity-webhook-rhel8:v4.8.0-202107081650.p0.git.2b8eee2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-azure-disk-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.d3a3c29.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-azure-disk-csi-driver-rhel8:v4.8.0-202106291913.p0.git.2d461b3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-azure-machine-controllers:v4.8.0-202106291913.p0.git.8301076.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-installer-rhel8:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-machine-controllers:v4.8.0-202106291913.p0.git.a60d493.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-rhel8-operator:v4.8.0-202106291913.p0.git.015024f.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-runtimecfg-rhel8:v4.8.0-202106291913.p0.git.c8b1456.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cli-artifacts:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cli:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cloud-credential-operator:v4.8.0-202106291913.p0.git.b8932e9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-authentication-operator:v4.8.0-202106302318.p0.git.0ec8dd7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-autoscaler-operator:v4.8.0-202106291913.p0.git.fdae5ba.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-autoscaler:v4.8.0-202107152024.p0.git.7bbde4c.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-baremetal-operator-rhel8:v4.8.0-202106291913.p0.git.04a2ae2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-bootstrap:v4.8.0-202106291913.p0.git.1af395b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-config-operator:v4.8.0-202106291913.p0.git.c102241.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator:v4.8.0-202106291913.p0.git.07b3f81.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-dns-operator:v4.8.0-202107010313.p0.git.fdb2ebe.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-etcd-rhel8-operator:v4.8.0-202106291913.p0.git.300bdf3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-image-registry-operator:v4.8.0-202106291913.p0.git.f09049a.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-ingress-operator:v4.8.0-202106291913.p0.git.e9e6295.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-apiserver-operator:v4.8.0-202106291913.p0.git.d928754.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-controller-manager-operator:v4.8.0-202107141920.p0.git.9dc35db.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-scheduler-operator:v4.8.0-202106291913.p0.git.170a5a6.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator:v4.8.0-202106291913.p0.git.c4f4f8b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-machine-approver:v4.8.0-202106291913.p0.git.724abd2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-monitoring-operator:v4.8.0-202107151437.p0.git.5cfe241.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-network-operator:v4.8.0-202106291913.p0.git.a5ebd1e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-node-tuning-operator:v4.8.0-202107091725.p0.git.6be3f67.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-openshift-apiserver-operator:v4.8.0-202106291913.p0.git.683d004.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-openshift-controller-manager-operator:v4.8.0-202106291913.p0.git.286c157.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-policy-controller-rhel8:v4.8.0-202106291913.p0.git.ec46ea5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-samples-operator:v4.8.0-202107152024.p0.git.31fb491.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-storage-operator:v4.8.0-202106291913.p0.git.0775fb6.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-update-keys:v4.8.0-202106152230.p0.git.87835b7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-version-operator:v4.8.0-202106291913.p0.git.ea6e779.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-configmap-reloader:v4.8.0-202106291913.p0.git.abc5c26.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-console-operator:v4.8.0-202106291913.p0.git.b5cf3e0.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-console:v4.8.0-202107010336.p0.git.188a490.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-container-networking-plugins-rhel8:v4.8.0-202106291913.p0.git.a8801b0.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-coredns:v4.8.0-202106291913.p0.git.642b46e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-driver-manila-rhel8-operator:v4.8.0-202106291913.p0.git.7e86252.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-driver-manila-rhel8:v4.8.0-202106291913.p0.git.3579ead.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-driver-nfs-rhel8:v4.8.0-202106291913.p0.git.9404d34.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-attacher-rhel8:v4.8.0-202106291913.p0.git.596da63.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-attacher:v4.8.0-202106291913.p0.git.596da63.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-provisioner-rhel8:v4.8.0-202106291913.p0.git.3ea7e68.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-provisioner:v4.8.0-202106291913.p0.git.3ea7e68.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-resizer-rhel8:v4.8.0-202106291913.p0.git.b5dd2b3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-resizer:v4.8.0-202106291913.p0.git.b5dd2b3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-snapshotter-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-snapshotter:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-livenessprobe-rhel8:v4.8.0-202106291913.p0.git.a29b115.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-livenessprobe:v4.8.0-202106291913.p0.git.a29b115.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-node-driver-registrar-rhel8:v4.8.0-202106291913.p0.git.0519730.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-node-driver-registrar:v4.8.0-202106291913.p0.git.0519730.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-snapshot-controller-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-snapshot-controller:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-snapshot-validation-webhook-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-deployer:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-docker-builder:v4.8.0-202107152024.p0.git.70b7b95.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-docker-registry:v4.8.0-202106291913.p0.git.a87e6c5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-etcd:v4.8.0-202106152230.p0.git.aefa6bf.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-gcp-machine-controllers-rhel8:v4.8.0-202106291913.p0.git.34db56e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-gcp-pd-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.35ebe86.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-gcp-pd-csi-driver-rhel8:v4.8.0-202106291913.p0.git.0b61889.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-grafana:v4.8.0-202106291913.p0.git.b987e4b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-haproxy-router:v4.8.0-202106291913.p0.git.207d546.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-hyperkube:v4.8.0-202107161820.p0.git.051ac4f.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-insights-rhel8-operator:v4.8.0-202106291913.p0.git.2040a71.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-installer-artifacts:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-installer:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-hardware-inventory-recorder-rhel8:v4.8.0-202107191801.p0.git.61c4cc7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-inspector-rhel8:v4.8.0-202107191302.p0.git.9aafd07.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-ipa-downloader-rhel8:v4.8.0-202107152024.p0.git.ba87832.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-machine-os-downloader-rhel8:v4.8.0-202107152024.p0.git.71967e7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-rhel8:v4.8.0-202107191302.p0.git.227b76b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-static-ip-manager-rhel8:v4.8.0-202107152024.p0.git.d2e40e3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins-agent-base:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins-agent-maven:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins-agent-nodejs-12-rhel8:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-k8s-prometheus-adapter:v4.8.0-202106291913.p0.git.2856bc2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-keepalived-ipfailover:v4.8.0-202106152230.p0.git.ad38e11.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kube-proxy:v4.8.0-202106291913.p0.git.00d84a9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kube-state-metrics:v4.8.0-202106291913.p0.git.9471662.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kube-storage-version-migrator-rhel8:v4.8.0-202106291913.p0.git.901a6d2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kuryr-cni-rhel8:v4.8.0-202107191610.p0.git.8a4c2d8.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kuryr-controller-rhel8:v4.8.0-202107191610.p0.git.8a4c2d8.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-libvirt-machine-controllers:v4.8.0-202106291913.p0.git.1a48d4b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-machine-api-operator:v4.8.0-202107091016.p0.git.1155220.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-machine-config-operator:v4.8.0-202107011817.p0.git.29813c8.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-mdns-publisher-rhel8:v4.8.0-202106291913.p0.git.2c42cc4.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-admission-controller:v4.8.0-202106291913.p0.git.a7312f5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-cni:v4.8.0-202106291913.p0.git.0c97234.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-networkpolicy-rhel8:v4.8.0-202106291913.p0.git.187ad91.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-route-override-cni-rhel8:v4.8.0-202107152024.p0.git.1662c3e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-whereabouts-ipam-cni-rhel8:v4.8.0-202107152024.p0.git.9a05258.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-must-gather:v4.8.0-202106291913.p0.git.cc7e2a5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-network-metrics-daemon-rhel8:v4.8.0-202106291913.p0.git.f02c63a.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-oauth-apiserver-rhel8:v4.8.0-202106291913.p0.git.09435a5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-oauth-proxy:v4.8.0-202107152024.p0.git.3fc0d89.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-oauth-server-rhel8:v4.8.0-202106291913.p0.git.374e2ee.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openshift-apiserver-rhel8:v4.8.0-202106291913.p0.git.3949869.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openshift-controller-manager-rhel8:v4.8.0-202106291913.p0.git.2e25328.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openshift-state-metrics-rhel8:v4.8.0-202106291913.p0.git.1014291.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openstack-cinder-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.1184ace.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openstack-cinder-csi-driver-rhel8:v4.8.0-202106291913.p0.git.3579ead.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openstack-machine-controllers:v4.8.0-202106291913.p0.git.3024c78.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-operator-lifecycle-manager:v4.8.0-202107160028.p0.git.2b803dd.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-operator-marketplace:v4.8.0-202106291913.p0.git.e39ff59.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-operator-registry:v4.8.0-202107160028.p0.git.2b803dd.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ovirt-machine-controllers-rhel8:v4.8.0-202106291913.p0.git.86c1675.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ovn-kubernetes:v4.8.0-202106291913.p0.git.dbc67b5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-pod:v4.8.0-202107161820.p0.git.051ac4f.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prom-label-proxy:v4.8.0-202106291913.p0.git.2faeb40.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-alertmanager:v4.8.0-202106291913.p0.git.7b5ac87.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-config-reloader:v4.8.0-202106291913.p0.git.9d679a1.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-node-exporter:v4.8.0-202106291913.p0.git.c926449.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-operator:v4.8.0-202106291913.p0.git.9d679a1.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus:v4.8.0-202106291913.p0.git.f3beb88.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-sdn-rhel8:v4.8.0-202106291913.p0.git.00d84a9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-service-ca-operator:v4.8.0-202107131132.p0.git.bcc6df4.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-telemeter:v4.8.0-202106291913.p0.git.d6ceb8a.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-tests:v4.8.0-202107131424.p0.git.0d958c3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-tools-rhel8:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vmware-vsphere-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.edbdd69.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vmware-vsphere-csi-driver-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.edbdd69.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-csi-driver-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-csi-driver-syncer-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-problem-detector-rhel8:v4.8.0-202106291913.p0.git.bf6f4fa.assembly.stream", "8Base-RHOSE-4.8:openshift4/ovirt-csi-driver-rhel7:v4.8.0-202106291913.p0.git.b1d4ec3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ovirt-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.7b6cd3d.assembly.stream" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla", "text": "https://bugzilla.redhat.com/show_bug.cgi?id=1913338" } ], "notes": [ { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" }, { "category": "description", "text": "A flaw was found in golang.org. In x/text, a \"slice bounds out of range\" panic occurs in language.ParseAcceptLanguage while processing a BCP 47 tag.", "title": "Vulnerability description" }, { "category": "summary", "text": "golang.org/x/text: Panic in language.ParseAcceptLanguage while processing bcp47 tag", "title": "Vulnerability summary" } ], "product_status": { "fixed": [ "8Base-RHOSE-4.8:openshift4/ose-thanos-rhel8:v4.8.0-202106291913.p0.git.c358e96.assembly.stream" ], "known_not_affected": [ "8Base-RHOSE-4.8:openshift4/driver-toolkit-rhel8:v4.8.0-202107210116.p0.git.37de0e6.assembly.stream", "8Base-RHOSE-4.8:openshift4/egress-router-cni-rhel8:v4.8.0-202106291913.p0.git.016bea1.assembly.stream", "8Base-RHOSE-4.8:openshift4/network-tools-rhel8:v4.8.0-202106291913.p0.git.5ac3739.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-ebs-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.d1fe616.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-ebs-csi-driver-rhel8:v4.8.0-202106291913.p0.git.8c036e4.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-machine-controllers:v4.8.0-202107131617.p0.git.4c66f3d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-pod-identity-webhook-rhel8:v4.8.0-202107081650.p0.git.2b8eee2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-azure-disk-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.d3a3c29.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-azure-disk-csi-driver-rhel8:v4.8.0-202106291913.p0.git.2d461b3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-azure-machine-controllers:v4.8.0-202106291913.p0.git.8301076.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-installer-rhel8:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-machine-controllers:v4.8.0-202106291913.p0.git.a60d493.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-rhel8-operator:v4.8.0-202106291913.p0.git.015024f.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-runtimecfg-rhel8:v4.8.0-202106291913.p0.git.c8b1456.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cli-artifacts:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cli:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cloud-credential-operator:v4.8.0-202106291913.p0.git.b8932e9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-authentication-operator:v4.8.0-202106302318.p0.git.0ec8dd7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-autoscaler-operator:v4.8.0-202106291913.p0.git.fdae5ba.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-autoscaler:v4.8.0-202107152024.p0.git.7bbde4c.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-baremetal-operator-rhel8:v4.8.0-202106291913.p0.git.04a2ae2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-bootstrap:v4.8.0-202106291913.p0.git.1af395b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-config-operator:v4.8.0-202106291913.p0.git.c102241.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator:v4.8.0-202106291913.p0.git.07b3f81.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-dns-operator:v4.8.0-202107010313.p0.git.fdb2ebe.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-etcd-rhel8-operator:v4.8.0-202106291913.p0.git.300bdf3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-image-registry-operator:v4.8.0-202106291913.p0.git.f09049a.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-ingress-operator:v4.8.0-202106291913.p0.git.e9e6295.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-apiserver-operator:v4.8.0-202106291913.p0.git.d928754.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-controller-manager-operator:v4.8.0-202107141920.p0.git.9dc35db.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-scheduler-operator:v4.8.0-202106291913.p0.git.170a5a6.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator:v4.8.0-202106291913.p0.git.c4f4f8b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-machine-approver:v4.8.0-202106291913.p0.git.724abd2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-monitoring-operator:v4.8.0-202107151437.p0.git.5cfe241.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-network-operator:v4.8.0-202106291913.p0.git.a5ebd1e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-node-tuning-operator:v4.8.0-202107091725.p0.git.6be3f67.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-openshift-apiserver-operator:v4.8.0-202106291913.p0.git.683d004.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-openshift-controller-manager-operator:v4.8.0-202106291913.p0.git.286c157.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-policy-controller-rhel8:v4.8.0-202106291913.p0.git.ec46ea5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-samples-operator:v4.8.0-202107152024.p0.git.31fb491.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-storage-operator:v4.8.0-202106291913.p0.git.0775fb6.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-update-keys:v4.8.0-202106152230.p0.git.87835b7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-version-operator:v4.8.0-202106291913.p0.git.ea6e779.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-configmap-reloader:v4.8.0-202106291913.p0.git.abc5c26.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-console-operator:v4.8.0-202106291913.p0.git.b5cf3e0.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-console:v4.8.0-202107010336.p0.git.188a490.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-container-networking-plugins-rhel8:v4.8.0-202106291913.p0.git.a8801b0.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-coredns:v4.8.0-202106291913.p0.git.642b46e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-driver-manila-rhel8-operator:v4.8.0-202106291913.p0.git.7e86252.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-driver-manila-rhel8:v4.8.0-202106291913.p0.git.3579ead.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-driver-nfs-rhel8:v4.8.0-202106291913.p0.git.9404d34.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-attacher-rhel8:v4.8.0-202106291913.p0.git.596da63.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-attacher:v4.8.0-202106291913.p0.git.596da63.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-provisioner-rhel8:v4.8.0-202106291913.p0.git.3ea7e68.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-provisioner:v4.8.0-202106291913.p0.git.3ea7e68.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-resizer-rhel8:v4.8.0-202106291913.p0.git.b5dd2b3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-resizer:v4.8.0-202106291913.p0.git.b5dd2b3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-snapshotter-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-snapshotter:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-livenessprobe-rhel8:v4.8.0-202106291913.p0.git.a29b115.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-livenessprobe:v4.8.0-202106291913.p0.git.a29b115.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-node-driver-registrar-rhel8:v4.8.0-202106291913.p0.git.0519730.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-node-driver-registrar:v4.8.0-202106291913.p0.git.0519730.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-snapshot-controller-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-snapshot-controller:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-snapshot-validation-webhook-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-deployer:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-docker-builder:v4.8.0-202107152024.p0.git.70b7b95.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-docker-registry:v4.8.0-202106291913.p0.git.a87e6c5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-etcd:v4.8.0-202106152230.p0.git.aefa6bf.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-gcp-machine-controllers-rhel8:v4.8.0-202106291913.p0.git.34db56e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-gcp-pd-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.35ebe86.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-gcp-pd-csi-driver-rhel8:v4.8.0-202106291913.p0.git.0b61889.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-grafana:v4.8.0-202106291913.p0.git.b987e4b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-haproxy-router:v4.8.0-202106291913.p0.git.207d546.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-hyperkube:v4.8.0-202107161820.p0.git.051ac4f.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-insights-rhel8-operator:v4.8.0-202106291913.p0.git.2040a71.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-installer-artifacts:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-installer:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-hardware-inventory-recorder-rhel8:v4.8.0-202107191801.p0.git.61c4cc7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-inspector-rhel8:v4.8.0-202107191302.p0.git.9aafd07.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-ipa-downloader-rhel8:v4.8.0-202107152024.p0.git.ba87832.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-machine-os-downloader-rhel8:v4.8.0-202107152024.p0.git.71967e7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-rhel8:v4.8.0-202107191302.p0.git.227b76b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-static-ip-manager-rhel8:v4.8.0-202107152024.p0.git.d2e40e3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins-agent-base:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins-agent-maven:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins-agent-nodejs-12-rhel8:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-k8s-prometheus-adapter:v4.8.0-202106291913.p0.git.2856bc2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-keepalived-ipfailover:v4.8.0-202106152230.p0.git.ad38e11.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kube-proxy:v4.8.0-202106291913.p0.git.00d84a9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kube-state-metrics:v4.8.0-202106291913.p0.git.9471662.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kube-storage-version-migrator-rhel8:v4.8.0-202106291913.p0.git.901a6d2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kuryr-cni-rhel8:v4.8.0-202107191610.p0.git.8a4c2d8.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kuryr-controller-rhel8:v4.8.0-202107191610.p0.git.8a4c2d8.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-libvirt-machine-controllers:v4.8.0-202106291913.p0.git.1a48d4b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-machine-api-operator:v4.8.0-202107091016.p0.git.1155220.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-machine-config-operator:v4.8.0-202107011817.p0.git.29813c8.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-mdns-publisher-rhel8:v4.8.0-202106291913.p0.git.2c42cc4.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-admission-controller:v4.8.0-202106291913.p0.git.a7312f5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-cni:v4.8.0-202106291913.p0.git.0c97234.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-networkpolicy-rhel8:v4.8.0-202106291913.p0.git.187ad91.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-route-override-cni-rhel8:v4.8.0-202107152024.p0.git.1662c3e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-whereabouts-ipam-cni-rhel8:v4.8.0-202107152024.p0.git.9a05258.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-must-gather:v4.8.0-202106291913.p0.git.cc7e2a5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-network-metrics-daemon-rhel8:v4.8.0-202106291913.p0.git.f02c63a.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-oauth-apiserver-rhel8:v4.8.0-202106291913.p0.git.09435a5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-oauth-proxy:v4.8.0-202107152024.p0.git.3fc0d89.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-oauth-server-rhel8:v4.8.0-202106291913.p0.git.374e2ee.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openshift-apiserver-rhel8:v4.8.0-202106291913.p0.git.3949869.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openshift-controller-manager-rhel8:v4.8.0-202106291913.p0.git.2e25328.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openshift-state-metrics-rhel8:v4.8.0-202106291913.p0.git.1014291.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openstack-cinder-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.1184ace.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openstack-cinder-csi-driver-rhel8:v4.8.0-202106291913.p0.git.3579ead.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openstack-machine-controllers:v4.8.0-202106291913.p0.git.3024c78.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-operator-lifecycle-manager:v4.8.0-202107160028.p0.git.2b803dd.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-operator-marketplace:v4.8.0-202106291913.p0.git.e39ff59.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-operator-registry:v4.8.0-202107160028.p0.git.2b803dd.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ovirt-machine-controllers-rhel8:v4.8.0-202106291913.p0.git.86c1675.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ovn-kubernetes:v4.8.0-202106291913.p0.git.dbc67b5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-pod:v4.8.0-202107161820.p0.git.051ac4f.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prom-label-proxy:v4.8.0-202106291913.p0.git.2faeb40.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-alertmanager:v4.8.0-202106291913.p0.git.7b5ac87.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-config-reloader:v4.8.0-202106291913.p0.git.9d679a1.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-node-exporter:v4.8.0-202106291913.p0.git.c926449.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-operator:v4.8.0-202106291913.p0.git.9d679a1.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus:v4.8.0-202106291913.p0.git.f3beb88.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-sdn-rhel8:v4.8.0-202106291913.p0.git.00d84a9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-service-ca-operator:v4.8.0-202107131132.p0.git.bcc6df4.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-telemeter:v4.8.0-202106291913.p0.git.d6ceb8a.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-tests:v4.8.0-202107131424.p0.git.0d958c3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-tools-rhel8:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vmware-vsphere-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.edbdd69.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vmware-vsphere-csi-driver-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.edbdd69.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-csi-driver-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-csi-driver-syncer-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-problem-detector-rhel8:v4.8.0-202106291913.p0.git.bf6f4fa.assembly.stream", "8Base-RHOSE-4.8:openshift4/ovirt-csi-driver-rhel7:v4.8.0-202106291913.p0.git.b1d4ec3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ovirt-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.7b6cd3d.assembly.stream" ] }, "references": [ { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2020-28852", "url": "https://www.cve.org/CVERecord?id=CVE-2020-28852" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-28852", "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-28852" }, { "category": "external", "summary": "CVE-2020-28852", "url": "https://access.redhat.com/security/cve/CVE-2020-28852" }, { "category": "external", "summary": "bz#1913338: CVE-2020-28852 golang.org/x/text: Panic in language.ParseAcceptLanguage while processing bcp47 tag", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1913338" } ], "release_date": "2021-01-02T00:00:00Z", "remediations": [ { "category": "vendor_fix", "details": "For OpenShift Container Platform 4.8 see the following documentation, which\nwill be updated shortly for this release, for important instructions on how\nto upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.8/release_notes/ocp-4-8-release-notes.html\n\nDetails on how to access this content are available at\nhttps://docs.openshift.com/container-platform/4.8/updating/updating-cluster-cli.html", "product_ids": [ "8Base-RHOSE-4.8:openshift4/ose-thanos-rhel8:v4.8.0-202106291913.p0.git.c358e96.assembly.stream" ], "url": "https://access.redhat.com/errata/RHSA-2021:2438" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "8Base-RHOSE-4.8:openshift4/ose-thanos-rhel8:v4.8.0-202106291913.p0.git.c358e96.assembly.stream" ] } ], "threats": [ { "category": "impact", "date": "2021-01-02T00:00:00Z", "details": "Moderate" } ], "title": "CVE-2020-28852 golang.org/x/text: Panic in language.ParseAcceptLanguage while processing bcp47 tag" }, { "cve": "CVE-2021-3114", "cwe": { "id": "CWE-682", "name": "Incorrect Calculation" }, "discovery_date": "2021-01-21T00:00:00Z", "flags": [ { "label": "component_not_present", "product_ids": [ "8Base-RHOSE-4.8:openshift4/driver-toolkit-rhel8:v4.8.0-202107210116.p0.git.37de0e6.assembly.stream", "8Base-RHOSE-4.8:openshift4/egress-router-cni-rhel8:v4.8.0-202106291913.p0.git.016bea1.assembly.stream", "8Base-RHOSE-4.8:openshift4/network-tools-rhel8:v4.8.0-202106291913.p0.git.5ac3739.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-ebs-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.d1fe616.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-ebs-csi-driver-rhel8:v4.8.0-202106291913.p0.git.8c036e4.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-machine-controllers:v4.8.0-202107131617.p0.git.4c66f3d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-pod-identity-webhook-rhel8:v4.8.0-202107081650.p0.git.2b8eee2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-azure-disk-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.d3a3c29.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-azure-disk-csi-driver-rhel8:v4.8.0-202106291913.p0.git.2d461b3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-azure-machine-controllers:v4.8.0-202106291913.p0.git.8301076.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-installer-rhel8:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-machine-controllers:v4.8.0-202106291913.p0.git.a60d493.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-rhel8-operator:v4.8.0-202106291913.p0.git.015024f.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cli-artifacts:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cli:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cloud-credential-operator:v4.8.0-202106291913.p0.git.b8932e9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-authentication-operator:v4.8.0-202106302318.p0.git.0ec8dd7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-autoscaler-operator:v4.8.0-202106291913.p0.git.fdae5ba.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-autoscaler:v4.8.0-202107152024.p0.git.7bbde4c.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-baremetal-operator-rhel8:v4.8.0-202106291913.p0.git.04a2ae2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-bootstrap:v4.8.0-202106291913.p0.git.1af395b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-config-operator:v4.8.0-202106291913.p0.git.c102241.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator:v4.8.0-202106291913.p0.git.07b3f81.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-dns-operator:v4.8.0-202107010313.p0.git.fdb2ebe.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-etcd-rhel8-operator:v4.8.0-202106291913.p0.git.300bdf3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-image-registry-operator:v4.8.0-202106291913.p0.git.f09049a.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-ingress-operator:v4.8.0-202106291913.p0.git.e9e6295.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-apiserver-operator:v4.8.0-202106291913.p0.git.d928754.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-controller-manager-operator:v4.8.0-202107141920.p0.git.9dc35db.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-scheduler-operator:v4.8.0-202106291913.p0.git.170a5a6.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator:v4.8.0-202106291913.p0.git.c4f4f8b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-machine-approver:v4.8.0-202106291913.p0.git.724abd2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-monitoring-operator:v4.8.0-202107151437.p0.git.5cfe241.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-network-operator:v4.8.0-202106291913.p0.git.a5ebd1e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-node-tuning-operator:v4.8.0-202107091725.p0.git.6be3f67.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-openshift-apiserver-operator:v4.8.0-202106291913.p0.git.683d004.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-openshift-controller-manager-operator:v4.8.0-202106291913.p0.git.286c157.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-samples-operator:v4.8.0-202107152024.p0.git.31fb491.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-update-keys:v4.8.0-202106152230.p0.git.87835b7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-version-operator:v4.8.0-202106291913.p0.git.ea6e779.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-configmap-reloader:v4.8.0-202106291913.p0.git.abc5c26.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-console-operator:v4.8.0-202106291913.p0.git.b5cf3e0.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-console:v4.8.0-202107010336.p0.git.188a490.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-container-networking-plugins-rhel8:v4.8.0-202106291913.p0.git.a8801b0.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-coredns:v4.8.0-202106291913.p0.git.642b46e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-driver-manila-rhel8-operator:v4.8.0-202106291913.p0.git.7e86252.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-driver-manila-rhel8:v4.8.0-202106291913.p0.git.3579ead.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-driver-nfs-rhel8:v4.8.0-202106291913.p0.git.9404d34.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-attacher-rhel8:v4.8.0-202106291913.p0.git.596da63.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-attacher:v4.8.0-202106291913.p0.git.596da63.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-provisioner-rhel8:v4.8.0-202106291913.p0.git.3ea7e68.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-provisioner:v4.8.0-202106291913.p0.git.3ea7e68.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-resizer-rhel8:v4.8.0-202106291913.p0.git.b5dd2b3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-resizer:v4.8.0-202106291913.p0.git.b5dd2b3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-snapshotter-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-snapshotter:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-livenessprobe-rhel8:v4.8.0-202106291913.p0.git.a29b115.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-livenessprobe:v4.8.0-202106291913.p0.git.a29b115.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-node-driver-registrar-rhel8:v4.8.0-202106291913.p0.git.0519730.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-node-driver-registrar:v4.8.0-202106291913.p0.git.0519730.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-snapshot-controller-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-snapshot-controller:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-snapshot-validation-webhook-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-deployer:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-docker-builder:v4.8.0-202107152024.p0.git.70b7b95.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-docker-registry:v4.8.0-202106291913.p0.git.a87e6c5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-etcd:v4.8.0-202106152230.p0.git.aefa6bf.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-gcp-machine-controllers-rhel8:v4.8.0-202106291913.p0.git.34db56e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-gcp-pd-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.35ebe86.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-gcp-pd-csi-driver-rhel8:v4.8.0-202106291913.p0.git.0b61889.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-grafana:v4.8.0-202106291913.p0.git.b987e4b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-haproxy-router:v4.8.0-202106291913.p0.git.207d546.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-hyperkube:v4.8.0-202107161820.p0.git.051ac4f.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-insights-rhel8-operator:v4.8.0-202106291913.p0.git.2040a71.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-installer-artifacts:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-installer:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-hardware-inventory-recorder-rhel8:v4.8.0-202107191801.p0.git.61c4cc7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-inspector-rhel8:v4.8.0-202107191302.p0.git.9aafd07.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-ipa-downloader-rhel8:v4.8.0-202107152024.p0.git.ba87832.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-machine-os-downloader-rhel8:v4.8.0-202107152024.p0.git.71967e7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-rhel8:v4.8.0-202107191302.p0.git.227b76b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-static-ip-manager-rhel8:v4.8.0-202107152024.p0.git.d2e40e3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins-agent-base:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins-agent-maven:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins-agent-nodejs-12-rhel8:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-k8s-prometheus-adapter:v4.8.0-202106291913.p0.git.2856bc2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-keepalived-ipfailover:v4.8.0-202106152230.p0.git.ad38e11.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kube-proxy:v4.8.0-202106291913.p0.git.00d84a9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kube-state-metrics:v4.8.0-202106291913.p0.git.9471662.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kube-storage-version-migrator-rhel8:v4.8.0-202106291913.p0.git.901a6d2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kuryr-cni-rhel8:v4.8.0-202107191610.p0.git.8a4c2d8.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kuryr-controller-rhel8:v4.8.0-202107191610.p0.git.8a4c2d8.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-libvirt-machine-controllers:v4.8.0-202106291913.p0.git.1a48d4b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-machine-api-operator:v4.8.0-202107091016.p0.git.1155220.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-machine-config-operator:v4.8.0-202107011817.p0.git.29813c8.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-mdns-publisher-rhel8:v4.8.0-202106291913.p0.git.2c42cc4.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-admission-controller:v4.8.0-202106291913.p0.git.a7312f5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-cni:v4.8.0-202106291913.p0.git.0c97234.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-networkpolicy-rhel8:v4.8.0-202106291913.p0.git.187ad91.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-route-override-cni-rhel8:v4.8.0-202107152024.p0.git.1662c3e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-whereabouts-ipam-cni-rhel8:v4.8.0-202107152024.p0.git.9a05258.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-must-gather:v4.8.0-202106291913.p0.git.cc7e2a5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-network-metrics-daemon-rhel8:v4.8.0-202106291913.p0.git.f02c63a.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-oauth-apiserver-rhel8:v4.8.0-202106291913.p0.git.09435a5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-oauth-proxy:v4.8.0-202107152024.p0.git.3fc0d89.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-oauth-server-rhel8:v4.8.0-202106291913.p0.git.374e2ee.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openshift-apiserver-rhel8:v4.8.0-202106291913.p0.git.3949869.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openshift-controller-manager-rhel8:v4.8.0-202106291913.p0.git.2e25328.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openshift-state-metrics-rhel8:v4.8.0-202106291913.p0.git.1014291.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openstack-cinder-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.1184ace.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openstack-cinder-csi-driver-rhel8:v4.8.0-202106291913.p0.git.3579ead.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openstack-machine-controllers:v4.8.0-202106291913.p0.git.3024c78.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-operator-lifecycle-manager:v4.8.0-202107160028.p0.git.2b803dd.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-operator-marketplace:v4.8.0-202106291913.p0.git.e39ff59.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-operator-registry:v4.8.0-202107160028.p0.git.2b803dd.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ovirt-machine-controllers-rhel8:v4.8.0-202106291913.p0.git.86c1675.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ovn-kubernetes:v4.8.0-202106291913.p0.git.dbc67b5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-pod:v4.8.0-202107161820.p0.git.051ac4f.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prom-label-proxy:v4.8.0-202106291913.p0.git.2faeb40.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-alertmanager:v4.8.0-202106291913.p0.git.7b5ac87.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-config-reloader:v4.8.0-202106291913.p0.git.9d679a1.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-node-exporter:v4.8.0-202106291913.p0.git.c926449.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-operator:v4.8.0-202106291913.p0.git.9d679a1.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus:v4.8.0-202106291913.p0.git.f3beb88.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-sdn-rhel8:v4.8.0-202106291913.p0.git.00d84a9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-service-ca-operator:v4.8.0-202107131132.p0.git.bcc6df4.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-telemeter:v4.8.0-202106291913.p0.git.d6ceb8a.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-tests:v4.8.0-202107131424.p0.git.0d958c3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-thanos-rhel8:v4.8.0-202106291913.p0.git.c358e96.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-tools-rhel8:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vmware-vsphere-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.edbdd69.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vmware-vsphere-csi-driver-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.edbdd69.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-csi-driver-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-csi-driver-syncer-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-problem-detector-rhel8:v4.8.0-202106291913.p0.git.bf6f4fa.assembly.stream", "8Base-RHOSE-4.8:openshift4/ovirt-csi-driver-rhel7:v4.8.0-202106291913.p0.git.b1d4ec3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ovirt-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.7b6cd3d.assembly.stream" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla", "text": "https://bugzilla.redhat.com/show_bug.cgi?id=1918750" } ], "notes": [ { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" }, { "category": "description", "text": "A flaw detected in golang: crypto/elliptic, in which P-224 keys as generated can return incorrect inputs, reducing the strength of the cryptography. The highest threat from this vulnerability is confidentiality and integrity.", "title": "Vulnerability description" }, { "category": "summary", "text": "golang: crypto/elliptic: incorrect operations on the P-224 curve", "title": "Vulnerability summary" } ], "product_status": { "fixed": [ "8Base-RHOSE-4.8:openshift4/ose-baremetal-runtimecfg-rhel8:v4.8.0-202106291913.p0.git.c8b1456.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-policy-controller-rhel8:v4.8.0-202106291913.p0.git.ec46ea5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-storage-operator:v4.8.0-202106291913.p0.git.0775fb6.assembly.stream" ], "known_not_affected": [ "8Base-RHOSE-4.8:openshift4/driver-toolkit-rhel8:v4.8.0-202107210116.p0.git.37de0e6.assembly.stream", "8Base-RHOSE-4.8:openshift4/egress-router-cni-rhel8:v4.8.0-202106291913.p0.git.016bea1.assembly.stream", "8Base-RHOSE-4.8:openshift4/network-tools-rhel8:v4.8.0-202106291913.p0.git.5ac3739.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-ebs-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.d1fe616.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-ebs-csi-driver-rhel8:v4.8.0-202106291913.p0.git.8c036e4.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-machine-controllers:v4.8.0-202107131617.p0.git.4c66f3d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-pod-identity-webhook-rhel8:v4.8.0-202107081650.p0.git.2b8eee2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-azure-disk-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.d3a3c29.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-azure-disk-csi-driver-rhel8:v4.8.0-202106291913.p0.git.2d461b3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-azure-machine-controllers:v4.8.0-202106291913.p0.git.8301076.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-installer-rhel8:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-machine-controllers:v4.8.0-202106291913.p0.git.a60d493.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-rhel8-operator:v4.8.0-202106291913.p0.git.015024f.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cli-artifacts:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cli:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cloud-credential-operator:v4.8.0-202106291913.p0.git.b8932e9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-authentication-operator:v4.8.0-202106302318.p0.git.0ec8dd7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-autoscaler-operator:v4.8.0-202106291913.p0.git.fdae5ba.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-autoscaler:v4.8.0-202107152024.p0.git.7bbde4c.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-baremetal-operator-rhel8:v4.8.0-202106291913.p0.git.04a2ae2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-bootstrap:v4.8.0-202106291913.p0.git.1af395b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-config-operator:v4.8.0-202106291913.p0.git.c102241.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator:v4.8.0-202106291913.p0.git.07b3f81.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-dns-operator:v4.8.0-202107010313.p0.git.fdb2ebe.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-etcd-rhel8-operator:v4.8.0-202106291913.p0.git.300bdf3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-image-registry-operator:v4.8.0-202106291913.p0.git.f09049a.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-ingress-operator:v4.8.0-202106291913.p0.git.e9e6295.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-apiserver-operator:v4.8.0-202106291913.p0.git.d928754.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-controller-manager-operator:v4.8.0-202107141920.p0.git.9dc35db.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-scheduler-operator:v4.8.0-202106291913.p0.git.170a5a6.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator:v4.8.0-202106291913.p0.git.c4f4f8b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-machine-approver:v4.8.0-202106291913.p0.git.724abd2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-monitoring-operator:v4.8.0-202107151437.p0.git.5cfe241.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-network-operator:v4.8.0-202106291913.p0.git.a5ebd1e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-node-tuning-operator:v4.8.0-202107091725.p0.git.6be3f67.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-openshift-apiserver-operator:v4.8.0-202106291913.p0.git.683d004.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-openshift-controller-manager-operator:v4.8.0-202106291913.p0.git.286c157.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-samples-operator:v4.8.0-202107152024.p0.git.31fb491.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-update-keys:v4.8.0-202106152230.p0.git.87835b7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-version-operator:v4.8.0-202106291913.p0.git.ea6e779.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-configmap-reloader:v4.8.0-202106291913.p0.git.abc5c26.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-console-operator:v4.8.0-202106291913.p0.git.b5cf3e0.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-console:v4.8.0-202107010336.p0.git.188a490.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-container-networking-plugins-rhel8:v4.8.0-202106291913.p0.git.a8801b0.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-coredns:v4.8.0-202106291913.p0.git.642b46e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-driver-manila-rhel8-operator:v4.8.0-202106291913.p0.git.7e86252.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-driver-manila-rhel8:v4.8.0-202106291913.p0.git.3579ead.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-driver-nfs-rhel8:v4.8.0-202106291913.p0.git.9404d34.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-attacher-rhel8:v4.8.0-202106291913.p0.git.596da63.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-attacher:v4.8.0-202106291913.p0.git.596da63.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-provisioner-rhel8:v4.8.0-202106291913.p0.git.3ea7e68.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-provisioner:v4.8.0-202106291913.p0.git.3ea7e68.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-resizer-rhel8:v4.8.0-202106291913.p0.git.b5dd2b3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-resizer:v4.8.0-202106291913.p0.git.b5dd2b3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-snapshotter-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-snapshotter:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-livenessprobe-rhel8:v4.8.0-202106291913.p0.git.a29b115.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-livenessprobe:v4.8.0-202106291913.p0.git.a29b115.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-node-driver-registrar-rhel8:v4.8.0-202106291913.p0.git.0519730.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-node-driver-registrar:v4.8.0-202106291913.p0.git.0519730.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-snapshot-controller-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-snapshot-controller:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-snapshot-validation-webhook-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-deployer:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-docker-builder:v4.8.0-202107152024.p0.git.70b7b95.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-docker-registry:v4.8.0-202106291913.p0.git.a87e6c5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-etcd:v4.8.0-202106152230.p0.git.aefa6bf.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-gcp-machine-controllers-rhel8:v4.8.0-202106291913.p0.git.34db56e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-gcp-pd-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.35ebe86.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-gcp-pd-csi-driver-rhel8:v4.8.0-202106291913.p0.git.0b61889.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-grafana:v4.8.0-202106291913.p0.git.b987e4b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-haproxy-router:v4.8.0-202106291913.p0.git.207d546.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-hyperkube:v4.8.0-202107161820.p0.git.051ac4f.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-insights-rhel8-operator:v4.8.0-202106291913.p0.git.2040a71.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-installer-artifacts:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-installer:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-hardware-inventory-recorder-rhel8:v4.8.0-202107191801.p0.git.61c4cc7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-inspector-rhel8:v4.8.0-202107191302.p0.git.9aafd07.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-ipa-downloader-rhel8:v4.8.0-202107152024.p0.git.ba87832.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-machine-os-downloader-rhel8:v4.8.0-202107152024.p0.git.71967e7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-rhel8:v4.8.0-202107191302.p0.git.227b76b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-static-ip-manager-rhel8:v4.8.0-202107152024.p0.git.d2e40e3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins-agent-base:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins-agent-maven:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins-agent-nodejs-12-rhel8:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-k8s-prometheus-adapter:v4.8.0-202106291913.p0.git.2856bc2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-keepalived-ipfailover:v4.8.0-202106152230.p0.git.ad38e11.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kube-proxy:v4.8.0-202106291913.p0.git.00d84a9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kube-state-metrics:v4.8.0-202106291913.p0.git.9471662.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kube-storage-version-migrator-rhel8:v4.8.0-202106291913.p0.git.901a6d2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kuryr-cni-rhel8:v4.8.0-202107191610.p0.git.8a4c2d8.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kuryr-controller-rhel8:v4.8.0-202107191610.p0.git.8a4c2d8.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-libvirt-machine-controllers:v4.8.0-202106291913.p0.git.1a48d4b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-machine-api-operator:v4.8.0-202107091016.p0.git.1155220.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-machine-config-operator:v4.8.0-202107011817.p0.git.29813c8.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-mdns-publisher-rhel8:v4.8.0-202106291913.p0.git.2c42cc4.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-admission-controller:v4.8.0-202106291913.p0.git.a7312f5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-cni:v4.8.0-202106291913.p0.git.0c97234.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-networkpolicy-rhel8:v4.8.0-202106291913.p0.git.187ad91.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-route-override-cni-rhel8:v4.8.0-202107152024.p0.git.1662c3e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-whereabouts-ipam-cni-rhel8:v4.8.0-202107152024.p0.git.9a05258.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-must-gather:v4.8.0-202106291913.p0.git.cc7e2a5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-network-metrics-daemon-rhel8:v4.8.0-202106291913.p0.git.f02c63a.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-oauth-apiserver-rhel8:v4.8.0-202106291913.p0.git.09435a5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-oauth-proxy:v4.8.0-202107152024.p0.git.3fc0d89.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-oauth-server-rhel8:v4.8.0-202106291913.p0.git.374e2ee.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openshift-apiserver-rhel8:v4.8.0-202106291913.p0.git.3949869.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openshift-controller-manager-rhel8:v4.8.0-202106291913.p0.git.2e25328.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openshift-state-metrics-rhel8:v4.8.0-202106291913.p0.git.1014291.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openstack-cinder-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.1184ace.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openstack-cinder-csi-driver-rhel8:v4.8.0-202106291913.p0.git.3579ead.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openstack-machine-controllers:v4.8.0-202106291913.p0.git.3024c78.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-operator-lifecycle-manager:v4.8.0-202107160028.p0.git.2b803dd.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-operator-marketplace:v4.8.0-202106291913.p0.git.e39ff59.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-operator-registry:v4.8.0-202107160028.p0.git.2b803dd.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ovirt-machine-controllers-rhel8:v4.8.0-202106291913.p0.git.86c1675.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ovn-kubernetes:v4.8.0-202106291913.p0.git.dbc67b5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-pod:v4.8.0-202107161820.p0.git.051ac4f.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prom-label-proxy:v4.8.0-202106291913.p0.git.2faeb40.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-alertmanager:v4.8.0-202106291913.p0.git.7b5ac87.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-config-reloader:v4.8.0-202106291913.p0.git.9d679a1.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-node-exporter:v4.8.0-202106291913.p0.git.c926449.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-operator:v4.8.0-202106291913.p0.git.9d679a1.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus:v4.8.0-202106291913.p0.git.f3beb88.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-sdn-rhel8:v4.8.0-202106291913.p0.git.00d84a9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-service-ca-operator:v4.8.0-202107131132.p0.git.bcc6df4.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-telemeter:v4.8.0-202106291913.p0.git.d6ceb8a.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-tests:v4.8.0-202107131424.p0.git.0d958c3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-thanos-rhel8:v4.8.0-202106291913.p0.git.c358e96.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-tools-rhel8:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vmware-vsphere-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.edbdd69.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vmware-vsphere-csi-driver-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.edbdd69.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-csi-driver-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-csi-driver-syncer-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-problem-detector-rhel8:v4.8.0-202106291913.p0.git.bf6f4fa.assembly.stream", "8Base-RHOSE-4.8:openshift4/ovirt-csi-driver-rhel7:v4.8.0-202106291913.p0.git.b1d4ec3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ovirt-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.7b6cd3d.assembly.stream" ] }, "references": [ { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2021-3114", "url": "https://www.cve.org/CVERecord?id=CVE-2021-3114" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-3114", "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-3114" }, { "category": "external", "summary": "https://groups.google.com/g/golang-announce/c/mperVMGa98w", "url": "https://groups.google.com/g/golang-announce/c/mperVMGa98w" }, { "category": "external", "summary": "CVE-2021-3114", "url": "https://access.redhat.com/security/cve/CVE-2021-3114" }, { "category": "external", "summary": "bz#1918750: CVE-2021-3114 golang: crypto/elliptic: incorrect operations on the P-224 curve", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1918750" } ], "release_date": "2021-01-20T00:00:00Z", "remediations": [ { "category": "vendor_fix", "details": "For OpenShift Container Platform 4.8 see the following documentation, which\nwill be updated shortly for this release, for important instructions on how\nto upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.8/release_notes/ocp-4-8-release-notes.html\n\nDetails on how to access this content are available at\nhttps://docs.openshift.com/container-platform/4.8/updating/updating-cluster-cli.html", "product_ids": [ "8Base-RHOSE-4.8:openshift4/ose-baremetal-runtimecfg-rhel8:v4.8.0-202106291913.p0.git.c8b1456.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-policy-controller-rhel8:v4.8.0-202106291913.p0.git.ec46ea5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-storage-operator:v4.8.0-202106291913.p0.git.0775fb6.assembly.stream" ], "url": "https://access.redhat.com/errata/RHSA-2021:2438" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N", "version": "3.1" }, "products": [ "8Base-RHOSE-4.8:openshift4/ose-baremetal-runtimecfg-rhel8:v4.8.0-202106291913.p0.git.c8b1456.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-policy-controller-rhel8:v4.8.0-202106291913.p0.git.ec46ea5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-storage-operator:v4.8.0-202106291913.p0.git.0775fb6.assembly.stream" ] } ], "threats": [ { "category": "impact", "date": "2021-01-21T00:00:00Z", "details": "Moderate" } ], "title": "CVE-2021-3114 golang: crypto/elliptic: incorrect operations on the P-224 curve" }, { "cve": "CVE-2021-3121", "cwe": { "id": "CWE-129", "name": "Improper Validation of Array Index" }, "discovery_date": "2021-01-28T00:00:00Z", "flags": [ { "label": "component_not_present", "product_ids": [ "8Base-RHOSE-4.8:openshift4/driver-toolkit-rhel8:v4.8.0-202107210116.p0.git.37de0e6.assembly.stream", "8Base-RHOSE-4.8:openshift4/egress-router-cni-rhel8:v4.8.0-202106291913.p0.git.016bea1.assembly.stream", "8Base-RHOSE-4.8:openshift4/network-tools-rhel8:v4.8.0-202106291913.p0.git.5ac3739.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-machine-controllers:v4.8.0-202107131617.p0.git.4c66f3d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-azure-disk-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.d3a3c29.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-azure-disk-csi-driver-rhel8:v4.8.0-202106291913.p0.git.2d461b3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-azure-machine-controllers:v4.8.0-202106291913.p0.git.8301076.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-rhel8-operator:v4.8.0-202106291913.p0.git.015024f.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cli-artifacts:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cli:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-autoscaler-operator:v4.8.0-202106291913.p0.git.fdae5ba.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-autoscaler:v4.8.0-202107152024.p0.git.7bbde4c.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-baremetal-operator-rhel8:v4.8.0-202106291913.p0.git.04a2ae2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-bootstrap:v4.8.0-202106291913.p0.git.1af395b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-config-operator:v4.8.0-202106291913.p0.git.c102241.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-apiserver-operator:v4.8.0-202106291913.p0.git.d928754.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-controller-manager-operator:v4.8.0-202107141920.p0.git.9dc35db.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-scheduler-operator:v4.8.0-202106291913.p0.git.170a5a6.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-machine-approver:v4.8.0-202106291913.p0.git.724abd2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-monitoring-operator:v4.8.0-202107151437.p0.git.5cfe241.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-node-tuning-operator:v4.8.0-202107091725.p0.git.6be3f67.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-openshift-apiserver-operator:v4.8.0-202106291913.p0.git.683d004.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-openshift-controller-manager-operator:v4.8.0-202106291913.p0.git.286c157.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-policy-controller-rhel8:v4.8.0-202106291913.p0.git.ec46ea5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-samples-operator:v4.8.0-202107152024.p0.git.31fb491.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-update-keys:v4.8.0-202106152230.p0.git.87835b7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-version-operator:v4.8.0-202106291913.p0.git.ea6e779.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-configmap-reloader:v4.8.0-202106291913.p0.git.abc5c26.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-console-operator:v4.8.0-202106291913.p0.git.b5cf3e0.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-console:v4.8.0-202107010336.p0.git.188a490.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-container-networking-plugins-rhel8:v4.8.0-202106291913.p0.git.a8801b0.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-driver-manila-rhel8-operator:v4.8.0-202106291913.p0.git.7e86252.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-driver-manila-rhel8:v4.8.0-202106291913.p0.git.3579ead.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-driver-nfs-rhel8:v4.8.0-202106291913.p0.git.9404d34.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-livenessprobe-rhel8:v4.8.0-202106291913.p0.git.a29b115.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-livenessprobe:v4.8.0-202106291913.p0.git.a29b115.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-node-driver-registrar-rhel8:v4.8.0-202106291913.p0.git.0519730.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-node-driver-registrar:v4.8.0-202106291913.p0.git.0519730.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-snapshot-validation-webhook-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-deployer:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-etcd:v4.8.0-202106152230.p0.git.aefa6bf.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-gcp-machine-controllers-rhel8:v4.8.0-202106291913.p0.git.34db56e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-gcp-pd-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.35ebe86.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-gcp-pd-csi-driver-rhel8:v4.8.0-202106291913.p0.git.0b61889.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-grafana:v4.8.0-202106291913.p0.git.b987e4b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-hyperkube:v4.8.0-202107161820.p0.git.051ac4f.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-insights-rhel8-operator:v4.8.0-202106291913.p0.git.2040a71.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-installer-artifacts:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-installer:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-hardware-inventory-recorder-rhel8:v4.8.0-202107191801.p0.git.61c4cc7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-inspector-rhel8:v4.8.0-202107191302.p0.git.9aafd07.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-ipa-downloader-rhel8:v4.8.0-202107152024.p0.git.ba87832.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-machine-os-downloader-rhel8:v4.8.0-202107152024.p0.git.71967e7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-rhel8:v4.8.0-202107191302.p0.git.227b76b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-static-ip-manager-rhel8:v4.8.0-202107152024.p0.git.d2e40e3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins-agent-base:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins-agent-maven:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins-agent-nodejs-12-rhel8:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-k8s-prometheus-adapter:v4.8.0-202106291913.p0.git.2856bc2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-keepalived-ipfailover:v4.8.0-202106152230.p0.git.ad38e11.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kube-proxy:v4.8.0-202106291913.p0.git.00d84a9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kuryr-cni-rhel8:v4.8.0-202107191610.p0.git.8a4c2d8.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kuryr-controller-rhel8:v4.8.0-202107191610.p0.git.8a4c2d8.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-libvirt-machine-controllers:v4.8.0-202106291913.p0.git.1a48d4b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-machine-api-operator:v4.8.0-202107091016.p0.git.1155220.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-machine-config-operator:v4.8.0-202107011817.p0.git.29813c8.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-mdns-publisher-rhel8:v4.8.0-202106291913.p0.git.2c42cc4.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-admission-controller:v4.8.0-202106291913.p0.git.a7312f5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-cni:v4.8.0-202106291913.p0.git.0c97234.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-networkpolicy-rhel8:v4.8.0-202106291913.p0.git.187ad91.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-route-override-cni-rhel8:v4.8.0-202107152024.p0.git.1662c3e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-whereabouts-ipam-cni-rhel8:v4.8.0-202107152024.p0.git.9a05258.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-must-gather:v4.8.0-202106291913.p0.git.cc7e2a5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-network-metrics-daemon-rhel8:v4.8.0-202106291913.p0.git.f02c63a.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-oauth-apiserver-rhel8:v4.8.0-202106291913.p0.git.09435a5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-oauth-proxy:v4.8.0-202107152024.p0.git.3fc0d89.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-oauth-server-rhel8:v4.8.0-202106291913.p0.git.374e2ee.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openshift-apiserver-rhel8:v4.8.0-202106291913.p0.git.3949869.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openshift-state-metrics-rhel8:v4.8.0-202106291913.p0.git.1014291.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openstack-cinder-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.1184ace.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openstack-cinder-csi-driver-rhel8:v4.8.0-202106291913.p0.git.3579ead.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openstack-machine-controllers:v4.8.0-202106291913.p0.git.3024c78.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ovirt-machine-controllers-rhel8:v4.8.0-202106291913.p0.git.86c1675.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ovn-kubernetes:v4.8.0-202106291913.p0.git.dbc67b5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-pod:v4.8.0-202107161820.p0.git.051ac4f.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prom-label-proxy:v4.8.0-202106291913.p0.git.2faeb40.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-alertmanager:v4.8.0-202106291913.p0.git.7b5ac87.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-config-reloader:v4.8.0-202106291913.p0.git.9d679a1.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-node-exporter:v4.8.0-202106291913.p0.git.c926449.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-operator:v4.8.0-202106291913.p0.git.9d679a1.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus:v4.8.0-202106291913.p0.git.f3beb88.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-sdn-rhel8:v4.8.0-202106291913.p0.git.00d84a9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-telemeter:v4.8.0-202106291913.p0.git.d6ceb8a.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-tests:v4.8.0-202107131424.p0.git.0d958c3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-tools-rhel8:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vmware-vsphere-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.edbdd69.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vmware-vsphere-csi-driver-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.edbdd69.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-csi-driver-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-csi-driver-syncer-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-problem-detector-rhel8:v4.8.0-202106291913.p0.git.bf6f4fa.assembly.stream", "8Base-RHOSE-4.8:openshift4/ovirt-csi-driver-rhel7:v4.8.0-202106291913.p0.git.b1d4ec3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ovirt-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.7b6cd3d.assembly.stream" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla", "text": "https://bugzilla.redhat.com/show_bug.cgi?id=1921650" } ], "notes": [ { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" }, { "category": "description", "text": "A flaw was found in github.com/gogo/protobuf before 1.3.2 that allows an out-of-bounds access when unmarshalling certain protobuf objects. This flaw allows a remote attacker to send crafted protobuf messages, causing panic and resulting in a denial of service. The highest threat from this vulnerability is to availability.", "title": "Vulnerability description" }, { "category": "summary", "text": "gogo/protobuf: plugin/unmarshal/unmarshal.go lacks certain index validation", "title": "Vulnerability summary" } ], "product_status": { "fixed": [ "8Base-RHOSE-4.8:openshift4/ose-aws-ebs-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.d1fe616.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-ebs-csi-driver-rhel8:v4.8.0-202106291913.p0.git.8c036e4.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-pod-identity-webhook-rhel8:v4.8.0-202107081650.p0.git.2b8eee2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-installer-rhel8:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-machine-controllers:v4.8.0-202106291913.p0.git.a60d493.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-runtimecfg-rhel8:v4.8.0-202106291913.p0.git.c8b1456.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cloud-credential-operator:v4.8.0-202106291913.p0.git.b8932e9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-authentication-operator:v4.8.0-202106302318.p0.git.0ec8dd7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator:v4.8.0-202106291913.p0.git.07b3f81.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-dns-operator:v4.8.0-202107010313.p0.git.fdb2ebe.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-etcd-rhel8-operator:v4.8.0-202106291913.p0.git.300bdf3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-image-registry-operator:v4.8.0-202106291913.p0.git.f09049a.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-ingress-operator:v4.8.0-202106291913.p0.git.e9e6295.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator:v4.8.0-202106291913.p0.git.c4f4f8b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-network-operator:v4.8.0-202106291913.p0.git.a5ebd1e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-storage-operator:v4.8.0-202106291913.p0.git.0775fb6.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-coredns:v4.8.0-202106291913.p0.git.642b46e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-attacher-rhel8:v4.8.0-202106291913.p0.git.596da63.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-attacher:v4.8.0-202106291913.p0.git.596da63.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-provisioner-rhel8:v4.8.0-202106291913.p0.git.3ea7e68.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-provisioner:v4.8.0-202106291913.p0.git.3ea7e68.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-resizer-rhel8:v4.8.0-202106291913.p0.git.b5dd2b3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-resizer:v4.8.0-202106291913.p0.git.b5dd2b3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-snapshotter-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-snapshotter:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-snapshot-controller-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-snapshot-controller:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-docker-builder:v4.8.0-202107152024.p0.git.70b7b95.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-docker-registry:v4.8.0-202106291913.p0.git.a87e6c5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-haproxy-router:v4.8.0-202106291913.p0.git.207d546.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kube-state-metrics:v4.8.0-202106291913.p0.git.9471662.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kube-storage-version-migrator-rhel8:v4.8.0-202106291913.p0.git.901a6d2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openshift-controller-manager-rhel8:v4.8.0-202106291913.p0.git.2e25328.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-operator-lifecycle-manager:v4.8.0-202107160028.p0.git.2b803dd.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-operator-marketplace:v4.8.0-202106291913.p0.git.e39ff59.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-operator-registry:v4.8.0-202107160028.p0.git.2b803dd.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-service-ca-operator:v4.8.0-202107131132.p0.git.bcc6df4.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-thanos-rhel8:v4.8.0-202106291913.p0.git.c358e96.assembly.stream" ], "known_not_affected": [ "8Base-RHOSE-4.8:openshift4/driver-toolkit-rhel8:v4.8.0-202107210116.p0.git.37de0e6.assembly.stream", "8Base-RHOSE-4.8:openshift4/egress-router-cni-rhel8:v4.8.0-202106291913.p0.git.016bea1.assembly.stream", "8Base-RHOSE-4.8:openshift4/network-tools-rhel8:v4.8.0-202106291913.p0.git.5ac3739.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-machine-controllers:v4.8.0-202107131617.p0.git.4c66f3d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-azure-disk-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.d3a3c29.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-azure-disk-csi-driver-rhel8:v4.8.0-202106291913.p0.git.2d461b3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-azure-machine-controllers:v4.8.0-202106291913.p0.git.8301076.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-rhel8-operator:v4.8.0-202106291913.p0.git.015024f.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cli-artifacts:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cli:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-autoscaler-operator:v4.8.0-202106291913.p0.git.fdae5ba.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-autoscaler:v4.8.0-202107152024.p0.git.7bbde4c.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-baremetal-operator-rhel8:v4.8.0-202106291913.p0.git.04a2ae2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-bootstrap:v4.8.0-202106291913.p0.git.1af395b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-config-operator:v4.8.0-202106291913.p0.git.c102241.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-apiserver-operator:v4.8.0-202106291913.p0.git.d928754.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-controller-manager-operator:v4.8.0-202107141920.p0.git.9dc35db.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-scheduler-operator:v4.8.0-202106291913.p0.git.170a5a6.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-machine-approver:v4.8.0-202106291913.p0.git.724abd2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-monitoring-operator:v4.8.0-202107151437.p0.git.5cfe241.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-node-tuning-operator:v4.8.0-202107091725.p0.git.6be3f67.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-openshift-apiserver-operator:v4.8.0-202106291913.p0.git.683d004.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-openshift-controller-manager-operator:v4.8.0-202106291913.p0.git.286c157.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-policy-controller-rhel8:v4.8.0-202106291913.p0.git.ec46ea5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-samples-operator:v4.8.0-202107152024.p0.git.31fb491.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-update-keys:v4.8.0-202106152230.p0.git.87835b7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-version-operator:v4.8.0-202106291913.p0.git.ea6e779.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-configmap-reloader:v4.8.0-202106291913.p0.git.abc5c26.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-console-operator:v4.8.0-202106291913.p0.git.b5cf3e0.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-console:v4.8.0-202107010336.p0.git.188a490.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-container-networking-plugins-rhel8:v4.8.0-202106291913.p0.git.a8801b0.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-driver-manila-rhel8-operator:v4.8.0-202106291913.p0.git.7e86252.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-driver-manila-rhel8:v4.8.0-202106291913.p0.git.3579ead.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-driver-nfs-rhel8:v4.8.0-202106291913.p0.git.9404d34.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-livenessprobe-rhel8:v4.8.0-202106291913.p0.git.a29b115.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-livenessprobe:v4.8.0-202106291913.p0.git.a29b115.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-node-driver-registrar-rhel8:v4.8.0-202106291913.p0.git.0519730.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-node-driver-registrar:v4.8.0-202106291913.p0.git.0519730.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-snapshot-validation-webhook-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-deployer:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-etcd:v4.8.0-202106152230.p0.git.aefa6bf.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-gcp-machine-controllers-rhel8:v4.8.0-202106291913.p0.git.34db56e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-gcp-pd-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.35ebe86.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-gcp-pd-csi-driver-rhel8:v4.8.0-202106291913.p0.git.0b61889.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-grafana:v4.8.0-202106291913.p0.git.b987e4b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-hyperkube:v4.8.0-202107161820.p0.git.051ac4f.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-insights-rhel8-operator:v4.8.0-202106291913.p0.git.2040a71.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-installer-artifacts:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-installer:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-hardware-inventory-recorder-rhel8:v4.8.0-202107191801.p0.git.61c4cc7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-inspector-rhel8:v4.8.0-202107191302.p0.git.9aafd07.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-ipa-downloader-rhel8:v4.8.0-202107152024.p0.git.ba87832.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-machine-os-downloader-rhel8:v4.8.0-202107152024.p0.git.71967e7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-rhel8:v4.8.0-202107191302.p0.git.227b76b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-static-ip-manager-rhel8:v4.8.0-202107152024.p0.git.d2e40e3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins-agent-base:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins-agent-maven:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins-agent-nodejs-12-rhel8:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-k8s-prometheus-adapter:v4.8.0-202106291913.p0.git.2856bc2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-keepalived-ipfailover:v4.8.0-202106152230.p0.git.ad38e11.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kube-proxy:v4.8.0-202106291913.p0.git.00d84a9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kuryr-cni-rhel8:v4.8.0-202107191610.p0.git.8a4c2d8.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kuryr-controller-rhel8:v4.8.0-202107191610.p0.git.8a4c2d8.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-libvirt-machine-controllers:v4.8.0-202106291913.p0.git.1a48d4b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-machine-api-operator:v4.8.0-202107091016.p0.git.1155220.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-machine-config-operator:v4.8.0-202107011817.p0.git.29813c8.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-mdns-publisher-rhel8:v4.8.0-202106291913.p0.git.2c42cc4.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-admission-controller:v4.8.0-202106291913.p0.git.a7312f5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-cni:v4.8.0-202106291913.p0.git.0c97234.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-networkpolicy-rhel8:v4.8.0-202106291913.p0.git.187ad91.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-route-override-cni-rhel8:v4.8.0-202107152024.p0.git.1662c3e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-whereabouts-ipam-cni-rhel8:v4.8.0-202107152024.p0.git.9a05258.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-must-gather:v4.8.0-202106291913.p0.git.cc7e2a5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-network-metrics-daemon-rhel8:v4.8.0-202106291913.p0.git.f02c63a.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-oauth-apiserver-rhel8:v4.8.0-202106291913.p0.git.09435a5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-oauth-proxy:v4.8.0-202107152024.p0.git.3fc0d89.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-oauth-server-rhel8:v4.8.0-202106291913.p0.git.374e2ee.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openshift-apiserver-rhel8:v4.8.0-202106291913.p0.git.3949869.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openshift-state-metrics-rhel8:v4.8.0-202106291913.p0.git.1014291.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openstack-cinder-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.1184ace.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openstack-cinder-csi-driver-rhel8:v4.8.0-202106291913.p0.git.3579ead.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openstack-machine-controllers:v4.8.0-202106291913.p0.git.3024c78.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ovirt-machine-controllers-rhel8:v4.8.0-202106291913.p0.git.86c1675.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ovn-kubernetes:v4.8.0-202106291913.p0.git.dbc67b5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-pod:v4.8.0-202107161820.p0.git.051ac4f.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prom-label-proxy:v4.8.0-202106291913.p0.git.2faeb40.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-alertmanager:v4.8.0-202106291913.p0.git.7b5ac87.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-config-reloader:v4.8.0-202106291913.p0.git.9d679a1.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-node-exporter:v4.8.0-202106291913.p0.git.c926449.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-operator:v4.8.0-202106291913.p0.git.9d679a1.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus:v4.8.0-202106291913.p0.git.f3beb88.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-sdn-rhel8:v4.8.0-202106291913.p0.git.00d84a9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-telemeter:v4.8.0-202106291913.p0.git.d6ceb8a.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-tests:v4.8.0-202107131424.p0.git.0d958c3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-tools-rhel8:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vmware-vsphere-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.edbdd69.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vmware-vsphere-csi-driver-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.edbdd69.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-csi-driver-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-csi-driver-syncer-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-problem-detector-rhel8:v4.8.0-202106291913.p0.git.bf6f4fa.assembly.stream", "8Base-RHOSE-4.8:openshift4/ovirt-csi-driver-rhel7:v4.8.0-202106291913.p0.git.b1d4ec3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ovirt-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.7b6cd3d.assembly.stream" ] }, "references": [ { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2021-3121", "url": "https://www.cve.org/CVERecord?id=CVE-2021-3121" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-3121", "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-3121" }, { "category": "external", "summary": "CVE-2021-3121", "url": "https://access.redhat.com/security/cve/CVE-2021-3121" }, { "category": "external", "summary": "bz#1921650: CVE-2021-3121 gogo/protobuf: plugin/unmarshal/unmarshal.go lacks certain index validation", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1921650" } ], "release_date": "2021-01-11T00:00:00Z", "remediations": [ { "category": "vendor_fix", "details": "For OpenShift Container Platform 4.8 see the following documentation, which\nwill be updated shortly for this release, for important instructions on how\nto upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.8/release_notes/ocp-4-8-release-notes.html\n\nDetails on how to access this content are available at\nhttps://docs.openshift.com/container-platform/4.8/updating/updating-cluster-cli.html", "product_ids": [ "8Base-RHOSE-4.8:openshift4/ose-aws-ebs-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.d1fe616.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-ebs-csi-driver-rhel8:v4.8.0-202106291913.p0.git.8c036e4.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-pod-identity-webhook-rhel8:v4.8.0-202107081650.p0.git.2b8eee2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-installer-rhel8:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-machine-controllers:v4.8.0-202106291913.p0.git.a60d493.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-runtimecfg-rhel8:v4.8.0-202106291913.p0.git.c8b1456.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cloud-credential-operator:v4.8.0-202106291913.p0.git.b8932e9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-authentication-operator:v4.8.0-202106302318.p0.git.0ec8dd7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator:v4.8.0-202106291913.p0.git.07b3f81.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-dns-operator:v4.8.0-202107010313.p0.git.fdb2ebe.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-etcd-rhel8-operator:v4.8.0-202106291913.p0.git.300bdf3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-image-registry-operator:v4.8.0-202106291913.p0.git.f09049a.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-ingress-operator:v4.8.0-202106291913.p0.git.e9e6295.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator:v4.8.0-202106291913.p0.git.c4f4f8b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-network-operator:v4.8.0-202106291913.p0.git.a5ebd1e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-storage-operator:v4.8.0-202106291913.p0.git.0775fb6.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-coredns:v4.8.0-202106291913.p0.git.642b46e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-attacher-rhel8:v4.8.0-202106291913.p0.git.596da63.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-attacher:v4.8.0-202106291913.p0.git.596da63.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-provisioner-rhel8:v4.8.0-202106291913.p0.git.3ea7e68.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-provisioner:v4.8.0-202106291913.p0.git.3ea7e68.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-resizer-rhel8:v4.8.0-202106291913.p0.git.b5dd2b3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-resizer:v4.8.0-202106291913.p0.git.b5dd2b3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-snapshotter-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-snapshotter:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-snapshot-controller-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-snapshot-controller:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-docker-builder:v4.8.0-202107152024.p0.git.70b7b95.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-docker-registry:v4.8.0-202106291913.p0.git.a87e6c5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-haproxy-router:v4.8.0-202106291913.p0.git.207d546.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kube-state-metrics:v4.8.0-202106291913.p0.git.9471662.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kube-storage-version-migrator-rhel8:v4.8.0-202106291913.p0.git.901a6d2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openshift-controller-manager-rhel8:v4.8.0-202106291913.p0.git.2e25328.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-operator-lifecycle-manager:v4.8.0-202107160028.p0.git.2b803dd.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-operator-marketplace:v4.8.0-202106291913.p0.git.e39ff59.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-operator-registry:v4.8.0-202107160028.p0.git.2b803dd.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-service-ca-operator:v4.8.0-202107131132.p0.git.bcc6df4.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-thanos-rhel8:v4.8.0-202106291913.p0.git.c358e96.assembly.stream" ], "url": "https://access.redhat.com/errata/RHSA-2021:2438" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.6, "baseSeverity": "HIGH", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H", "version": "3.1" }, "products": [ "8Base-RHOSE-4.8:openshift4/ose-aws-ebs-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.d1fe616.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-ebs-csi-driver-rhel8:v4.8.0-202106291913.p0.git.8c036e4.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-pod-identity-webhook-rhel8:v4.8.0-202107081650.p0.git.2b8eee2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-installer-rhel8:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-machine-controllers:v4.8.0-202106291913.p0.git.a60d493.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-runtimecfg-rhel8:v4.8.0-202106291913.p0.git.c8b1456.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cloud-credential-operator:v4.8.0-202106291913.p0.git.b8932e9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-authentication-operator:v4.8.0-202106302318.p0.git.0ec8dd7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator:v4.8.0-202106291913.p0.git.07b3f81.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-dns-operator:v4.8.0-202107010313.p0.git.fdb2ebe.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-etcd-rhel8-operator:v4.8.0-202106291913.p0.git.300bdf3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-image-registry-operator:v4.8.0-202106291913.p0.git.f09049a.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-ingress-operator:v4.8.0-202106291913.p0.git.e9e6295.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator:v4.8.0-202106291913.p0.git.c4f4f8b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-network-operator:v4.8.0-202106291913.p0.git.a5ebd1e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-storage-operator:v4.8.0-202106291913.p0.git.0775fb6.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-coredns:v4.8.0-202106291913.p0.git.642b46e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-attacher-rhel8:v4.8.0-202106291913.p0.git.596da63.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-attacher:v4.8.0-202106291913.p0.git.596da63.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-provisioner-rhel8:v4.8.0-202106291913.p0.git.3ea7e68.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-provisioner:v4.8.0-202106291913.p0.git.3ea7e68.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-resizer-rhel8:v4.8.0-202106291913.p0.git.b5dd2b3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-resizer:v4.8.0-202106291913.p0.git.b5dd2b3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-snapshotter-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-snapshotter:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-snapshot-controller-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-snapshot-controller:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-docker-builder:v4.8.0-202107152024.p0.git.70b7b95.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-docker-registry:v4.8.0-202106291913.p0.git.a87e6c5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-haproxy-router:v4.8.0-202106291913.p0.git.207d546.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kube-state-metrics:v4.8.0-202106291913.p0.git.9471662.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kube-storage-version-migrator-rhel8:v4.8.0-202106291913.p0.git.901a6d2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openshift-controller-manager-rhel8:v4.8.0-202106291913.p0.git.2e25328.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-operator-lifecycle-manager:v4.8.0-202107160028.p0.git.2b803dd.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-operator-marketplace:v4.8.0-202106291913.p0.git.e39ff59.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-operator-registry:v4.8.0-202107160028.p0.git.2b803dd.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-service-ca-operator:v4.8.0-202107131132.p0.git.bcc6df4.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-thanos-rhel8:v4.8.0-202106291913.p0.git.c358e96.assembly.stream" ] } ], "threats": [ { "category": "impact", "date": "2021-01-28T00:00:00Z", "details": "Important" } ], "title": "CVE-2021-3121 gogo/protobuf: plugin/unmarshal/unmarshal.go lacks certain index validation" }, { "acknowledgments": [ { "names": [ "Casey Callendrello" ], "organization": "Red Hat", "summary": "This issue was discovered by Red Hat." } ], "cve": "CVE-2021-20206", "cwe": { "id": "CWE-22", "name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)" }, "discovery_date": "2021-01-22T00:00:00Z", "flags": [ { "label": "component_not_present", "product_ids": [ "8Base-RHOSE-4.8:openshift4/driver-toolkit-rhel8:v4.8.0-202107210116.p0.git.37de0e6.assembly.stream", "8Base-RHOSE-4.8:openshift4/egress-router-cni-rhel8:v4.8.0-202106291913.p0.git.016bea1.assembly.stream", "8Base-RHOSE-4.8:openshift4/network-tools-rhel8:v4.8.0-202106291913.p0.git.5ac3739.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-ebs-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.d1fe616.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-ebs-csi-driver-rhel8:v4.8.0-202106291913.p0.git.8c036e4.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-machine-controllers:v4.8.0-202107131617.p0.git.4c66f3d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-pod-identity-webhook-rhel8:v4.8.0-202107081650.p0.git.2b8eee2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-azure-disk-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.d3a3c29.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-azure-disk-csi-driver-rhel8:v4.8.0-202106291913.p0.git.2d461b3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-azure-machine-controllers:v4.8.0-202106291913.p0.git.8301076.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-installer-rhel8:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-machine-controllers:v4.8.0-202106291913.p0.git.a60d493.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-rhel8-operator:v4.8.0-202106291913.p0.git.015024f.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-runtimecfg-rhel8:v4.8.0-202106291913.p0.git.c8b1456.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cli-artifacts:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cli:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cloud-credential-operator:v4.8.0-202106291913.p0.git.b8932e9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-authentication-operator:v4.8.0-202106302318.p0.git.0ec8dd7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-autoscaler-operator:v4.8.0-202106291913.p0.git.fdae5ba.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-autoscaler:v4.8.0-202107152024.p0.git.7bbde4c.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-baremetal-operator-rhel8:v4.8.0-202106291913.p0.git.04a2ae2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-bootstrap:v4.8.0-202106291913.p0.git.1af395b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-config-operator:v4.8.0-202106291913.p0.git.c102241.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator:v4.8.0-202106291913.p0.git.07b3f81.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-dns-operator:v4.8.0-202107010313.p0.git.fdb2ebe.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-etcd-rhel8-operator:v4.8.0-202106291913.p0.git.300bdf3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-image-registry-operator:v4.8.0-202106291913.p0.git.f09049a.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-ingress-operator:v4.8.0-202106291913.p0.git.e9e6295.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-apiserver-operator:v4.8.0-202106291913.p0.git.d928754.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-controller-manager-operator:v4.8.0-202107141920.p0.git.9dc35db.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-scheduler-operator:v4.8.0-202106291913.p0.git.170a5a6.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator:v4.8.0-202106291913.p0.git.c4f4f8b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-machine-approver:v4.8.0-202106291913.p0.git.724abd2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-monitoring-operator:v4.8.0-202107151437.p0.git.5cfe241.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-network-operator:v4.8.0-202106291913.p0.git.a5ebd1e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-node-tuning-operator:v4.8.0-202107091725.p0.git.6be3f67.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-openshift-apiserver-operator:v4.8.0-202106291913.p0.git.683d004.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-openshift-controller-manager-operator:v4.8.0-202106291913.p0.git.286c157.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-policy-controller-rhel8:v4.8.0-202106291913.p0.git.ec46ea5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-samples-operator:v4.8.0-202107152024.p0.git.31fb491.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-storage-operator:v4.8.0-202106291913.p0.git.0775fb6.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-update-keys:v4.8.0-202106152230.p0.git.87835b7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-version-operator:v4.8.0-202106291913.p0.git.ea6e779.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-configmap-reloader:v4.8.0-202106291913.p0.git.abc5c26.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-console-operator:v4.8.0-202106291913.p0.git.b5cf3e0.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-console:v4.8.0-202107010336.p0.git.188a490.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-coredns:v4.8.0-202106291913.p0.git.642b46e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-driver-manila-rhel8-operator:v4.8.0-202106291913.p0.git.7e86252.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-driver-manila-rhel8:v4.8.0-202106291913.p0.git.3579ead.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-driver-nfs-rhel8:v4.8.0-202106291913.p0.git.9404d34.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-attacher-rhel8:v4.8.0-202106291913.p0.git.596da63.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-attacher:v4.8.0-202106291913.p0.git.596da63.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-provisioner-rhel8:v4.8.0-202106291913.p0.git.3ea7e68.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-provisioner:v4.8.0-202106291913.p0.git.3ea7e68.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-resizer-rhel8:v4.8.0-202106291913.p0.git.b5dd2b3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-resizer:v4.8.0-202106291913.p0.git.b5dd2b3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-snapshotter-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-snapshotter:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-livenessprobe-rhel8:v4.8.0-202106291913.p0.git.a29b115.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-livenessprobe:v4.8.0-202106291913.p0.git.a29b115.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-node-driver-registrar-rhel8:v4.8.0-202106291913.p0.git.0519730.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-node-driver-registrar:v4.8.0-202106291913.p0.git.0519730.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-snapshot-controller-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-snapshot-controller:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-snapshot-validation-webhook-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-deployer:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-docker-registry:v4.8.0-202106291913.p0.git.a87e6c5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-etcd:v4.8.0-202106152230.p0.git.aefa6bf.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-gcp-machine-controllers-rhel8:v4.8.0-202106291913.p0.git.34db56e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-gcp-pd-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.35ebe86.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-gcp-pd-csi-driver-rhel8:v4.8.0-202106291913.p0.git.0b61889.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-grafana:v4.8.0-202106291913.p0.git.b987e4b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-haproxy-router:v4.8.0-202106291913.p0.git.207d546.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-hyperkube:v4.8.0-202107161820.p0.git.051ac4f.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-insights-rhel8-operator:v4.8.0-202106291913.p0.git.2040a71.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-installer-artifacts:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-installer:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-hardware-inventory-recorder-rhel8:v4.8.0-202107191801.p0.git.61c4cc7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-inspector-rhel8:v4.8.0-202107191302.p0.git.9aafd07.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-ipa-downloader-rhel8:v4.8.0-202107152024.p0.git.ba87832.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-machine-os-downloader-rhel8:v4.8.0-202107152024.p0.git.71967e7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-rhel8:v4.8.0-202107191302.p0.git.227b76b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-static-ip-manager-rhel8:v4.8.0-202107152024.p0.git.d2e40e3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins-agent-base:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins-agent-maven:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins-agent-nodejs-12-rhel8:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-k8s-prometheus-adapter:v4.8.0-202106291913.p0.git.2856bc2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-keepalived-ipfailover:v4.8.0-202106152230.p0.git.ad38e11.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kube-proxy:v4.8.0-202106291913.p0.git.00d84a9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kube-state-metrics:v4.8.0-202106291913.p0.git.9471662.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kube-storage-version-migrator-rhel8:v4.8.0-202106291913.p0.git.901a6d2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kuryr-cni-rhel8:v4.8.0-202107191610.p0.git.8a4c2d8.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kuryr-controller-rhel8:v4.8.0-202107191610.p0.git.8a4c2d8.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-libvirt-machine-controllers:v4.8.0-202106291913.p0.git.1a48d4b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-machine-api-operator:v4.8.0-202107091016.p0.git.1155220.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-machine-config-operator:v4.8.0-202107011817.p0.git.29813c8.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-mdns-publisher-rhel8:v4.8.0-202106291913.p0.git.2c42cc4.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-admission-controller:v4.8.0-202106291913.p0.git.a7312f5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-cni:v4.8.0-202106291913.p0.git.0c97234.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-networkpolicy-rhel8:v4.8.0-202106291913.p0.git.187ad91.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-route-override-cni-rhel8:v4.8.0-202107152024.p0.git.1662c3e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-whereabouts-ipam-cni-rhel8:v4.8.0-202107152024.p0.git.9a05258.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-must-gather:v4.8.0-202106291913.p0.git.cc7e2a5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-network-metrics-daemon-rhel8:v4.8.0-202106291913.p0.git.f02c63a.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-oauth-apiserver-rhel8:v4.8.0-202106291913.p0.git.09435a5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-oauth-proxy:v4.8.0-202107152024.p0.git.3fc0d89.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-oauth-server-rhel8:v4.8.0-202106291913.p0.git.374e2ee.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openshift-apiserver-rhel8:v4.8.0-202106291913.p0.git.3949869.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openshift-controller-manager-rhel8:v4.8.0-202106291913.p0.git.2e25328.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openshift-state-metrics-rhel8:v4.8.0-202106291913.p0.git.1014291.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openstack-cinder-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.1184ace.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openstack-cinder-csi-driver-rhel8:v4.8.0-202106291913.p0.git.3579ead.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openstack-machine-controllers:v4.8.0-202106291913.p0.git.3024c78.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-operator-lifecycle-manager:v4.8.0-202107160028.p0.git.2b803dd.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-operator-marketplace:v4.8.0-202106291913.p0.git.e39ff59.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-operator-registry:v4.8.0-202107160028.p0.git.2b803dd.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ovirt-machine-controllers-rhel8:v4.8.0-202106291913.p0.git.86c1675.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ovn-kubernetes:v4.8.0-202106291913.p0.git.dbc67b5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-pod:v4.8.0-202107161820.p0.git.051ac4f.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prom-label-proxy:v4.8.0-202106291913.p0.git.2faeb40.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-alertmanager:v4.8.0-202106291913.p0.git.7b5ac87.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-config-reloader:v4.8.0-202106291913.p0.git.9d679a1.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-node-exporter:v4.8.0-202106291913.p0.git.c926449.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-operator:v4.8.0-202106291913.p0.git.9d679a1.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus:v4.8.0-202106291913.p0.git.f3beb88.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-sdn-rhel8:v4.8.0-202106291913.p0.git.00d84a9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-service-ca-operator:v4.8.0-202107131132.p0.git.bcc6df4.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-telemeter:v4.8.0-202106291913.p0.git.d6ceb8a.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-tests:v4.8.0-202107131424.p0.git.0d958c3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-thanos-rhel8:v4.8.0-202106291913.p0.git.c358e96.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-tools-rhel8:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vmware-vsphere-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.edbdd69.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vmware-vsphere-csi-driver-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.edbdd69.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-csi-driver-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-csi-driver-syncer-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-problem-detector-rhel8:v4.8.0-202106291913.p0.git.bf6f4fa.assembly.stream", "8Base-RHOSE-4.8:openshift4/ovirt-csi-driver-rhel7:v4.8.0-202106291913.p0.git.b1d4ec3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ovirt-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.7b6cd3d.assembly.stream" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla", "text": "https://bugzilla.redhat.com/show_bug.cgi?id=1919391" } ], "notes": [ { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" }, { "category": "description", "text": "An improper limitation of path name flaw was found in containernetworking/cni. When specifying the plugin to load in the `type` field in the network configuration, it is possible to use special elements such as \"../\" separators to reference binaries elsewhere on the system. This flaw allows an attacker to execute other existing binaries other than the cni plugins/types, such as `reboot`. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.", "title": "Vulnerability description" }, { "category": "summary", "text": "containernetworking-cni: Arbitrary path injection via type field in CNI configuration", "title": "Vulnerability summary" } ], "product_status": { "fixed": [ "8Base-RHOSE-4.8:openshift4/ose-container-networking-plugins-rhel8:v4.8.0-202106291913.p0.git.a8801b0.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-docker-builder:v4.8.0-202107152024.p0.git.70b7b95.assembly.stream" ], "known_not_affected": [ "8Base-RHOSE-4.8:openshift4/driver-toolkit-rhel8:v4.8.0-202107210116.p0.git.37de0e6.assembly.stream", "8Base-RHOSE-4.8:openshift4/egress-router-cni-rhel8:v4.8.0-202106291913.p0.git.016bea1.assembly.stream", "8Base-RHOSE-4.8:openshift4/network-tools-rhel8:v4.8.0-202106291913.p0.git.5ac3739.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-ebs-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.d1fe616.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-ebs-csi-driver-rhel8:v4.8.0-202106291913.p0.git.8c036e4.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-machine-controllers:v4.8.0-202107131617.p0.git.4c66f3d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-pod-identity-webhook-rhel8:v4.8.0-202107081650.p0.git.2b8eee2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-azure-disk-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.d3a3c29.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-azure-disk-csi-driver-rhel8:v4.8.0-202106291913.p0.git.2d461b3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-azure-machine-controllers:v4.8.0-202106291913.p0.git.8301076.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-installer-rhel8:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-machine-controllers:v4.8.0-202106291913.p0.git.a60d493.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-rhel8-operator:v4.8.0-202106291913.p0.git.015024f.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-runtimecfg-rhel8:v4.8.0-202106291913.p0.git.c8b1456.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cli-artifacts:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cli:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cloud-credential-operator:v4.8.0-202106291913.p0.git.b8932e9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-authentication-operator:v4.8.0-202106302318.p0.git.0ec8dd7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-autoscaler-operator:v4.8.0-202106291913.p0.git.fdae5ba.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-autoscaler:v4.8.0-202107152024.p0.git.7bbde4c.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-baremetal-operator-rhel8:v4.8.0-202106291913.p0.git.04a2ae2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-bootstrap:v4.8.0-202106291913.p0.git.1af395b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-config-operator:v4.8.0-202106291913.p0.git.c102241.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator:v4.8.0-202106291913.p0.git.07b3f81.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-dns-operator:v4.8.0-202107010313.p0.git.fdb2ebe.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-etcd-rhel8-operator:v4.8.0-202106291913.p0.git.300bdf3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-image-registry-operator:v4.8.0-202106291913.p0.git.f09049a.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-ingress-operator:v4.8.0-202106291913.p0.git.e9e6295.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-apiserver-operator:v4.8.0-202106291913.p0.git.d928754.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-controller-manager-operator:v4.8.0-202107141920.p0.git.9dc35db.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-scheduler-operator:v4.8.0-202106291913.p0.git.170a5a6.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator:v4.8.0-202106291913.p0.git.c4f4f8b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-machine-approver:v4.8.0-202106291913.p0.git.724abd2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-monitoring-operator:v4.8.0-202107151437.p0.git.5cfe241.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-network-operator:v4.8.0-202106291913.p0.git.a5ebd1e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-node-tuning-operator:v4.8.0-202107091725.p0.git.6be3f67.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-openshift-apiserver-operator:v4.8.0-202106291913.p0.git.683d004.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-openshift-controller-manager-operator:v4.8.0-202106291913.p0.git.286c157.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-policy-controller-rhel8:v4.8.0-202106291913.p0.git.ec46ea5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-samples-operator:v4.8.0-202107152024.p0.git.31fb491.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-storage-operator:v4.8.0-202106291913.p0.git.0775fb6.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-update-keys:v4.8.0-202106152230.p0.git.87835b7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-version-operator:v4.8.0-202106291913.p0.git.ea6e779.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-configmap-reloader:v4.8.0-202106291913.p0.git.abc5c26.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-console-operator:v4.8.0-202106291913.p0.git.b5cf3e0.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-console:v4.8.0-202107010336.p0.git.188a490.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-coredns:v4.8.0-202106291913.p0.git.642b46e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-driver-manila-rhel8-operator:v4.8.0-202106291913.p0.git.7e86252.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-driver-manila-rhel8:v4.8.0-202106291913.p0.git.3579ead.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-driver-nfs-rhel8:v4.8.0-202106291913.p0.git.9404d34.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-attacher-rhel8:v4.8.0-202106291913.p0.git.596da63.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-attacher:v4.8.0-202106291913.p0.git.596da63.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-provisioner-rhel8:v4.8.0-202106291913.p0.git.3ea7e68.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-provisioner:v4.8.0-202106291913.p0.git.3ea7e68.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-resizer-rhel8:v4.8.0-202106291913.p0.git.b5dd2b3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-resizer:v4.8.0-202106291913.p0.git.b5dd2b3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-snapshotter-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-snapshotter:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-livenessprobe-rhel8:v4.8.0-202106291913.p0.git.a29b115.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-livenessprobe:v4.8.0-202106291913.p0.git.a29b115.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-node-driver-registrar-rhel8:v4.8.0-202106291913.p0.git.0519730.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-node-driver-registrar:v4.8.0-202106291913.p0.git.0519730.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-snapshot-controller-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-snapshot-controller:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-snapshot-validation-webhook-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-deployer:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-docker-registry:v4.8.0-202106291913.p0.git.a87e6c5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-etcd:v4.8.0-202106152230.p0.git.aefa6bf.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-gcp-machine-controllers-rhel8:v4.8.0-202106291913.p0.git.34db56e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-gcp-pd-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.35ebe86.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-gcp-pd-csi-driver-rhel8:v4.8.0-202106291913.p0.git.0b61889.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-grafana:v4.8.0-202106291913.p0.git.b987e4b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-haproxy-router:v4.8.0-202106291913.p0.git.207d546.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-hyperkube:v4.8.0-202107161820.p0.git.051ac4f.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-insights-rhel8-operator:v4.8.0-202106291913.p0.git.2040a71.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-installer-artifacts:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-installer:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-hardware-inventory-recorder-rhel8:v4.8.0-202107191801.p0.git.61c4cc7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-inspector-rhel8:v4.8.0-202107191302.p0.git.9aafd07.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-ipa-downloader-rhel8:v4.8.0-202107152024.p0.git.ba87832.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-machine-os-downloader-rhel8:v4.8.0-202107152024.p0.git.71967e7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-rhel8:v4.8.0-202107191302.p0.git.227b76b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-static-ip-manager-rhel8:v4.8.0-202107152024.p0.git.d2e40e3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins-agent-base:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins-agent-maven:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins-agent-nodejs-12-rhel8:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-k8s-prometheus-adapter:v4.8.0-202106291913.p0.git.2856bc2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-keepalived-ipfailover:v4.8.0-202106152230.p0.git.ad38e11.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kube-proxy:v4.8.0-202106291913.p0.git.00d84a9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kube-state-metrics:v4.8.0-202106291913.p0.git.9471662.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kube-storage-version-migrator-rhel8:v4.8.0-202106291913.p0.git.901a6d2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kuryr-cni-rhel8:v4.8.0-202107191610.p0.git.8a4c2d8.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kuryr-controller-rhel8:v4.8.0-202107191610.p0.git.8a4c2d8.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-libvirt-machine-controllers:v4.8.0-202106291913.p0.git.1a48d4b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-machine-api-operator:v4.8.0-202107091016.p0.git.1155220.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-machine-config-operator:v4.8.0-202107011817.p0.git.29813c8.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-mdns-publisher-rhel8:v4.8.0-202106291913.p0.git.2c42cc4.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-admission-controller:v4.8.0-202106291913.p0.git.a7312f5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-cni:v4.8.0-202106291913.p0.git.0c97234.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-networkpolicy-rhel8:v4.8.0-202106291913.p0.git.187ad91.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-route-override-cni-rhel8:v4.8.0-202107152024.p0.git.1662c3e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-whereabouts-ipam-cni-rhel8:v4.8.0-202107152024.p0.git.9a05258.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-must-gather:v4.8.0-202106291913.p0.git.cc7e2a5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-network-metrics-daemon-rhel8:v4.8.0-202106291913.p0.git.f02c63a.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-oauth-apiserver-rhel8:v4.8.0-202106291913.p0.git.09435a5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-oauth-proxy:v4.8.0-202107152024.p0.git.3fc0d89.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-oauth-server-rhel8:v4.8.0-202106291913.p0.git.374e2ee.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openshift-apiserver-rhel8:v4.8.0-202106291913.p0.git.3949869.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openshift-controller-manager-rhel8:v4.8.0-202106291913.p0.git.2e25328.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openshift-state-metrics-rhel8:v4.8.0-202106291913.p0.git.1014291.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openstack-cinder-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.1184ace.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openstack-cinder-csi-driver-rhel8:v4.8.0-202106291913.p0.git.3579ead.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openstack-machine-controllers:v4.8.0-202106291913.p0.git.3024c78.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-operator-lifecycle-manager:v4.8.0-202107160028.p0.git.2b803dd.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-operator-marketplace:v4.8.0-202106291913.p0.git.e39ff59.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-operator-registry:v4.8.0-202107160028.p0.git.2b803dd.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ovirt-machine-controllers-rhel8:v4.8.0-202106291913.p0.git.86c1675.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ovn-kubernetes:v4.8.0-202106291913.p0.git.dbc67b5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-pod:v4.8.0-202107161820.p0.git.051ac4f.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prom-label-proxy:v4.8.0-202106291913.p0.git.2faeb40.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-alertmanager:v4.8.0-202106291913.p0.git.7b5ac87.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-config-reloader:v4.8.0-202106291913.p0.git.9d679a1.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-node-exporter:v4.8.0-202106291913.p0.git.c926449.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-operator:v4.8.0-202106291913.p0.git.9d679a1.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus:v4.8.0-202106291913.p0.git.f3beb88.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-sdn-rhel8:v4.8.0-202106291913.p0.git.00d84a9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-service-ca-operator:v4.8.0-202107131132.p0.git.bcc6df4.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-telemeter:v4.8.0-202106291913.p0.git.d6ceb8a.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-tests:v4.8.0-202107131424.p0.git.0d958c3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-thanos-rhel8:v4.8.0-202106291913.p0.git.c358e96.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-tools-rhel8:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vmware-vsphere-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.edbdd69.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vmware-vsphere-csi-driver-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.edbdd69.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-csi-driver-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-csi-driver-syncer-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-problem-detector-rhel8:v4.8.0-202106291913.p0.git.bf6f4fa.assembly.stream", "8Base-RHOSE-4.8:openshift4/ovirt-csi-driver-rhel7:v4.8.0-202106291913.p0.git.b1d4ec3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ovirt-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.7b6cd3d.assembly.stream" ] }, "references": [ { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2021-20206", "url": "https://www.cve.org/CVERecord?id=CVE-2021-20206" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-20206", "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-20206" }, { "category": "external", "summary": "CVE-2021-20206", "url": "https://access.redhat.com/security/cve/CVE-2021-20206" }, { "category": "external", "summary": "bz#1919391: CVE-2021-20206 containernetworking-cni: Arbitrary path injection via type field in CNI configuration", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1919391" } ], "release_date": "2021-02-05T00:00:00Z", "remediations": [ { "category": "vendor_fix", "details": "For OpenShift Container Platform 4.8 see the following documentation, which\nwill be updated shortly for this release, for important instructions on how\nto upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.8/release_notes/ocp-4-8-release-notes.html\n\nDetails on how to access this content are available at\nhttps://docs.openshift.com/container-platform/4.8/updating/updating-cluster-cli.html", "product_ids": [ "8Base-RHOSE-4.8:openshift4/ose-container-networking-plugins-rhel8:v4.8.0-202106291913.p0.git.a8801b0.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-docker-builder:v4.8.0-202107152024.p0.git.70b7b95.assembly.stream" ], "url": "https://access.redhat.com/errata/RHSA-2021:2438" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.2, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "8Base-RHOSE-4.8:openshift4/ose-container-networking-plugins-rhel8:v4.8.0-202106291913.p0.git.a8801b0.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-docker-builder:v4.8.0-202107152024.p0.git.70b7b95.assembly.stream" ] } ], "threats": [ { "category": "impact", "date": "2021-01-22T00:00:00Z", "details": "Moderate" } ], "title": "CVE-2021-20206 containernetworking-cni: Arbitrary path injection via type field in CNI configuration" }, { "acknowledgments": [ { "names": [ "Aviv Sasson" ], "organization": "Palo Alto Networks" } ], "cve": "CVE-2021-20291", "cwe": { "id": "CWE-667", "name": "Improper Locking" }, "discovery_date": "2021-03-12T00:00:00Z", "flags": [ { "label": "component_not_present", "product_ids": [ "8Base-RHOSE-4.8:openshift4/driver-toolkit-rhel8:v4.8.0-202107210116.p0.git.37de0e6.assembly.stream", "8Base-RHOSE-4.8:openshift4/egress-router-cni-rhel8:v4.8.0-202106291913.p0.git.016bea1.assembly.stream", "8Base-RHOSE-4.8:openshift4/network-tools-rhel8:v4.8.0-202106291913.p0.git.5ac3739.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-ebs-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.d1fe616.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-ebs-csi-driver-rhel8:v4.8.0-202106291913.p0.git.8c036e4.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-machine-controllers:v4.8.0-202107131617.p0.git.4c66f3d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-pod-identity-webhook-rhel8:v4.8.0-202107081650.p0.git.2b8eee2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-azure-disk-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.d3a3c29.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-azure-disk-csi-driver-rhel8:v4.8.0-202106291913.p0.git.2d461b3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-azure-machine-controllers:v4.8.0-202106291913.p0.git.8301076.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-installer-rhel8:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-machine-controllers:v4.8.0-202106291913.p0.git.a60d493.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-rhel8-operator:v4.8.0-202106291913.p0.git.015024f.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-runtimecfg-rhel8:v4.8.0-202106291913.p0.git.c8b1456.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cli-artifacts:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cli:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cloud-credential-operator:v4.8.0-202106291913.p0.git.b8932e9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-authentication-operator:v4.8.0-202106302318.p0.git.0ec8dd7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-autoscaler-operator:v4.8.0-202106291913.p0.git.fdae5ba.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-autoscaler:v4.8.0-202107152024.p0.git.7bbde4c.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-baremetal-operator-rhel8:v4.8.0-202106291913.p0.git.04a2ae2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-bootstrap:v4.8.0-202106291913.p0.git.1af395b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-config-operator:v4.8.0-202106291913.p0.git.c102241.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator:v4.8.0-202106291913.p0.git.07b3f81.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-dns-operator:v4.8.0-202107010313.p0.git.fdb2ebe.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-etcd-rhel8-operator:v4.8.0-202106291913.p0.git.300bdf3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-image-registry-operator:v4.8.0-202106291913.p0.git.f09049a.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-ingress-operator:v4.8.0-202106291913.p0.git.e9e6295.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-apiserver-operator:v4.8.0-202106291913.p0.git.d928754.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-controller-manager-operator:v4.8.0-202107141920.p0.git.9dc35db.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-scheduler-operator:v4.8.0-202106291913.p0.git.170a5a6.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator:v4.8.0-202106291913.p0.git.c4f4f8b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-machine-approver:v4.8.0-202106291913.p0.git.724abd2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-monitoring-operator:v4.8.0-202107151437.p0.git.5cfe241.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-network-operator:v4.8.0-202106291913.p0.git.a5ebd1e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-node-tuning-operator:v4.8.0-202107091725.p0.git.6be3f67.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-openshift-apiserver-operator:v4.8.0-202106291913.p0.git.683d004.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-openshift-controller-manager-operator:v4.8.0-202106291913.p0.git.286c157.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-policy-controller-rhel8:v4.8.0-202106291913.p0.git.ec46ea5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-samples-operator:v4.8.0-202107152024.p0.git.31fb491.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-storage-operator:v4.8.0-202106291913.p0.git.0775fb6.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-update-keys:v4.8.0-202106152230.p0.git.87835b7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-version-operator:v4.8.0-202106291913.p0.git.ea6e779.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-configmap-reloader:v4.8.0-202106291913.p0.git.abc5c26.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-console-operator:v4.8.0-202106291913.p0.git.b5cf3e0.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-console:v4.8.0-202107010336.p0.git.188a490.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-container-networking-plugins-rhel8:v4.8.0-202106291913.p0.git.a8801b0.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-coredns:v4.8.0-202106291913.p0.git.642b46e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-driver-manila-rhel8-operator:v4.8.0-202106291913.p0.git.7e86252.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-driver-manila-rhel8:v4.8.0-202106291913.p0.git.3579ead.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-driver-nfs-rhel8:v4.8.0-202106291913.p0.git.9404d34.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-attacher-rhel8:v4.8.0-202106291913.p0.git.596da63.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-attacher:v4.8.0-202106291913.p0.git.596da63.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-provisioner-rhel8:v4.8.0-202106291913.p0.git.3ea7e68.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-provisioner:v4.8.0-202106291913.p0.git.3ea7e68.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-resizer-rhel8:v4.8.0-202106291913.p0.git.b5dd2b3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-resizer:v4.8.0-202106291913.p0.git.b5dd2b3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-snapshotter-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-snapshotter:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-livenessprobe-rhel8:v4.8.0-202106291913.p0.git.a29b115.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-livenessprobe:v4.8.0-202106291913.p0.git.a29b115.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-node-driver-registrar-rhel8:v4.8.0-202106291913.p0.git.0519730.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-node-driver-registrar:v4.8.0-202106291913.p0.git.0519730.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-snapshot-controller-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-snapshot-controller:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-snapshot-validation-webhook-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-deployer:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-docker-registry:v4.8.0-202106291913.p0.git.a87e6c5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-etcd:v4.8.0-202106152230.p0.git.aefa6bf.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-gcp-machine-controllers-rhel8:v4.8.0-202106291913.p0.git.34db56e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-gcp-pd-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.35ebe86.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-gcp-pd-csi-driver-rhel8:v4.8.0-202106291913.p0.git.0b61889.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-grafana:v4.8.0-202106291913.p0.git.b987e4b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-haproxy-router:v4.8.0-202106291913.p0.git.207d546.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-hyperkube:v4.8.0-202107161820.p0.git.051ac4f.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-insights-rhel8-operator:v4.8.0-202106291913.p0.git.2040a71.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-installer-artifacts:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-installer:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-hardware-inventory-recorder-rhel8:v4.8.0-202107191801.p0.git.61c4cc7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-inspector-rhel8:v4.8.0-202107191302.p0.git.9aafd07.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-ipa-downloader-rhel8:v4.8.0-202107152024.p0.git.ba87832.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-machine-os-downloader-rhel8:v4.8.0-202107152024.p0.git.71967e7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-rhel8:v4.8.0-202107191302.p0.git.227b76b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-static-ip-manager-rhel8:v4.8.0-202107152024.p0.git.d2e40e3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins-agent-base:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins-agent-maven:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins-agent-nodejs-12-rhel8:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-k8s-prometheus-adapter:v4.8.0-202106291913.p0.git.2856bc2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-keepalived-ipfailover:v4.8.0-202106152230.p0.git.ad38e11.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kube-proxy:v4.8.0-202106291913.p0.git.00d84a9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kube-state-metrics:v4.8.0-202106291913.p0.git.9471662.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kube-storage-version-migrator-rhel8:v4.8.0-202106291913.p0.git.901a6d2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kuryr-cni-rhel8:v4.8.0-202107191610.p0.git.8a4c2d8.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kuryr-controller-rhel8:v4.8.0-202107191610.p0.git.8a4c2d8.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-libvirt-machine-controllers:v4.8.0-202106291913.p0.git.1a48d4b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-machine-api-operator:v4.8.0-202107091016.p0.git.1155220.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-machine-config-operator:v4.8.0-202107011817.p0.git.29813c8.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-mdns-publisher-rhel8:v4.8.0-202106291913.p0.git.2c42cc4.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-admission-controller:v4.8.0-202106291913.p0.git.a7312f5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-cni:v4.8.0-202106291913.p0.git.0c97234.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-networkpolicy-rhel8:v4.8.0-202106291913.p0.git.187ad91.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-route-override-cni-rhel8:v4.8.0-202107152024.p0.git.1662c3e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-whereabouts-ipam-cni-rhel8:v4.8.0-202107152024.p0.git.9a05258.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-must-gather:v4.8.0-202106291913.p0.git.cc7e2a5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-network-metrics-daemon-rhel8:v4.8.0-202106291913.p0.git.f02c63a.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-oauth-apiserver-rhel8:v4.8.0-202106291913.p0.git.09435a5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-oauth-proxy:v4.8.0-202107152024.p0.git.3fc0d89.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-oauth-server-rhel8:v4.8.0-202106291913.p0.git.374e2ee.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openshift-apiserver-rhel8:v4.8.0-202106291913.p0.git.3949869.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openshift-controller-manager-rhel8:v4.8.0-202106291913.p0.git.2e25328.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openshift-state-metrics-rhel8:v4.8.0-202106291913.p0.git.1014291.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openstack-cinder-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.1184ace.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openstack-cinder-csi-driver-rhel8:v4.8.0-202106291913.p0.git.3579ead.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openstack-machine-controllers:v4.8.0-202106291913.p0.git.3024c78.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-operator-lifecycle-manager:v4.8.0-202107160028.p0.git.2b803dd.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-operator-marketplace:v4.8.0-202106291913.p0.git.e39ff59.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-operator-registry:v4.8.0-202107160028.p0.git.2b803dd.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ovirt-machine-controllers-rhel8:v4.8.0-202106291913.p0.git.86c1675.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ovn-kubernetes:v4.8.0-202106291913.p0.git.dbc67b5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-pod:v4.8.0-202107161820.p0.git.051ac4f.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prom-label-proxy:v4.8.0-202106291913.p0.git.2faeb40.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-alertmanager:v4.8.0-202106291913.p0.git.7b5ac87.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-config-reloader:v4.8.0-202106291913.p0.git.9d679a1.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-node-exporter:v4.8.0-202106291913.p0.git.c926449.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-operator:v4.8.0-202106291913.p0.git.9d679a1.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus:v4.8.0-202106291913.p0.git.f3beb88.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-sdn-rhel8:v4.8.0-202106291913.p0.git.00d84a9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-service-ca-operator:v4.8.0-202107131132.p0.git.bcc6df4.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-telemeter:v4.8.0-202106291913.p0.git.d6ceb8a.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-tests:v4.8.0-202107131424.p0.git.0d958c3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-thanos-rhel8:v4.8.0-202106291913.p0.git.c358e96.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-tools-rhel8:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vmware-vsphere-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.edbdd69.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vmware-vsphere-csi-driver-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.edbdd69.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-csi-driver-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-csi-driver-syncer-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-problem-detector-rhel8:v4.8.0-202106291913.p0.git.bf6f4fa.assembly.stream", "8Base-RHOSE-4.8:openshift4/ovirt-csi-driver-rhel7:v4.8.0-202106291913.p0.git.b1d4ec3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ovirt-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.7b6cd3d.assembly.stream" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla", "text": "https://bugzilla.redhat.com/show_bug.cgi?id=1939485" } ], "notes": [ { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" }, { "category": "description", "text": "A deadlock vulnerability was found in `github.com/containers/storage`. When a container image is processed, each layer is unpacked using `tar`. If one of those layers is not a valid `tar` archive this causes an error leading to an unexpected situation where the code indefinitely waits for the tar unpacked stream, which never finishes. An attacker could use this vulnerability to craft a malicious image, which when downloaded and stored by an application using containers/storage, would then cause a deadlock leading to a Denial of Service (DoS).", "title": "Vulnerability description" }, { "category": "summary", "text": "containers/storage: DoS via malicious image", "title": "Vulnerability summary" } ], "product_status": { "fixed": [ "8Base-RHOSE-4.8:openshift4/ose-docker-builder:v4.8.0-202107152024.p0.git.70b7b95.assembly.stream" ], "known_not_affected": [ "8Base-RHOSE-4.8:openshift4/driver-toolkit-rhel8:v4.8.0-202107210116.p0.git.37de0e6.assembly.stream", "8Base-RHOSE-4.8:openshift4/egress-router-cni-rhel8:v4.8.0-202106291913.p0.git.016bea1.assembly.stream", "8Base-RHOSE-4.8:openshift4/network-tools-rhel8:v4.8.0-202106291913.p0.git.5ac3739.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-ebs-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.d1fe616.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-ebs-csi-driver-rhel8:v4.8.0-202106291913.p0.git.8c036e4.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-machine-controllers:v4.8.0-202107131617.p0.git.4c66f3d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-pod-identity-webhook-rhel8:v4.8.0-202107081650.p0.git.2b8eee2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-azure-disk-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.d3a3c29.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-azure-disk-csi-driver-rhel8:v4.8.0-202106291913.p0.git.2d461b3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-azure-machine-controllers:v4.8.0-202106291913.p0.git.8301076.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-installer-rhel8:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-machine-controllers:v4.8.0-202106291913.p0.git.a60d493.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-rhel8-operator:v4.8.0-202106291913.p0.git.015024f.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-runtimecfg-rhel8:v4.8.0-202106291913.p0.git.c8b1456.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cli-artifacts:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cli:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cloud-credential-operator:v4.8.0-202106291913.p0.git.b8932e9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-authentication-operator:v4.8.0-202106302318.p0.git.0ec8dd7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-autoscaler-operator:v4.8.0-202106291913.p0.git.fdae5ba.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-autoscaler:v4.8.0-202107152024.p0.git.7bbde4c.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-baremetal-operator-rhel8:v4.8.0-202106291913.p0.git.04a2ae2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-bootstrap:v4.8.0-202106291913.p0.git.1af395b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-config-operator:v4.8.0-202106291913.p0.git.c102241.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator:v4.8.0-202106291913.p0.git.07b3f81.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-dns-operator:v4.8.0-202107010313.p0.git.fdb2ebe.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-etcd-rhel8-operator:v4.8.0-202106291913.p0.git.300bdf3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-image-registry-operator:v4.8.0-202106291913.p0.git.f09049a.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-ingress-operator:v4.8.0-202106291913.p0.git.e9e6295.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-apiserver-operator:v4.8.0-202106291913.p0.git.d928754.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-controller-manager-operator:v4.8.0-202107141920.p0.git.9dc35db.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-scheduler-operator:v4.8.0-202106291913.p0.git.170a5a6.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator:v4.8.0-202106291913.p0.git.c4f4f8b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-machine-approver:v4.8.0-202106291913.p0.git.724abd2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-monitoring-operator:v4.8.0-202107151437.p0.git.5cfe241.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-network-operator:v4.8.0-202106291913.p0.git.a5ebd1e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-node-tuning-operator:v4.8.0-202107091725.p0.git.6be3f67.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-openshift-apiserver-operator:v4.8.0-202106291913.p0.git.683d004.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-openshift-controller-manager-operator:v4.8.0-202106291913.p0.git.286c157.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-policy-controller-rhel8:v4.8.0-202106291913.p0.git.ec46ea5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-samples-operator:v4.8.0-202107152024.p0.git.31fb491.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-storage-operator:v4.8.0-202106291913.p0.git.0775fb6.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-update-keys:v4.8.0-202106152230.p0.git.87835b7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-version-operator:v4.8.0-202106291913.p0.git.ea6e779.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-configmap-reloader:v4.8.0-202106291913.p0.git.abc5c26.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-console-operator:v4.8.0-202106291913.p0.git.b5cf3e0.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-console:v4.8.0-202107010336.p0.git.188a490.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-container-networking-plugins-rhel8:v4.8.0-202106291913.p0.git.a8801b0.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-coredns:v4.8.0-202106291913.p0.git.642b46e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-driver-manila-rhel8-operator:v4.8.0-202106291913.p0.git.7e86252.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-driver-manila-rhel8:v4.8.0-202106291913.p0.git.3579ead.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-driver-nfs-rhel8:v4.8.0-202106291913.p0.git.9404d34.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-attacher-rhel8:v4.8.0-202106291913.p0.git.596da63.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-attacher:v4.8.0-202106291913.p0.git.596da63.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-provisioner-rhel8:v4.8.0-202106291913.p0.git.3ea7e68.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-provisioner:v4.8.0-202106291913.p0.git.3ea7e68.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-resizer-rhel8:v4.8.0-202106291913.p0.git.b5dd2b3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-resizer:v4.8.0-202106291913.p0.git.b5dd2b3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-snapshotter-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-snapshotter:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-livenessprobe-rhel8:v4.8.0-202106291913.p0.git.a29b115.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-livenessprobe:v4.8.0-202106291913.p0.git.a29b115.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-node-driver-registrar-rhel8:v4.8.0-202106291913.p0.git.0519730.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-node-driver-registrar:v4.8.0-202106291913.p0.git.0519730.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-snapshot-controller-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-snapshot-controller:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-snapshot-validation-webhook-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-deployer:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-docker-registry:v4.8.0-202106291913.p0.git.a87e6c5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-etcd:v4.8.0-202106152230.p0.git.aefa6bf.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-gcp-machine-controllers-rhel8:v4.8.0-202106291913.p0.git.34db56e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-gcp-pd-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.35ebe86.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-gcp-pd-csi-driver-rhel8:v4.8.0-202106291913.p0.git.0b61889.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-grafana:v4.8.0-202106291913.p0.git.b987e4b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-haproxy-router:v4.8.0-202106291913.p0.git.207d546.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-hyperkube:v4.8.0-202107161820.p0.git.051ac4f.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-insights-rhel8-operator:v4.8.0-202106291913.p0.git.2040a71.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-installer-artifacts:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-installer:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-hardware-inventory-recorder-rhel8:v4.8.0-202107191801.p0.git.61c4cc7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-inspector-rhel8:v4.8.0-202107191302.p0.git.9aafd07.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-ipa-downloader-rhel8:v4.8.0-202107152024.p0.git.ba87832.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-machine-os-downloader-rhel8:v4.8.0-202107152024.p0.git.71967e7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-rhel8:v4.8.0-202107191302.p0.git.227b76b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-static-ip-manager-rhel8:v4.8.0-202107152024.p0.git.d2e40e3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins-agent-base:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins-agent-maven:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins-agent-nodejs-12-rhel8:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-k8s-prometheus-adapter:v4.8.0-202106291913.p0.git.2856bc2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-keepalived-ipfailover:v4.8.0-202106152230.p0.git.ad38e11.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kube-proxy:v4.8.0-202106291913.p0.git.00d84a9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kube-state-metrics:v4.8.0-202106291913.p0.git.9471662.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kube-storage-version-migrator-rhel8:v4.8.0-202106291913.p0.git.901a6d2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kuryr-cni-rhel8:v4.8.0-202107191610.p0.git.8a4c2d8.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kuryr-controller-rhel8:v4.8.0-202107191610.p0.git.8a4c2d8.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-libvirt-machine-controllers:v4.8.0-202106291913.p0.git.1a48d4b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-machine-api-operator:v4.8.0-202107091016.p0.git.1155220.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-machine-config-operator:v4.8.0-202107011817.p0.git.29813c8.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-mdns-publisher-rhel8:v4.8.0-202106291913.p0.git.2c42cc4.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-admission-controller:v4.8.0-202106291913.p0.git.a7312f5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-cni:v4.8.0-202106291913.p0.git.0c97234.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-networkpolicy-rhel8:v4.8.0-202106291913.p0.git.187ad91.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-route-override-cni-rhel8:v4.8.0-202107152024.p0.git.1662c3e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-whereabouts-ipam-cni-rhel8:v4.8.0-202107152024.p0.git.9a05258.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-must-gather:v4.8.0-202106291913.p0.git.cc7e2a5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-network-metrics-daemon-rhel8:v4.8.0-202106291913.p0.git.f02c63a.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-oauth-apiserver-rhel8:v4.8.0-202106291913.p0.git.09435a5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-oauth-proxy:v4.8.0-202107152024.p0.git.3fc0d89.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-oauth-server-rhel8:v4.8.0-202106291913.p0.git.374e2ee.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openshift-apiserver-rhel8:v4.8.0-202106291913.p0.git.3949869.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openshift-controller-manager-rhel8:v4.8.0-202106291913.p0.git.2e25328.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openshift-state-metrics-rhel8:v4.8.0-202106291913.p0.git.1014291.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openstack-cinder-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.1184ace.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openstack-cinder-csi-driver-rhel8:v4.8.0-202106291913.p0.git.3579ead.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openstack-machine-controllers:v4.8.0-202106291913.p0.git.3024c78.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-operator-lifecycle-manager:v4.8.0-202107160028.p0.git.2b803dd.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-operator-marketplace:v4.8.0-202106291913.p0.git.e39ff59.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-operator-registry:v4.8.0-202107160028.p0.git.2b803dd.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ovirt-machine-controllers-rhel8:v4.8.0-202106291913.p0.git.86c1675.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ovn-kubernetes:v4.8.0-202106291913.p0.git.dbc67b5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-pod:v4.8.0-202107161820.p0.git.051ac4f.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prom-label-proxy:v4.8.0-202106291913.p0.git.2faeb40.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-alertmanager:v4.8.0-202106291913.p0.git.7b5ac87.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-config-reloader:v4.8.0-202106291913.p0.git.9d679a1.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-node-exporter:v4.8.0-202106291913.p0.git.c926449.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-operator:v4.8.0-202106291913.p0.git.9d679a1.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus:v4.8.0-202106291913.p0.git.f3beb88.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-sdn-rhel8:v4.8.0-202106291913.p0.git.00d84a9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-service-ca-operator:v4.8.0-202107131132.p0.git.bcc6df4.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-telemeter:v4.8.0-202106291913.p0.git.d6ceb8a.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-tests:v4.8.0-202107131424.p0.git.0d958c3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-thanos-rhel8:v4.8.0-202106291913.p0.git.c358e96.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-tools-rhel8:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vmware-vsphere-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.edbdd69.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vmware-vsphere-csi-driver-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.edbdd69.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-csi-driver-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-csi-driver-syncer-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-problem-detector-rhel8:v4.8.0-202106291913.p0.git.bf6f4fa.assembly.stream", "8Base-RHOSE-4.8:openshift4/ovirt-csi-driver-rhel7:v4.8.0-202106291913.p0.git.b1d4ec3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ovirt-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.7b6cd3d.assembly.stream" ] }, "references": [ { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2021-20291", "url": "https://www.cve.org/CVERecord?id=CVE-2021-20291" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-20291", "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-20291" }, { "category": "external", "summary": "https://unit42.paloaltonetworks.com/cve-2021-20291/", "url": "https://unit42.paloaltonetworks.com/cve-2021-20291/" }, { "category": "external", "summary": "CVE-2021-20291", "url": "https://access.redhat.com/security/cve/CVE-2021-20291" }, { "category": "external", "summary": "bz#1939485: CVE-2021-20291 containers/storage: DoS via malicious image", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1939485" } ], "release_date": "2021-04-01T00:00:00Z", "remediations": [ { "category": "vendor_fix", "details": "For OpenShift Container Platform 4.8 see the following documentation, which\nwill be updated shortly for this release, for important instructions on how\nto upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.8/release_notes/ocp-4-8-release-notes.html\n\nDetails on how to access this content are available at\nhttps://docs.openshift.com/container-platform/4.8/updating/updating-cluster-cli.html", "product_ids": [ "8Base-RHOSE-4.8:openshift4/ose-docker-builder:v4.8.0-202107152024.p0.git.70b7b95.assembly.stream" ], "url": "https://access.redhat.com/errata/RHSA-2021:2438" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "8Base-RHOSE-4.8:openshift4/ose-docker-builder:v4.8.0-202107152024.p0.git.70b7b95.assembly.stream" ] } ], "threats": [ { "category": "impact", "date": "2021-03-12T00:00:00Z", "details": "Moderate" } ], "title": "CVE-2021-20291 containers/storage: DoS via malicious image" }, { "cve": "CVE-2021-22133", "cwe": { "id": "CWE-532", "name": "Insertion of Sensitive Information into Log File" }, "discovery_date": "2021-03-24T00:00:00Z", "flags": [ { "label": "component_not_present", "product_ids": [ "8Base-RHOSE-4.8:openshift4/driver-toolkit-rhel8:v4.8.0-202107210116.p0.git.37de0e6.assembly.stream", "8Base-RHOSE-4.8:openshift4/egress-router-cni-rhel8:v4.8.0-202106291913.p0.git.016bea1.assembly.stream", "8Base-RHOSE-4.8:openshift4/network-tools-rhel8:v4.8.0-202106291913.p0.git.5ac3739.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-ebs-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.d1fe616.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-ebs-csi-driver-rhel8:v4.8.0-202106291913.p0.git.8c036e4.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-machine-controllers:v4.8.0-202107131617.p0.git.4c66f3d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-pod-identity-webhook-rhel8:v4.8.0-202107081650.p0.git.2b8eee2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-azure-disk-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.d3a3c29.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-azure-disk-csi-driver-rhel8:v4.8.0-202106291913.p0.git.2d461b3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-azure-machine-controllers:v4.8.0-202106291913.p0.git.8301076.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-installer-rhel8:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-machine-controllers:v4.8.0-202106291913.p0.git.a60d493.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-rhel8-operator:v4.8.0-202106291913.p0.git.015024f.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-runtimecfg-rhel8:v4.8.0-202106291913.p0.git.c8b1456.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cli-artifacts:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cli:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cloud-credential-operator:v4.8.0-202106291913.p0.git.b8932e9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-authentication-operator:v4.8.0-202106302318.p0.git.0ec8dd7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-autoscaler-operator:v4.8.0-202106291913.p0.git.fdae5ba.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-autoscaler:v4.8.0-202107152024.p0.git.7bbde4c.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-baremetal-operator-rhel8:v4.8.0-202106291913.p0.git.04a2ae2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-bootstrap:v4.8.0-202106291913.p0.git.1af395b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-config-operator:v4.8.0-202106291913.p0.git.c102241.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator:v4.8.0-202106291913.p0.git.07b3f81.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-dns-operator:v4.8.0-202107010313.p0.git.fdb2ebe.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-etcd-rhel8-operator:v4.8.0-202106291913.p0.git.300bdf3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-image-registry-operator:v4.8.0-202106291913.p0.git.f09049a.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-ingress-operator:v4.8.0-202106291913.p0.git.e9e6295.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-apiserver-operator:v4.8.0-202106291913.p0.git.d928754.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-controller-manager-operator:v4.8.0-202107141920.p0.git.9dc35db.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-scheduler-operator:v4.8.0-202106291913.p0.git.170a5a6.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator:v4.8.0-202106291913.p0.git.c4f4f8b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-machine-approver:v4.8.0-202106291913.p0.git.724abd2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-monitoring-operator:v4.8.0-202107151437.p0.git.5cfe241.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-network-operator:v4.8.0-202106291913.p0.git.a5ebd1e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-node-tuning-operator:v4.8.0-202107091725.p0.git.6be3f67.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-openshift-apiserver-operator:v4.8.0-202106291913.p0.git.683d004.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-openshift-controller-manager-operator:v4.8.0-202106291913.p0.git.286c157.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-policy-controller-rhel8:v4.8.0-202106291913.p0.git.ec46ea5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-samples-operator:v4.8.0-202107152024.p0.git.31fb491.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-storage-operator:v4.8.0-202106291913.p0.git.0775fb6.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-update-keys:v4.8.0-202106152230.p0.git.87835b7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-version-operator:v4.8.0-202106291913.p0.git.ea6e779.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-configmap-reloader:v4.8.0-202106291913.p0.git.abc5c26.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-console-operator:v4.8.0-202106291913.p0.git.b5cf3e0.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-console:v4.8.0-202107010336.p0.git.188a490.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-container-networking-plugins-rhel8:v4.8.0-202106291913.p0.git.a8801b0.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-coredns:v4.8.0-202106291913.p0.git.642b46e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-driver-manila-rhel8-operator:v4.8.0-202106291913.p0.git.7e86252.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-driver-manila-rhel8:v4.8.0-202106291913.p0.git.3579ead.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-driver-nfs-rhel8:v4.8.0-202106291913.p0.git.9404d34.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-attacher-rhel8:v4.8.0-202106291913.p0.git.596da63.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-attacher:v4.8.0-202106291913.p0.git.596da63.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-provisioner-rhel8:v4.8.0-202106291913.p0.git.3ea7e68.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-provisioner:v4.8.0-202106291913.p0.git.3ea7e68.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-resizer-rhel8:v4.8.0-202106291913.p0.git.b5dd2b3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-resizer:v4.8.0-202106291913.p0.git.b5dd2b3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-snapshotter-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-snapshotter:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-livenessprobe-rhel8:v4.8.0-202106291913.p0.git.a29b115.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-livenessprobe:v4.8.0-202106291913.p0.git.a29b115.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-node-driver-registrar-rhel8:v4.8.0-202106291913.p0.git.0519730.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-node-driver-registrar:v4.8.0-202106291913.p0.git.0519730.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-snapshot-controller-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-snapshot-controller:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-snapshot-validation-webhook-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-deployer:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-docker-builder:v4.8.0-202107152024.p0.git.70b7b95.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-docker-registry:v4.8.0-202106291913.p0.git.a87e6c5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-etcd:v4.8.0-202106152230.p0.git.aefa6bf.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-gcp-machine-controllers-rhel8:v4.8.0-202106291913.p0.git.34db56e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-gcp-pd-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.35ebe86.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-gcp-pd-csi-driver-rhel8:v4.8.0-202106291913.p0.git.0b61889.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-grafana:v4.8.0-202106291913.p0.git.b987e4b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-haproxy-router:v4.8.0-202106291913.p0.git.207d546.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-hyperkube:v4.8.0-202107161820.p0.git.051ac4f.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-insights-rhel8-operator:v4.8.0-202106291913.p0.git.2040a71.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-installer-artifacts:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-installer:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-hardware-inventory-recorder-rhel8:v4.8.0-202107191801.p0.git.61c4cc7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-inspector-rhel8:v4.8.0-202107191302.p0.git.9aafd07.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-ipa-downloader-rhel8:v4.8.0-202107152024.p0.git.ba87832.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-machine-os-downloader-rhel8:v4.8.0-202107152024.p0.git.71967e7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-rhel8:v4.8.0-202107191302.p0.git.227b76b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-static-ip-manager-rhel8:v4.8.0-202107152024.p0.git.d2e40e3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins-agent-base:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins-agent-maven:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins-agent-nodejs-12-rhel8:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-k8s-prometheus-adapter:v4.8.0-202106291913.p0.git.2856bc2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-keepalived-ipfailover:v4.8.0-202106152230.p0.git.ad38e11.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kube-proxy:v4.8.0-202106291913.p0.git.00d84a9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kube-state-metrics:v4.8.0-202106291913.p0.git.9471662.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kube-storage-version-migrator-rhel8:v4.8.0-202106291913.p0.git.901a6d2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kuryr-cni-rhel8:v4.8.0-202107191610.p0.git.8a4c2d8.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kuryr-controller-rhel8:v4.8.0-202107191610.p0.git.8a4c2d8.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-libvirt-machine-controllers:v4.8.0-202106291913.p0.git.1a48d4b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-machine-api-operator:v4.8.0-202107091016.p0.git.1155220.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-machine-config-operator:v4.8.0-202107011817.p0.git.29813c8.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-mdns-publisher-rhel8:v4.8.0-202106291913.p0.git.2c42cc4.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-admission-controller:v4.8.0-202106291913.p0.git.a7312f5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-cni:v4.8.0-202106291913.p0.git.0c97234.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-networkpolicy-rhel8:v4.8.0-202106291913.p0.git.187ad91.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-route-override-cni-rhel8:v4.8.0-202107152024.p0.git.1662c3e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-whereabouts-ipam-cni-rhel8:v4.8.0-202107152024.p0.git.9a05258.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-must-gather:v4.8.0-202106291913.p0.git.cc7e2a5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-network-metrics-daemon-rhel8:v4.8.0-202106291913.p0.git.f02c63a.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-oauth-apiserver-rhel8:v4.8.0-202106291913.p0.git.09435a5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-oauth-proxy:v4.8.0-202107152024.p0.git.3fc0d89.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-oauth-server-rhel8:v4.8.0-202106291913.p0.git.374e2ee.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openshift-apiserver-rhel8:v4.8.0-202106291913.p0.git.3949869.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openshift-controller-manager-rhel8:v4.8.0-202106291913.p0.git.2e25328.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openshift-state-metrics-rhel8:v4.8.0-202106291913.p0.git.1014291.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openstack-cinder-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.1184ace.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openstack-cinder-csi-driver-rhel8:v4.8.0-202106291913.p0.git.3579ead.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openstack-machine-controllers:v4.8.0-202106291913.p0.git.3024c78.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-operator-lifecycle-manager:v4.8.0-202107160028.p0.git.2b803dd.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-operator-marketplace:v4.8.0-202106291913.p0.git.e39ff59.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-operator-registry:v4.8.0-202107160028.p0.git.2b803dd.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ovirt-machine-controllers-rhel8:v4.8.0-202106291913.p0.git.86c1675.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ovn-kubernetes:v4.8.0-202106291913.p0.git.dbc67b5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-pod:v4.8.0-202107161820.p0.git.051ac4f.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prom-label-proxy:v4.8.0-202106291913.p0.git.2faeb40.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-alertmanager:v4.8.0-202106291913.p0.git.7b5ac87.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-config-reloader:v4.8.0-202106291913.p0.git.9d679a1.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-node-exporter:v4.8.0-202106291913.p0.git.c926449.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-operator:v4.8.0-202106291913.p0.git.9d679a1.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus:v4.8.0-202106291913.p0.git.f3beb88.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-sdn-rhel8:v4.8.0-202106291913.p0.git.00d84a9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-service-ca-operator:v4.8.0-202107131132.p0.git.bcc6df4.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-telemeter:v4.8.0-202106291913.p0.git.d6ceb8a.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-tests:v4.8.0-202107131424.p0.git.0d958c3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-tools-rhel8:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vmware-vsphere-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.edbdd69.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vmware-vsphere-csi-driver-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.edbdd69.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-csi-driver-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-csi-driver-syncer-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-problem-detector-rhel8:v4.8.0-202106291913.p0.git.bf6f4fa.assembly.stream", "8Base-RHOSE-4.8:openshift4/ovirt-csi-driver-rhel7:v4.8.0-202106291913.p0.git.b1d4ec3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ovirt-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.7b6cd3d.assembly.stream" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla", "text": "https://bugzilla.redhat.com/show_bug.cgi?id=1942553" } ], "notes": [ { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" }, { "category": "description", "text": "A flaw was found in the Elastic APM agent for Go in several versions, where it can leak sensitive HTTP header information when logging the details during an application panic. Normally, the APM agent will sanitize sensitive HTTP header details before sending the information to the APM server. During an application panic, it is possible the headers will not be sanitized before being sent. The highest threat from this vulnerability is to confidentiality.", "title": "Vulnerability description" }, { "category": "summary", "text": "go.elastic.co/apm: leaks sensitive HTTP headers during panic", "title": "Vulnerability summary" } ], "product_status": { "fixed": [ "8Base-RHOSE-4.8:openshift4/ose-thanos-rhel8:v4.8.0-202106291913.p0.git.c358e96.assembly.stream" ], "known_not_affected": [ "8Base-RHOSE-4.8:openshift4/driver-toolkit-rhel8:v4.8.0-202107210116.p0.git.37de0e6.assembly.stream", "8Base-RHOSE-4.8:openshift4/egress-router-cni-rhel8:v4.8.0-202106291913.p0.git.016bea1.assembly.stream", "8Base-RHOSE-4.8:openshift4/network-tools-rhel8:v4.8.0-202106291913.p0.git.5ac3739.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-ebs-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.d1fe616.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-ebs-csi-driver-rhel8:v4.8.0-202106291913.p0.git.8c036e4.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-machine-controllers:v4.8.0-202107131617.p0.git.4c66f3d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-pod-identity-webhook-rhel8:v4.8.0-202107081650.p0.git.2b8eee2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-azure-disk-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.d3a3c29.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-azure-disk-csi-driver-rhel8:v4.8.0-202106291913.p0.git.2d461b3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-azure-machine-controllers:v4.8.0-202106291913.p0.git.8301076.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-installer-rhel8:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-machine-controllers:v4.8.0-202106291913.p0.git.a60d493.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-rhel8-operator:v4.8.0-202106291913.p0.git.015024f.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-runtimecfg-rhel8:v4.8.0-202106291913.p0.git.c8b1456.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cli-artifacts:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cli:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cloud-credential-operator:v4.8.0-202106291913.p0.git.b8932e9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-authentication-operator:v4.8.0-202106302318.p0.git.0ec8dd7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-autoscaler-operator:v4.8.0-202106291913.p0.git.fdae5ba.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-autoscaler:v4.8.0-202107152024.p0.git.7bbde4c.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-baremetal-operator-rhel8:v4.8.0-202106291913.p0.git.04a2ae2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-bootstrap:v4.8.0-202106291913.p0.git.1af395b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-config-operator:v4.8.0-202106291913.p0.git.c102241.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator:v4.8.0-202106291913.p0.git.07b3f81.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-dns-operator:v4.8.0-202107010313.p0.git.fdb2ebe.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-etcd-rhel8-operator:v4.8.0-202106291913.p0.git.300bdf3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-image-registry-operator:v4.8.0-202106291913.p0.git.f09049a.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-ingress-operator:v4.8.0-202106291913.p0.git.e9e6295.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-apiserver-operator:v4.8.0-202106291913.p0.git.d928754.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-controller-manager-operator:v4.8.0-202107141920.p0.git.9dc35db.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-scheduler-operator:v4.8.0-202106291913.p0.git.170a5a6.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator:v4.8.0-202106291913.p0.git.c4f4f8b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-machine-approver:v4.8.0-202106291913.p0.git.724abd2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-monitoring-operator:v4.8.0-202107151437.p0.git.5cfe241.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-network-operator:v4.8.0-202106291913.p0.git.a5ebd1e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-node-tuning-operator:v4.8.0-202107091725.p0.git.6be3f67.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-openshift-apiserver-operator:v4.8.0-202106291913.p0.git.683d004.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-openshift-controller-manager-operator:v4.8.0-202106291913.p0.git.286c157.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-policy-controller-rhel8:v4.8.0-202106291913.p0.git.ec46ea5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-samples-operator:v4.8.0-202107152024.p0.git.31fb491.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-storage-operator:v4.8.0-202106291913.p0.git.0775fb6.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-update-keys:v4.8.0-202106152230.p0.git.87835b7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-version-operator:v4.8.0-202106291913.p0.git.ea6e779.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-configmap-reloader:v4.8.0-202106291913.p0.git.abc5c26.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-console-operator:v4.8.0-202106291913.p0.git.b5cf3e0.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-console:v4.8.0-202107010336.p0.git.188a490.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-container-networking-plugins-rhel8:v4.8.0-202106291913.p0.git.a8801b0.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-coredns:v4.8.0-202106291913.p0.git.642b46e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-driver-manila-rhel8-operator:v4.8.0-202106291913.p0.git.7e86252.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-driver-manila-rhel8:v4.8.0-202106291913.p0.git.3579ead.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-driver-nfs-rhel8:v4.8.0-202106291913.p0.git.9404d34.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-attacher-rhel8:v4.8.0-202106291913.p0.git.596da63.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-attacher:v4.8.0-202106291913.p0.git.596da63.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-provisioner-rhel8:v4.8.0-202106291913.p0.git.3ea7e68.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-provisioner:v4.8.0-202106291913.p0.git.3ea7e68.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-resizer-rhel8:v4.8.0-202106291913.p0.git.b5dd2b3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-resizer:v4.8.0-202106291913.p0.git.b5dd2b3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-snapshotter-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-snapshotter:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-livenessprobe-rhel8:v4.8.0-202106291913.p0.git.a29b115.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-livenessprobe:v4.8.0-202106291913.p0.git.a29b115.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-node-driver-registrar-rhel8:v4.8.0-202106291913.p0.git.0519730.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-node-driver-registrar:v4.8.0-202106291913.p0.git.0519730.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-snapshot-controller-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-snapshot-controller:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-snapshot-validation-webhook-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-deployer:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-docker-builder:v4.8.0-202107152024.p0.git.70b7b95.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-docker-registry:v4.8.0-202106291913.p0.git.a87e6c5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-etcd:v4.8.0-202106152230.p0.git.aefa6bf.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-gcp-machine-controllers-rhel8:v4.8.0-202106291913.p0.git.34db56e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-gcp-pd-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.35ebe86.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-gcp-pd-csi-driver-rhel8:v4.8.0-202106291913.p0.git.0b61889.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-grafana:v4.8.0-202106291913.p0.git.b987e4b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-haproxy-router:v4.8.0-202106291913.p0.git.207d546.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-hyperkube:v4.8.0-202107161820.p0.git.051ac4f.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-insights-rhel8-operator:v4.8.0-202106291913.p0.git.2040a71.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-installer-artifacts:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-installer:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-hardware-inventory-recorder-rhel8:v4.8.0-202107191801.p0.git.61c4cc7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-inspector-rhel8:v4.8.0-202107191302.p0.git.9aafd07.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-ipa-downloader-rhel8:v4.8.0-202107152024.p0.git.ba87832.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-machine-os-downloader-rhel8:v4.8.0-202107152024.p0.git.71967e7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-rhel8:v4.8.0-202107191302.p0.git.227b76b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-static-ip-manager-rhel8:v4.8.0-202107152024.p0.git.d2e40e3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins-agent-base:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins-agent-maven:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins-agent-nodejs-12-rhel8:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-k8s-prometheus-adapter:v4.8.0-202106291913.p0.git.2856bc2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-keepalived-ipfailover:v4.8.0-202106152230.p0.git.ad38e11.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kube-proxy:v4.8.0-202106291913.p0.git.00d84a9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kube-state-metrics:v4.8.0-202106291913.p0.git.9471662.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kube-storage-version-migrator-rhel8:v4.8.0-202106291913.p0.git.901a6d2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kuryr-cni-rhel8:v4.8.0-202107191610.p0.git.8a4c2d8.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kuryr-controller-rhel8:v4.8.0-202107191610.p0.git.8a4c2d8.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-libvirt-machine-controllers:v4.8.0-202106291913.p0.git.1a48d4b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-machine-api-operator:v4.8.0-202107091016.p0.git.1155220.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-machine-config-operator:v4.8.0-202107011817.p0.git.29813c8.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-mdns-publisher-rhel8:v4.8.0-202106291913.p0.git.2c42cc4.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-admission-controller:v4.8.0-202106291913.p0.git.a7312f5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-cni:v4.8.0-202106291913.p0.git.0c97234.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-networkpolicy-rhel8:v4.8.0-202106291913.p0.git.187ad91.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-route-override-cni-rhel8:v4.8.0-202107152024.p0.git.1662c3e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-whereabouts-ipam-cni-rhel8:v4.8.0-202107152024.p0.git.9a05258.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-must-gather:v4.8.0-202106291913.p0.git.cc7e2a5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-network-metrics-daemon-rhel8:v4.8.0-202106291913.p0.git.f02c63a.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-oauth-apiserver-rhel8:v4.8.0-202106291913.p0.git.09435a5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-oauth-proxy:v4.8.0-202107152024.p0.git.3fc0d89.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-oauth-server-rhel8:v4.8.0-202106291913.p0.git.374e2ee.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openshift-apiserver-rhel8:v4.8.0-202106291913.p0.git.3949869.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openshift-controller-manager-rhel8:v4.8.0-202106291913.p0.git.2e25328.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openshift-state-metrics-rhel8:v4.8.0-202106291913.p0.git.1014291.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openstack-cinder-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.1184ace.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openstack-cinder-csi-driver-rhel8:v4.8.0-202106291913.p0.git.3579ead.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openstack-machine-controllers:v4.8.0-202106291913.p0.git.3024c78.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-operator-lifecycle-manager:v4.8.0-202107160028.p0.git.2b803dd.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-operator-marketplace:v4.8.0-202106291913.p0.git.e39ff59.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-operator-registry:v4.8.0-202107160028.p0.git.2b803dd.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ovirt-machine-controllers-rhel8:v4.8.0-202106291913.p0.git.86c1675.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ovn-kubernetes:v4.8.0-202106291913.p0.git.dbc67b5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-pod:v4.8.0-202107161820.p0.git.051ac4f.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prom-label-proxy:v4.8.0-202106291913.p0.git.2faeb40.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-alertmanager:v4.8.0-202106291913.p0.git.7b5ac87.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-config-reloader:v4.8.0-202106291913.p0.git.9d679a1.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-node-exporter:v4.8.0-202106291913.p0.git.c926449.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-operator:v4.8.0-202106291913.p0.git.9d679a1.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus:v4.8.0-202106291913.p0.git.f3beb88.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-sdn-rhel8:v4.8.0-202106291913.p0.git.00d84a9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-service-ca-operator:v4.8.0-202107131132.p0.git.bcc6df4.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-telemeter:v4.8.0-202106291913.p0.git.d6ceb8a.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-tests:v4.8.0-202107131424.p0.git.0d958c3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-tools-rhel8:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vmware-vsphere-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.edbdd69.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vmware-vsphere-csi-driver-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.edbdd69.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-csi-driver-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-csi-driver-syncer-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-problem-detector-rhel8:v4.8.0-202106291913.p0.git.bf6f4fa.assembly.stream", "8Base-RHOSE-4.8:openshift4/ovirt-csi-driver-rhel7:v4.8.0-202106291913.p0.git.b1d4ec3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ovirt-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.7b6cd3d.assembly.stream" ] }, "references": [ { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2021-22133", "url": "https://www.cve.org/CVERecord?id=CVE-2021-22133" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-22133", "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-22133" }, { "category": "external", "summary": "https://discuss.elastic.co/t/elastic-apm-agent-for-go-1-11-0-security-update/263252", "url": "https://discuss.elastic.co/t/elastic-apm-agent-for-go-1-11-0-security-update/263252" }, { "category": "external", "summary": "CVE-2021-22133", "url": "https://access.redhat.com/security/cve/CVE-2021-22133" }, { "category": "external", "summary": "bz#1942553: CVE-2021-22133 go.elastic.co/apm: leaks sensitive HTTP headers during panic", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1942553" } ], "release_date": "2021-02-04T00:00:00Z", "remediations": [ { "category": "vendor_fix", "details": "For OpenShift Container Platform 4.8 see the following documentation, which\nwill be updated shortly for this release, for important instructions on how\nto upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.8/release_notes/ocp-4-8-release-notes.html\n\nDetails on how to access this content are available at\nhttps://docs.openshift.com/container-platform/4.8/updating/updating-cluster-cli.html", "product_ids": [ "8Base-RHOSE-4.8:openshift4/ose-thanos-rhel8:v4.8.0-202106291913.p0.git.c358e96.assembly.stream" ], "url": "https://access.redhat.com/errata/RHSA-2021:2438" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "NONE", "baseScore": 2.4, "baseSeverity": "LOW", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N", "version": "3.1" }, "products": [ "8Base-RHOSE-4.8:openshift4/ose-thanos-rhel8:v4.8.0-202106291913.p0.git.c358e96.assembly.stream" ] } ], "threats": [ { "category": "impact", "date": "2021-03-24T00:00:00Z", "details": "Low" } ], "title": "CVE-2021-22133 go.elastic.co/apm: leaks sensitive HTTP headers during panic" }, { "cve": "CVE-2021-23337", "cwe": { "id": "CWE-78", "name": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)" }, "discovery_date": "2021-02-15T00:00:00Z", "flags": [ { "label": "component_not_present", "product_ids": [ "8Base-RHOSE-4.8:openshift4/driver-toolkit-rhel8:v4.8.0-202107210116.p0.git.37de0e6.assembly.stream", "8Base-RHOSE-4.8:openshift4/egress-router-cni-rhel8:v4.8.0-202106291913.p0.git.016bea1.assembly.stream", "8Base-RHOSE-4.8:openshift4/network-tools-rhel8:v4.8.0-202106291913.p0.git.5ac3739.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-ebs-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.d1fe616.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-ebs-csi-driver-rhel8:v4.8.0-202106291913.p0.git.8c036e4.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-machine-controllers:v4.8.0-202107131617.p0.git.4c66f3d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-pod-identity-webhook-rhel8:v4.8.0-202107081650.p0.git.2b8eee2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-azure-disk-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.d3a3c29.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-azure-disk-csi-driver-rhel8:v4.8.0-202106291913.p0.git.2d461b3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-azure-machine-controllers:v4.8.0-202106291913.p0.git.8301076.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-installer-rhel8:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-machine-controllers:v4.8.0-202106291913.p0.git.a60d493.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-rhel8-operator:v4.8.0-202106291913.p0.git.015024f.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-runtimecfg-rhel8:v4.8.0-202106291913.p0.git.c8b1456.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cli-artifacts:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cli:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cloud-credential-operator:v4.8.0-202106291913.p0.git.b8932e9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-authentication-operator:v4.8.0-202106302318.p0.git.0ec8dd7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-autoscaler-operator:v4.8.0-202106291913.p0.git.fdae5ba.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-autoscaler:v4.8.0-202107152024.p0.git.7bbde4c.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-baremetal-operator-rhel8:v4.8.0-202106291913.p0.git.04a2ae2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-bootstrap:v4.8.0-202106291913.p0.git.1af395b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-config-operator:v4.8.0-202106291913.p0.git.c102241.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator:v4.8.0-202106291913.p0.git.07b3f81.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-dns-operator:v4.8.0-202107010313.p0.git.fdb2ebe.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-etcd-rhel8-operator:v4.8.0-202106291913.p0.git.300bdf3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-image-registry-operator:v4.8.0-202106291913.p0.git.f09049a.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-ingress-operator:v4.8.0-202106291913.p0.git.e9e6295.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-apiserver-operator:v4.8.0-202106291913.p0.git.d928754.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-controller-manager-operator:v4.8.0-202107141920.p0.git.9dc35db.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-scheduler-operator:v4.8.0-202106291913.p0.git.170a5a6.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator:v4.8.0-202106291913.p0.git.c4f4f8b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-machine-approver:v4.8.0-202106291913.p0.git.724abd2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-monitoring-operator:v4.8.0-202107151437.p0.git.5cfe241.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-network-operator:v4.8.0-202106291913.p0.git.a5ebd1e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-node-tuning-operator:v4.8.0-202107091725.p0.git.6be3f67.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-openshift-apiserver-operator:v4.8.0-202106291913.p0.git.683d004.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-openshift-controller-manager-operator:v4.8.0-202106291913.p0.git.286c157.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-policy-controller-rhel8:v4.8.0-202106291913.p0.git.ec46ea5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-samples-operator:v4.8.0-202107152024.p0.git.31fb491.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-storage-operator:v4.8.0-202106291913.p0.git.0775fb6.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-update-keys:v4.8.0-202106152230.p0.git.87835b7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-version-operator:v4.8.0-202106291913.p0.git.ea6e779.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-configmap-reloader:v4.8.0-202106291913.p0.git.abc5c26.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-console-operator:v4.8.0-202106291913.p0.git.b5cf3e0.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-container-networking-plugins-rhel8:v4.8.0-202106291913.p0.git.a8801b0.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-coredns:v4.8.0-202106291913.p0.git.642b46e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-driver-manila-rhel8-operator:v4.8.0-202106291913.p0.git.7e86252.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-driver-manila-rhel8:v4.8.0-202106291913.p0.git.3579ead.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-driver-nfs-rhel8:v4.8.0-202106291913.p0.git.9404d34.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-attacher-rhel8:v4.8.0-202106291913.p0.git.596da63.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-attacher:v4.8.0-202106291913.p0.git.596da63.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-provisioner-rhel8:v4.8.0-202106291913.p0.git.3ea7e68.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-provisioner:v4.8.0-202106291913.p0.git.3ea7e68.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-resizer-rhel8:v4.8.0-202106291913.p0.git.b5dd2b3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-resizer:v4.8.0-202106291913.p0.git.b5dd2b3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-snapshotter-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-snapshotter:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-livenessprobe-rhel8:v4.8.0-202106291913.p0.git.a29b115.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-livenessprobe:v4.8.0-202106291913.p0.git.a29b115.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-node-driver-registrar-rhel8:v4.8.0-202106291913.p0.git.0519730.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-node-driver-registrar:v4.8.0-202106291913.p0.git.0519730.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-snapshot-controller-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-snapshot-controller:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-snapshot-validation-webhook-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-deployer:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-docker-builder:v4.8.0-202107152024.p0.git.70b7b95.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-docker-registry:v4.8.0-202106291913.p0.git.a87e6c5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-etcd:v4.8.0-202106152230.p0.git.aefa6bf.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-gcp-machine-controllers-rhel8:v4.8.0-202106291913.p0.git.34db56e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-gcp-pd-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.35ebe86.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-gcp-pd-csi-driver-rhel8:v4.8.0-202106291913.p0.git.0b61889.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-haproxy-router:v4.8.0-202106291913.p0.git.207d546.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-hyperkube:v4.8.0-202107161820.p0.git.051ac4f.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-insights-rhel8-operator:v4.8.0-202106291913.p0.git.2040a71.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-installer-artifacts:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-installer:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-hardware-inventory-recorder-rhel8:v4.8.0-202107191801.p0.git.61c4cc7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-inspector-rhel8:v4.8.0-202107191302.p0.git.9aafd07.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-ipa-downloader-rhel8:v4.8.0-202107152024.p0.git.ba87832.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-machine-os-downloader-rhel8:v4.8.0-202107152024.p0.git.71967e7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-rhel8:v4.8.0-202107191302.p0.git.227b76b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-static-ip-manager-rhel8:v4.8.0-202107152024.p0.git.d2e40e3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins-agent-base:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins-agent-maven:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins-agent-nodejs-12-rhel8:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-k8s-prometheus-adapter:v4.8.0-202106291913.p0.git.2856bc2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-keepalived-ipfailover:v4.8.0-202106152230.p0.git.ad38e11.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kube-proxy:v4.8.0-202106291913.p0.git.00d84a9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kube-state-metrics:v4.8.0-202106291913.p0.git.9471662.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kube-storage-version-migrator-rhel8:v4.8.0-202106291913.p0.git.901a6d2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kuryr-cni-rhel8:v4.8.0-202107191610.p0.git.8a4c2d8.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kuryr-controller-rhel8:v4.8.0-202107191610.p0.git.8a4c2d8.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-libvirt-machine-controllers:v4.8.0-202106291913.p0.git.1a48d4b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-machine-api-operator:v4.8.0-202107091016.p0.git.1155220.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-machine-config-operator:v4.8.0-202107011817.p0.git.29813c8.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-mdns-publisher-rhel8:v4.8.0-202106291913.p0.git.2c42cc4.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-admission-controller:v4.8.0-202106291913.p0.git.a7312f5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-cni:v4.8.0-202106291913.p0.git.0c97234.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-networkpolicy-rhel8:v4.8.0-202106291913.p0.git.187ad91.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-route-override-cni-rhel8:v4.8.0-202107152024.p0.git.1662c3e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-whereabouts-ipam-cni-rhel8:v4.8.0-202107152024.p0.git.9a05258.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-must-gather:v4.8.0-202106291913.p0.git.cc7e2a5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-network-metrics-daemon-rhel8:v4.8.0-202106291913.p0.git.f02c63a.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-oauth-apiserver-rhel8:v4.8.0-202106291913.p0.git.09435a5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-oauth-proxy:v4.8.0-202107152024.p0.git.3fc0d89.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-oauth-server-rhel8:v4.8.0-202106291913.p0.git.374e2ee.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openshift-apiserver-rhel8:v4.8.0-202106291913.p0.git.3949869.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openshift-controller-manager-rhel8:v4.8.0-202106291913.p0.git.2e25328.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openshift-state-metrics-rhel8:v4.8.0-202106291913.p0.git.1014291.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openstack-cinder-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.1184ace.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openstack-cinder-csi-driver-rhel8:v4.8.0-202106291913.p0.git.3579ead.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openstack-machine-controllers:v4.8.0-202106291913.p0.git.3024c78.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-operator-lifecycle-manager:v4.8.0-202107160028.p0.git.2b803dd.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-operator-marketplace:v4.8.0-202106291913.p0.git.e39ff59.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-operator-registry:v4.8.0-202107160028.p0.git.2b803dd.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ovirt-machine-controllers-rhel8:v4.8.0-202106291913.p0.git.86c1675.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ovn-kubernetes:v4.8.0-202106291913.p0.git.dbc67b5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-pod:v4.8.0-202107161820.p0.git.051ac4f.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prom-label-proxy:v4.8.0-202106291913.p0.git.2faeb40.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-alertmanager:v4.8.0-202106291913.p0.git.7b5ac87.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-config-reloader:v4.8.0-202106291913.p0.git.9d679a1.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-node-exporter:v4.8.0-202106291913.p0.git.c926449.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-operator:v4.8.0-202106291913.p0.git.9d679a1.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-sdn-rhel8:v4.8.0-202106291913.p0.git.00d84a9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-service-ca-operator:v4.8.0-202107131132.p0.git.bcc6df4.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-telemeter:v4.8.0-202106291913.p0.git.d6ceb8a.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-tests:v4.8.0-202107131424.p0.git.0d958c3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-tools-rhel8:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vmware-vsphere-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.edbdd69.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vmware-vsphere-csi-driver-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.edbdd69.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-csi-driver-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-csi-driver-syncer-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-problem-detector-rhel8:v4.8.0-202106291913.p0.git.bf6f4fa.assembly.stream", "8Base-RHOSE-4.8:openshift4/ovirt-csi-driver-rhel7:v4.8.0-202106291913.p0.git.b1d4ec3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ovirt-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.7b6cd3d.assembly.stream" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla", "text": "https://bugzilla.redhat.com/show_bug.cgi?id=1928937" } ], "notes": [ { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" }, { "category": "description", "text": "A flaw was found in nodejs-lodash. A command injection flaw is possible through template variables.", "title": "Vulnerability description" }, { "category": "summary", "text": "nodejs-lodash: command injection via template", "title": "Vulnerability summary" } ], "product_status": { "fixed": [ "8Base-RHOSE-4.8:openshift4/ose-console:v4.8.0-202107010336.p0.git.188a490.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-grafana:v4.8.0-202106291913.p0.git.b987e4b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus:v4.8.0-202106291913.p0.git.f3beb88.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-thanos-rhel8:v4.8.0-202106291913.p0.git.c358e96.assembly.stream" ], "known_not_affected": [ "8Base-RHOSE-4.8:openshift4/driver-toolkit-rhel8:v4.8.0-202107210116.p0.git.37de0e6.assembly.stream", "8Base-RHOSE-4.8:openshift4/egress-router-cni-rhel8:v4.8.0-202106291913.p0.git.016bea1.assembly.stream", "8Base-RHOSE-4.8:openshift4/network-tools-rhel8:v4.8.0-202106291913.p0.git.5ac3739.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-ebs-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.d1fe616.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-ebs-csi-driver-rhel8:v4.8.0-202106291913.p0.git.8c036e4.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-machine-controllers:v4.8.0-202107131617.p0.git.4c66f3d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-pod-identity-webhook-rhel8:v4.8.0-202107081650.p0.git.2b8eee2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-azure-disk-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.d3a3c29.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-azure-disk-csi-driver-rhel8:v4.8.0-202106291913.p0.git.2d461b3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-azure-machine-controllers:v4.8.0-202106291913.p0.git.8301076.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-installer-rhel8:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-machine-controllers:v4.8.0-202106291913.p0.git.a60d493.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-rhel8-operator:v4.8.0-202106291913.p0.git.015024f.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-runtimecfg-rhel8:v4.8.0-202106291913.p0.git.c8b1456.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cli-artifacts:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cli:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cloud-credential-operator:v4.8.0-202106291913.p0.git.b8932e9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-authentication-operator:v4.8.0-202106302318.p0.git.0ec8dd7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-autoscaler-operator:v4.8.0-202106291913.p0.git.fdae5ba.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-autoscaler:v4.8.0-202107152024.p0.git.7bbde4c.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-baremetal-operator-rhel8:v4.8.0-202106291913.p0.git.04a2ae2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-bootstrap:v4.8.0-202106291913.p0.git.1af395b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-config-operator:v4.8.0-202106291913.p0.git.c102241.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator:v4.8.0-202106291913.p0.git.07b3f81.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-dns-operator:v4.8.0-202107010313.p0.git.fdb2ebe.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-etcd-rhel8-operator:v4.8.0-202106291913.p0.git.300bdf3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-image-registry-operator:v4.8.0-202106291913.p0.git.f09049a.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-ingress-operator:v4.8.0-202106291913.p0.git.e9e6295.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-apiserver-operator:v4.8.0-202106291913.p0.git.d928754.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-controller-manager-operator:v4.8.0-202107141920.p0.git.9dc35db.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-scheduler-operator:v4.8.0-202106291913.p0.git.170a5a6.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator:v4.8.0-202106291913.p0.git.c4f4f8b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-machine-approver:v4.8.0-202106291913.p0.git.724abd2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-monitoring-operator:v4.8.0-202107151437.p0.git.5cfe241.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-network-operator:v4.8.0-202106291913.p0.git.a5ebd1e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-node-tuning-operator:v4.8.0-202107091725.p0.git.6be3f67.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-openshift-apiserver-operator:v4.8.0-202106291913.p0.git.683d004.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-openshift-controller-manager-operator:v4.8.0-202106291913.p0.git.286c157.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-policy-controller-rhel8:v4.8.0-202106291913.p0.git.ec46ea5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-samples-operator:v4.8.0-202107152024.p0.git.31fb491.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-storage-operator:v4.8.0-202106291913.p0.git.0775fb6.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-update-keys:v4.8.0-202106152230.p0.git.87835b7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-version-operator:v4.8.0-202106291913.p0.git.ea6e779.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-configmap-reloader:v4.8.0-202106291913.p0.git.abc5c26.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-console-operator:v4.8.0-202106291913.p0.git.b5cf3e0.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-container-networking-plugins-rhel8:v4.8.0-202106291913.p0.git.a8801b0.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-coredns:v4.8.0-202106291913.p0.git.642b46e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-driver-manila-rhel8-operator:v4.8.0-202106291913.p0.git.7e86252.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-driver-manila-rhel8:v4.8.0-202106291913.p0.git.3579ead.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-driver-nfs-rhel8:v4.8.0-202106291913.p0.git.9404d34.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-attacher-rhel8:v4.8.0-202106291913.p0.git.596da63.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-attacher:v4.8.0-202106291913.p0.git.596da63.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-provisioner-rhel8:v4.8.0-202106291913.p0.git.3ea7e68.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-provisioner:v4.8.0-202106291913.p0.git.3ea7e68.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-resizer-rhel8:v4.8.0-202106291913.p0.git.b5dd2b3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-resizer:v4.8.0-202106291913.p0.git.b5dd2b3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-snapshotter-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-snapshotter:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-livenessprobe-rhel8:v4.8.0-202106291913.p0.git.a29b115.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-livenessprobe:v4.8.0-202106291913.p0.git.a29b115.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-node-driver-registrar-rhel8:v4.8.0-202106291913.p0.git.0519730.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-node-driver-registrar:v4.8.0-202106291913.p0.git.0519730.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-snapshot-controller-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-snapshot-controller:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-snapshot-validation-webhook-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-deployer:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-docker-builder:v4.8.0-202107152024.p0.git.70b7b95.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-docker-registry:v4.8.0-202106291913.p0.git.a87e6c5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-etcd:v4.8.0-202106152230.p0.git.aefa6bf.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-gcp-machine-controllers-rhel8:v4.8.0-202106291913.p0.git.34db56e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-gcp-pd-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.35ebe86.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-gcp-pd-csi-driver-rhel8:v4.8.0-202106291913.p0.git.0b61889.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-haproxy-router:v4.8.0-202106291913.p0.git.207d546.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-hyperkube:v4.8.0-202107161820.p0.git.051ac4f.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-insights-rhel8-operator:v4.8.0-202106291913.p0.git.2040a71.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-installer-artifacts:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-installer:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-hardware-inventory-recorder-rhel8:v4.8.0-202107191801.p0.git.61c4cc7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-inspector-rhel8:v4.8.0-202107191302.p0.git.9aafd07.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-ipa-downloader-rhel8:v4.8.0-202107152024.p0.git.ba87832.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-machine-os-downloader-rhel8:v4.8.0-202107152024.p0.git.71967e7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-rhel8:v4.8.0-202107191302.p0.git.227b76b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-static-ip-manager-rhel8:v4.8.0-202107152024.p0.git.d2e40e3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins-agent-base:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins-agent-maven:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins-agent-nodejs-12-rhel8:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-k8s-prometheus-adapter:v4.8.0-202106291913.p0.git.2856bc2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-keepalived-ipfailover:v4.8.0-202106152230.p0.git.ad38e11.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kube-proxy:v4.8.0-202106291913.p0.git.00d84a9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kube-state-metrics:v4.8.0-202106291913.p0.git.9471662.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kube-storage-version-migrator-rhel8:v4.8.0-202106291913.p0.git.901a6d2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kuryr-cni-rhel8:v4.8.0-202107191610.p0.git.8a4c2d8.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kuryr-controller-rhel8:v4.8.0-202107191610.p0.git.8a4c2d8.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-libvirt-machine-controllers:v4.8.0-202106291913.p0.git.1a48d4b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-machine-api-operator:v4.8.0-202107091016.p0.git.1155220.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-machine-config-operator:v4.8.0-202107011817.p0.git.29813c8.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-mdns-publisher-rhel8:v4.8.0-202106291913.p0.git.2c42cc4.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-admission-controller:v4.8.0-202106291913.p0.git.a7312f5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-cni:v4.8.0-202106291913.p0.git.0c97234.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-networkpolicy-rhel8:v4.8.0-202106291913.p0.git.187ad91.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-route-override-cni-rhel8:v4.8.0-202107152024.p0.git.1662c3e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-whereabouts-ipam-cni-rhel8:v4.8.0-202107152024.p0.git.9a05258.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-must-gather:v4.8.0-202106291913.p0.git.cc7e2a5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-network-metrics-daemon-rhel8:v4.8.0-202106291913.p0.git.f02c63a.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-oauth-apiserver-rhel8:v4.8.0-202106291913.p0.git.09435a5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-oauth-proxy:v4.8.0-202107152024.p0.git.3fc0d89.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-oauth-server-rhel8:v4.8.0-202106291913.p0.git.374e2ee.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openshift-apiserver-rhel8:v4.8.0-202106291913.p0.git.3949869.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openshift-controller-manager-rhel8:v4.8.0-202106291913.p0.git.2e25328.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openshift-state-metrics-rhel8:v4.8.0-202106291913.p0.git.1014291.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openstack-cinder-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.1184ace.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openstack-cinder-csi-driver-rhel8:v4.8.0-202106291913.p0.git.3579ead.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openstack-machine-controllers:v4.8.0-202106291913.p0.git.3024c78.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-operator-lifecycle-manager:v4.8.0-202107160028.p0.git.2b803dd.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-operator-marketplace:v4.8.0-202106291913.p0.git.e39ff59.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-operator-registry:v4.8.0-202107160028.p0.git.2b803dd.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ovirt-machine-controllers-rhel8:v4.8.0-202106291913.p0.git.86c1675.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ovn-kubernetes:v4.8.0-202106291913.p0.git.dbc67b5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-pod:v4.8.0-202107161820.p0.git.051ac4f.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prom-label-proxy:v4.8.0-202106291913.p0.git.2faeb40.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-alertmanager:v4.8.0-202106291913.p0.git.7b5ac87.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-config-reloader:v4.8.0-202106291913.p0.git.9d679a1.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-node-exporter:v4.8.0-202106291913.p0.git.c926449.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-operator:v4.8.0-202106291913.p0.git.9d679a1.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-sdn-rhel8:v4.8.0-202106291913.p0.git.00d84a9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-service-ca-operator:v4.8.0-202107131132.p0.git.bcc6df4.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-telemeter:v4.8.0-202106291913.p0.git.d6ceb8a.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-tests:v4.8.0-202107131424.p0.git.0d958c3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-tools-rhel8:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vmware-vsphere-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.edbdd69.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vmware-vsphere-csi-driver-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.edbdd69.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-csi-driver-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-csi-driver-syncer-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-problem-detector-rhel8:v4.8.0-202106291913.p0.git.bf6f4fa.assembly.stream", "8Base-RHOSE-4.8:openshift4/ovirt-csi-driver-rhel7:v4.8.0-202106291913.p0.git.b1d4ec3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ovirt-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.7b6cd3d.assembly.stream" ] }, "references": [ { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2021-23337", "url": "https://www.cve.org/CVERecord?id=CVE-2021-23337" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-23337", "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-23337" }, { "category": "external", "summary": "https://snyk.io/vuln/SNYK-JS-LODASH-1040724", "url": "https://snyk.io/vuln/SNYK-JS-LODASH-1040724" }, { "category": "external", "summary": "CVE-2021-23337", "url": "https://access.redhat.com/security/cve/CVE-2021-23337" }, { "category": "external", "summary": "bz#1928937: CVE-2021-23337 nodejs-lodash: command injection via template", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1928937" } ], "release_date": "2021-02-15T00:00:00Z", "remediations": [ { "category": "vendor_fix", "details": "For OpenShift Container Platform 4.8 see the following documentation, which\nwill be updated shortly for this release, for important instructions on how\nto upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.8/release_notes/ocp-4-8-release-notes.html\n\nDetails on how to access this content are available at\nhttps://docs.openshift.com/container-platform/4.8/updating/updating-cluster-cli.html", "product_ids": [ "8Base-RHOSE-4.8:openshift4/ose-console:v4.8.0-202107010336.p0.git.188a490.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-grafana:v4.8.0-202106291913.p0.git.b987e4b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus:v4.8.0-202106291913.p0.git.f3beb88.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-thanos-rhel8:v4.8.0-202106291913.p0.git.c358e96.assembly.stream" ], "url": "https://access.redhat.com/errata/RHSA-2021:2438" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.2, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "8Base-RHOSE-4.8:openshift4/ose-console:v4.8.0-202107010336.p0.git.188a490.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-grafana:v4.8.0-202106291913.p0.git.b987e4b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus:v4.8.0-202106291913.p0.git.f3beb88.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-thanos-rhel8:v4.8.0-202106291913.p0.git.c358e96.assembly.stream" ] } ], "threats": [ { "category": "impact", "date": "2021-02-15T00:00:00Z", "details": "Moderate" } ], "title": "CVE-2021-23337 nodejs-lodash: command injection via template" }, { "cve": "CVE-2021-23362", "cwe": { "id": "CWE-400", "name": "Uncontrolled Resource Consumption" }, "discovery_date": "2021-03-25T00:00:00Z", "flags": [ { "label": "component_not_present", "product_ids": [ "8Base-RHOSE-4.8:openshift4/driver-toolkit-rhel8:v4.8.0-202107210116.p0.git.37de0e6.assembly.stream", "8Base-RHOSE-4.8:openshift4/egress-router-cni-rhel8:v4.8.0-202106291913.p0.git.016bea1.assembly.stream", "8Base-RHOSE-4.8:openshift4/network-tools-rhel8:v4.8.0-202106291913.p0.git.5ac3739.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-ebs-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.d1fe616.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-ebs-csi-driver-rhel8:v4.8.0-202106291913.p0.git.8c036e4.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-machine-controllers:v4.8.0-202107131617.p0.git.4c66f3d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-pod-identity-webhook-rhel8:v4.8.0-202107081650.p0.git.2b8eee2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-azure-disk-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.d3a3c29.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-azure-disk-csi-driver-rhel8:v4.8.0-202106291913.p0.git.2d461b3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-azure-machine-controllers:v4.8.0-202106291913.p0.git.8301076.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-installer-rhel8:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-machine-controllers:v4.8.0-202106291913.p0.git.a60d493.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-rhel8-operator:v4.8.0-202106291913.p0.git.015024f.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-runtimecfg-rhel8:v4.8.0-202106291913.p0.git.c8b1456.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cli-artifacts:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cli:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cloud-credential-operator:v4.8.0-202106291913.p0.git.b8932e9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-authentication-operator:v4.8.0-202106302318.p0.git.0ec8dd7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-autoscaler-operator:v4.8.0-202106291913.p0.git.fdae5ba.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-autoscaler:v4.8.0-202107152024.p0.git.7bbde4c.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-baremetal-operator-rhel8:v4.8.0-202106291913.p0.git.04a2ae2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-bootstrap:v4.8.0-202106291913.p0.git.1af395b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-config-operator:v4.8.0-202106291913.p0.git.c102241.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator:v4.8.0-202106291913.p0.git.07b3f81.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-dns-operator:v4.8.0-202107010313.p0.git.fdb2ebe.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-etcd-rhel8-operator:v4.8.0-202106291913.p0.git.300bdf3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-image-registry-operator:v4.8.0-202106291913.p0.git.f09049a.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-ingress-operator:v4.8.0-202106291913.p0.git.e9e6295.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-apiserver-operator:v4.8.0-202106291913.p0.git.d928754.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-controller-manager-operator:v4.8.0-202107141920.p0.git.9dc35db.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-scheduler-operator:v4.8.0-202106291913.p0.git.170a5a6.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator:v4.8.0-202106291913.p0.git.c4f4f8b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-machine-approver:v4.8.0-202106291913.p0.git.724abd2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-monitoring-operator:v4.8.0-202107151437.p0.git.5cfe241.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-network-operator:v4.8.0-202106291913.p0.git.a5ebd1e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-node-tuning-operator:v4.8.0-202107091725.p0.git.6be3f67.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-openshift-apiserver-operator:v4.8.0-202106291913.p0.git.683d004.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-openshift-controller-manager-operator:v4.8.0-202106291913.p0.git.286c157.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-policy-controller-rhel8:v4.8.0-202106291913.p0.git.ec46ea5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-samples-operator:v4.8.0-202107152024.p0.git.31fb491.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-storage-operator:v4.8.0-202106291913.p0.git.0775fb6.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-update-keys:v4.8.0-202106152230.p0.git.87835b7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-version-operator:v4.8.0-202106291913.p0.git.ea6e779.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-configmap-reloader:v4.8.0-202106291913.p0.git.abc5c26.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-console-operator:v4.8.0-202106291913.p0.git.b5cf3e0.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-container-networking-plugins-rhel8:v4.8.0-202106291913.p0.git.a8801b0.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-coredns:v4.8.0-202106291913.p0.git.642b46e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-driver-manila-rhel8-operator:v4.8.0-202106291913.p0.git.7e86252.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-driver-manila-rhel8:v4.8.0-202106291913.p0.git.3579ead.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-driver-nfs-rhel8:v4.8.0-202106291913.p0.git.9404d34.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-attacher-rhel8:v4.8.0-202106291913.p0.git.596da63.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-attacher:v4.8.0-202106291913.p0.git.596da63.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-provisioner-rhel8:v4.8.0-202106291913.p0.git.3ea7e68.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-provisioner:v4.8.0-202106291913.p0.git.3ea7e68.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-resizer-rhel8:v4.8.0-202106291913.p0.git.b5dd2b3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-resizer:v4.8.0-202106291913.p0.git.b5dd2b3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-snapshotter-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-snapshotter:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-livenessprobe-rhel8:v4.8.0-202106291913.p0.git.a29b115.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-livenessprobe:v4.8.0-202106291913.p0.git.a29b115.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-node-driver-registrar-rhel8:v4.8.0-202106291913.p0.git.0519730.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-node-driver-registrar:v4.8.0-202106291913.p0.git.0519730.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-snapshot-controller-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-snapshot-controller:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-snapshot-validation-webhook-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-deployer:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-docker-builder:v4.8.0-202107152024.p0.git.70b7b95.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-docker-registry:v4.8.0-202106291913.p0.git.a87e6c5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-etcd:v4.8.0-202106152230.p0.git.aefa6bf.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-gcp-machine-controllers-rhel8:v4.8.0-202106291913.p0.git.34db56e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-gcp-pd-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.35ebe86.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-gcp-pd-csi-driver-rhel8:v4.8.0-202106291913.p0.git.0b61889.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-grafana:v4.8.0-202106291913.p0.git.b987e4b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-haproxy-router:v4.8.0-202106291913.p0.git.207d546.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-hyperkube:v4.8.0-202107161820.p0.git.051ac4f.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-insights-rhel8-operator:v4.8.0-202106291913.p0.git.2040a71.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-installer-artifacts:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-installer:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-hardware-inventory-recorder-rhel8:v4.8.0-202107191801.p0.git.61c4cc7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-inspector-rhel8:v4.8.0-202107191302.p0.git.9aafd07.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-ipa-downloader-rhel8:v4.8.0-202107152024.p0.git.ba87832.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-machine-os-downloader-rhel8:v4.8.0-202107152024.p0.git.71967e7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-rhel8:v4.8.0-202107191302.p0.git.227b76b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-static-ip-manager-rhel8:v4.8.0-202107152024.p0.git.d2e40e3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins-agent-base:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins-agent-maven:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins-agent-nodejs-12-rhel8:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-k8s-prometheus-adapter:v4.8.0-202106291913.p0.git.2856bc2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-keepalived-ipfailover:v4.8.0-202106152230.p0.git.ad38e11.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kube-proxy:v4.8.0-202106291913.p0.git.00d84a9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kube-state-metrics:v4.8.0-202106291913.p0.git.9471662.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kube-storage-version-migrator-rhel8:v4.8.0-202106291913.p0.git.901a6d2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kuryr-cni-rhel8:v4.8.0-202107191610.p0.git.8a4c2d8.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kuryr-controller-rhel8:v4.8.0-202107191610.p0.git.8a4c2d8.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-libvirt-machine-controllers:v4.8.0-202106291913.p0.git.1a48d4b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-machine-api-operator:v4.8.0-202107091016.p0.git.1155220.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-machine-config-operator:v4.8.0-202107011817.p0.git.29813c8.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-mdns-publisher-rhel8:v4.8.0-202106291913.p0.git.2c42cc4.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-admission-controller:v4.8.0-202106291913.p0.git.a7312f5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-cni:v4.8.0-202106291913.p0.git.0c97234.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-networkpolicy-rhel8:v4.8.0-202106291913.p0.git.187ad91.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-route-override-cni-rhel8:v4.8.0-202107152024.p0.git.1662c3e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-whereabouts-ipam-cni-rhel8:v4.8.0-202107152024.p0.git.9a05258.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-must-gather:v4.8.0-202106291913.p0.git.cc7e2a5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-network-metrics-daemon-rhel8:v4.8.0-202106291913.p0.git.f02c63a.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-oauth-apiserver-rhel8:v4.8.0-202106291913.p0.git.09435a5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-oauth-proxy:v4.8.0-202107152024.p0.git.3fc0d89.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-oauth-server-rhel8:v4.8.0-202106291913.p0.git.374e2ee.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openshift-apiserver-rhel8:v4.8.0-202106291913.p0.git.3949869.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openshift-controller-manager-rhel8:v4.8.0-202106291913.p0.git.2e25328.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openshift-state-metrics-rhel8:v4.8.0-202106291913.p0.git.1014291.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openstack-cinder-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.1184ace.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openstack-cinder-csi-driver-rhel8:v4.8.0-202106291913.p0.git.3579ead.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openstack-machine-controllers:v4.8.0-202106291913.p0.git.3024c78.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-operator-lifecycle-manager:v4.8.0-202107160028.p0.git.2b803dd.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-operator-marketplace:v4.8.0-202106291913.p0.git.e39ff59.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-operator-registry:v4.8.0-202107160028.p0.git.2b803dd.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ovirt-machine-controllers-rhel8:v4.8.0-202106291913.p0.git.86c1675.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ovn-kubernetes:v4.8.0-202106291913.p0.git.dbc67b5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-pod:v4.8.0-202107161820.p0.git.051ac4f.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prom-label-proxy:v4.8.0-202106291913.p0.git.2faeb40.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-alertmanager:v4.8.0-202106291913.p0.git.7b5ac87.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-config-reloader:v4.8.0-202106291913.p0.git.9d679a1.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-node-exporter:v4.8.0-202106291913.p0.git.c926449.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-operator:v4.8.0-202106291913.p0.git.9d679a1.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus:v4.8.0-202106291913.p0.git.f3beb88.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-sdn-rhel8:v4.8.0-202106291913.p0.git.00d84a9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-service-ca-operator:v4.8.0-202107131132.p0.git.bcc6df4.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-telemeter:v4.8.0-202106291913.p0.git.d6ceb8a.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-tests:v4.8.0-202107131424.p0.git.0d958c3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-thanos-rhel8:v4.8.0-202106291913.p0.git.c358e96.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-tools-rhel8:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vmware-vsphere-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.edbdd69.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vmware-vsphere-csi-driver-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.edbdd69.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-csi-driver-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-csi-driver-syncer-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-problem-detector-rhel8:v4.8.0-202106291913.p0.git.bf6f4fa.assembly.stream", "8Base-RHOSE-4.8:openshift4/ovirt-csi-driver-rhel7:v4.8.0-202106291913.p0.git.b1d4ec3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ovirt-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.7b6cd3d.assembly.stream" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla", "text": "https://bugzilla.redhat.com/show_bug.cgi?id=1943208" } ], "notes": [ { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" }, { "category": "description", "text": "A regular expression denial of service vulnerability was found in hosted-git-info. If an application allows user input into the affected regular expression (regexp) function, `shortcutMatch` or `fromUrl`, then an attacker could craft a regexp which takes an ever increasing amount of time to process, potentially resulting in a denial of service.", "title": "Vulnerability description" }, { "category": "summary", "text": "nodejs-hosted-git-info: Regular Expression denial of service via shortcutMatch in fromUrl()", "title": "Vulnerability summary" } ], "product_status": { "fixed": [ "8Base-RHOSE-4.8:openshift4/ose-console:v4.8.0-202107010336.p0.git.188a490.assembly.stream" ], "known_not_affected": [ "8Base-RHOSE-4.8:openshift4/driver-toolkit-rhel8:v4.8.0-202107210116.p0.git.37de0e6.assembly.stream", "8Base-RHOSE-4.8:openshift4/egress-router-cni-rhel8:v4.8.0-202106291913.p0.git.016bea1.assembly.stream", "8Base-RHOSE-4.8:openshift4/network-tools-rhel8:v4.8.0-202106291913.p0.git.5ac3739.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-ebs-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.d1fe616.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-ebs-csi-driver-rhel8:v4.8.0-202106291913.p0.git.8c036e4.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-machine-controllers:v4.8.0-202107131617.p0.git.4c66f3d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-pod-identity-webhook-rhel8:v4.8.0-202107081650.p0.git.2b8eee2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-azure-disk-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.d3a3c29.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-azure-disk-csi-driver-rhel8:v4.8.0-202106291913.p0.git.2d461b3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-azure-machine-controllers:v4.8.0-202106291913.p0.git.8301076.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-installer-rhel8:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-machine-controllers:v4.8.0-202106291913.p0.git.a60d493.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-rhel8-operator:v4.8.0-202106291913.p0.git.015024f.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-runtimecfg-rhel8:v4.8.0-202106291913.p0.git.c8b1456.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cli-artifacts:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cli:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cloud-credential-operator:v4.8.0-202106291913.p0.git.b8932e9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-authentication-operator:v4.8.0-202106302318.p0.git.0ec8dd7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-autoscaler-operator:v4.8.0-202106291913.p0.git.fdae5ba.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-autoscaler:v4.8.0-202107152024.p0.git.7bbde4c.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-baremetal-operator-rhel8:v4.8.0-202106291913.p0.git.04a2ae2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-bootstrap:v4.8.0-202106291913.p0.git.1af395b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-config-operator:v4.8.0-202106291913.p0.git.c102241.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator:v4.8.0-202106291913.p0.git.07b3f81.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-dns-operator:v4.8.0-202107010313.p0.git.fdb2ebe.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-etcd-rhel8-operator:v4.8.0-202106291913.p0.git.300bdf3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-image-registry-operator:v4.8.0-202106291913.p0.git.f09049a.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-ingress-operator:v4.8.0-202106291913.p0.git.e9e6295.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-apiserver-operator:v4.8.0-202106291913.p0.git.d928754.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-controller-manager-operator:v4.8.0-202107141920.p0.git.9dc35db.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-scheduler-operator:v4.8.0-202106291913.p0.git.170a5a6.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator:v4.8.0-202106291913.p0.git.c4f4f8b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-machine-approver:v4.8.0-202106291913.p0.git.724abd2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-monitoring-operator:v4.8.0-202107151437.p0.git.5cfe241.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-network-operator:v4.8.0-202106291913.p0.git.a5ebd1e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-node-tuning-operator:v4.8.0-202107091725.p0.git.6be3f67.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-openshift-apiserver-operator:v4.8.0-202106291913.p0.git.683d004.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-openshift-controller-manager-operator:v4.8.0-202106291913.p0.git.286c157.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-policy-controller-rhel8:v4.8.0-202106291913.p0.git.ec46ea5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-samples-operator:v4.8.0-202107152024.p0.git.31fb491.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-storage-operator:v4.8.0-202106291913.p0.git.0775fb6.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-update-keys:v4.8.0-202106152230.p0.git.87835b7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-version-operator:v4.8.0-202106291913.p0.git.ea6e779.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-configmap-reloader:v4.8.0-202106291913.p0.git.abc5c26.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-console-operator:v4.8.0-202106291913.p0.git.b5cf3e0.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-container-networking-plugins-rhel8:v4.8.0-202106291913.p0.git.a8801b0.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-coredns:v4.8.0-202106291913.p0.git.642b46e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-driver-manila-rhel8-operator:v4.8.0-202106291913.p0.git.7e86252.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-driver-manila-rhel8:v4.8.0-202106291913.p0.git.3579ead.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-driver-nfs-rhel8:v4.8.0-202106291913.p0.git.9404d34.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-attacher-rhel8:v4.8.0-202106291913.p0.git.596da63.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-attacher:v4.8.0-202106291913.p0.git.596da63.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-provisioner-rhel8:v4.8.0-202106291913.p0.git.3ea7e68.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-provisioner:v4.8.0-202106291913.p0.git.3ea7e68.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-resizer-rhel8:v4.8.0-202106291913.p0.git.b5dd2b3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-resizer:v4.8.0-202106291913.p0.git.b5dd2b3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-snapshotter-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-snapshotter:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-livenessprobe-rhel8:v4.8.0-202106291913.p0.git.a29b115.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-livenessprobe:v4.8.0-202106291913.p0.git.a29b115.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-node-driver-registrar-rhel8:v4.8.0-202106291913.p0.git.0519730.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-node-driver-registrar:v4.8.0-202106291913.p0.git.0519730.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-snapshot-controller-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-snapshot-controller:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-snapshot-validation-webhook-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-deployer:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-docker-builder:v4.8.0-202107152024.p0.git.70b7b95.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-docker-registry:v4.8.0-202106291913.p0.git.a87e6c5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-etcd:v4.8.0-202106152230.p0.git.aefa6bf.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-gcp-machine-controllers-rhel8:v4.8.0-202106291913.p0.git.34db56e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-gcp-pd-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.35ebe86.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-gcp-pd-csi-driver-rhel8:v4.8.0-202106291913.p0.git.0b61889.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-grafana:v4.8.0-202106291913.p0.git.b987e4b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-haproxy-router:v4.8.0-202106291913.p0.git.207d546.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-hyperkube:v4.8.0-202107161820.p0.git.051ac4f.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-insights-rhel8-operator:v4.8.0-202106291913.p0.git.2040a71.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-installer-artifacts:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-installer:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-hardware-inventory-recorder-rhel8:v4.8.0-202107191801.p0.git.61c4cc7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-inspector-rhel8:v4.8.0-202107191302.p0.git.9aafd07.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-ipa-downloader-rhel8:v4.8.0-202107152024.p0.git.ba87832.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-machine-os-downloader-rhel8:v4.8.0-202107152024.p0.git.71967e7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-rhel8:v4.8.0-202107191302.p0.git.227b76b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-static-ip-manager-rhel8:v4.8.0-202107152024.p0.git.d2e40e3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins-agent-base:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins-agent-maven:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins-agent-nodejs-12-rhel8:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-k8s-prometheus-adapter:v4.8.0-202106291913.p0.git.2856bc2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-keepalived-ipfailover:v4.8.0-202106152230.p0.git.ad38e11.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kube-proxy:v4.8.0-202106291913.p0.git.00d84a9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kube-state-metrics:v4.8.0-202106291913.p0.git.9471662.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kube-storage-version-migrator-rhel8:v4.8.0-202106291913.p0.git.901a6d2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kuryr-cni-rhel8:v4.8.0-202107191610.p0.git.8a4c2d8.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kuryr-controller-rhel8:v4.8.0-202107191610.p0.git.8a4c2d8.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-libvirt-machine-controllers:v4.8.0-202106291913.p0.git.1a48d4b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-machine-api-operator:v4.8.0-202107091016.p0.git.1155220.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-machine-config-operator:v4.8.0-202107011817.p0.git.29813c8.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-mdns-publisher-rhel8:v4.8.0-202106291913.p0.git.2c42cc4.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-admission-controller:v4.8.0-202106291913.p0.git.a7312f5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-cni:v4.8.0-202106291913.p0.git.0c97234.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-networkpolicy-rhel8:v4.8.0-202106291913.p0.git.187ad91.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-route-override-cni-rhel8:v4.8.0-202107152024.p0.git.1662c3e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-whereabouts-ipam-cni-rhel8:v4.8.0-202107152024.p0.git.9a05258.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-must-gather:v4.8.0-202106291913.p0.git.cc7e2a5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-network-metrics-daemon-rhel8:v4.8.0-202106291913.p0.git.f02c63a.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-oauth-apiserver-rhel8:v4.8.0-202106291913.p0.git.09435a5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-oauth-proxy:v4.8.0-202107152024.p0.git.3fc0d89.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-oauth-server-rhel8:v4.8.0-202106291913.p0.git.374e2ee.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openshift-apiserver-rhel8:v4.8.0-202106291913.p0.git.3949869.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openshift-controller-manager-rhel8:v4.8.0-202106291913.p0.git.2e25328.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openshift-state-metrics-rhel8:v4.8.0-202106291913.p0.git.1014291.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openstack-cinder-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.1184ace.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openstack-cinder-csi-driver-rhel8:v4.8.0-202106291913.p0.git.3579ead.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openstack-machine-controllers:v4.8.0-202106291913.p0.git.3024c78.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-operator-lifecycle-manager:v4.8.0-202107160028.p0.git.2b803dd.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-operator-marketplace:v4.8.0-202106291913.p0.git.e39ff59.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-operator-registry:v4.8.0-202107160028.p0.git.2b803dd.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ovirt-machine-controllers-rhel8:v4.8.0-202106291913.p0.git.86c1675.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ovn-kubernetes:v4.8.0-202106291913.p0.git.dbc67b5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-pod:v4.8.0-202107161820.p0.git.051ac4f.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prom-label-proxy:v4.8.0-202106291913.p0.git.2faeb40.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-alertmanager:v4.8.0-202106291913.p0.git.7b5ac87.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-config-reloader:v4.8.0-202106291913.p0.git.9d679a1.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-node-exporter:v4.8.0-202106291913.p0.git.c926449.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-operator:v4.8.0-202106291913.p0.git.9d679a1.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus:v4.8.0-202106291913.p0.git.f3beb88.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-sdn-rhel8:v4.8.0-202106291913.p0.git.00d84a9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-service-ca-operator:v4.8.0-202107131132.p0.git.bcc6df4.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-telemeter:v4.8.0-202106291913.p0.git.d6ceb8a.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-tests:v4.8.0-202107131424.p0.git.0d958c3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-thanos-rhel8:v4.8.0-202106291913.p0.git.c358e96.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-tools-rhel8:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vmware-vsphere-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.edbdd69.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vmware-vsphere-csi-driver-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.edbdd69.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-csi-driver-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-csi-driver-syncer-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-problem-detector-rhel8:v4.8.0-202106291913.p0.git.bf6f4fa.assembly.stream", "8Base-RHOSE-4.8:openshift4/ovirt-csi-driver-rhel7:v4.8.0-202106291913.p0.git.b1d4ec3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ovirt-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.7b6cd3d.assembly.stream" ] }, "references": [ { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2021-23362", "url": "https://www.cve.org/CVERecord?id=CVE-2021-23362" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-23362", "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-23362" }, { "category": "external", "summary": "CVE-2021-23362", "url": "https://access.redhat.com/security/cve/CVE-2021-23362" }, { "category": "external", "summary": "bz#1943208: CVE-2021-23362 nodejs-hosted-git-info: Regular Expression denial of service via shortcutMatch in fromUrl()", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1943208" } ], "release_date": "2021-03-23T00:00:00Z", "remediations": [ { "category": "vendor_fix", "details": "For OpenShift Container Platform 4.8 see the following documentation, which\nwill be updated shortly for this release, for important instructions on how\nto upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.8/release_notes/ocp-4-8-release-notes.html\n\nDetails on how to access this content are available at\nhttps://docs.openshift.com/container-platform/4.8/updating/updating-cluster-cli.html", "product_ids": [ "8Base-RHOSE-4.8:openshift4/ose-console:v4.8.0-202107010336.p0.git.188a490.assembly.stream" ], "url": "https://access.redhat.com/errata/RHSA-2021:2438" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "version": "3.1" }, "products": [ "8Base-RHOSE-4.8:openshift4/ose-console:v4.8.0-202107010336.p0.git.188a490.assembly.stream" ] } ], "threats": [ { "category": "impact", "date": "2021-03-25T00:00:00Z", "details": "Moderate" } ], "title": "CVE-2021-23362 nodejs-hosted-git-info: Regular Expression denial of service via shortcutMatch in fromUrl()" }, { "cve": "CVE-2021-23368", "cwe": { "id": "CWE-400", "name": "Uncontrolled Resource Consumption" }, "discovery_date": "2021-04-12T00:00:00Z", "flags": [ { "label": "component_not_present", "product_ids": [ "8Base-RHOSE-4.8:openshift4/driver-toolkit-rhel8:v4.8.0-202107210116.p0.git.37de0e6.assembly.stream", "8Base-RHOSE-4.8:openshift4/egress-router-cni-rhel8:v4.8.0-202106291913.p0.git.016bea1.assembly.stream", "8Base-RHOSE-4.8:openshift4/network-tools-rhel8:v4.8.0-202106291913.p0.git.5ac3739.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-ebs-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.d1fe616.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-ebs-csi-driver-rhel8:v4.8.0-202106291913.p0.git.8c036e4.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-machine-controllers:v4.8.0-202107131617.p0.git.4c66f3d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-pod-identity-webhook-rhel8:v4.8.0-202107081650.p0.git.2b8eee2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-azure-disk-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.d3a3c29.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-azure-disk-csi-driver-rhel8:v4.8.0-202106291913.p0.git.2d461b3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-azure-machine-controllers:v4.8.0-202106291913.p0.git.8301076.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-installer-rhel8:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-machine-controllers:v4.8.0-202106291913.p0.git.a60d493.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-rhel8-operator:v4.8.0-202106291913.p0.git.015024f.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-runtimecfg-rhel8:v4.8.0-202106291913.p0.git.c8b1456.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cli-artifacts:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cli:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cloud-credential-operator:v4.8.0-202106291913.p0.git.b8932e9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-authentication-operator:v4.8.0-202106302318.p0.git.0ec8dd7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-autoscaler-operator:v4.8.0-202106291913.p0.git.fdae5ba.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-autoscaler:v4.8.0-202107152024.p0.git.7bbde4c.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-baremetal-operator-rhel8:v4.8.0-202106291913.p0.git.04a2ae2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-bootstrap:v4.8.0-202106291913.p0.git.1af395b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-config-operator:v4.8.0-202106291913.p0.git.c102241.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator:v4.8.0-202106291913.p0.git.07b3f81.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-dns-operator:v4.8.0-202107010313.p0.git.fdb2ebe.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-etcd-rhel8-operator:v4.8.0-202106291913.p0.git.300bdf3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-image-registry-operator:v4.8.0-202106291913.p0.git.f09049a.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-ingress-operator:v4.8.0-202106291913.p0.git.e9e6295.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-apiserver-operator:v4.8.0-202106291913.p0.git.d928754.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-controller-manager-operator:v4.8.0-202107141920.p0.git.9dc35db.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-scheduler-operator:v4.8.0-202106291913.p0.git.170a5a6.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator:v4.8.0-202106291913.p0.git.c4f4f8b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-machine-approver:v4.8.0-202106291913.p0.git.724abd2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-monitoring-operator:v4.8.0-202107151437.p0.git.5cfe241.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-network-operator:v4.8.0-202106291913.p0.git.a5ebd1e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-node-tuning-operator:v4.8.0-202107091725.p0.git.6be3f67.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-openshift-apiserver-operator:v4.8.0-202106291913.p0.git.683d004.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-openshift-controller-manager-operator:v4.8.0-202106291913.p0.git.286c157.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-policy-controller-rhel8:v4.8.0-202106291913.p0.git.ec46ea5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-samples-operator:v4.8.0-202107152024.p0.git.31fb491.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-storage-operator:v4.8.0-202106291913.p0.git.0775fb6.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-update-keys:v4.8.0-202106152230.p0.git.87835b7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-version-operator:v4.8.0-202106291913.p0.git.ea6e779.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-configmap-reloader:v4.8.0-202106291913.p0.git.abc5c26.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-console-operator:v4.8.0-202106291913.p0.git.b5cf3e0.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-container-networking-plugins-rhel8:v4.8.0-202106291913.p0.git.a8801b0.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-coredns:v4.8.0-202106291913.p0.git.642b46e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-driver-manila-rhel8-operator:v4.8.0-202106291913.p0.git.7e86252.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-driver-manila-rhel8:v4.8.0-202106291913.p0.git.3579ead.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-driver-nfs-rhel8:v4.8.0-202106291913.p0.git.9404d34.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-attacher-rhel8:v4.8.0-202106291913.p0.git.596da63.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-attacher:v4.8.0-202106291913.p0.git.596da63.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-provisioner-rhel8:v4.8.0-202106291913.p0.git.3ea7e68.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-provisioner:v4.8.0-202106291913.p0.git.3ea7e68.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-resizer-rhel8:v4.8.0-202106291913.p0.git.b5dd2b3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-resizer:v4.8.0-202106291913.p0.git.b5dd2b3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-snapshotter-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-snapshotter:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-livenessprobe-rhel8:v4.8.0-202106291913.p0.git.a29b115.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-livenessprobe:v4.8.0-202106291913.p0.git.a29b115.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-node-driver-registrar-rhel8:v4.8.0-202106291913.p0.git.0519730.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-node-driver-registrar:v4.8.0-202106291913.p0.git.0519730.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-snapshot-controller-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-snapshot-controller:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-snapshot-validation-webhook-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-deployer:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-docker-builder:v4.8.0-202107152024.p0.git.70b7b95.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-docker-registry:v4.8.0-202106291913.p0.git.a87e6c5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-etcd:v4.8.0-202106152230.p0.git.aefa6bf.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-gcp-machine-controllers-rhel8:v4.8.0-202106291913.p0.git.34db56e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-gcp-pd-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.35ebe86.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-gcp-pd-csi-driver-rhel8:v4.8.0-202106291913.p0.git.0b61889.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-grafana:v4.8.0-202106291913.p0.git.b987e4b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-haproxy-router:v4.8.0-202106291913.p0.git.207d546.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-hyperkube:v4.8.0-202107161820.p0.git.051ac4f.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-insights-rhel8-operator:v4.8.0-202106291913.p0.git.2040a71.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-installer-artifacts:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-installer:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-hardware-inventory-recorder-rhel8:v4.8.0-202107191801.p0.git.61c4cc7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-inspector-rhel8:v4.8.0-202107191302.p0.git.9aafd07.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-ipa-downloader-rhel8:v4.8.0-202107152024.p0.git.ba87832.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-machine-os-downloader-rhel8:v4.8.0-202107152024.p0.git.71967e7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-rhel8:v4.8.0-202107191302.p0.git.227b76b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-static-ip-manager-rhel8:v4.8.0-202107152024.p0.git.d2e40e3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins-agent-base:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins-agent-maven:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins-agent-nodejs-12-rhel8:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-k8s-prometheus-adapter:v4.8.0-202106291913.p0.git.2856bc2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-keepalived-ipfailover:v4.8.0-202106152230.p0.git.ad38e11.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kube-proxy:v4.8.0-202106291913.p0.git.00d84a9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kube-state-metrics:v4.8.0-202106291913.p0.git.9471662.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kube-storage-version-migrator-rhel8:v4.8.0-202106291913.p0.git.901a6d2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kuryr-cni-rhel8:v4.8.0-202107191610.p0.git.8a4c2d8.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kuryr-controller-rhel8:v4.8.0-202107191610.p0.git.8a4c2d8.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-libvirt-machine-controllers:v4.8.0-202106291913.p0.git.1a48d4b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-machine-api-operator:v4.8.0-202107091016.p0.git.1155220.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-machine-config-operator:v4.8.0-202107011817.p0.git.29813c8.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-mdns-publisher-rhel8:v4.8.0-202106291913.p0.git.2c42cc4.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-admission-controller:v4.8.0-202106291913.p0.git.a7312f5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-cni:v4.8.0-202106291913.p0.git.0c97234.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-networkpolicy-rhel8:v4.8.0-202106291913.p0.git.187ad91.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-route-override-cni-rhel8:v4.8.0-202107152024.p0.git.1662c3e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-whereabouts-ipam-cni-rhel8:v4.8.0-202107152024.p0.git.9a05258.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-must-gather:v4.8.0-202106291913.p0.git.cc7e2a5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-network-metrics-daemon-rhel8:v4.8.0-202106291913.p0.git.f02c63a.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-oauth-apiserver-rhel8:v4.8.0-202106291913.p0.git.09435a5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-oauth-proxy:v4.8.0-202107152024.p0.git.3fc0d89.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-oauth-server-rhel8:v4.8.0-202106291913.p0.git.374e2ee.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openshift-apiserver-rhel8:v4.8.0-202106291913.p0.git.3949869.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openshift-controller-manager-rhel8:v4.8.0-202106291913.p0.git.2e25328.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openshift-state-metrics-rhel8:v4.8.0-202106291913.p0.git.1014291.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openstack-cinder-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.1184ace.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openstack-cinder-csi-driver-rhel8:v4.8.0-202106291913.p0.git.3579ead.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openstack-machine-controllers:v4.8.0-202106291913.p0.git.3024c78.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-operator-lifecycle-manager:v4.8.0-202107160028.p0.git.2b803dd.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-operator-marketplace:v4.8.0-202106291913.p0.git.e39ff59.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-operator-registry:v4.8.0-202107160028.p0.git.2b803dd.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ovirt-machine-controllers-rhel8:v4.8.0-202106291913.p0.git.86c1675.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ovn-kubernetes:v4.8.0-202106291913.p0.git.dbc67b5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-pod:v4.8.0-202107161820.p0.git.051ac4f.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prom-label-proxy:v4.8.0-202106291913.p0.git.2faeb40.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-alertmanager:v4.8.0-202106291913.p0.git.7b5ac87.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-config-reloader:v4.8.0-202106291913.p0.git.9d679a1.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-node-exporter:v4.8.0-202106291913.p0.git.c926449.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-operator:v4.8.0-202106291913.p0.git.9d679a1.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus:v4.8.0-202106291913.p0.git.f3beb88.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-sdn-rhel8:v4.8.0-202106291913.p0.git.00d84a9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-service-ca-operator:v4.8.0-202107131132.p0.git.bcc6df4.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-telemeter:v4.8.0-202106291913.p0.git.d6ceb8a.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-tests:v4.8.0-202107131424.p0.git.0d958c3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-thanos-rhel8:v4.8.0-202106291913.p0.git.c358e96.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-tools-rhel8:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vmware-vsphere-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.edbdd69.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vmware-vsphere-csi-driver-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.edbdd69.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-csi-driver-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-csi-driver-syncer-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-problem-detector-rhel8:v4.8.0-202106291913.p0.git.bf6f4fa.assembly.stream", "8Base-RHOSE-4.8:openshift4/ovirt-csi-driver-rhel7:v4.8.0-202106291913.p0.git.b1d4ec3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ovirt-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.7b6cd3d.assembly.stream" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla", "text": "https://bugzilla.redhat.com/show_bug.cgi?id=1948763" } ], "notes": [ { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" }, { "category": "description", "text": "A regular expression denial of service (ReDoS) vulnerability was found in the npm library `postcss`. When parsing a supplied CSS string, if it contains an unexpected value then as the supplied CSS grows in length it will take an ever increasing amount of time to process. An attacker can use this vulnerability to potentially craft a malicious a long CSS value to process resulting in a denial of service.", "title": "Vulnerability description" }, { "category": "summary", "text": "nodejs-postcss: Regular expression denial of service during source map parsing", "title": "Vulnerability summary" } ], "product_status": { "fixed": [ "8Base-RHOSE-4.8:openshift4/ose-console:v4.8.0-202107010336.p0.git.188a490.assembly.stream" ], "known_not_affected": [ "8Base-RHOSE-4.8:openshift4/driver-toolkit-rhel8:v4.8.0-202107210116.p0.git.37de0e6.assembly.stream", "8Base-RHOSE-4.8:openshift4/egress-router-cni-rhel8:v4.8.0-202106291913.p0.git.016bea1.assembly.stream", "8Base-RHOSE-4.8:openshift4/network-tools-rhel8:v4.8.0-202106291913.p0.git.5ac3739.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-ebs-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.d1fe616.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-ebs-csi-driver-rhel8:v4.8.0-202106291913.p0.git.8c036e4.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-machine-controllers:v4.8.0-202107131617.p0.git.4c66f3d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-pod-identity-webhook-rhel8:v4.8.0-202107081650.p0.git.2b8eee2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-azure-disk-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.d3a3c29.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-azure-disk-csi-driver-rhel8:v4.8.0-202106291913.p0.git.2d461b3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-azure-machine-controllers:v4.8.0-202106291913.p0.git.8301076.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-installer-rhel8:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-machine-controllers:v4.8.0-202106291913.p0.git.a60d493.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-rhel8-operator:v4.8.0-202106291913.p0.git.015024f.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-runtimecfg-rhel8:v4.8.0-202106291913.p0.git.c8b1456.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cli-artifacts:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cli:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cloud-credential-operator:v4.8.0-202106291913.p0.git.b8932e9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-authentication-operator:v4.8.0-202106302318.p0.git.0ec8dd7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-autoscaler-operator:v4.8.0-202106291913.p0.git.fdae5ba.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-autoscaler:v4.8.0-202107152024.p0.git.7bbde4c.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-baremetal-operator-rhel8:v4.8.0-202106291913.p0.git.04a2ae2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-bootstrap:v4.8.0-202106291913.p0.git.1af395b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-config-operator:v4.8.0-202106291913.p0.git.c102241.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator:v4.8.0-202106291913.p0.git.07b3f81.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-dns-operator:v4.8.0-202107010313.p0.git.fdb2ebe.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-etcd-rhel8-operator:v4.8.0-202106291913.p0.git.300bdf3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-image-registry-operator:v4.8.0-202106291913.p0.git.f09049a.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-ingress-operator:v4.8.0-202106291913.p0.git.e9e6295.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-apiserver-operator:v4.8.0-202106291913.p0.git.d928754.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-controller-manager-operator:v4.8.0-202107141920.p0.git.9dc35db.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-scheduler-operator:v4.8.0-202106291913.p0.git.170a5a6.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator:v4.8.0-202106291913.p0.git.c4f4f8b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-machine-approver:v4.8.0-202106291913.p0.git.724abd2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-monitoring-operator:v4.8.0-202107151437.p0.git.5cfe241.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-network-operator:v4.8.0-202106291913.p0.git.a5ebd1e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-node-tuning-operator:v4.8.0-202107091725.p0.git.6be3f67.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-openshift-apiserver-operator:v4.8.0-202106291913.p0.git.683d004.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-openshift-controller-manager-operator:v4.8.0-202106291913.p0.git.286c157.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-policy-controller-rhel8:v4.8.0-202106291913.p0.git.ec46ea5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-samples-operator:v4.8.0-202107152024.p0.git.31fb491.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-storage-operator:v4.8.0-202106291913.p0.git.0775fb6.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-update-keys:v4.8.0-202106152230.p0.git.87835b7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-version-operator:v4.8.0-202106291913.p0.git.ea6e779.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-configmap-reloader:v4.8.0-202106291913.p0.git.abc5c26.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-console-operator:v4.8.0-202106291913.p0.git.b5cf3e0.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-container-networking-plugins-rhel8:v4.8.0-202106291913.p0.git.a8801b0.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-coredns:v4.8.0-202106291913.p0.git.642b46e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-driver-manila-rhel8-operator:v4.8.0-202106291913.p0.git.7e86252.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-driver-manila-rhel8:v4.8.0-202106291913.p0.git.3579ead.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-driver-nfs-rhel8:v4.8.0-202106291913.p0.git.9404d34.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-attacher-rhel8:v4.8.0-202106291913.p0.git.596da63.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-attacher:v4.8.0-202106291913.p0.git.596da63.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-provisioner-rhel8:v4.8.0-202106291913.p0.git.3ea7e68.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-provisioner:v4.8.0-202106291913.p0.git.3ea7e68.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-resizer-rhel8:v4.8.0-202106291913.p0.git.b5dd2b3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-resizer:v4.8.0-202106291913.p0.git.b5dd2b3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-snapshotter-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-snapshotter:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-livenessprobe-rhel8:v4.8.0-202106291913.p0.git.a29b115.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-livenessprobe:v4.8.0-202106291913.p0.git.a29b115.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-node-driver-registrar-rhel8:v4.8.0-202106291913.p0.git.0519730.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-node-driver-registrar:v4.8.0-202106291913.p0.git.0519730.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-snapshot-controller-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-snapshot-controller:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-snapshot-validation-webhook-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-deployer:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-docker-builder:v4.8.0-202107152024.p0.git.70b7b95.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-docker-registry:v4.8.0-202106291913.p0.git.a87e6c5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-etcd:v4.8.0-202106152230.p0.git.aefa6bf.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-gcp-machine-controllers-rhel8:v4.8.0-202106291913.p0.git.34db56e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-gcp-pd-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.35ebe86.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-gcp-pd-csi-driver-rhel8:v4.8.0-202106291913.p0.git.0b61889.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-grafana:v4.8.0-202106291913.p0.git.b987e4b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-haproxy-router:v4.8.0-202106291913.p0.git.207d546.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-hyperkube:v4.8.0-202107161820.p0.git.051ac4f.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-insights-rhel8-operator:v4.8.0-202106291913.p0.git.2040a71.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-installer-artifacts:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-installer:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-hardware-inventory-recorder-rhel8:v4.8.0-202107191801.p0.git.61c4cc7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-inspector-rhel8:v4.8.0-202107191302.p0.git.9aafd07.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-ipa-downloader-rhel8:v4.8.0-202107152024.p0.git.ba87832.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-machine-os-downloader-rhel8:v4.8.0-202107152024.p0.git.71967e7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-rhel8:v4.8.0-202107191302.p0.git.227b76b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-static-ip-manager-rhel8:v4.8.0-202107152024.p0.git.d2e40e3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins-agent-base:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins-agent-maven:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins-agent-nodejs-12-rhel8:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-k8s-prometheus-adapter:v4.8.0-202106291913.p0.git.2856bc2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-keepalived-ipfailover:v4.8.0-202106152230.p0.git.ad38e11.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kube-proxy:v4.8.0-202106291913.p0.git.00d84a9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kube-state-metrics:v4.8.0-202106291913.p0.git.9471662.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kube-storage-version-migrator-rhel8:v4.8.0-202106291913.p0.git.901a6d2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kuryr-cni-rhel8:v4.8.0-202107191610.p0.git.8a4c2d8.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kuryr-controller-rhel8:v4.8.0-202107191610.p0.git.8a4c2d8.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-libvirt-machine-controllers:v4.8.0-202106291913.p0.git.1a48d4b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-machine-api-operator:v4.8.0-202107091016.p0.git.1155220.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-machine-config-operator:v4.8.0-202107011817.p0.git.29813c8.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-mdns-publisher-rhel8:v4.8.0-202106291913.p0.git.2c42cc4.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-admission-controller:v4.8.0-202106291913.p0.git.a7312f5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-cni:v4.8.0-202106291913.p0.git.0c97234.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-networkpolicy-rhel8:v4.8.0-202106291913.p0.git.187ad91.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-route-override-cni-rhel8:v4.8.0-202107152024.p0.git.1662c3e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-whereabouts-ipam-cni-rhel8:v4.8.0-202107152024.p0.git.9a05258.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-must-gather:v4.8.0-202106291913.p0.git.cc7e2a5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-network-metrics-daemon-rhel8:v4.8.0-202106291913.p0.git.f02c63a.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-oauth-apiserver-rhel8:v4.8.0-202106291913.p0.git.09435a5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-oauth-proxy:v4.8.0-202107152024.p0.git.3fc0d89.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-oauth-server-rhel8:v4.8.0-202106291913.p0.git.374e2ee.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openshift-apiserver-rhel8:v4.8.0-202106291913.p0.git.3949869.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openshift-controller-manager-rhel8:v4.8.0-202106291913.p0.git.2e25328.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openshift-state-metrics-rhel8:v4.8.0-202106291913.p0.git.1014291.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openstack-cinder-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.1184ace.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openstack-cinder-csi-driver-rhel8:v4.8.0-202106291913.p0.git.3579ead.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openstack-machine-controllers:v4.8.0-202106291913.p0.git.3024c78.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-operator-lifecycle-manager:v4.8.0-202107160028.p0.git.2b803dd.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-operator-marketplace:v4.8.0-202106291913.p0.git.e39ff59.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-operator-registry:v4.8.0-202107160028.p0.git.2b803dd.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ovirt-machine-controllers-rhel8:v4.8.0-202106291913.p0.git.86c1675.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ovn-kubernetes:v4.8.0-202106291913.p0.git.dbc67b5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-pod:v4.8.0-202107161820.p0.git.051ac4f.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prom-label-proxy:v4.8.0-202106291913.p0.git.2faeb40.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-alertmanager:v4.8.0-202106291913.p0.git.7b5ac87.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-config-reloader:v4.8.0-202106291913.p0.git.9d679a1.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-node-exporter:v4.8.0-202106291913.p0.git.c926449.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-operator:v4.8.0-202106291913.p0.git.9d679a1.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus:v4.8.0-202106291913.p0.git.f3beb88.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-sdn-rhel8:v4.8.0-202106291913.p0.git.00d84a9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-service-ca-operator:v4.8.0-202107131132.p0.git.bcc6df4.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-telemeter:v4.8.0-202106291913.p0.git.d6ceb8a.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-tests:v4.8.0-202107131424.p0.git.0d958c3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-thanos-rhel8:v4.8.0-202106291913.p0.git.c358e96.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-tools-rhel8:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vmware-vsphere-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.edbdd69.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vmware-vsphere-csi-driver-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.edbdd69.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-csi-driver-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-csi-driver-syncer-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-problem-detector-rhel8:v4.8.0-202106291913.p0.git.bf6f4fa.assembly.stream", "8Base-RHOSE-4.8:openshift4/ovirt-csi-driver-rhel7:v4.8.0-202106291913.p0.git.b1d4ec3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ovirt-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.7b6cd3d.assembly.stream" ] }, "references": [ { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2021-23368", "url": "https://www.cve.org/CVERecord?id=CVE-2021-23368" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-23368", "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-23368" }, { "category": "external", "summary": "CVE-2021-23368", "url": "https://access.redhat.com/security/cve/CVE-2021-23368" }, { "category": "external", "summary": "bz#1948763: CVE-2021-23368 nodejs-postcss: Regular expression denial of service during source map parsing", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1948763" } ], "release_date": "2021-04-12T00:00:00Z", "remediations": [ { "category": "vendor_fix", "details": "For OpenShift Container Platform 4.8 see the following documentation, which\nwill be updated shortly for this release, for important instructions on how\nto upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.8/release_notes/ocp-4-8-release-notes.html\n\nDetails on how to access this content are available at\nhttps://docs.openshift.com/container-platform/4.8/updating/updating-cluster-cli.html", "product_ids": [ "8Base-RHOSE-4.8:openshift4/ose-console:v4.8.0-202107010336.p0.git.188a490.assembly.stream" ], "url": "https://access.redhat.com/errata/RHSA-2021:2438" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "version": "3.1" }, "products": [ "8Base-RHOSE-4.8:openshift4/ose-console:v4.8.0-202107010336.p0.git.188a490.assembly.stream" ] } ], "threats": [ { "category": "impact", "date": "2021-04-12T00:00:00Z", "details": "Moderate" } ], "title": "CVE-2021-23368 nodejs-postcss: Regular expression denial of service during source map parsing" }, { "cve": "CVE-2021-23382", "cwe": { "id": "CWE-400", "name": "Uncontrolled Resource Consumption" }, "discovery_date": "2021-04-26T00:00:00Z", "flags": [ { "label": "component_not_present", "product_ids": [ "8Base-RHOSE-4.8:openshift4/driver-toolkit-rhel8:v4.8.0-202107210116.p0.git.37de0e6.assembly.stream", "8Base-RHOSE-4.8:openshift4/egress-router-cni-rhel8:v4.8.0-202106291913.p0.git.016bea1.assembly.stream", "8Base-RHOSE-4.8:openshift4/network-tools-rhel8:v4.8.0-202106291913.p0.git.5ac3739.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-ebs-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.d1fe616.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-ebs-csi-driver-rhel8:v4.8.0-202106291913.p0.git.8c036e4.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-machine-controllers:v4.8.0-202107131617.p0.git.4c66f3d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-pod-identity-webhook-rhel8:v4.8.0-202107081650.p0.git.2b8eee2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-azure-disk-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.d3a3c29.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-azure-disk-csi-driver-rhel8:v4.8.0-202106291913.p0.git.2d461b3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-azure-machine-controllers:v4.8.0-202106291913.p0.git.8301076.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-installer-rhel8:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-machine-controllers:v4.8.0-202106291913.p0.git.a60d493.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-rhel8-operator:v4.8.0-202106291913.p0.git.015024f.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-runtimecfg-rhel8:v4.8.0-202106291913.p0.git.c8b1456.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cli-artifacts:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cli:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cloud-credential-operator:v4.8.0-202106291913.p0.git.b8932e9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-authentication-operator:v4.8.0-202106302318.p0.git.0ec8dd7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-autoscaler-operator:v4.8.0-202106291913.p0.git.fdae5ba.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-autoscaler:v4.8.0-202107152024.p0.git.7bbde4c.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-baremetal-operator-rhel8:v4.8.0-202106291913.p0.git.04a2ae2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-bootstrap:v4.8.0-202106291913.p0.git.1af395b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-config-operator:v4.8.0-202106291913.p0.git.c102241.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator:v4.8.0-202106291913.p0.git.07b3f81.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-dns-operator:v4.8.0-202107010313.p0.git.fdb2ebe.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-etcd-rhel8-operator:v4.8.0-202106291913.p0.git.300bdf3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-image-registry-operator:v4.8.0-202106291913.p0.git.f09049a.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-ingress-operator:v4.8.0-202106291913.p0.git.e9e6295.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-apiserver-operator:v4.8.0-202106291913.p0.git.d928754.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-controller-manager-operator:v4.8.0-202107141920.p0.git.9dc35db.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-scheduler-operator:v4.8.0-202106291913.p0.git.170a5a6.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator:v4.8.0-202106291913.p0.git.c4f4f8b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-machine-approver:v4.8.0-202106291913.p0.git.724abd2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-monitoring-operator:v4.8.0-202107151437.p0.git.5cfe241.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-network-operator:v4.8.0-202106291913.p0.git.a5ebd1e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-node-tuning-operator:v4.8.0-202107091725.p0.git.6be3f67.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-openshift-apiserver-operator:v4.8.0-202106291913.p0.git.683d004.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-openshift-controller-manager-operator:v4.8.0-202106291913.p0.git.286c157.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-policy-controller-rhel8:v4.8.0-202106291913.p0.git.ec46ea5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-samples-operator:v4.8.0-202107152024.p0.git.31fb491.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-storage-operator:v4.8.0-202106291913.p0.git.0775fb6.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-update-keys:v4.8.0-202106152230.p0.git.87835b7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-version-operator:v4.8.0-202106291913.p0.git.ea6e779.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-configmap-reloader:v4.8.0-202106291913.p0.git.abc5c26.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-console-operator:v4.8.0-202106291913.p0.git.b5cf3e0.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-container-networking-plugins-rhel8:v4.8.0-202106291913.p0.git.a8801b0.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-coredns:v4.8.0-202106291913.p0.git.642b46e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-driver-manila-rhel8-operator:v4.8.0-202106291913.p0.git.7e86252.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-driver-manila-rhel8:v4.8.0-202106291913.p0.git.3579ead.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-driver-nfs-rhel8:v4.8.0-202106291913.p0.git.9404d34.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-attacher-rhel8:v4.8.0-202106291913.p0.git.596da63.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-attacher:v4.8.0-202106291913.p0.git.596da63.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-provisioner-rhel8:v4.8.0-202106291913.p0.git.3ea7e68.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-provisioner:v4.8.0-202106291913.p0.git.3ea7e68.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-resizer-rhel8:v4.8.0-202106291913.p0.git.b5dd2b3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-resizer:v4.8.0-202106291913.p0.git.b5dd2b3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-snapshotter-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-snapshotter:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-livenessprobe-rhel8:v4.8.0-202106291913.p0.git.a29b115.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-livenessprobe:v4.8.0-202106291913.p0.git.a29b115.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-node-driver-registrar-rhel8:v4.8.0-202106291913.p0.git.0519730.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-node-driver-registrar:v4.8.0-202106291913.p0.git.0519730.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-snapshot-controller-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-snapshot-controller:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-snapshot-validation-webhook-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-deployer:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-docker-builder:v4.8.0-202107152024.p0.git.70b7b95.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-docker-registry:v4.8.0-202106291913.p0.git.a87e6c5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-etcd:v4.8.0-202106152230.p0.git.aefa6bf.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-gcp-machine-controllers-rhel8:v4.8.0-202106291913.p0.git.34db56e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-gcp-pd-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.35ebe86.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-gcp-pd-csi-driver-rhel8:v4.8.0-202106291913.p0.git.0b61889.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-grafana:v4.8.0-202106291913.p0.git.b987e4b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-haproxy-router:v4.8.0-202106291913.p0.git.207d546.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-hyperkube:v4.8.0-202107161820.p0.git.051ac4f.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-insights-rhel8-operator:v4.8.0-202106291913.p0.git.2040a71.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-installer-artifacts:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-installer:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-hardware-inventory-recorder-rhel8:v4.8.0-202107191801.p0.git.61c4cc7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-inspector-rhel8:v4.8.0-202107191302.p0.git.9aafd07.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-ipa-downloader-rhel8:v4.8.0-202107152024.p0.git.ba87832.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-machine-os-downloader-rhel8:v4.8.0-202107152024.p0.git.71967e7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-rhel8:v4.8.0-202107191302.p0.git.227b76b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-static-ip-manager-rhel8:v4.8.0-202107152024.p0.git.d2e40e3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins-agent-base:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins-agent-maven:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins-agent-nodejs-12-rhel8:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-k8s-prometheus-adapter:v4.8.0-202106291913.p0.git.2856bc2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-keepalived-ipfailover:v4.8.0-202106152230.p0.git.ad38e11.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kube-proxy:v4.8.0-202106291913.p0.git.00d84a9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kube-state-metrics:v4.8.0-202106291913.p0.git.9471662.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kube-storage-version-migrator-rhel8:v4.8.0-202106291913.p0.git.901a6d2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kuryr-cni-rhel8:v4.8.0-202107191610.p0.git.8a4c2d8.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kuryr-controller-rhel8:v4.8.0-202107191610.p0.git.8a4c2d8.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-libvirt-machine-controllers:v4.8.0-202106291913.p0.git.1a48d4b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-machine-api-operator:v4.8.0-202107091016.p0.git.1155220.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-machine-config-operator:v4.8.0-202107011817.p0.git.29813c8.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-mdns-publisher-rhel8:v4.8.0-202106291913.p0.git.2c42cc4.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-admission-controller:v4.8.0-202106291913.p0.git.a7312f5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-cni:v4.8.0-202106291913.p0.git.0c97234.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-networkpolicy-rhel8:v4.8.0-202106291913.p0.git.187ad91.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-route-override-cni-rhel8:v4.8.0-202107152024.p0.git.1662c3e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-whereabouts-ipam-cni-rhel8:v4.8.0-202107152024.p0.git.9a05258.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-must-gather:v4.8.0-202106291913.p0.git.cc7e2a5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-network-metrics-daemon-rhel8:v4.8.0-202106291913.p0.git.f02c63a.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-oauth-apiserver-rhel8:v4.8.0-202106291913.p0.git.09435a5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-oauth-proxy:v4.8.0-202107152024.p0.git.3fc0d89.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-oauth-server-rhel8:v4.8.0-202106291913.p0.git.374e2ee.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openshift-apiserver-rhel8:v4.8.0-202106291913.p0.git.3949869.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openshift-controller-manager-rhel8:v4.8.0-202106291913.p0.git.2e25328.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openshift-state-metrics-rhel8:v4.8.0-202106291913.p0.git.1014291.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openstack-cinder-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.1184ace.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openstack-cinder-csi-driver-rhel8:v4.8.0-202106291913.p0.git.3579ead.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openstack-machine-controllers:v4.8.0-202106291913.p0.git.3024c78.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-operator-lifecycle-manager:v4.8.0-202107160028.p0.git.2b803dd.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-operator-marketplace:v4.8.0-202106291913.p0.git.e39ff59.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-operator-registry:v4.8.0-202107160028.p0.git.2b803dd.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ovirt-machine-controllers-rhel8:v4.8.0-202106291913.p0.git.86c1675.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ovn-kubernetes:v4.8.0-202106291913.p0.git.dbc67b5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-pod:v4.8.0-202107161820.p0.git.051ac4f.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prom-label-proxy:v4.8.0-202106291913.p0.git.2faeb40.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-alertmanager:v4.8.0-202106291913.p0.git.7b5ac87.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-config-reloader:v4.8.0-202106291913.p0.git.9d679a1.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-node-exporter:v4.8.0-202106291913.p0.git.c926449.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-operator:v4.8.0-202106291913.p0.git.9d679a1.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus:v4.8.0-202106291913.p0.git.f3beb88.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-sdn-rhel8:v4.8.0-202106291913.p0.git.00d84a9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-service-ca-operator:v4.8.0-202107131132.p0.git.bcc6df4.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-telemeter:v4.8.0-202106291913.p0.git.d6ceb8a.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-tests:v4.8.0-202107131424.p0.git.0d958c3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-thanos-rhel8:v4.8.0-202106291913.p0.git.c358e96.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-tools-rhel8:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vmware-vsphere-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.edbdd69.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vmware-vsphere-csi-driver-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.edbdd69.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-csi-driver-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-csi-driver-syncer-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-problem-detector-rhel8:v4.8.0-202106291913.p0.git.bf6f4fa.assembly.stream", "8Base-RHOSE-4.8:openshift4/ovirt-csi-driver-rhel7:v4.8.0-202106291913.p0.git.b1d4ec3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ovirt-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.7b6cd3d.assembly.stream" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla", "text": "https://bugzilla.redhat.com/show_bug.cgi?id=1954150" } ], "notes": [ { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" }, { "category": "description", "text": "A regular expression denial of service (ReDoS) vulnerability was found in the npm library `postcss` when using getAnnotationURL() or loadAnnotation() options in lib/previous-map.js. An attacker can use this vulnerability to potentially craft a malicious CSS to process resulting in a denial of service.", "title": "Vulnerability description" }, { "category": "summary", "text": "nodejs-postcss: ReDoS via getAnnotationURL() and loadAnnotation() in lib/previous-map.js", "title": "Vulnerability summary" } ], "product_status": { "fixed": [ "8Base-RHOSE-4.8:openshift4/ose-console:v4.8.0-202107010336.p0.git.188a490.assembly.stream" ], "known_not_affected": [ "8Base-RHOSE-4.8:openshift4/driver-toolkit-rhel8:v4.8.0-202107210116.p0.git.37de0e6.assembly.stream", "8Base-RHOSE-4.8:openshift4/egress-router-cni-rhel8:v4.8.0-202106291913.p0.git.016bea1.assembly.stream", "8Base-RHOSE-4.8:openshift4/network-tools-rhel8:v4.8.0-202106291913.p0.git.5ac3739.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-ebs-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.d1fe616.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-ebs-csi-driver-rhel8:v4.8.0-202106291913.p0.git.8c036e4.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-machine-controllers:v4.8.0-202107131617.p0.git.4c66f3d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-pod-identity-webhook-rhel8:v4.8.0-202107081650.p0.git.2b8eee2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-azure-disk-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.d3a3c29.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-azure-disk-csi-driver-rhel8:v4.8.0-202106291913.p0.git.2d461b3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-azure-machine-controllers:v4.8.0-202106291913.p0.git.8301076.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-installer-rhel8:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-machine-controllers:v4.8.0-202106291913.p0.git.a60d493.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-rhel8-operator:v4.8.0-202106291913.p0.git.015024f.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-runtimecfg-rhel8:v4.8.0-202106291913.p0.git.c8b1456.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cli-artifacts:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cli:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cloud-credential-operator:v4.8.0-202106291913.p0.git.b8932e9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-authentication-operator:v4.8.0-202106302318.p0.git.0ec8dd7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-autoscaler-operator:v4.8.0-202106291913.p0.git.fdae5ba.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-autoscaler:v4.8.0-202107152024.p0.git.7bbde4c.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-baremetal-operator-rhel8:v4.8.0-202106291913.p0.git.04a2ae2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-bootstrap:v4.8.0-202106291913.p0.git.1af395b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-config-operator:v4.8.0-202106291913.p0.git.c102241.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator:v4.8.0-202106291913.p0.git.07b3f81.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-dns-operator:v4.8.0-202107010313.p0.git.fdb2ebe.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-etcd-rhel8-operator:v4.8.0-202106291913.p0.git.300bdf3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-image-registry-operator:v4.8.0-202106291913.p0.git.f09049a.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-ingress-operator:v4.8.0-202106291913.p0.git.e9e6295.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-apiserver-operator:v4.8.0-202106291913.p0.git.d928754.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-controller-manager-operator:v4.8.0-202107141920.p0.git.9dc35db.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-scheduler-operator:v4.8.0-202106291913.p0.git.170a5a6.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator:v4.8.0-202106291913.p0.git.c4f4f8b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-machine-approver:v4.8.0-202106291913.p0.git.724abd2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-monitoring-operator:v4.8.0-202107151437.p0.git.5cfe241.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-network-operator:v4.8.0-202106291913.p0.git.a5ebd1e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-node-tuning-operator:v4.8.0-202107091725.p0.git.6be3f67.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-openshift-apiserver-operator:v4.8.0-202106291913.p0.git.683d004.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-openshift-controller-manager-operator:v4.8.0-202106291913.p0.git.286c157.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-policy-controller-rhel8:v4.8.0-202106291913.p0.git.ec46ea5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-samples-operator:v4.8.0-202107152024.p0.git.31fb491.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-storage-operator:v4.8.0-202106291913.p0.git.0775fb6.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-update-keys:v4.8.0-202106152230.p0.git.87835b7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-version-operator:v4.8.0-202106291913.p0.git.ea6e779.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-configmap-reloader:v4.8.0-202106291913.p0.git.abc5c26.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-console-operator:v4.8.0-202106291913.p0.git.b5cf3e0.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-container-networking-plugins-rhel8:v4.8.0-202106291913.p0.git.a8801b0.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-coredns:v4.8.0-202106291913.p0.git.642b46e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-driver-manila-rhel8-operator:v4.8.0-202106291913.p0.git.7e86252.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-driver-manila-rhel8:v4.8.0-202106291913.p0.git.3579ead.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-driver-nfs-rhel8:v4.8.0-202106291913.p0.git.9404d34.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-attacher-rhel8:v4.8.0-202106291913.p0.git.596da63.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-attacher:v4.8.0-202106291913.p0.git.596da63.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-provisioner-rhel8:v4.8.0-202106291913.p0.git.3ea7e68.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-provisioner:v4.8.0-202106291913.p0.git.3ea7e68.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-resizer-rhel8:v4.8.0-202106291913.p0.git.b5dd2b3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-resizer:v4.8.0-202106291913.p0.git.b5dd2b3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-snapshotter-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-snapshotter:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-livenessprobe-rhel8:v4.8.0-202106291913.p0.git.a29b115.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-livenessprobe:v4.8.0-202106291913.p0.git.a29b115.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-node-driver-registrar-rhel8:v4.8.0-202106291913.p0.git.0519730.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-node-driver-registrar:v4.8.0-202106291913.p0.git.0519730.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-snapshot-controller-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-snapshot-controller:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-snapshot-validation-webhook-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-deployer:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-docker-builder:v4.8.0-202107152024.p0.git.70b7b95.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-docker-registry:v4.8.0-202106291913.p0.git.a87e6c5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-etcd:v4.8.0-202106152230.p0.git.aefa6bf.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-gcp-machine-controllers-rhel8:v4.8.0-202106291913.p0.git.34db56e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-gcp-pd-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.35ebe86.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-gcp-pd-csi-driver-rhel8:v4.8.0-202106291913.p0.git.0b61889.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-grafana:v4.8.0-202106291913.p0.git.b987e4b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-haproxy-router:v4.8.0-202106291913.p0.git.207d546.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-hyperkube:v4.8.0-202107161820.p0.git.051ac4f.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-insights-rhel8-operator:v4.8.0-202106291913.p0.git.2040a71.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-installer-artifacts:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-installer:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-hardware-inventory-recorder-rhel8:v4.8.0-202107191801.p0.git.61c4cc7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-inspector-rhel8:v4.8.0-202107191302.p0.git.9aafd07.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-ipa-downloader-rhel8:v4.8.0-202107152024.p0.git.ba87832.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-machine-os-downloader-rhel8:v4.8.0-202107152024.p0.git.71967e7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-rhel8:v4.8.0-202107191302.p0.git.227b76b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-static-ip-manager-rhel8:v4.8.0-202107152024.p0.git.d2e40e3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins-agent-base:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins-agent-maven:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins-agent-nodejs-12-rhel8:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-k8s-prometheus-adapter:v4.8.0-202106291913.p0.git.2856bc2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-keepalived-ipfailover:v4.8.0-202106152230.p0.git.ad38e11.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kube-proxy:v4.8.0-202106291913.p0.git.00d84a9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kube-state-metrics:v4.8.0-202106291913.p0.git.9471662.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kube-storage-version-migrator-rhel8:v4.8.0-202106291913.p0.git.901a6d2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kuryr-cni-rhel8:v4.8.0-202107191610.p0.git.8a4c2d8.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kuryr-controller-rhel8:v4.8.0-202107191610.p0.git.8a4c2d8.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-libvirt-machine-controllers:v4.8.0-202106291913.p0.git.1a48d4b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-machine-api-operator:v4.8.0-202107091016.p0.git.1155220.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-machine-config-operator:v4.8.0-202107011817.p0.git.29813c8.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-mdns-publisher-rhel8:v4.8.0-202106291913.p0.git.2c42cc4.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-admission-controller:v4.8.0-202106291913.p0.git.a7312f5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-cni:v4.8.0-202106291913.p0.git.0c97234.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-networkpolicy-rhel8:v4.8.0-202106291913.p0.git.187ad91.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-route-override-cni-rhel8:v4.8.0-202107152024.p0.git.1662c3e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-whereabouts-ipam-cni-rhel8:v4.8.0-202107152024.p0.git.9a05258.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-must-gather:v4.8.0-202106291913.p0.git.cc7e2a5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-network-metrics-daemon-rhel8:v4.8.0-202106291913.p0.git.f02c63a.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-oauth-apiserver-rhel8:v4.8.0-202106291913.p0.git.09435a5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-oauth-proxy:v4.8.0-202107152024.p0.git.3fc0d89.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-oauth-server-rhel8:v4.8.0-202106291913.p0.git.374e2ee.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openshift-apiserver-rhel8:v4.8.0-202106291913.p0.git.3949869.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openshift-controller-manager-rhel8:v4.8.0-202106291913.p0.git.2e25328.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openshift-state-metrics-rhel8:v4.8.0-202106291913.p0.git.1014291.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openstack-cinder-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.1184ace.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openstack-cinder-csi-driver-rhel8:v4.8.0-202106291913.p0.git.3579ead.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openstack-machine-controllers:v4.8.0-202106291913.p0.git.3024c78.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-operator-lifecycle-manager:v4.8.0-202107160028.p0.git.2b803dd.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-operator-marketplace:v4.8.0-202106291913.p0.git.e39ff59.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-operator-registry:v4.8.0-202107160028.p0.git.2b803dd.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ovirt-machine-controllers-rhel8:v4.8.0-202106291913.p0.git.86c1675.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ovn-kubernetes:v4.8.0-202106291913.p0.git.dbc67b5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-pod:v4.8.0-202107161820.p0.git.051ac4f.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prom-label-proxy:v4.8.0-202106291913.p0.git.2faeb40.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-alertmanager:v4.8.0-202106291913.p0.git.7b5ac87.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-config-reloader:v4.8.0-202106291913.p0.git.9d679a1.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-node-exporter:v4.8.0-202106291913.p0.git.c926449.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-operator:v4.8.0-202106291913.p0.git.9d679a1.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus:v4.8.0-202106291913.p0.git.f3beb88.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-sdn-rhel8:v4.8.0-202106291913.p0.git.00d84a9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-service-ca-operator:v4.8.0-202107131132.p0.git.bcc6df4.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-telemeter:v4.8.0-202106291913.p0.git.d6ceb8a.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-tests:v4.8.0-202107131424.p0.git.0d958c3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-thanos-rhel8:v4.8.0-202106291913.p0.git.c358e96.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-tools-rhel8:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vmware-vsphere-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.edbdd69.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vmware-vsphere-csi-driver-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.edbdd69.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-csi-driver-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-csi-driver-syncer-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-problem-detector-rhel8:v4.8.0-202106291913.p0.git.bf6f4fa.assembly.stream", "8Base-RHOSE-4.8:openshift4/ovirt-csi-driver-rhel7:v4.8.0-202106291913.p0.git.b1d4ec3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ovirt-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.7b6cd3d.assembly.stream" ] }, "references": [ { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2021-23382", "url": "https://www.cve.org/CVERecord?id=CVE-2021-23382" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-23382", "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-23382" }, { "category": "external", "summary": "https://snyk.io/vuln/SNYK-JS-POSTCSS-1255640", "url": "https://snyk.io/vuln/SNYK-JS-POSTCSS-1255640" }, { "category": "external", "summary": "CVE-2021-23382", "url": "https://access.redhat.com/security/cve/CVE-2021-23382" }, { "category": "external", "summary": "bz#1954150: CVE-2021-23382 nodejs-postcss: ReDoS via getAnnotationURL() and loadAnnotation() in lib/previous-map.js", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1954150" } ], "release_date": "2021-04-26T00:00:00Z", "remediations": [ { "category": "vendor_fix", "details": "For OpenShift Container Platform 4.8 see the following documentation, which\nwill be updated shortly for this release, for important instructions on how\nto upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.8/release_notes/ocp-4-8-release-notes.html\n\nDetails on how to access this content are available at\nhttps://docs.openshift.com/container-platform/4.8/updating/updating-cluster-cli.html", "product_ids": [ "8Base-RHOSE-4.8:openshift4/ose-console:v4.8.0-202107010336.p0.git.188a490.assembly.stream" ], "url": "https://access.redhat.com/errata/RHSA-2021:2438" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "version": "3.1" }, "products": [ "8Base-RHOSE-4.8:openshift4/ose-console:v4.8.0-202107010336.p0.git.188a490.assembly.stream" ] } ], "threats": [ { "category": "impact", "date": "2021-04-26T00:00:00Z", "details": "Moderate" } ], "title": "CVE-2021-23382 nodejs-postcss: ReDoS via getAnnotationURL() and loadAnnotation() in lib/previous-map.js" }, { "cve": "CVE-2021-26539", "cwe": { "id": "CWE-20", "name": "Improper Input Validation" }, "discovery_date": "2021-02-08T00:00:00Z", "flags": [ { "label": "component_not_present", "product_ids": [ "8Base-RHOSE-4.8:openshift4/driver-toolkit-rhel8:v4.8.0-202107210116.p0.git.37de0e6.assembly.stream", "8Base-RHOSE-4.8:openshift4/egress-router-cni-rhel8:v4.8.0-202106291913.p0.git.016bea1.assembly.stream", "8Base-RHOSE-4.8:openshift4/network-tools-rhel8:v4.8.0-202106291913.p0.git.5ac3739.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-ebs-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.d1fe616.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-ebs-csi-driver-rhel8:v4.8.0-202106291913.p0.git.8c036e4.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-machine-controllers:v4.8.0-202107131617.p0.git.4c66f3d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-pod-identity-webhook-rhel8:v4.8.0-202107081650.p0.git.2b8eee2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-azure-disk-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.d3a3c29.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-azure-disk-csi-driver-rhel8:v4.8.0-202106291913.p0.git.2d461b3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-azure-machine-controllers:v4.8.0-202106291913.p0.git.8301076.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-installer-rhel8:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-machine-controllers:v4.8.0-202106291913.p0.git.a60d493.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-rhel8-operator:v4.8.0-202106291913.p0.git.015024f.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-runtimecfg-rhel8:v4.8.0-202106291913.p0.git.c8b1456.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cli-artifacts:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cli:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cloud-credential-operator:v4.8.0-202106291913.p0.git.b8932e9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-authentication-operator:v4.8.0-202106302318.p0.git.0ec8dd7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-autoscaler-operator:v4.8.0-202106291913.p0.git.fdae5ba.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-autoscaler:v4.8.0-202107152024.p0.git.7bbde4c.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-baremetal-operator-rhel8:v4.8.0-202106291913.p0.git.04a2ae2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-bootstrap:v4.8.0-202106291913.p0.git.1af395b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-config-operator:v4.8.0-202106291913.p0.git.c102241.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator:v4.8.0-202106291913.p0.git.07b3f81.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-dns-operator:v4.8.0-202107010313.p0.git.fdb2ebe.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-etcd-rhel8-operator:v4.8.0-202106291913.p0.git.300bdf3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-image-registry-operator:v4.8.0-202106291913.p0.git.f09049a.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-ingress-operator:v4.8.0-202106291913.p0.git.e9e6295.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-apiserver-operator:v4.8.0-202106291913.p0.git.d928754.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-controller-manager-operator:v4.8.0-202107141920.p0.git.9dc35db.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-scheduler-operator:v4.8.0-202106291913.p0.git.170a5a6.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator:v4.8.0-202106291913.p0.git.c4f4f8b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-machine-approver:v4.8.0-202106291913.p0.git.724abd2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-monitoring-operator:v4.8.0-202107151437.p0.git.5cfe241.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-network-operator:v4.8.0-202106291913.p0.git.a5ebd1e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-node-tuning-operator:v4.8.0-202107091725.p0.git.6be3f67.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-openshift-apiserver-operator:v4.8.0-202106291913.p0.git.683d004.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-openshift-controller-manager-operator:v4.8.0-202106291913.p0.git.286c157.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-policy-controller-rhel8:v4.8.0-202106291913.p0.git.ec46ea5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-samples-operator:v4.8.0-202107152024.p0.git.31fb491.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-storage-operator:v4.8.0-202106291913.p0.git.0775fb6.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-update-keys:v4.8.0-202106152230.p0.git.87835b7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-version-operator:v4.8.0-202106291913.p0.git.ea6e779.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-configmap-reloader:v4.8.0-202106291913.p0.git.abc5c26.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-console-operator:v4.8.0-202106291913.p0.git.b5cf3e0.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-console:v4.8.0-202107010336.p0.git.188a490.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-container-networking-plugins-rhel8:v4.8.0-202106291913.p0.git.a8801b0.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-coredns:v4.8.0-202106291913.p0.git.642b46e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-driver-manila-rhel8-operator:v4.8.0-202106291913.p0.git.7e86252.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-driver-manila-rhel8:v4.8.0-202106291913.p0.git.3579ead.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-driver-nfs-rhel8:v4.8.0-202106291913.p0.git.9404d34.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-attacher-rhel8:v4.8.0-202106291913.p0.git.596da63.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-attacher:v4.8.0-202106291913.p0.git.596da63.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-provisioner-rhel8:v4.8.0-202106291913.p0.git.3ea7e68.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-provisioner:v4.8.0-202106291913.p0.git.3ea7e68.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-resizer-rhel8:v4.8.0-202106291913.p0.git.b5dd2b3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-resizer:v4.8.0-202106291913.p0.git.b5dd2b3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-snapshotter-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-snapshotter:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-livenessprobe-rhel8:v4.8.0-202106291913.p0.git.a29b115.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-livenessprobe:v4.8.0-202106291913.p0.git.a29b115.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-node-driver-registrar-rhel8:v4.8.0-202106291913.p0.git.0519730.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-node-driver-registrar:v4.8.0-202106291913.p0.git.0519730.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-snapshot-controller-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-snapshot-controller:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-snapshot-validation-webhook-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-deployer:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-docker-builder:v4.8.0-202107152024.p0.git.70b7b95.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-docker-registry:v4.8.0-202106291913.p0.git.a87e6c5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-etcd:v4.8.0-202106152230.p0.git.aefa6bf.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-gcp-machine-controllers-rhel8:v4.8.0-202106291913.p0.git.34db56e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-gcp-pd-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.35ebe86.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-gcp-pd-csi-driver-rhel8:v4.8.0-202106291913.p0.git.0b61889.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-grafana:v4.8.0-202106291913.p0.git.b987e4b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-haproxy-router:v4.8.0-202106291913.p0.git.207d546.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-hyperkube:v4.8.0-202107161820.p0.git.051ac4f.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-insights-rhel8-operator:v4.8.0-202106291913.p0.git.2040a71.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-installer-artifacts:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-installer:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-hardware-inventory-recorder-rhel8:v4.8.0-202107191801.p0.git.61c4cc7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-inspector-rhel8:v4.8.0-202107191302.p0.git.9aafd07.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-ipa-downloader-rhel8:v4.8.0-202107152024.p0.git.ba87832.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-machine-os-downloader-rhel8:v4.8.0-202107152024.p0.git.71967e7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-rhel8:v4.8.0-202107191302.p0.git.227b76b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-static-ip-manager-rhel8:v4.8.0-202107152024.p0.git.d2e40e3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins-agent-base:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins-agent-maven:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins-agent-nodejs-12-rhel8:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-k8s-prometheus-adapter:v4.8.0-202106291913.p0.git.2856bc2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-keepalived-ipfailover:v4.8.0-202106152230.p0.git.ad38e11.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kube-proxy:v4.8.0-202106291913.p0.git.00d84a9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kube-state-metrics:v4.8.0-202106291913.p0.git.9471662.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kube-storage-version-migrator-rhel8:v4.8.0-202106291913.p0.git.901a6d2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kuryr-cni-rhel8:v4.8.0-202107191610.p0.git.8a4c2d8.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kuryr-controller-rhel8:v4.8.0-202107191610.p0.git.8a4c2d8.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-libvirt-machine-controllers:v4.8.0-202106291913.p0.git.1a48d4b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-machine-api-operator:v4.8.0-202107091016.p0.git.1155220.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-machine-config-operator:v4.8.0-202107011817.p0.git.29813c8.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-mdns-publisher-rhel8:v4.8.0-202106291913.p0.git.2c42cc4.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-admission-controller:v4.8.0-202106291913.p0.git.a7312f5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-cni:v4.8.0-202106291913.p0.git.0c97234.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-networkpolicy-rhel8:v4.8.0-202106291913.p0.git.187ad91.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-route-override-cni-rhel8:v4.8.0-202107152024.p0.git.1662c3e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-whereabouts-ipam-cni-rhel8:v4.8.0-202107152024.p0.git.9a05258.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-must-gather:v4.8.0-202106291913.p0.git.cc7e2a5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-network-metrics-daemon-rhel8:v4.8.0-202106291913.p0.git.f02c63a.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-oauth-apiserver-rhel8:v4.8.0-202106291913.p0.git.09435a5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-oauth-proxy:v4.8.0-202107152024.p0.git.3fc0d89.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-oauth-server-rhel8:v4.8.0-202106291913.p0.git.374e2ee.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openshift-apiserver-rhel8:v4.8.0-202106291913.p0.git.3949869.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openshift-controller-manager-rhel8:v4.8.0-202106291913.p0.git.2e25328.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openshift-state-metrics-rhel8:v4.8.0-202106291913.p0.git.1014291.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openstack-cinder-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.1184ace.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openstack-cinder-csi-driver-rhel8:v4.8.0-202106291913.p0.git.3579ead.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openstack-machine-controllers:v4.8.0-202106291913.p0.git.3024c78.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-operator-lifecycle-manager:v4.8.0-202107160028.p0.git.2b803dd.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-operator-marketplace:v4.8.0-202106291913.p0.git.e39ff59.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-operator-registry:v4.8.0-202107160028.p0.git.2b803dd.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ovirt-machine-controllers-rhel8:v4.8.0-202106291913.p0.git.86c1675.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ovn-kubernetes:v4.8.0-202106291913.p0.git.dbc67b5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-pod:v4.8.0-202107161820.p0.git.051ac4f.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prom-label-proxy:v4.8.0-202106291913.p0.git.2faeb40.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-alertmanager:v4.8.0-202106291913.p0.git.7b5ac87.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-config-reloader:v4.8.0-202106291913.p0.git.9d679a1.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-node-exporter:v4.8.0-202106291913.p0.git.c926449.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-operator:v4.8.0-202106291913.p0.git.9d679a1.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus:v4.8.0-202106291913.p0.git.f3beb88.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-sdn-rhel8:v4.8.0-202106291913.p0.git.00d84a9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-service-ca-operator:v4.8.0-202107131132.p0.git.bcc6df4.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-telemeter:v4.8.0-202106291913.p0.git.d6ceb8a.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-tests:v4.8.0-202107131424.p0.git.0d958c3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-tools-rhel8:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vmware-vsphere-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.edbdd69.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vmware-vsphere-csi-driver-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.edbdd69.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-csi-driver-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-csi-driver-syncer-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-problem-detector-rhel8:v4.8.0-202106291913.p0.git.bf6f4fa.assembly.stream", "8Base-RHOSE-4.8:openshift4/ovirt-csi-driver-rhel7:v4.8.0-202106291913.p0.git.b1d4ec3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ovirt-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.7b6cd3d.assembly.stream" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla", "text": "https://bugzilla.redhat.com/show_bug.cgi?id=1932362" } ], "notes": [ { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" }, { "category": "description", "text": "Apostrophe Technologies sanitize-html before 2.3.1 does not properly handle internationalized domain name (IDN) which could allow an attacker to bypass hostname whitelist validation set by the \"allowedIframeHostnames\" option.", "title": "Vulnerability description" }, { "category": "summary", "text": "sanitize-html: improper handling of internationalized domain name (IDN) can lead to bypass hostname whitelist validation", "title": "Vulnerability summary" } ], "product_status": { "fixed": [ "8Base-RHOSE-4.8:openshift4/ose-thanos-rhel8:v4.8.0-202106291913.p0.git.c358e96.assembly.stream" ], "known_not_affected": [ "8Base-RHOSE-4.8:openshift4/driver-toolkit-rhel8:v4.8.0-202107210116.p0.git.37de0e6.assembly.stream", "8Base-RHOSE-4.8:openshift4/egress-router-cni-rhel8:v4.8.0-202106291913.p0.git.016bea1.assembly.stream", "8Base-RHOSE-4.8:openshift4/network-tools-rhel8:v4.8.0-202106291913.p0.git.5ac3739.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-ebs-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.d1fe616.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-ebs-csi-driver-rhel8:v4.8.0-202106291913.p0.git.8c036e4.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-machine-controllers:v4.8.0-202107131617.p0.git.4c66f3d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-pod-identity-webhook-rhel8:v4.8.0-202107081650.p0.git.2b8eee2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-azure-disk-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.d3a3c29.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-azure-disk-csi-driver-rhel8:v4.8.0-202106291913.p0.git.2d461b3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-azure-machine-controllers:v4.8.0-202106291913.p0.git.8301076.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-installer-rhel8:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-machine-controllers:v4.8.0-202106291913.p0.git.a60d493.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-rhel8-operator:v4.8.0-202106291913.p0.git.015024f.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-runtimecfg-rhel8:v4.8.0-202106291913.p0.git.c8b1456.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cli-artifacts:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cli:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cloud-credential-operator:v4.8.0-202106291913.p0.git.b8932e9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-authentication-operator:v4.8.0-202106302318.p0.git.0ec8dd7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-autoscaler-operator:v4.8.0-202106291913.p0.git.fdae5ba.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-autoscaler:v4.8.0-202107152024.p0.git.7bbde4c.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-baremetal-operator-rhel8:v4.8.0-202106291913.p0.git.04a2ae2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-bootstrap:v4.8.0-202106291913.p0.git.1af395b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-config-operator:v4.8.0-202106291913.p0.git.c102241.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator:v4.8.0-202106291913.p0.git.07b3f81.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-dns-operator:v4.8.0-202107010313.p0.git.fdb2ebe.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-etcd-rhel8-operator:v4.8.0-202106291913.p0.git.300bdf3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-image-registry-operator:v4.8.0-202106291913.p0.git.f09049a.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-ingress-operator:v4.8.0-202106291913.p0.git.e9e6295.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-apiserver-operator:v4.8.0-202106291913.p0.git.d928754.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-controller-manager-operator:v4.8.0-202107141920.p0.git.9dc35db.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-scheduler-operator:v4.8.0-202106291913.p0.git.170a5a6.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator:v4.8.0-202106291913.p0.git.c4f4f8b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-machine-approver:v4.8.0-202106291913.p0.git.724abd2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-monitoring-operator:v4.8.0-202107151437.p0.git.5cfe241.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-network-operator:v4.8.0-202106291913.p0.git.a5ebd1e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-node-tuning-operator:v4.8.0-202107091725.p0.git.6be3f67.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-openshift-apiserver-operator:v4.8.0-202106291913.p0.git.683d004.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-openshift-controller-manager-operator:v4.8.0-202106291913.p0.git.286c157.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-policy-controller-rhel8:v4.8.0-202106291913.p0.git.ec46ea5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-samples-operator:v4.8.0-202107152024.p0.git.31fb491.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-storage-operator:v4.8.0-202106291913.p0.git.0775fb6.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-update-keys:v4.8.0-202106152230.p0.git.87835b7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-version-operator:v4.8.0-202106291913.p0.git.ea6e779.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-configmap-reloader:v4.8.0-202106291913.p0.git.abc5c26.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-console-operator:v4.8.0-202106291913.p0.git.b5cf3e0.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-console:v4.8.0-202107010336.p0.git.188a490.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-container-networking-plugins-rhel8:v4.8.0-202106291913.p0.git.a8801b0.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-coredns:v4.8.0-202106291913.p0.git.642b46e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-driver-manila-rhel8-operator:v4.8.0-202106291913.p0.git.7e86252.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-driver-manila-rhel8:v4.8.0-202106291913.p0.git.3579ead.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-driver-nfs-rhel8:v4.8.0-202106291913.p0.git.9404d34.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-attacher-rhel8:v4.8.0-202106291913.p0.git.596da63.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-attacher:v4.8.0-202106291913.p0.git.596da63.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-provisioner-rhel8:v4.8.0-202106291913.p0.git.3ea7e68.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-provisioner:v4.8.0-202106291913.p0.git.3ea7e68.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-resizer-rhel8:v4.8.0-202106291913.p0.git.b5dd2b3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-resizer:v4.8.0-202106291913.p0.git.b5dd2b3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-snapshotter-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-snapshotter:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-livenessprobe-rhel8:v4.8.0-202106291913.p0.git.a29b115.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-livenessprobe:v4.8.0-202106291913.p0.git.a29b115.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-node-driver-registrar-rhel8:v4.8.0-202106291913.p0.git.0519730.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-node-driver-registrar:v4.8.0-202106291913.p0.git.0519730.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-snapshot-controller-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-snapshot-controller:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-snapshot-validation-webhook-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-deployer:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-docker-builder:v4.8.0-202107152024.p0.git.70b7b95.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-docker-registry:v4.8.0-202106291913.p0.git.a87e6c5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-etcd:v4.8.0-202106152230.p0.git.aefa6bf.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-gcp-machine-controllers-rhel8:v4.8.0-202106291913.p0.git.34db56e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-gcp-pd-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.35ebe86.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-gcp-pd-csi-driver-rhel8:v4.8.0-202106291913.p0.git.0b61889.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-grafana:v4.8.0-202106291913.p0.git.b987e4b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-haproxy-router:v4.8.0-202106291913.p0.git.207d546.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-hyperkube:v4.8.0-202107161820.p0.git.051ac4f.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-insights-rhel8-operator:v4.8.0-202106291913.p0.git.2040a71.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-installer-artifacts:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-installer:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-hardware-inventory-recorder-rhel8:v4.8.0-202107191801.p0.git.61c4cc7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-inspector-rhel8:v4.8.0-202107191302.p0.git.9aafd07.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-ipa-downloader-rhel8:v4.8.0-202107152024.p0.git.ba87832.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-machine-os-downloader-rhel8:v4.8.0-202107152024.p0.git.71967e7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-rhel8:v4.8.0-202107191302.p0.git.227b76b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-static-ip-manager-rhel8:v4.8.0-202107152024.p0.git.d2e40e3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins-agent-base:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins-agent-maven:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins-agent-nodejs-12-rhel8:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-k8s-prometheus-adapter:v4.8.0-202106291913.p0.git.2856bc2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-keepalived-ipfailover:v4.8.0-202106152230.p0.git.ad38e11.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kube-proxy:v4.8.0-202106291913.p0.git.00d84a9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kube-state-metrics:v4.8.0-202106291913.p0.git.9471662.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kube-storage-version-migrator-rhel8:v4.8.0-202106291913.p0.git.901a6d2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kuryr-cni-rhel8:v4.8.0-202107191610.p0.git.8a4c2d8.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kuryr-controller-rhel8:v4.8.0-202107191610.p0.git.8a4c2d8.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-libvirt-machine-controllers:v4.8.0-202106291913.p0.git.1a48d4b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-machine-api-operator:v4.8.0-202107091016.p0.git.1155220.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-machine-config-operator:v4.8.0-202107011817.p0.git.29813c8.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-mdns-publisher-rhel8:v4.8.0-202106291913.p0.git.2c42cc4.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-admission-controller:v4.8.0-202106291913.p0.git.a7312f5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-cni:v4.8.0-202106291913.p0.git.0c97234.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-networkpolicy-rhel8:v4.8.0-202106291913.p0.git.187ad91.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-route-override-cni-rhel8:v4.8.0-202107152024.p0.git.1662c3e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-whereabouts-ipam-cni-rhel8:v4.8.0-202107152024.p0.git.9a05258.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-must-gather:v4.8.0-202106291913.p0.git.cc7e2a5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-network-metrics-daemon-rhel8:v4.8.0-202106291913.p0.git.f02c63a.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-oauth-apiserver-rhel8:v4.8.0-202106291913.p0.git.09435a5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-oauth-proxy:v4.8.0-202107152024.p0.git.3fc0d89.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-oauth-server-rhel8:v4.8.0-202106291913.p0.git.374e2ee.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openshift-apiserver-rhel8:v4.8.0-202106291913.p0.git.3949869.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openshift-controller-manager-rhel8:v4.8.0-202106291913.p0.git.2e25328.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openshift-state-metrics-rhel8:v4.8.0-202106291913.p0.git.1014291.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openstack-cinder-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.1184ace.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openstack-cinder-csi-driver-rhel8:v4.8.0-202106291913.p0.git.3579ead.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openstack-machine-controllers:v4.8.0-202106291913.p0.git.3024c78.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-operator-lifecycle-manager:v4.8.0-202107160028.p0.git.2b803dd.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-operator-marketplace:v4.8.0-202106291913.p0.git.e39ff59.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-operator-registry:v4.8.0-202107160028.p0.git.2b803dd.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ovirt-machine-controllers-rhel8:v4.8.0-202106291913.p0.git.86c1675.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ovn-kubernetes:v4.8.0-202106291913.p0.git.dbc67b5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-pod:v4.8.0-202107161820.p0.git.051ac4f.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prom-label-proxy:v4.8.0-202106291913.p0.git.2faeb40.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-alertmanager:v4.8.0-202106291913.p0.git.7b5ac87.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-config-reloader:v4.8.0-202106291913.p0.git.9d679a1.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-node-exporter:v4.8.0-202106291913.p0.git.c926449.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-operator:v4.8.0-202106291913.p0.git.9d679a1.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus:v4.8.0-202106291913.p0.git.f3beb88.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-sdn-rhel8:v4.8.0-202106291913.p0.git.00d84a9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-service-ca-operator:v4.8.0-202107131132.p0.git.bcc6df4.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-telemeter:v4.8.0-202106291913.p0.git.d6ceb8a.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-tests:v4.8.0-202107131424.p0.git.0d958c3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-tools-rhel8:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vmware-vsphere-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.edbdd69.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vmware-vsphere-csi-driver-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.edbdd69.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-csi-driver-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-csi-driver-syncer-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-problem-detector-rhel8:v4.8.0-202106291913.p0.git.bf6f4fa.assembly.stream", "8Base-RHOSE-4.8:openshift4/ovirt-csi-driver-rhel7:v4.8.0-202106291913.p0.git.b1d4ec3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ovirt-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.7b6cd3d.assembly.stream" ] }, "references": [ { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2021-26539", "url": "https://www.cve.org/CVERecord?id=CVE-2021-26539" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-26539", "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-26539" }, { "category": "external", "summary": "CVE-2021-26539", "url": "https://access.redhat.com/security/cve/CVE-2021-26539" }, { "category": "external", "summary": "bz#1932362: CVE-2021-26539 sanitize-html: improper handling of internationalized domain name (IDN) can lead to bypass hostname whitelist validation", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1932362" } ], "release_date": "2021-01-22T00:00:00Z", "remediations": [ { "category": "vendor_fix", "details": "For OpenShift Container Platform 4.8 see the following documentation, which\nwill be updated shortly for this release, for important instructions on how\nto upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.8/release_notes/ocp-4-8-release-notes.html\n\nDetails on how to access this content are available at\nhttps://docs.openshift.com/container-platform/4.8/updating/updating-cluster-cli.html", "product_ids": [ "8Base-RHOSE-4.8:openshift4/ose-thanos-rhel8:v4.8.0-202106291913.p0.git.c358e96.assembly.stream" ], "url": "https://access.redhat.com/errata/RHSA-2021:2438" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", "version": "3.1" }, "products": [ "8Base-RHOSE-4.8:openshift4/ose-thanos-rhel8:v4.8.0-202106291913.p0.git.c358e96.assembly.stream" ] } ], "threats": [ { "category": "impact", "date": "2021-02-08T00:00:00Z", "details": "Moderate" } ], "title": "CVE-2021-26539 sanitize-html: improper handling of internationalized domain name (IDN) can lead to bypass hostname whitelist validation" }, { "cve": "CVE-2021-26540", "cwe": { "id": "CWE-20", "name": "Improper Input Validation" }, "discovery_date": "2021-02-08T00:00:00Z", "flags": [ { "label": "component_not_present", "product_ids": [ "8Base-RHOSE-4.8:openshift4/driver-toolkit-rhel8:v4.8.0-202107210116.p0.git.37de0e6.assembly.stream", "8Base-RHOSE-4.8:openshift4/egress-router-cni-rhel8:v4.8.0-202106291913.p0.git.016bea1.assembly.stream", "8Base-RHOSE-4.8:openshift4/network-tools-rhel8:v4.8.0-202106291913.p0.git.5ac3739.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-ebs-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.d1fe616.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-ebs-csi-driver-rhel8:v4.8.0-202106291913.p0.git.8c036e4.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-machine-controllers:v4.8.0-202107131617.p0.git.4c66f3d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-pod-identity-webhook-rhel8:v4.8.0-202107081650.p0.git.2b8eee2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-azure-disk-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.d3a3c29.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-azure-disk-csi-driver-rhel8:v4.8.0-202106291913.p0.git.2d461b3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-azure-machine-controllers:v4.8.0-202106291913.p0.git.8301076.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-installer-rhel8:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-machine-controllers:v4.8.0-202106291913.p0.git.a60d493.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-rhel8-operator:v4.8.0-202106291913.p0.git.015024f.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-runtimecfg-rhel8:v4.8.0-202106291913.p0.git.c8b1456.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cli-artifacts:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cli:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cloud-credential-operator:v4.8.0-202106291913.p0.git.b8932e9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-authentication-operator:v4.8.0-202106302318.p0.git.0ec8dd7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-autoscaler-operator:v4.8.0-202106291913.p0.git.fdae5ba.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-autoscaler:v4.8.0-202107152024.p0.git.7bbde4c.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-baremetal-operator-rhel8:v4.8.0-202106291913.p0.git.04a2ae2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-bootstrap:v4.8.0-202106291913.p0.git.1af395b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-config-operator:v4.8.0-202106291913.p0.git.c102241.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator:v4.8.0-202106291913.p0.git.07b3f81.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-dns-operator:v4.8.0-202107010313.p0.git.fdb2ebe.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-etcd-rhel8-operator:v4.8.0-202106291913.p0.git.300bdf3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-image-registry-operator:v4.8.0-202106291913.p0.git.f09049a.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-ingress-operator:v4.8.0-202106291913.p0.git.e9e6295.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-apiserver-operator:v4.8.0-202106291913.p0.git.d928754.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-controller-manager-operator:v4.8.0-202107141920.p0.git.9dc35db.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-scheduler-operator:v4.8.0-202106291913.p0.git.170a5a6.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator:v4.8.0-202106291913.p0.git.c4f4f8b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-machine-approver:v4.8.0-202106291913.p0.git.724abd2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-monitoring-operator:v4.8.0-202107151437.p0.git.5cfe241.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-network-operator:v4.8.0-202106291913.p0.git.a5ebd1e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-node-tuning-operator:v4.8.0-202107091725.p0.git.6be3f67.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-openshift-apiserver-operator:v4.8.0-202106291913.p0.git.683d004.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-openshift-controller-manager-operator:v4.8.0-202106291913.p0.git.286c157.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-policy-controller-rhel8:v4.8.0-202106291913.p0.git.ec46ea5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-samples-operator:v4.8.0-202107152024.p0.git.31fb491.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-storage-operator:v4.8.0-202106291913.p0.git.0775fb6.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-update-keys:v4.8.0-202106152230.p0.git.87835b7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-version-operator:v4.8.0-202106291913.p0.git.ea6e779.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-configmap-reloader:v4.8.0-202106291913.p0.git.abc5c26.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-console-operator:v4.8.0-202106291913.p0.git.b5cf3e0.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-container-networking-plugins-rhel8:v4.8.0-202106291913.p0.git.a8801b0.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-coredns:v4.8.0-202106291913.p0.git.642b46e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-driver-manila-rhel8-operator:v4.8.0-202106291913.p0.git.7e86252.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-driver-manila-rhel8:v4.8.0-202106291913.p0.git.3579ead.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-driver-nfs-rhel8:v4.8.0-202106291913.p0.git.9404d34.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-attacher-rhel8:v4.8.0-202106291913.p0.git.596da63.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-attacher:v4.8.0-202106291913.p0.git.596da63.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-provisioner-rhel8:v4.8.0-202106291913.p0.git.3ea7e68.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-provisioner:v4.8.0-202106291913.p0.git.3ea7e68.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-resizer-rhel8:v4.8.0-202106291913.p0.git.b5dd2b3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-resizer:v4.8.0-202106291913.p0.git.b5dd2b3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-snapshotter-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-snapshotter:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-livenessprobe-rhel8:v4.8.0-202106291913.p0.git.a29b115.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-livenessprobe:v4.8.0-202106291913.p0.git.a29b115.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-node-driver-registrar-rhel8:v4.8.0-202106291913.p0.git.0519730.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-node-driver-registrar:v4.8.0-202106291913.p0.git.0519730.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-snapshot-controller-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-snapshot-controller:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-snapshot-validation-webhook-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-deployer:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-docker-builder:v4.8.0-202107152024.p0.git.70b7b95.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-docker-registry:v4.8.0-202106291913.p0.git.a87e6c5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-etcd:v4.8.0-202106152230.p0.git.aefa6bf.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-gcp-machine-controllers-rhel8:v4.8.0-202106291913.p0.git.34db56e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-gcp-pd-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.35ebe86.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-gcp-pd-csi-driver-rhel8:v4.8.0-202106291913.p0.git.0b61889.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-grafana:v4.8.0-202106291913.p0.git.b987e4b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-haproxy-router:v4.8.0-202106291913.p0.git.207d546.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-hyperkube:v4.8.0-202107161820.p0.git.051ac4f.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-insights-rhel8-operator:v4.8.0-202106291913.p0.git.2040a71.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-installer-artifacts:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-installer:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-hardware-inventory-recorder-rhel8:v4.8.0-202107191801.p0.git.61c4cc7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-inspector-rhel8:v4.8.0-202107191302.p0.git.9aafd07.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-ipa-downloader-rhel8:v4.8.0-202107152024.p0.git.ba87832.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-machine-os-downloader-rhel8:v4.8.0-202107152024.p0.git.71967e7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-rhel8:v4.8.0-202107191302.p0.git.227b76b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-static-ip-manager-rhel8:v4.8.0-202107152024.p0.git.d2e40e3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins-agent-base:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins-agent-maven:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins-agent-nodejs-12-rhel8:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-k8s-prometheus-adapter:v4.8.0-202106291913.p0.git.2856bc2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-keepalived-ipfailover:v4.8.0-202106152230.p0.git.ad38e11.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kube-proxy:v4.8.0-202106291913.p0.git.00d84a9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kube-state-metrics:v4.8.0-202106291913.p0.git.9471662.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kube-storage-version-migrator-rhel8:v4.8.0-202106291913.p0.git.901a6d2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kuryr-cni-rhel8:v4.8.0-202107191610.p0.git.8a4c2d8.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kuryr-controller-rhel8:v4.8.0-202107191610.p0.git.8a4c2d8.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-libvirt-machine-controllers:v4.8.0-202106291913.p0.git.1a48d4b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-machine-api-operator:v4.8.0-202107091016.p0.git.1155220.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-machine-config-operator:v4.8.0-202107011817.p0.git.29813c8.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-mdns-publisher-rhel8:v4.8.0-202106291913.p0.git.2c42cc4.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-admission-controller:v4.8.0-202106291913.p0.git.a7312f5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-cni:v4.8.0-202106291913.p0.git.0c97234.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-networkpolicy-rhel8:v4.8.0-202106291913.p0.git.187ad91.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-route-override-cni-rhel8:v4.8.0-202107152024.p0.git.1662c3e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-whereabouts-ipam-cni-rhel8:v4.8.0-202107152024.p0.git.9a05258.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-must-gather:v4.8.0-202106291913.p0.git.cc7e2a5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-network-metrics-daemon-rhel8:v4.8.0-202106291913.p0.git.f02c63a.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-oauth-apiserver-rhel8:v4.8.0-202106291913.p0.git.09435a5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-oauth-proxy:v4.8.0-202107152024.p0.git.3fc0d89.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-oauth-server-rhel8:v4.8.0-202106291913.p0.git.374e2ee.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openshift-apiserver-rhel8:v4.8.0-202106291913.p0.git.3949869.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openshift-controller-manager-rhel8:v4.8.0-202106291913.p0.git.2e25328.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openshift-state-metrics-rhel8:v4.8.0-202106291913.p0.git.1014291.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openstack-cinder-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.1184ace.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openstack-cinder-csi-driver-rhel8:v4.8.0-202106291913.p0.git.3579ead.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openstack-machine-controllers:v4.8.0-202106291913.p0.git.3024c78.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-operator-lifecycle-manager:v4.8.0-202107160028.p0.git.2b803dd.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-operator-marketplace:v4.8.0-202106291913.p0.git.e39ff59.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-operator-registry:v4.8.0-202107160028.p0.git.2b803dd.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ovirt-machine-controllers-rhel8:v4.8.0-202106291913.p0.git.86c1675.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ovn-kubernetes:v4.8.0-202106291913.p0.git.dbc67b5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-pod:v4.8.0-202107161820.p0.git.051ac4f.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prom-label-proxy:v4.8.0-202106291913.p0.git.2faeb40.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-alertmanager:v4.8.0-202106291913.p0.git.7b5ac87.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-config-reloader:v4.8.0-202106291913.p0.git.9d679a1.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-node-exporter:v4.8.0-202106291913.p0.git.c926449.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-operator:v4.8.0-202106291913.p0.git.9d679a1.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus:v4.8.0-202106291913.p0.git.f3beb88.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-sdn-rhel8:v4.8.0-202106291913.p0.git.00d84a9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-service-ca-operator:v4.8.0-202107131132.p0.git.bcc6df4.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-telemeter:v4.8.0-202106291913.p0.git.d6ceb8a.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-tests:v4.8.0-202107131424.p0.git.0d958c3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-tools-rhel8:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vmware-vsphere-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.edbdd69.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vmware-vsphere-csi-driver-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.edbdd69.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-csi-driver-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-csi-driver-syncer-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-problem-detector-rhel8:v4.8.0-202106291913.p0.git.bf6f4fa.assembly.stream", "8Base-RHOSE-4.8:openshift4/ovirt-csi-driver-rhel7:v4.8.0-202106291913.p0.git.b1d4ec3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ovirt-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.7b6cd3d.assembly.stream" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla", "text": "https://bugzilla.redhat.com/show_bug.cgi?id=1932323" } ], "notes": [ { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" }, { "category": "description", "text": "Apostrophe Technologies sanitize-html before 2.3.2 does not properly validate the hostnames set by the \"allowedIframeHostnames\" option when the \"allowIframeRelativeUrls\" is set to true, which allows attackers to bypass hostname whitelist for iframe element, related using an src value that starts with \"/\\\\example.com\".", "title": "Vulnerability description" }, { "category": "summary", "text": "sanitize-html: improper validation of hostnames set by the \"allowedIframeHostnames\" option can lead to bypass hostname whitelist for iframe element", "title": "Vulnerability summary" } ], "product_status": { "fixed": [ "8Base-RHOSE-4.8:openshift4/ose-console:v4.8.0-202107010336.p0.git.188a490.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-thanos-rhel8:v4.8.0-202106291913.p0.git.c358e96.assembly.stream" ], "known_not_affected": [ "8Base-RHOSE-4.8:openshift4/driver-toolkit-rhel8:v4.8.0-202107210116.p0.git.37de0e6.assembly.stream", "8Base-RHOSE-4.8:openshift4/egress-router-cni-rhel8:v4.8.0-202106291913.p0.git.016bea1.assembly.stream", "8Base-RHOSE-4.8:openshift4/network-tools-rhel8:v4.8.0-202106291913.p0.git.5ac3739.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-ebs-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.d1fe616.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-ebs-csi-driver-rhel8:v4.8.0-202106291913.p0.git.8c036e4.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-machine-controllers:v4.8.0-202107131617.p0.git.4c66f3d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-pod-identity-webhook-rhel8:v4.8.0-202107081650.p0.git.2b8eee2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-azure-disk-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.d3a3c29.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-azure-disk-csi-driver-rhel8:v4.8.0-202106291913.p0.git.2d461b3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-azure-machine-controllers:v4.8.0-202106291913.p0.git.8301076.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-installer-rhel8:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-machine-controllers:v4.8.0-202106291913.p0.git.a60d493.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-rhel8-operator:v4.8.0-202106291913.p0.git.015024f.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-runtimecfg-rhel8:v4.8.0-202106291913.p0.git.c8b1456.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cli-artifacts:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cli:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cloud-credential-operator:v4.8.0-202106291913.p0.git.b8932e9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-authentication-operator:v4.8.0-202106302318.p0.git.0ec8dd7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-autoscaler-operator:v4.8.0-202106291913.p0.git.fdae5ba.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-autoscaler:v4.8.0-202107152024.p0.git.7bbde4c.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-baremetal-operator-rhel8:v4.8.0-202106291913.p0.git.04a2ae2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-bootstrap:v4.8.0-202106291913.p0.git.1af395b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-config-operator:v4.8.0-202106291913.p0.git.c102241.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator:v4.8.0-202106291913.p0.git.07b3f81.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-dns-operator:v4.8.0-202107010313.p0.git.fdb2ebe.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-etcd-rhel8-operator:v4.8.0-202106291913.p0.git.300bdf3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-image-registry-operator:v4.8.0-202106291913.p0.git.f09049a.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-ingress-operator:v4.8.0-202106291913.p0.git.e9e6295.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-apiserver-operator:v4.8.0-202106291913.p0.git.d928754.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-controller-manager-operator:v4.8.0-202107141920.p0.git.9dc35db.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-scheduler-operator:v4.8.0-202106291913.p0.git.170a5a6.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator:v4.8.0-202106291913.p0.git.c4f4f8b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-machine-approver:v4.8.0-202106291913.p0.git.724abd2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-monitoring-operator:v4.8.0-202107151437.p0.git.5cfe241.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-network-operator:v4.8.0-202106291913.p0.git.a5ebd1e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-node-tuning-operator:v4.8.0-202107091725.p0.git.6be3f67.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-openshift-apiserver-operator:v4.8.0-202106291913.p0.git.683d004.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-openshift-controller-manager-operator:v4.8.0-202106291913.p0.git.286c157.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-policy-controller-rhel8:v4.8.0-202106291913.p0.git.ec46ea5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-samples-operator:v4.8.0-202107152024.p0.git.31fb491.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-storage-operator:v4.8.0-202106291913.p0.git.0775fb6.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-update-keys:v4.8.0-202106152230.p0.git.87835b7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-version-operator:v4.8.0-202106291913.p0.git.ea6e779.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-configmap-reloader:v4.8.0-202106291913.p0.git.abc5c26.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-console-operator:v4.8.0-202106291913.p0.git.b5cf3e0.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-container-networking-plugins-rhel8:v4.8.0-202106291913.p0.git.a8801b0.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-coredns:v4.8.0-202106291913.p0.git.642b46e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-driver-manila-rhel8-operator:v4.8.0-202106291913.p0.git.7e86252.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-driver-manila-rhel8:v4.8.0-202106291913.p0.git.3579ead.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-driver-nfs-rhel8:v4.8.0-202106291913.p0.git.9404d34.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-attacher-rhel8:v4.8.0-202106291913.p0.git.596da63.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-attacher:v4.8.0-202106291913.p0.git.596da63.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-provisioner-rhel8:v4.8.0-202106291913.p0.git.3ea7e68.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-provisioner:v4.8.0-202106291913.p0.git.3ea7e68.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-resizer-rhel8:v4.8.0-202106291913.p0.git.b5dd2b3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-resizer:v4.8.0-202106291913.p0.git.b5dd2b3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-snapshotter-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-snapshotter:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-livenessprobe-rhel8:v4.8.0-202106291913.p0.git.a29b115.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-livenessprobe:v4.8.0-202106291913.p0.git.a29b115.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-node-driver-registrar-rhel8:v4.8.0-202106291913.p0.git.0519730.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-node-driver-registrar:v4.8.0-202106291913.p0.git.0519730.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-snapshot-controller-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-snapshot-controller:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-snapshot-validation-webhook-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-deployer:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-docker-builder:v4.8.0-202107152024.p0.git.70b7b95.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-docker-registry:v4.8.0-202106291913.p0.git.a87e6c5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-etcd:v4.8.0-202106152230.p0.git.aefa6bf.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-gcp-machine-controllers-rhel8:v4.8.0-202106291913.p0.git.34db56e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-gcp-pd-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.35ebe86.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-gcp-pd-csi-driver-rhel8:v4.8.0-202106291913.p0.git.0b61889.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-grafana:v4.8.0-202106291913.p0.git.b987e4b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-haproxy-router:v4.8.0-202106291913.p0.git.207d546.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-hyperkube:v4.8.0-202107161820.p0.git.051ac4f.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-insights-rhel8-operator:v4.8.0-202106291913.p0.git.2040a71.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-installer-artifacts:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-installer:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-hardware-inventory-recorder-rhel8:v4.8.0-202107191801.p0.git.61c4cc7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-inspector-rhel8:v4.8.0-202107191302.p0.git.9aafd07.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-ipa-downloader-rhel8:v4.8.0-202107152024.p0.git.ba87832.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-machine-os-downloader-rhel8:v4.8.0-202107152024.p0.git.71967e7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-rhel8:v4.8.0-202107191302.p0.git.227b76b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-static-ip-manager-rhel8:v4.8.0-202107152024.p0.git.d2e40e3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins-agent-base:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins-agent-maven:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins-agent-nodejs-12-rhel8:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-k8s-prometheus-adapter:v4.8.0-202106291913.p0.git.2856bc2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-keepalived-ipfailover:v4.8.0-202106152230.p0.git.ad38e11.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kube-proxy:v4.8.0-202106291913.p0.git.00d84a9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kube-state-metrics:v4.8.0-202106291913.p0.git.9471662.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kube-storage-version-migrator-rhel8:v4.8.0-202106291913.p0.git.901a6d2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kuryr-cni-rhel8:v4.8.0-202107191610.p0.git.8a4c2d8.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kuryr-controller-rhel8:v4.8.0-202107191610.p0.git.8a4c2d8.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-libvirt-machine-controllers:v4.8.0-202106291913.p0.git.1a48d4b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-machine-api-operator:v4.8.0-202107091016.p0.git.1155220.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-machine-config-operator:v4.8.0-202107011817.p0.git.29813c8.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-mdns-publisher-rhel8:v4.8.0-202106291913.p0.git.2c42cc4.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-admission-controller:v4.8.0-202106291913.p0.git.a7312f5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-cni:v4.8.0-202106291913.p0.git.0c97234.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-networkpolicy-rhel8:v4.8.0-202106291913.p0.git.187ad91.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-route-override-cni-rhel8:v4.8.0-202107152024.p0.git.1662c3e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-whereabouts-ipam-cni-rhel8:v4.8.0-202107152024.p0.git.9a05258.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-must-gather:v4.8.0-202106291913.p0.git.cc7e2a5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-network-metrics-daemon-rhel8:v4.8.0-202106291913.p0.git.f02c63a.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-oauth-apiserver-rhel8:v4.8.0-202106291913.p0.git.09435a5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-oauth-proxy:v4.8.0-202107152024.p0.git.3fc0d89.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-oauth-server-rhel8:v4.8.0-202106291913.p0.git.374e2ee.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openshift-apiserver-rhel8:v4.8.0-202106291913.p0.git.3949869.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openshift-controller-manager-rhel8:v4.8.0-202106291913.p0.git.2e25328.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openshift-state-metrics-rhel8:v4.8.0-202106291913.p0.git.1014291.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openstack-cinder-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.1184ace.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openstack-cinder-csi-driver-rhel8:v4.8.0-202106291913.p0.git.3579ead.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openstack-machine-controllers:v4.8.0-202106291913.p0.git.3024c78.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-operator-lifecycle-manager:v4.8.0-202107160028.p0.git.2b803dd.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-operator-marketplace:v4.8.0-202106291913.p0.git.e39ff59.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-operator-registry:v4.8.0-202107160028.p0.git.2b803dd.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ovirt-machine-controllers-rhel8:v4.8.0-202106291913.p0.git.86c1675.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ovn-kubernetes:v4.8.0-202106291913.p0.git.dbc67b5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-pod:v4.8.0-202107161820.p0.git.051ac4f.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prom-label-proxy:v4.8.0-202106291913.p0.git.2faeb40.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-alertmanager:v4.8.0-202106291913.p0.git.7b5ac87.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-config-reloader:v4.8.0-202106291913.p0.git.9d679a1.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-node-exporter:v4.8.0-202106291913.p0.git.c926449.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-operator:v4.8.0-202106291913.p0.git.9d679a1.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus:v4.8.0-202106291913.p0.git.f3beb88.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-sdn-rhel8:v4.8.0-202106291913.p0.git.00d84a9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-service-ca-operator:v4.8.0-202107131132.p0.git.bcc6df4.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-telemeter:v4.8.0-202106291913.p0.git.d6ceb8a.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-tests:v4.8.0-202107131424.p0.git.0d958c3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-tools-rhel8:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vmware-vsphere-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.edbdd69.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vmware-vsphere-csi-driver-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.edbdd69.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-csi-driver-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-csi-driver-syncer-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-problem-detector-rhel8:v4.8.0-202106291913.p0.git.bf6f4fa.assembly.stream", "8Base-RHOSE-4.8:openshift4/ovirt-csi-driver-rhel7:v4.8.0-202106291913.p0.git.b1d4ec3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ovirt-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.7b6cd3d.assembly.stream" ] }, "references": [ { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2021-26540", "url": "https://www.cve.org/CVERecord?id=CVE-2021-26540" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-26540", "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-26540" }, { "category": "external", "summary": "CVE-2021-26540", "url": "https://access.redhat.com/security/cve/CVE-2021-26540" }, { "category": "external", "summary": "bz#1932323: CVE-2021-26540 sanitize-html: improper validation of hostnames set by the \"allowedIframeHostnames\" option can lead to bypass hostname whitelist for iframe element", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1932323" } ], "release_date": "2021-01-26T00:00:00Z", "remediations": [ { "category": "vendor_fix", "details": "For OpenShift Container Platform 4.8 see the following documentation, which\nwill be updated shortly for this release, for important instructions on how\nto upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.8/release_notes/ocp-4-8-release-notes.html\n\nDetails on how to access this content are available at\nhttps://docs.openshift.com/container-platform/4.8/updating/updating-cluster-cli.html", "product_ids": [ "8Base-RHOSE-4.8:openshift4/ose-console:v4.8.0-202107010336.p0.git.188a490.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-thanos-rhel8:v4.8.0-202106291913.p0.git.c358e96.assembly.stream" ], "url": "https://access.redhat.com/errata/RHSA-2021:2438" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", "version": "3.1" }, "products": [ "8Base-RHOSE-4.8:openshift4/ose-console:v4.8.0-202107010336.p0.git.188a490.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-thanos-rhel8:v4.8.0-202106291913.p0.git.c358e96.assembly.stream" ] } ], "threats": [ { "category": "impact", "date": "2021-02-08T00:00:00Z", "details": "Moderate" } ], "title": "CVE-2021-26540 sanitize-html: improper validation of hostnames set by the \"allowedIframeHostnames\" option can lead to bypass hostname whitelist for iframe element" }, { "cve": "CVE-2021-27292", "cwe": { "id": "CWE-400", "name": "Uncontrolled Resource Consumption" }, "discovery_date": "2021-03-17T00:00:00Z", "flags": [ { "label": "component_not_present", "product_ids": [ "8Base-RHOSE-4.8:openshift4/driver-toolkit-rhel8:v4.8.0-202107210116.p0.git.37de0e6.assembly.stream", "8Base-RHOSE-4.8:openshift4/egress-router-cni-rhel8:v4.8.0-202106291913.p0.git.016bea1.assembly.stream", "8Base-RHOSE-4.8:openshift4/network-tools-rhel8:v4.8.0-202106291913.p0.git.5ac3739.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-ebs-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.d1fe616.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-ebs-csi-driver-rhel8:v4.8.0-202106291913.p0.git.8c036e4.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-machine-controllers:v4.8.0-202107131617.p0.git.4c66f3d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-pod-identity-webhook-rhel8:v4.8.0-202107081650.p0.git.2b8eee2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-azure-disk-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.d3a3c29.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-azure-disk-csi-driver-rhel8:v4.8.0-202106291913.p0.git.2d461b3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-azure-machine-controllers:v4.8.0-202106291913.p0.git.8301076.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-installer-rhel8:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-machine-controllers:v4.8.0-202106291913.p0.git.a60d493.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-rhel8-operator:v4.8.0-202106291913.p0.git.015024f.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-runtimecfg-rhel8:v4.8.0-202106291913.p0.git.c8b1456.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cli-artifacts:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cli:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cloud-credential-operator:v4.8.0-202106291913.p0.git.b8932e9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-authentication-operator:v4.8.0-202106302318.p0.git.0ec8dd7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-autoscaler-operator:v4.8.0-202106291913.p0.git.fdae5ba.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-autoscaler:v4.8.0-202107152024.p0.git.7bbde4c.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-baremetal-operator-rhel8:v4.8.0-202106291913.p0.git.04a2ae2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-bootstrap:v4.8.0-202106291913.p0.git.1af395b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-config-operator:v4.8.0-202106291913.p0.git.c102241.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator:v4.8.0-202106291913.p0.git.07b3f81.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-dns-operator:v4.8.0-202107010313.p0.git.fdb2ebe.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-etcd-rhel8-operator:v4.8.0-202106291913.p0.git.300bdf3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-image-registry-operator:v4.8.0-202106291913.p0.git.f09049a.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-ingress-operator:v4.8.0-202106291913.p0.git.e9e6295.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-apiserver-operator:v4.8.0-202106291913.p0.git.d928754.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-controller-manager-operator:v4.8.0-202107141920.p0.git.9dc35db.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-scheduler-operator:v4.8.0-202106291913.p0.git.170a5a6.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator:v4.8.0-202106291913.p0.git.c4f4f8b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-machine-approver:v4.8.0-202106291913.p0.git.724abd2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-monitoring-operator:v4.8.0-202107151437.p0.git.5cfe241.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-network-operator:v4.8.0-202106291913.p0.git.a5ebd1e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-node-tuning-operator:v4.8.0-202107091725.p0.git.6be3f67.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-openshift-apiserver-operator:v4.8.0-202106291913.p0.git.683d004.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-openshift-controller-manager-operator:v4.8.0-202106291913.p0.git.286c157.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-policy-controller-rhel8:v4.8.0-202106291913.p0.git.ec46ea5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-samples-operator:v4.8.0-202107152024.p0.git.31fb491.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-storage-operator:v4.8.0-202106291913.p0.git.0775fb6.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-update-keys:v4.8.0-202106152230.p0.git.87835b7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-version-operator:v4.8.0-202106291913.p0.git.ea6e779.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-configmap-reloader:v4.8.0-202106291913.p0.git.abc5c26.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-console-operator:v4.8.0-202106291913.p0.git.b5cf3e0.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-container-networking-plugins-rhel8:v4.8.0-202106291913.p0.git.a8801b0.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-coredns:v4.8.0-202106291913.p0.git.642b46e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-driver-manila-rhel8-operator:v4.8.0-202106291913.p0.git.7e86252.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-driver-manila-rhel8:v4.8.0-202106291913.p0.git.3579ead.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-driver-nfs-rhel8:v4.8.0-202106291913.p0.git.9404d34.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-attacher-rhel8:v4.8.0-202106291913.p0.git.596da63.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-attacher:v4.8.0-202106291913.p0.git.596da63.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-provisioner-rhel8:v4.8.0-202106291913.p0.git.3ea7e68.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-provisioner:v4.8.0-202106291913.p0.git.3ea7e68.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-resizer-rhel8:v4.8.0-202106291913.p0.git.b5dd2b3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-resizer:v4.8.0-202106291913.p0.git.b5dd2b3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-snapshotter-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-snapshotter:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-livenessprobe-rhel8:v4.8.0-202106291913.p0.git.a29b115.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-livenessprobe:v4.8.0-202106291913.p0.git.a29b115.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-node-driver-registrar-rhel8:v4.8.0-202106291913.p0.git.0519730.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-node-driver-registrar:v4.8.0-202106291913.p0.git.0519730.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-snapshot-controller-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-snapshot-controller:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-snapshot-validation-webhook-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-deployer:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-docker-builder:v4.8.0-202107152024.p0.git.70b7b95.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-docker-registry:v4.8.0-202106291913.p0.git.a87e6c5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-etcd:v4.8.0-202106152230.p0.git.aefa6bf.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-gcp-machine-controllers-rhel8:v4.8.0-202106291913.p0.git.34db56e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-gcp-pd-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.35ebe86.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-gcp-pd-csi-driver-rhel8:v4.8.0-202106291913.p0.git.0b61889.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-grafana:v4.8.0-202106291913.p0.git.b987e4b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-haproxy-router:v4.8.0-202106291913.p0.git.207d546.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-hyperkube:v4.8.0-202107161820.p0.git.051ac4f.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-insights-rhel8-operator:v4.8.0-202106291913.p0.git.2040a71.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-installer-artifacts:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-installer:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-hardware-inventory-recorder-rhel8:v4.8.0-202107191801.p0.git.61c4cc7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-inspector-rhel8:v4.8.0-202107191302.p0.git.9aafd07.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-ipa-downloader-rhel8:v4.8.0-202107152024.p0.git.ba87832.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-machine-os-downloader-rhel8:v4.8.0-202107152024.p0.git.71967e7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-rhel8:v4.8.0-202107191302.p0.git.227b76b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-static-ip-manager-rhel8:v4.8.0-202107152024.p0.git.d2e40e3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins-agent-base:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins-agent-maven:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins-agent-nodejs-12-rhel8:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-k8s-prometheus-adapter:v4.8.0-202106291913.p0.git.2856bc2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-keepalived-ipfailover:v4.8.0-202106152230.p0.git.ad38e11.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kube-proxy:v4.8.0-202106291913.p0.git.00d84a9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kube-state-metrics:v4.8.0-202106291913.p0.git.9471662.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kube-storage-version-migrator-rhel8:v4.8.0-202106291913.p0.git.901a6d2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kuryr-cni-rhel8:v4.8.0-202107191610.p0.git.8a4c2d8.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kuryr-controller-rhel8:v4.8.0-202107191610.p0.git.8a4c2d8.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-libvirt-machine-controllers:v4.8.0-202106291913.p0.git.1a48d4b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-machine-api-operator:v4.8.0-202107091016.p0.git.1155220.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-machine-config-operator:v4.8.0-202107011817.p0.git.29813c8.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-mdns-publisher-rhel8:v4.8.0-202106291913.p0.git.2c42cc4.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-admission-controller:v4.8.0-202106291913.p0.git.a7312f5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-cni:v4.8.0-202106291913.p0.git.0c97234.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-networkpolicy-rhel8:v4.8.0-202106291913.p0.git.187ad91.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-route-override-cni-rhel8:v4.8.0-202107152024.p0.git.1662c3e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-whereabouts-ipam-cni-rhel8:v4.8.0-202107152024.p0.git.9a05258.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-must-gather:v4.8.0-202106291913.p0.git.cc7e2a5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-network-metrics-daemon-rhel8:v4.8.0-202106291913.p0.git.f02c63a.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-oauth-apiserver-rhel8:v4.8.0-202106291913.p0.git.09435a5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-oauth-proxy:v4.8.0-202107152024.p0.git.3fc0d89.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-oauth-server-rhel8:v4.8.0-202106291913.p0.git.374e2ee.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openshift-apiserver-rhel8:v4.8.0-202106291913.p0.git.3949869.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openshift-controller-manager-rhel8:v4.8.0-202106291913.p0.git.2e25328.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openshift-state-metrics-rhel8:v4.8.0-202106291913.p0.git.1014291.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openstack-cinder-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.1184ace.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openstack-cinder-csi-driver-rhel8:v4.8.0-202106291913.p0.git.3579ead.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openstack-machine-controllers:v4.8.0-202106291913.p0.git.3024c78.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-operator-lifecycle-manager:v4.8.0-202107160028.p0.git.2b803dd.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-operator-marketplace:v4.8.0-202106291913.p0.git.e39ff59.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-operator-registry:v4.8.0-202107160028.p0.git.2b803dd.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ovirt-machine-controllers-rhel8:v4.8.0-202106291913.p0.git.86c1675.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ovn-kubernetes:v4.8.0-202106291913.p0.git.dbc67b5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-pod:v4.8.0-202107161820.p0.git.051ac4f.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prom-label-proxy:v4.8.0-202106291913.p0.git.2faeb40.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-alertmanager:v4.8.0-202106291913.p0.git.7b5ac87.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-config-reloader:v4.8.0-202106291913.p0.git.9d679a1.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-node-exporter:v4.8.0-202106291913.p0.git.c926449.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-operator:v4.8.0-202106291913.p0.git.9d679a1.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus:v4.8.0-202106291913.p0.git.f3beb88.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-sdn-rhel8:v4.8.0-202106291913.p0.git.00d84a9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-service-ca-operator:v4.8.0-202107131132.p0.git.bcc6df4.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-telemeter:v4.8.0-202106291913.p0.git.d6ceb8a.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-tests:v4.8.0-202107131424.p0.git.0d958c3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-thanos-rhel8:v4.8.0-202106291913.p0.git.c358e96.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-tools-rhel8:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vmware-vsphere-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.edbdd69.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vmware-vsphere-csi-driver-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.edbdd69.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-csi-driver-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-csi-driver-syncer-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-problem-detector-rhel8:v4.8.0-202106291913.p0.git.bf6f4fa.assembly.stream", "8Base-RHOSE-4.8:openshift4/ovirt-csi-driver-rhel7:v4.8.0-202106291913.p0.git.b1d4ec3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ovirt-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.7b6cd3d.assembly.stream" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla", "text": "https://bugzilla.redhat.com/show_bug.cgi?id=1940613" } ], "notes": [ { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" }, { "category": "description", "text": "A regular expression denial of service (ReDoS) vulnerability was found in the npm library `ua-parser-js`. If a supplied user agent matches the `Noble` string and contains many spaces then the regex will conduct backtracking, taking an ever increasing amount of time depending on the number of spaces supplied. An attacker can use this vulnerability to potentially craft a malicious user agent resulting in a denial of service.", "title": "Vulnerability description" }, { "category": "summary", "text": "nodejs-ua-parser-js: ReDoS via malicious User-Agent header", "title": "Vulnerability summary" } ], "product_status": { "fixed": [ "8Base-RHOSE-4.8:openshift4/ose-console:v4.8.0-202107010336.p0.git.188a490.assembly.stream" ], "known_not_affected": [ "8Base-RHOSE-4.8:openshift4/driver-toolkit-rhel8:v4.8.0-202107210116.p0.git.37de0e6.assembly.stream", "8Base-RHOSE-4.8:openshift4/egress-router-cni-rhel8:v4.8.0-202106291913.p0.git.016bea1.assembly.stream", "8Base-RHOSE-4.8:openshift4/network-tools-rhel8:v4.8.0-202106291913.p0.git.5ac3739.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-ebs-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.d1fe616.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-ebs-csi-driver-rhel8:v4.8.0-202106291913.p0.git.8c036e4.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-machine-controllers:v4.8.0-202107131617.p0.git.4c66f3d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-pod-identity-webhook-rhel8:v4.8.0-202107081650.p0.git.2b8eee2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-azure-disk-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.d3a3c29.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-azure-disk-csi-driver-rhel8:v4.8.0-202106291913.p0.git.2d461b3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-azure-machine-controllers:v4.8.0-202106291913.p0.git.8301076.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-installer-rhel8:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-machine-controllers:v4.8.0-202106291913.p0.git.a60d493.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-rhel8-operator:v4.8.0-202106291913.p0.git.015024f.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-runtimecfg-rhel8:v4.8.0-202106291913.p0.git.c8b1456.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cli-artifacts:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cli:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cloud-credential-operator:v4.8.0-202106291913.p0.git.b8932e9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-authentication-operator:v4.8.0-202106302318.p0.git.0ec8dd7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-autoscaler-operator:v4.8.0-202106291913.p0.git.fdae5ba.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-autoscaler:v4.8.0-202107152024.p0.git.7bbde4c.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-baremetal-operator-rhel8:v4.8.0-202106291913.p0.git.04a2ae2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-bootstrap:v4.8.0-202106291913.p0.git.1af395b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-config-operator:v4.8.0-202106291913.p0.git.c102241.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator:v4.8.0-202106291913.p0.git.07b3f81.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-dns-operator:v4.8.0-202107010313.p0.git.fdb2ebe.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-etcd-rhel8-operator:v4.8.0-202106291913.p0.git.300bdf3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-image-registry-operator:v4.8.0-202106291913.p0.git.f09049a.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-ingress-operator:v4.8.0-202106291913.p0.git.e9e6295.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-apiserver-operator:v4.8.0-202106291913.p0.git.d928754.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-controller-manager-operator:v4.8.0-202107141920.p0.git.9dc35db.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-scheduler-operator:v4.8.0-202106291913.p0.git.170a5a6.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator:v4.8.0-202106291913.p0.git.c4f4f8b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-machine-approver:v4.8.0-202106291913.p0.git.724abd2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-monitoring-operator:v4.8.0-202107151437.p0.git.5cfe241.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-network-operator:v4.8.0-202106291913.p0.git.a5ebd1e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-node-tuning-operator:v4.8.0-202107091725.p0.git.6be3f67.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-openshift-apiserver-operator:v4.8.0-202106291913.p0.git.683d004.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-openshift-controller-manager-operator:v4.8.0-202106291913.p0.git.286c157.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-policy-controller-rhel8:v4.8.0-202106291913.p0.git.ec46ea5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-samples-operator:v4.8.0-202107152024.p0.git.31fb491.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-storage-operator:v4.8.0-202106291913.p0.git.0775fb6.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-update-keys:v4.8.0-202106152230.p0.git.87835b7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-version-operator:v4.8.0-202106291913.p0.git.ea6e779.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-configmap-reloader:v4.8.0-202106291913.p0.git.abc5c26.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-console-operator:v4.8.0-202106291913.p0.git.b5cf3e0.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-container-networking-plugins-rhel8:v4.8.0-202106291913.p0.git.a8801b0.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-coredns:v4.8.0-202106291913.p0.git.642b46e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-driver-manila-rhel8-operator:v4.8.0-202106291913.p0.git.7e86252.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-driver-manila-rhel8:v4.8.0-202106291913.p0.git.3579ead.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-driver-nfs-rhel8:v4.8.0-202106291913.p0.git.9404d34.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-attacher-rhel8:v4.8.0-202106291913.p0.git.596da63.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-attacher:v4.8.0-202106291913.p0.git.596da63.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-provisioner-rhel8:v4.8.0-202106291913.p0.git.3ea7e68.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-provisioner:v4.8.0-202106291913.p0.git.3ea7e68.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-resizer-rhel8:v4.8.0-202106291913.p0.git.b5dd2b3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-resizer:v4.8.0-202106291913.p0.git.b5dd2b3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-snapshotter-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-snapshotter:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-livenessprobe-rhel8:v4.8.0-202106291913.p0.git.a29b115.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-livenessprobe:v4.8.0-202106291913.p0.git.a29b115.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-node-driver-registrar-rhel8:v4.8.0-202106291913.p0.git.0519730.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-node-driver-registrar:v4.8.0-202106291913.p0.git.0519730.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-snapshot-controller-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-snapshot-controller:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-snapshot-validation-webhook-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-deployer:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-docker-builder:v4.8.0-202107152024.p0.git.70b7b95.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-docker-registry:v4.8.0-202106291913.p0.git.a87e6c5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-etcd:v4.8.0-202106152230.p0.git.aefa6bf.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-gcp-machine-controllers-rhel8:v4.8.0-202106291913.p0.git.34db56e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-gcp-pd-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.35ebe86.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-gcp-pd-csi-driver-rhel8:v4.8.0-202106291913.p0.git.0b61889.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-grafana:v4.8.0-202106291913.p0.git.b987e4b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-haproxy-router:v4.8.0-202106291913.p0.git.207d546.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-hyperkube:v4.8.0-202107161820.p0.git.051ac4f.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-insights-rhel8-operator:v4.8.0-202106291913.p0.git.2040a71.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-installer-artifacts:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-installer:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-hardware-inventory-recorder-rhel8:v4.8.0-202107191801.p0.git.61c4cc7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-inspector-rhel8:v4.8.0-202107191302.p0.git.9aafd07.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-ipa-downloader-rhel8:v4.8.0-202107152024.p0.git.ba87832.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-machine-os-downloader-rhel8:v4.8.0-202107152024.p0.git.71967e7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-rhel8:v4.8.0-202107191302.p0.git.227b76b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-static-ip-manager-rhel8:v4.8.0-202107152024.p0.git.d2e40e3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins-agent-base:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins-agent-maven:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins-agent-nodejs-12-rhel8:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-k8s-prometheus-adapter:v4.8.0-202106291913.p0.git.2856bc2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-keepalived-ipfailover:v4.8.0-202106152230.p0.git.ad38e11.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kube-proxy:v4.8.0-202106291913.p0.git.00d84a9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kube-state-metrics:v4.8.0-202106291913.p0.git.9471662.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kube-storage-version-migrator-rhel8:v4.8.0-202106291913.p0.git.901a6d2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kuryr-cni-rhel8:v4.8.0-202107191610.p0.git.8a4c2d8.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kuryr-controller-rhel8:v4.8.0-202107191610.p0.git.8a4c2d8.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-libvirt-machine-controllers:v4.8.0-202106291913.p0.git.1a48d4b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-machine-api-operator:v4.8.0-202107091016.p0.git.1155220.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-machine-config-operator:v4.8.0-202107011817.p0.git.29813c8.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-mdns-publisher-rhel8:v4.8.0-202106291913.p0.git.2c42cc4.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-admission-controller:v4.8.0-202106291913.p0.git.a7312f5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-cni:v4.8.0-202106291913.p0.git.0c97234.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-networkpolicy-rhel8:v4.8.0-202106291913.p0.git.187ad91.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-route-override-cni-rhel8:v4.8.0-202107152024.p0.git.1662c3e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-whereabouts-ipam-cni-rhel8:v4.8.0-202107152024.p0.git.9a05258.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-must-gather:v4.8.0-202106291913.p0.git.cc7e2a5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-network-metrics-daemon-rhel8:v4.8.0-202106291913.p0.git.f02c63a.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-oauth-apiserver-rhel8:v4.8.0-202106291913.p0.git.09435a5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-oauth-proxy:v4.8.0-202107152024.p0.git.3fc0d89.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-oauth-server-rhel8:v4.8.0-202106291913.p0.git.374e2ee.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openshift-apiserver-rhel8:v4.8.0-202106291913.p0.git.3949869.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openshift-controller-manager-rhel8:v4.8.0-202106291913.p0.git.2e25328.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openshift-state-metrics-rhel8:v4.8.0-202106291913.p0.git.1014291.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openstack-cinder-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.1184ace.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openstack-cinder-csi-driver-rhel8:v4.8.0-202106291913.p0.git.3579ead.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openstack-machine-controllers:v4.8.0-202106291913.p0.git.3024c78.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-operator-lifecycle-manager:v4.8.0-202107160028.p0.git.2b803dd.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-operator-marketplace:v4.8.0-202106291913.p0.git.e39ff59.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-operator-registry:v4.8.0-202107160028.p0.git.2b803dd.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ovirt-machine-controllers-rhel8:v4.8.0-202106291913.p0.git.86c1675.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ovn-kubernetes:v4.8.0-202106291913.p0.git.dbc67b5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-pod:v4.8.0-202107161820.p0.git.051ac4f.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prom-label-proxy:v4.8.0-202106291913.p0.git.2faeb40.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-alertmanager:v4.8.0-202106291913.p0.git.7b5ac87.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-config-reloader:v4.8.0-202106291913.p0.git.9d679a1.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-node-exporter:v4.8.0-202106291913.p0.git.c926449.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-operator:v4.8.0-202106291913.p0.git.9d679a1.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus:v4.8.0-202106291913.p0.git.f3beb88.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-sdn-rhel8:v4.8.0-202106291913.p0.git.00d84a9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-service-ca-operator:v4.8.0-202107131132.p0.git.bcc6df4.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-telemeter:v4.8.0-202106291913.p0.git.d6ceb8a.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-tests:v4.8.0-202107131424.p0.git.0d958c3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-thanos-rhel8:v4.8.0-202106291913.p0.git.c358e96.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-tools-rhel8:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vmware-vsphere-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.edbdd69.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vmware-vsphere-csi-driver-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.edbdd69.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-csi-driver-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-csi-driver-syncer-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-problem-detector-rhel8:v4.8.0-202106291913.p0.git.bf6f4fa.assembly.stream", "8Base-RHOSE-4.8:openshift4/ovirt-csi-driver-rhel7:v4.8.0-202106291913.p0.git.b1d4ec3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ovirt-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.7b6cd3d.assembly.stream" ] }, "references": [ { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2021-27292", "url": "https://www.cve.org/CVERecord?id=CVE-2021-27292" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-27292", "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-27292" }, { "category": "external", "summary": "https://gist.github.com/b-c-ds/6941d80d6b4e694df4bc269493b7be76", "url": "https://gist.github.com/b-c-ds/6941d80d6b4e694df4bc269493b7be76" }, { "category": "external", "summary": "CVE-2021-27292", "url": "https://access.redhat.com/security/cve/CVE-2021-27292" }, { "category": "external", "summary": "bz#1940613: CVE-2021-27292 nodejs-ua-parser-js: ReDoS via malicious User-Agent header", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1940613" } ], "release_date": "2021-02-11T00:00:00Z", "remediations": [ { "category": "vendor_fix", "details": "For OpenShift Container Platform 4.8 see the following documentation, which\nwill be updated shortly for this release, for important instructions on how\nto upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.8/release_notes/ocp-4-8-release-notes.html\n\nDetails on how to access this content are available at\nhttps://docs.openshift.com/container-platform/4.8/updating/updating-cluster-cli.html", "product_ids": [ "8Base-RHOSE-4.8:openshift4/ose-console:v4.8.0-202107010336.p0.git.188a490.assembly.stream" ], "url": "https://access.redhat.com/errata/RHSA-2021:2438" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "8Base-RHOSE-4.8:openshift4/ose-console:v4.8.0-202107010336.p0.git.188a490.assembly.stream" ] } ], "threats": [ { "category": "impact", "date": "2021-03-17T00:00:00Z", "details": "Moderate" } ], "title": "CVE-2021-27292 nodejs-ua-parser-js: ReDoS via malicious User-Agent header" }, { "cve": "CVE-2021-28092", "cwe": { "id": "CWE-400", "name": "Uncontrolled Resource Consumption" }, "discovery_date": "2021-03-12T00:00:00Z", "flags": [ { "label": "component_not_present", "product_ids": [ "8Base-RHOSE-4.8:openshift4/driver-toolkit-rhel8:v4.8.0-202107210116.p0.git.37de0e6.assembly.stream", "8Base-RHOSE-4.8:openshift4/egress-router-cni-rhel8:v4.8.0-202106291913.p0.git.016bea1.assembly.stream", "8Base-RHOSE-4.8:openshift4/network-tools-rhel8:v4.8.0-202106291913.p0.git.5ac3739.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-ebs-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.d1fe616.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-ebs-csi-driver-rhel8:v4.8.0-202106291913.p0.git.8c036e4.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-machine-controllers:v4.8.0-202107131617.p0.git.4c66f3d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-pod-identity-webhook-rhel8:v4.8.0-202107081650.p0.git.2b8eee2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-azure-disk-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.d3a3c29.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-azure-disk-csi-driver-rhel8:v4.8.0-202106291913.p0.git.2d461b3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-azure-machine-controllers:v4.8.0-202106291913.p0.git.8301076.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-installer-rhel8:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-machine-controllers:v4.8.0-202106291913.p0.git.a60d493.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-rhel8-operator:v4.8.0-202106291913.p0.git.015024f.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-runtimecfg-rhel8:v4.8.0-202106291913.p0.git.c8b1456.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cli-artifacts:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cli:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cloud-credential-operator:v4.8.0-202106291913.p0.git.b8932e9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-authentication-operator:v4.8.0-202106302318.p0.git.0ec8dd7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-autoscaler-operator:v4.8.0-202106291913.p0.git.fdae5ba.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-autoscaler:v4.8.0-202107152024.p0.git.7bbde4c.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-baremetal-operator-rhel8:v4.8.0-202106291913.p0.git.04a2ae2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-bootstrap:v4.8.0-202106291913.p0.git.1af395b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-config-operator:v4.8.0-202106291913.p0.git.c102241.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator:v4.8.0-202106291913.p0.git.07b3f81.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-dns-operator:v4.8.0-202107010313.p0.git.fdb2ebe.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-etcd-rhel8-operator:v4.8.0-202106291913.p0.git.300bdf3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-image-registry-operator:v4.8.0-202106291913.p0.git.f09049a.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-ingress-operator:v4.8.0-202106291913.p0.git.e9e6295.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-apiserver-operator:v4.8.0-202106291913.p0.git.d928754.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-controller-manager-operator:v4.8.0-202107141920.p0.git.9dc35db.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-scheduler-operator:v4.8.0-202106291913.p0.git.170a5a6.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator:v4.8.0-202106291913.p0.git.c4f4f8b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-machine-approver:v4.8.0-202106291913.p0.git.724abd2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-monitoring-operator:v4.8.0-202107151437.p0.git.5cfe241.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-network-operator:v4.8.0-202106291913.p0.git.a5ebd1e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-node-tuning-operator:v4.8.0-202107091725.p0.git.6be3f67.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-openshift-apiserver-operator:v4.8.0-202106291913.p0.git.683d004.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-openshift-controller-manager-operator:v4.8.0-202106291913.p0.git.286c157.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-policy-controller-rhel8:v4.8.0-202106291913.p0.git.ec46ea5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-samples-operator:v4.8.0-202107152024.p0.git.31fb491.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-storage-operator:v4.8.0-202106291913.p0.git.0775fb6.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-update-keys:v4.8.0-202106152230.p0.git.87835b7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-version-operator:v4.8.0-202106291913.p0.git.ea6e779.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-configmap-reloader:v4.8.0-202106291913.p0.git.abc5c26.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-console-operator:v4.8.0-202106291913.p0.git.b5cf3e0.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-console:v4.8.0-202107010336.p0.git.188a490.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-container-networking-plugins-rhel8:v4.8.0-202106291913.p0.git.a8801b0.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-coredns:v4.8.0-202106291913.p0.git.642b46e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-driver-manila-rhel8-operator:v4.8.0-202106291913.p0.git.7e86252.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-driver-manila-rhel8:v4.8.0-202106291913.p0.git.3579ead.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-driver-nfs-rhel8:v4.8.0-202106291913.p0.git.9404d34.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-attacher-rhel8:v4.8.0-202106291913.p0.git.596da63.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-attacher:v4.8.0-202106291913.p0.git.596da63.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-provisioner-rhel8:v4.8.0-202106291913.p0.git.3ea7e68.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-provisioner:v4.8.0-202106291913.p0.git.3ea7e68.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-resizer-rhel8:v4.8.0-202106291913.p0.git.b5dd2b3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-resizer:v4.8.0-202106291913.p0.git.b5dd2b3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-snapshotter-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-snapshotter:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-livenessprobe-rhel8:v4.8.0-202106291913.p0.git.a29b115.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-livenessprobe:v4.8.0-202106291913.p0.git.a29b115.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-node-driver-registrar-rhel8:v4.8.0-202106291913.p0.git.0519730.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-node-driver-registrar:v4.8.0-202106291913.p0.git.0519730.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-snapshot-controller-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-snapshot-controller:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-snapshot-validation-webhook-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-deployer:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-docker-builder:v4.8.0-202107152024.p0.git.70b7b95.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-docker-registry:v4.8.0-202106291913.p0.git.a87e6c5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-etcd:v4.8.0-202106152230.p0.git.aefa6bf.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-gcp-machine-controllers-rhel8:v4.8.0-202106291913.p0.git.34db56e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-gcp-pd-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.35ebe86.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-gcp-pd-csi-driver-rhel8:v4.8.0-202106291913.p0.git.0b61889.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-grafana:v4.8.0-202106291913.p0.git.b987e4b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-haproxy-router:v4.8.0-202106291913.p0.git.207d546.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-hyperkube:v4.8.0-202107161820.p0.git.051ac4f.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-insights-rhel8-operator:v4.8.0-202106291913.p0.git.2040a71.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-installer-artifacts:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-installer:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-hardware-inventory-recorder-rhel8:v4.8.0-202107191801.p0.git.61c4cc7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-inspector-rhel8:v4.8.0-202107191302.p0.git.9aafd07.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-ipa-downloader-rhel8:v4.8.0-202107152024.p0.git.ba87832.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-machine-os-downloader-rhel8:v4.8.0-202107152024.p0.git.71967e7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-rhel8:v4.8.0-202107191302.p0.git.227b76b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-static-ip-manager-rhel8:v4.8.0-202107152024.p0.git.d2e40e3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins-agent-base:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins-agent-maven:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins-agent-nodejs-12-rhel8:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-k8s-prometheus-adapter:v4.8.0-202106291913.p0.git.2856bc2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-keepalived-ipfailover:v4.8.0-202106152230.p0.git.ad38e11.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kube-proxy:v4.8.0-202106291913.p0.git.00d84a9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kube-state-metrics:v4.8.0-202106291913.p0.git.9471662.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kube-storage-version-migrator-rhel8:v4.8.0-202106291913.p0.git.901a6d2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kuryr-cni-rhel8:v4.8.0-202107191610.p0.git.8a4c2d8.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kuryr-controller-rhel8:v4.8.0-202107191610.p0.git.8a4c2d8.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-libvirt-machine-controllers:v4.8.0-202106291913.p0.git.1a48d4b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-machine-api-operator:v4.8.0-202107091016.p0.git.1155220.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-machine-config-operator:v4.8.0-202107011817.p0.git.29813c8.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-mdns-publisher-rhel8:v4.8.0-202106291913.p0.git.2c42cc4.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-admission-controller:v4.8.0-202106291913.p0.git.a7312f5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-cni:v4.8.0-202106291913.p0.git.0c97234.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-networkpolicy-rhel8:v4.8.0-202106291913.p0.git.187ad91.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-route-override-cni-rhel8:v4.8.0-202107152024.p0.git.1662c3e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-whereabouts-ipam-cni-rhel8:v4.8.0-202107152024.p0.git.9a05258.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-must-gather:v4.8.0-202106291913.p0.git.cc7e2a5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-network-metrics-daemon-rhel8:v4.8.0-202106291913.p0.git.f02c63a.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-oauth-apiserver-rhel8:v4.8.0-202106291913.p0.git.09435a5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-oauth-proxy:v4.8.0-202107152024.p0.git.3fc0d89.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-oauth-server-rhel8:v4.8.0-202106291913.p0.git.374e2ee.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openshift-apiserver-rhel8:v4.8.0-202106291913.p0.git.3949869.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openshift-controller-manager-rhel8:v4.8.0-202106291913.p0.git.2e25328.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openshift-state-metrics-rhel8:v4.8.0-202106291913.p0.git.1014291.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openstack-cinder-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.1184ace.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openstack-cinder-csi-driver-rhel8:v4.8.0-202106291913.p0.git.3579ead.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openstack-machine-controllers:v4.8.0-202106291913.p0.git.3024c78.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-operator-lifecycle-manager:v4.8.0-202107160028.p0.git.2b803dd.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-operator-marketplace:v4.8.0-202106291913.p0.git.e39ff59.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-operator-registry:v4.8.0-202107160028.p0.git.2b803dd.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ovirt-machine-controllers-rhel8:v4.8.0-202106291913.p0.git.86c1675.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ovn-kubernetes:v4.8.0-202106291913.p0.git.dbc67b5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-pod:v4.8.0-202107161820.p0.git.051ac4f.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prom-label-proxy:v4.8.0-202106291913.p0.git.2faeb40.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-alertmanager:v4.8.0-202106291913.p0.git.7b5ac87.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-config-reloader:v4.8.0-202106291913.p0.git.9d679a1.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-node-exporter:v4.8.0-202106291913.p0.git.c926449.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-operator:v4.8.0-202106291913.p0.git.9d679a1.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus:v4.8.0-202106291913.p0.git.f3beb88.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-sdn-rhel8:v4.8.0-202106291913.p0.git.00d84a9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-service-ca-operator:v4.8.0-202107131132.p0.git.bcc6df4.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-telemeter:v4.8.0-202106291913.p0.git.d6ceb8a.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-tests:v4.8.0-202107131424.p0.git.0d958c3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-tools-rhel8:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vmware-vsphere-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.edbdd69.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vmware-vsphere-csi-driver-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.edbdd69.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-csi-driver-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-csi-driver-syncer-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-problem-detector-rhel8:v4.8.0-202106291913.p0.git.bf6f4fa.assembly.stream", "8Base-RHOSE-4.8:openshift4/ovirt-csi-driver-rhel7:v4.8.0-202106291913.p0.git.b1d4ec3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ovirt-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.7b6cd3d.assembly.stream" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla", "text": "https://bugzilla.redhat.com/show_bug.cgi?id=1939103" } ], "notes": [ { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" }, { "category": "description", "text": "A flaw was found in is-svg package. A malicious string provided by an attacker may lead to Regular Expression Denial of Service (ReDoS).\r\nThe highest threat from this vulnerability is to availability.", "title": "Vulnerability description" }, { "category": "summary", "text": "nodejs-is-svg: ReDoS via malicious string", "title": "Vulnerability summary" } ], "product_status": { "fixed": [ "8Base-RHOSE-4.8:openshift4/ose-thanos-rhel8:v4.8.0-202106291913.p0.git.c358e96.assembly.stream" ], "known_not_affected": [ "8Base-RHOSE-4.8:openshift4/driver-toolkit-rhel8:v4.8.0-202107210116.p0.git.37de0e6.assembly.stream", "8Base-RHOSE-4.8:openshift4/egress-router-cni-rhel8:v4.8.0-202106291913.p0.git.016bea1.assembly.stream", "8Base-RHOSE-4.8:openshift4/network-tools-rhel8:v4.8.0-202106291913.p0.git.5ac3739.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-ebs-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.d1fe616.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-ebs-csi-driver-rhel8:v4.8.0-202106291913.p0.git.8c036e4.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-machine-controllers:v4.8.0-202107131617.p0.git.4c66f3d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-pod-identity-webhook-rhel8:v4.8.0-202107081650.p0.git.2b8eee2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-azure-disk-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.d3a3c29.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-azure-disk-csi-driver-rhel8:v4.8.0-202106291913.p0.git.2d461b3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-azure-machine-controllers:v4.8.0-202106291913.p0.git.8301076.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-installer-rhel8:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-machine-controllers:v4.8.0-202106291913.p0.git.a60d493.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-rhel8-operator:v4.8.0-202106291913.p0.git.015024f.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-runtimecfg-rhel8:v4.8.0-202106291913.p0.git.c8b1456.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cli-artifacts:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cli:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cloud-credential-operator:v4.8.0-202106291913.p0.git.b8932e9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-authentication-operator:v4.8.0-202106302318.p0.git.0ec8dd7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-autoscaler-operator:v4.8.0-202106291913.p0.git.fdae5ba.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-autoscaler:v4.8.0-202107152024.p0.git.7bbde4c.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-baremetal-operator-rhel8:v4.8.0-202106291913.p0.git.04a2ae2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-bootstrap:v4.8.0-202106291913.p0.git.1af395b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-config-operator:v4.8.0-202106291913.p0.git.c102241.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator:v4.8.0-202106291913.p0.git.07b3f81.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-dns-operator:v4.8.0-202107010313.p0.git.fdb2ebe.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-etcd-rhel8-operator:v4.8.0-202106291913.p0.git.300bdf3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-image-registry-operator:v4.8.0-202106291913.p0.git.f09049a.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-ingress-operator:v4.8.0-202106291913.p0.git.e9e6295.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-apiserver-operator:v4.8.0-202106291913.p0.git.d928754.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-controller-manager-operator:v4.8.0-202107141920.p0.git.9dc35db.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-scheduler-operator:v4.8.0-202106291913.p0.git.170a5a6.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator:v4.8.0-202106291913.p0.git.c4f4f8b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-machine-approver:v4.8.0-202106291913.p0.git.724abd2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-monitoring-operator:v4.8.0-202107151437.p0.git.5cfe241.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-network-operator:v4.8.0-202106291913.p0.git.a5ebd1e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-node-tuning-operator:v4.8.0-202107091725.p0.git.6be3f67.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-openshift-apiserver-operator:v4.8.0-202106291913.p0.git.683d004.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-openshift-controller-manager-operator:v4.8.0-202106291913.p0.git.286c157.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-policy-controller-rhel8:v4.8.0-202106291913.p0.git.ec46ea5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-samples-operator:v4.8.0-202107152024.p0.git.31fb491.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-storage-operator:v4.8.0-202106291913.p0.git.0775fb6.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-update-keys:v4.8.0-202106152230.p0.git.87835b7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-version-operator:v4.8.0-202106291913.p0.git.ea6e779.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-configmap-reloader:v4.8.0-202106291913.p0.git.abc5c26.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-console-operator:v4.8.0-202106291913.p0.git.b5cf3e0.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-console:v4.8.0-202107010336.p0.git.188a490.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-container-networking-plugins-rhel8:v4.8.0-202106291913.p0.git.a8801b0.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-coredns:v4.8.0-202106291913.p0.git.642b46e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-driver-manila-rhel8-operator:v4.8.0-202106291913.p0.git.7e86252.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-driver-manila-rhel8:v4.8.0-202106291913.p0.git.3579ead.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-driver-nfs-rhel8:v4.8.0-202106291913.p0.git.9404d34.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-attacher-rhel8:v4.8.0-202106291913.p0.git.596da63.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-attacher:v4.8.0-202106291913.p0.git.596da63.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-provisioner-rhel8:v4.8.0-202106291913.p0.git.3ea7e68.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-provisioner:v4.8.0-202106291913.p0.git.3ea7e68.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-resizer-rhel8:v4.8.0-202106291913.p0.git.b5dd2b3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-resizer:v4.8.0-202106291913.p0.git.b5dd2b3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-snapshotter-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-snapshotter:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-livenessprobe-rhel8:v4.8.0-202106291913.p0.git.a29b115.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-livenessprobe:v4.8.0-202106291913.p0.git.a29b115.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-node-driver-registrar-rhel8:v4.8.0-202106291913.p0.git.0519730.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-node-driver-registrar:v4.8.0-202106291913.p0.git.0519730.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-snapshot-controller-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-snapshot-controller:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-snapshot-validation-webhook-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-deployer:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-docker-builder:v4.8.0-202107152024.p0.git.70b7b95.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-docker-registry:v4.8.0-202106291913.p0.git.a87e6c5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-etcd:v4.8.0-202106152230.p0.git.aefa6bf.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-gcp-machine-controllers-rhel8:v4.8.0-202106291913.p0.git.34db56e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-gcp-pd-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.35ebe86.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-gcp-pd-csi-driver-rhel8:v4.8.0-202106291913.p0.git.0b61889.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-grafana:v4.8.0-202106291913.p0.git.b987e4b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-haproxy-router:v4.8.0-202106291913.p0.git.207d546.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-hyperkube:v4.8.0-202107161820.p0.git.051ac4f.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-insights-rhel8-operator:v4.8.0-202106291913.p0.git.2040a71.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-installer-artifacts:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-installer:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-hardware-inventory-recorder-rhel8:v4.8.0-202107191801.p0.git.61c4cc7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-inspector-rhel8:v4.8.0-202107191302.p0.git.9aafd07.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-ipa-downloader-rhel8:v4.8.0-202107152024.p0.git.ba87832.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-machine-os-downloader-rhel8:v4.8.0-202107152024.p0.git.71967e7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-rhel8:v4.8.0-202107191302.p0.git.227b76b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-static-ip-manager-rhel8:v4.8.0-202107152024.p0.git.d2e40e3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins-agent-base:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins-agent-maven:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins-agent-nodejs-12-rhel8:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-k8s-prometheus-adapter:v4.8.0-202106291913.p0.git.2856bc2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-keepalived-ipfailover:v4.8.0-202106152230.p0.git.ad38e11.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kube-proxy:v4.8.0-202106291913.p0.git.00d84a9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kube-state-metrics:v4.8.0-202106291913.p0.git.9471662.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kube-storage-version-migrator-rhel8:v4.8.0-202106291913.p0.git.901a6d2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kuryr-cni-rhel8:v4.8.0-202107191610.p0.git.8a4c2d8.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kuryr-controller-rhel8:v4.8.0-202107191610.p0.git.8a4c2d8.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-libvirt-machine-controllers:v4.8.0-202106291913.p0.git.1a48d4b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-machine-api-operator:v4.8.0-202107091016.p0.git.1155220.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-machine-config-operator:v4.8.0-202107011817.p0.git.29813c8.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-mdns-publisher-rhel8:v4.8.0-202106291913.p0.git.2c42cc4.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-admission-controller:v4.8.0-202106291913.p0.git.a7312f5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-cni:v4.8.0-202106291913.p0.git.0c97234.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-networkpolicy-rhel8:v4.8.0-202106291913.p0.git.187ad91.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-route-override-cni-rhel8:v4.8.0-202107152024.p0.git.1662c3e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-whereabouts-ipam-cni-rhel8:v4.8.0-202107152024.p0.git.9a05258.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-must-gather:v4.8.0-202106291913.p0.git.cc7e2a5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-network-metrics-daemon-rhel8:v4.8.0-202106291913.p0.git.f02c63a.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-oauth-apiserver-rhel8:v4.8.0-202106291913.p0.git.09435a5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-oauth-proxy:v4.8.0-202107152024.p0.git.3fc0d89.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-oauth-server-rhel8:v4.8.0-202106291913.p0.git.374e2ee.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openshift-apiserver-rhel8:v4.8.0-202106291913.p0.git.3949869.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openshift-controller-manager-rhel8:v4.8.0-202106291913.p0.git.2e25328.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openshift-state-metrics-rhel8:v4.8.0-202106291913.p0.git.1014291.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openstack-cinder-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.1184ace.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openstack-cinder-csi-driver-rhel8:v4.8.0-202106291913.p0.git.3579ead.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openstack-machine-controllers:v4.8.0-202106291913.p0.git.3024c78.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-operator-lifecycle-manager:v4.8.0-202107160028.p0.git.2b803dd.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-operator-marketplace:v4.8.0-202106291913.p0.git.e39ff59.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-operator-registry:v4.8.0-202107160028.p0.git.2b803dd.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ovirt-machine-controllers-rhel8:v4.8.0-202106291913.p0.git.86c1675.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ovn-kubernetes:v4.8.0-202106291913.p0.git.dbc67b5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-pod:v4.8.0-202107161820.p0.git.051ac4f.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prom-label-proxy:v4.8.0-202106291913.p0.git.2faeb40.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-alertmanager:v4.8.0-202106291913.p0.git.7b5ac87.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-config-reloader:v4.8.0-202106291913.p0.git.9d679a1.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-node-exporter:v4.8.0-202106291913.p0.git.c926449.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-operator:v4.8.0-202106291913.p0.git.9d679a1.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus:v4.8.0-202106291913.p0.git.f3beb88.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-sdn-rhel8:v4.8.0-202106291913.p0.git.00d84a9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-service-ca-operator:v4.8.0-202107131132.p0.git.bcc6df4.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-telemeter:v4.8.0-202106291913.p0.git.d6ceb8a.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-tests:v4.8.0-202107131424.p0.git.0d958c3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-tools-rhel8:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vmware-vsphere-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.edbdd69.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vmware-vsphere-csi-driver-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.edbdd69.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-csi-driver-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-csi-driver-syncer-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-problem-detector-rhel8:v4.8.0-202106291913.p0.git.bf6f4fa.assembly.stream", "8Base-RHOSE-4.8:openshift4/ovirt-csi-driver-rhel7:v4.8.0-202106291913.p0.git.b1d4ec3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ovirt-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.7b6cd3d.assembly.stream" ] }, "references": [ { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2021-28092", "url": "https://www.cve.org/CVERecord?id=CVE-2021-28092" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-28092", "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-28092" }, { "category": "external", "summary": "CVE-2021-28092", "url": "https://access.redhat.com/security/cve/CVE-2021-28092" }, { "category": "external", "summary": "bz#1939103: CVE-2021-28092 nodejs-is-svg: ReDoS via malicious string", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1939103" } ], "release_date": "2021-03-11T00:00:00Z", "remediations": [ { "category": "vendor_fix", "details": "For OpenShift Container Platform 4.8 see the following documentation, which\nwill be updated shortly for this release, for important instructions on how\nto upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.8/release_notes/ocp-4-8-release-notes.html\n\nDetails on how to access this content are available at\nhttps://docs.openshift.com/container-platform/4.8/updating/updating-cluster-cli.html", "product_ids": [ "8Base-RHOSE-4.8:openshift4/ose-thanos-rhel8:v4.8.0-202106291913.p0.git.c358e96.assembly.stream" ], "url": "https://access.redhat.com/errata/RHSA-2021:2438" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "8Base-RHOSE-4.8:openshift4/ose-thanos-rhel8:v4.8.0-202106291913.p0.git.c358e96.assembly.stream" ] } ], "threats": [ { "category": "impact", "date": "2021-03-12T00:00:00Z", "details": "Moderate" } ], "title": "CVE-2021-28092 nodejs-is-svg: ReDoS via malicious string" }, { "cve": "CVE-2021-29059", "cwe": { "id": "CWE-400", "name": "Uncontrolled Resource Consumption" }, "discovery_date": "2021-06-22T00:00:00Z", "flags": [ { "label": "component_not_present", "product_ids": [ "8Base-RHOSE-4.8:openshift4/driver-toolkit-rhel8:v4.8.0-202107210116.p0.git.37de0e6.assembly.stream", "8Base-RHOSE-4.8:openshift4/egress-router-cni-rhel8:v4.8.0-202106291913.p0.git.016bea1.assembly.stream", "8Base-RHOSE-4.8:openshift4/network-tools-rhel8:v4.8.0-202106291913.p0.git.5ac3739.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-ebs-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.d1fe616.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-ebs-csi-driver-rhel8:v4.8.0-202106291913.p0.git.8c036e4.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-machine-controllers:v4.8.0-202107131617.p0.git.4c66f3d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-pod-identity-webhook-rhel8:v4.8.0-202107081650.p0.git.2b8eee2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-azure-disk-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.d3a3c29.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-azure-disk-csi-driver-rhel8:v4.8.0-202106291913.p0.git.2d461b3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-azure-machine-controllers:v4.8.0-202106291913.p0.git.8301076.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-installer-rhel8:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-machine-controllers:v4.8.0-202106291913.p0.git.a60d493.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-rhel8-operator:v4.8.0-202106291913.p0.git.015024f.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-runtimecfg-rhel8:v4.8.0-202106291913.p0.git.c8b1456.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cli-artifacts:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cli:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cloud-credential-operator:v4.8.0-202106291913.p0.git.b8932e9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-authentication-operator:v4.8.0-202106302318.p0.git.0ec8dd7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-autoscaler-operator:v4.8.0-202106291913.p0.git.fdae5ba.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-autoscaler:v4.8.0-202107152024.p0.git.7bbde4c.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-baremetal-operator-rhel8:v4.8.0-202106291913.p0.git.04a2ae2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-bootstrap:v4.8.0-202106291913.p0.git.1af395b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-config-operator:v4.8.0-202106291913.p0.git.c102241.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator:v4.8.0-202106291913.p0.git.07b3f81.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-dns-operator:v4.8.0-202107010313.p0.git.fdb2ebe.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-etcd-rhel8-operator:v4.8.0-202106291913.p0.git.300bdf3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-image-registry-operator:v4.8.0-202106291913.p0.git.f09049a.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-ingress-operator:v4.8.0-202106291913.p0.git.e9e6295.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-apiserver-operator:v4.8.0-202106291913.p0.git.d928754.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-controller-manager-operator:v4.8.0-202107141920.p0.git.9dc35db.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-scheduler-operator:v4.8.0-202106291913.p0.git.170a5a6.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator:v4.8.0-202106291913.p0.git.c4f4f8b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-machine-approver:v4.8.0-202106291913.p0.git.724abd2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-monitoring-operator:v4.8.0-202107151437.p0.git.5cfe241.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-network-operator:v4.8.0-202106291913.p0.git.a5ebd1e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-node-tuning-operator:v4.8.0-202107091725.p0.git.6be3f67.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-openshift-apiserver-operator:v4.8.0-202106291913.p0.git.683d004.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-openshift-controller-manager-operator:v4.8.0-202106291913.p0.git.286c157.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-policy-controller-rhel8:v4.8.0-202106291913.p0.git.ec46ea5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-samples-operator:v4.8.0-202107152024.p0.git.31fb491.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-storage-operator:v4.8.0-202106291913.p0.git.0775fb6.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-update-keys:v4.8.0-202106152230.p0.git.87835b7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-version-operator:v4.8.0-202106291913.p0.git.ea6e779.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-configmap-reloader:v4.8.0-202106291913.p0.git.abc5c26.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-console-operator:v4.8.0-202106291913.p0.git.b5cf3e0.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-console:v4.8.0-202107010336.p0.git.188a490.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-container-networking-plugins-rhel8:v4.8.0-202106291913.p0.git.a8801b0.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-coredns:v4.8.0-202106291913.p0.git.642b46e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-driver-manila-rhel8-operator:v4.8.0-202106291913.p0.git.7e86252.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-driver-manila-rhel8:v4.8.0-202106291913.p0.git.3579ead.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-driver-nfs-rhel8:v4.8.0-202106291913.p0.git.9404d34.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-attacher-rhel8:v4.8.0-202106291913.p0.git.596da63.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-attacher:v4.8.0-202106291913.p0.git.596da63.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-provisioner-rhel8:v4.8.0-202106291913.p0.git.3ea7e68.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-provisioner:v4.8.0-202106291913.p0.git.3ea7e68.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-resizer-rhel8:v4.8.0-202106291913.p0.git.b5dd2b3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-resizer:v4.8.0-202106291913.p0.git.b5dd2b3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-snapshotter-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-snapshotter:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-livenessprobe-rhel8:v4.8.0-202106291913.p0.git.a29b115.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-livenessprobe:v4.8.0-202106291913.p0.git.a29b115.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-node-driver-registrar-rhel8:v4.8.0-202106291913.p0.git.0519730.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-node-driver-registrar:v4.8.0-202106291913.p0.git.0519730.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-snapshot-controller-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-snapshot-controller:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-snapshot-validation-webhook-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-deployer:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-docker-builder:v4.8.0-202107152024.p0.git.70b7b95.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-docker-registry:v4.8.0-202106291913.p0.git.a87e6c5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-etcd:v4.8.0-202106152230.p0.git.aefa6bf.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-gcp-machine-controllers-rhel8:v4.8.0-202106291913.p0.git.34db56e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-gcp-pd-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.35ebe86.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-gcp-pd-csi-driver-rhel8:v4.8.0-202106291913.p0.git.0b61889.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-grafana:v4.8.0-202106291913.p0.git.b987e4b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-haproxy-router:v4.8.0-202106291913.p0.git.207d546.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-hyperkube:v4.8.0-202107161820.p0.git.051ac4f.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-insights-rhel8-operator:v4.8.0-202106291913.p0.git.2040a71.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-installer-artifacts:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-installer:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-hardware-inventory-recorder-rhel8:v4.8.0-202107191801.p0.git.61c4cc7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-inspector-rhel8:v4.8.0-202107191302.p0.git.9aafd07.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-ipa-downloader-rhel8:v4.8.0-202107152024.p0.git.ba87832.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-machine-os-downloader-rhel8:v4.8.0-202107152024.p0.git.71967e7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-rhel8:v4.8.0-202107191302.p0.git.227b76b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-static-ip-manager-rhel8:v4.8.0-202107152024.p0.git.d2e40e3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins-agent-base:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins-agent-maven:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins-agent-nodejs-12-rhel8:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-k8s-prometheus-adapter:v4.8.0-202106291913.p0.git.2856bc2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-keepalived-ipfailover:v4.8.0-202106152230.p0.git.ad38e11.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kube-proxy:v4.8.0-202106291913.p0.git.00d84a9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kube-state-metrics:v4.8.0-202106291913.p0.git.9471662.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kube-storage-version-migrator-rhel8:v4.8.0-202106291913.p0.git.901a6d2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kuryr-cni-rhel8:v4.8.0-202107191610.p0.git.8a4c2d8.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kuryr-controller-rhel8:v4.8.0-202107191610.p0.git.8a4c2d8.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-libvirt-machine-controllers:v4.8.0-202106291913.p0.git.1a48d4b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-machine-api-operator:v4.8.0-202107091016.p0.git.1155220.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-machine-config-operator:v4.8.0-202107011817.p0.git.29813c8.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-mdns-publisher-rhel8:v4.8.0-202106291913.p0.git.2c42cc4.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-admission-controller:v4.8.0-202106291913.p0.git.a7312f5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-cni:v4.8.0-202106291913.p0.git.0c97234.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-networkpolicy-rhel8:v4.8.0-202106291913.p0.git.187ad91.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-route-override-cni-rhel8:v4.8.0-202107152024.p0.git.1662c3e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-whereabouts-ipam-cni-rhel8:v4.8.0-202107152024.p0.git.9a05258.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-must-gather:v4.8.0-202106291913.p0.git.cc7e2a5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-network-metrics-daemon-rhel8:v4.8.0-202106291913.p0.git.f02c63a.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-oauth-apiserver-rhel8:v4.8.0-202106291913.p0.git.09435a5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-oauth-proxy:v4.8.0-202107152024.p0.git.3fc0d89.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-oauth-server-rhel8:v4.8.0-202106291913.p0.git.374e2ee.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openshift-apiserver-rhel8:v4.8.0-202106291913.p0.git.3949869.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openshift-controller-manager-rhel8:v4.8.0-202106291913.p0.git.2e25328.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openshift-state-metrics-rhel8:v4.8.0-202106291913.p0.git.1014291.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openstack-cinder-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.1184ace.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openstack-cinder-csi-driver-rhel8:v4.8.0-202106291913.p0.git.3579ead.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openstack-machine-controllers:v4.8.0-202106291913.p0.git.3024c78.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-operator-lifecycle-manager:v4.8.0-202107160028.p0.git.2b803dd.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-operator-marketplace:v4.8.0-202106291913.p0.git.e39ff59.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-operator-registry:v4.8.0-202107160028.p0.git.2b803dd.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ovirt-machine-controllers-rhel8:v4.8.0-202106291913.p0.git.86c1675.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ovn-kubernetes:v4.8.0-202106291913.p0.git.dbc67b5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-pod:v4.8.0-202107161820.p0.git.051ac4f.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prom-label-proxy:v4.8.0-202106291913.p0.git.2faeb40.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-alertmanager:v4.8.0-202106291913.p0.git.7b5ac87.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-config-reloader:v4.8.0-202106291913.p0.git.9d679a1.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-node-exporter:v4.8.0-202106291913.p0.git.c926449.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-operator:v4.8.0-202106291913.p0.git.9d679a1.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus:v4.8.0-202106291913.p0.git.f3beb88.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-sdn-rhel8:v4.8.0-202106291913.p0.git.00d84a9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-service-ca-operator:v4.8.0-202107131132.p0.git.bcc6df4.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-telemeter:v4.8.0-202106291913.p0.git.d6ceb8a.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-tests:v4.8.0-202107131424.p0.git.0d958c3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-tools-rhel8:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vmware-vsphere-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.edbdd69.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vmware-vsphere-csi-driver-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.edbdd69.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-csi-driver-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-csi-driver-syncer-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-problem-detector-rhel8:v4.8.0-202106291913.p0.git.bf6f4fa.assembly.stream", "8Base-RHOSE-4.8:openshift4/ovirt-csi-driver-rhel7:v4.8.0-202106291913.p0.git.b1d4ec3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ovirt-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.7b6cd3d.assembly.stream" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla", "text": "https://bugzilla.redhat.com/show_bug.cgi?id=1974839" } ], "notes": [ { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" }, { "category": "description", "text": "A flaw was found in IS-SVG where a Regular Expression Denial of Service (ReDOS) occurs if the application is provided and checks a crafted invalid SVG string. The highest threat from this vulnerability is to system availability.", "title": "Vulnerability description" }, { "category": "summary", "text": "nodejs-is-svg: Regular expression denial of service if the application is provided and checks a crafted invalid SVG string", "title": "Vulnerability summary" } ], "product_status": { "fixed": [ "8Base-RHOSE-4.8:openshift4/ose-thanos-rhel8:v4.8.0-202106291913.p0.git.c358e96.assembly.stream" ], "known_not_affected": [ "8Base-RHOSE-4.8:openshift4/driver-toolkit-rhel8:v4.8.0-202107210116.p0.git.37de0e6.assembly.stream", "8Base-RHOSE-4.8:openshift4/egress-router-cni-rhel8:v4.8.0-202106291913.p0.git.016bea1.assembly.stream", "8Base-RHOSE-4.8:openshift4/network-tools-rhel8:v4.8.0-202106291913.p0.git.5ac3739.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-ebs-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.d1fe616.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-ebs-csi-driver-rhel8:v4.8.0-202106291913.p0.git.8c036e4.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-machine-controllers:v4.8.0-202107131617.p0.git.4c66f3d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-pod-identity-webhook-rhel8:v4.8.0-202107081650.p0.git.2b8eee2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-azure-disk-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.d3a3c29.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-azure-disk-csi-driver-rhel8:v4.8.0-202106291913.p0.git.2d461b3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-azure-machine-controllers:v4.8.0-202106291913.p0.git.8301076.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-installer-rhel8:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-machine-controllers:v4.8.0-202106291913.p0.git.a60d493.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-rhel8-operator:v4.8.0-202106291913.p0.git.015024f.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-runtimecfg-rhel8:v4.8.0-202106291913.p0.git.c8b1456.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cli-artifacts:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cli:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cloud-credential-operator:v4.8.0-202106291913.p0.git.b8932e9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-authentication-operator:v4.8.0-202106302318.p0.git.0ec8dd7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-autoscaler-operator:v4.8.0-202106291913.p0.git.fdae5ba.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-autoscaler:v4.8.0-202107152024.p0.git.7bbde4c.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-baremetal-operator-rhel8:v4.8.0-202106291913.p0.git.04a2ae2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-bootstrap:v4.8.0-202106291913.p0.git.1af395b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-config-operator:v4.8.0-202106291913.p0.git.c102241.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator:v4.8.0-202106291913.p0.git.07b3f81.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-dns-operator:v4.8.0-202107010313.p0.git.fdb2ebe.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-etcd-rhel8-operator:v4.8.0-202106291913.p0.git.300bdf3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-image-registry-operator:v4.8.0-202106291913.p0.git.f09049a.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-ingress-operator:v4.8.0-202106291913.p0.git.e9e6295.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-apiserver-operator:v4.8.0-202106291913.p0.git.d928754.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-controller-manager-operator:v4.8.0-202107141920.p0.git.9dc35db.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-scheduler-operator:v4.8.0-202106291913.p0.git.170a5a6.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator:v4.8.0-202106291913.p0.git.c4f4f8b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-machine-approver:v4.8.0-202106291913.p0.git.724abd2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-monitoring-operator:v4.8.0-202107151437.p0.git.5cfe241.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-network-operator:v4.8.0-202106291913.p0.git.a5ebd1e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-node-tuning-operator:v4.8.0-202107091725.p0.git.6be3f67.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-openshift-apiserver-operator:v4.8.0-202106291913.p0.git.683d004.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-openshift-controller-manager-operator:v4.8.0-202106291913.p0.git.286c157.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-policy-controller-rhel8:v4.8.0-202106291913.p0.git.ec46ea5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-samples-operator:v4.8.0-202107152024.p0.git.31fb491.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-storage-operator:v4.8.0-202106291913.p0.git.0775fb6.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-update-keys:v4.8.0-202106152230.p0.git.87835b7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-version-operator:v4.8.0-202106291913.p0.git.ea6e779.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-configmap-reloader:v4.8.0-202106291913.p0.git.abc5c26.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-console-operator:v4.8.0-202106291913.p0.git.b5cf3e0.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-console:v4.8.0-202107010336.p0.git.188a490.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-container-networking-plugins-rhel8:v4.8.0-202106291913.p0.git.a8801b0.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-coredns:v4.8.0-202106291913.p0.git.642b46e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-driver-manila-rhel8-operator:v4.8.0-202106291913.p0.git.7e86252.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-driver-manila-rhel8:v4.8.0-202106291913.p0.git.3579ead.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-driver-nfs-rhel8:v4.8.0-202106291913.p0.git.9404d34.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-attacher-rhel8:v4.8.0-202106291913.p0.git.596da63.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-attacher:v4.8.0-202106291913.p0.git.596da63.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-provisioner-rhel8:v4.8.0-202106291913.p0.git.3ea7e68.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-provisioner:v4.8.0-202106291913.p0.git.3ea7e68.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-resizer-rhel8:v4.8.0-202106291913.p0.git.b5dd2b3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-resizer:v4.8.0-202106291913.p0.git.b5dd2b3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-snapshotter-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-snapshotter:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-livenessprobe-rhel8:v4.8.0-202106291913.p0.git.a29b115.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-livenessprobe:v4.8.0-202106291913.p0.git.a29b115.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-node-driver-registrar-rhel8:v4.8.0-202106291913.p0.git.0519730.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-node-driver-registrar:v4.8.0-202106291913.p0.git.0519730.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-snapshot-controller-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-snapshot-controller:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-snapshot-validation-webhook-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-deployer:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-docker-builder:v4.8.0-202107152024.p0.git.70b7b95.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-docker-registry:v4.8.0-202106291913.p0.git.a87e6c5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-etcd:v4.8.0-202106152230.p0.git.aefa6bf.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-gcp-machine-controllers-rhel8:v4.8.0-202106291913.p0.git.34db56e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-gcp-pd-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.35ebe86.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-gcp-pd-csi-driver-rhel8:v4.8.0-202106291913.p0.git.0b61889.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-grafana:v4.8.0-202106291913.p0.git.b987e4b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-haproxy-router:v4.8.0-202106291913.p0.git.207d546.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-hyperkube:v4.8.0-202107161820.p0.git.051ac4f.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-insights-rhel8-operator:v4.8.0-202106291913.p0.git.2040a71.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-installer-artifacts:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-installer:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-hardware-inventory-recorder-rhel8:v4.8.0-202107191801.p0.git.61c4cc7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-inspector-rhel8:v4.8.0-202107191302.p0.git.9aafd07.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-ipa-downloader-rhel8:v4.8.0-202107152024.p0.git.ba87832.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-machine-os-downloader-rhel8:v4.8.0-202107152024.p0.git.71967e7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-rhel8:v4.8.0-202107191302.p0.git.227b76b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-static-ip-manager-rhel8:v4.8.0-202107152024.p0.git.d2e40e3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins-agent-base:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins-agent-maven:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins-agent-nodejs-12-rhel8:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-k8s-prometheus-adapter:v4.8.0-202106291913.p0.git.2856bc2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-keepalived-ipfailover:v4.8.0-202106152230.p0.git.ad38e11.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kube-proxy:v4.8.0-202106291913.p0.git.00d84a9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kube-state-metrics:v4.8.0-202106291913.p0.git.9471662.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kube-storage-version-migrator-rhel8:v4.8.0-202106291913.p0.git.901a6d2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kuryr-cni-rhel8:v4.8.0-202107191610.p0.git.8a4c2d8.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kuryr-controller-rhel8:v4.8.0-202107191610.p0.git.8a4c2d8.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-libvirt-machine-controllers:v4.8.0-202106291913.p0.git.1a48d4b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-machine-api-operator:v4.8.0-202107091016.p0.git.1155220.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-machine-config-operator:v4.8.0-202107011817.p0.git.29813c8.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-mdns-publisher-rhel8:v4.8.0-202106291913.p0.git.2c42cc4.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-admission-controller:v4.8.0-202106291913.p0.git.a7312f5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-cni:v4.8.0-202106291913.p0.git.0c97234.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-networkpolicy-rhel8:v4.8.0-202106291913.p0.git.187ad91.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-route-override-cni-rhel8:v4.8.0-202107152024.p0.git.1662c3e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-whereabouts-ipam-cni-rhel8:v4.8.0-202107152024.p0.git.9a05258.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-must-gather:v4.8.0-202106291913.p0.git.cc7e2a5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-network-metrics-daemon-rhel8:v4.8.0-202106291913.p0.git.f02c63a.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-oauth-apiserver-rhel8:v4.8.0-202106291913.p0.git.09435a5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-oauth-proxy:v4.8.0-202107152024.p0.git.3fc0d89.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-oauth-server-rhel8:v4.8.0-202106291913.p0.git.374e2ee.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openshift-apiserver-rhel8:v4.8.0-202106291913.p0.git.3949869.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openshift-controller-manager-rhel8:v4.8.0-202106291913.p0.git.2e25328.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openshift-state-metrics-rhel8:v4.8.0-202106291913.p0.git.1014291.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openstack-cinder-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.1184ace.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openstack-cinder-csi-driver-rhel8:v4.8.0-202106291913.p0.git.3579ead.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openstack-machine-controllers:v4.8.0-202106291913.p0.git.3024c78.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-operator-lifecycle-manager:v4.8.0-202107160028.p0.git.2b803dd.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-operator-marketplace:v4.8.0-202106291913.p0.git.e39ff59.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-operator-registry:v4.8.0-202107160028.p0.git.2b803dd.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ovirt-machine-controllers-rhel8:v4.8.0-202106291913.p0.git.86c1675.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ovn-kubernetes:v4.8.0-202106291913.p0.git.dbc67b5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-pod:v4.8.0-202107161820.p0.git.051ac4f.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prom-label-proxy:v4.8.0-202106291913.p0.git.2faeb40.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-alertmanager:v4.8.0-202106291913.p0.git.7b5ac87.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-config-reloader:v4.8.0-202106291913.p0.git.9d679a1.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-node-exporter:v4.8.0-202106291913.p0.git.c926449.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-operator:v4.8.0-202106291913.p0.git.9d679a1.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus:v4.8.0-202106291913.p0.git.f3beb88.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-sdn-rhel8:v4.8.0-202106291913.p0.git.00d84a9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-service-ca-operator:v4.8.0-202107131132.p0.git.bcc6df4.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-telemeter:v4.8.0-202106291913.p0.git.d6ceb8a.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-tests:v4.8.0-202107131424.p0.git.0d958c3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-tools-rhel8:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vmware-vsphere-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.edbdd69.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vmware-vsphere-csi-driver-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.edbdd69.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-csi-driver-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-csi-driver-syncer-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-problem-detector-rhel8:v4.8.0-202106291913.p0.git.bf6f4fa.assembly.stream", "8Base-RHOSE-4.8:openshift4/ovirt-csi-driver-rhel7:v4.8.0-202106291913.p0.git.b1d4ec3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ovirt-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.7b6cd3d.assembly.stream" ] }, "references": [ { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2021-29059", "url": "https://www.cve.org/CVERecord?id=CVE-2021-29059" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-29059", "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-29059" }, { "category": "external", "summary": "CVE-2021-29059", "url": "https://access.redhat.com/security/cve/CVE-2021-29059" }, { "category": "external", "summary": "bz#1974839: CVE-2021-29059 nodejs-is-svg: Regular expression denial of service if the application is provided and checks a crafted invalid SVG string", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1974839" } ], "release_date": "2021-06-21T00:00:00Z", "remediations": [ { "category": "vendor_fix", "details": "For OpenShift Container Platform 4.8 see the following documentation, which\nwill be updated shortly for this release, for important instructions on how\nto upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.8/release_notes/ocp-4-8-release-notes.html\n\nDetails on how to access this content are available at\nhttps://docs.openshift.com/container-platform/4.8/updating/updating-cluster-cli.html", "product_ids": [ "8Base-RHOSE-4.8:openshift4/ose-thanos-rhel8:v4.8.0-202106291913.p0.git.c358e96.assembly.stream" ], "url": "https://access.redhat.com/errata/RHSA-2021:2438" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "8Base-RHOSE-4.8:openshift4/ose-thanos-rhel8:v4.8.0-202106291913.p0.git.c358e96.assembly.stream" ] } ], "threats": [ { "category": "impact", "date": "2021-06-22T00:00:00Z", "details": "Moderate" } ], "title": "CVE-2021-29059 nodejs-is-svg: Regular expression denial of service if the application is provided and checks a crafted invalid SVG string" }, { "cve": "CVE-2021-29622", "cwe": { "id": "CWE-601", "name": "URL Redirection to Untrusted Site (\u0027Open Redirect\u0027)" }, "discovery_date": "2021-05-19T00:00:00Z", "flags": [ { "label": "component_not_present", "product_ids": [ "8Base-RHOSE-4.8:openshift4/driver-toolkit-rhel8:v4.8.0-202107210116.p0.git.37de0e6.assembly.stream", "8Base-RHOSE-4.8:openshift4/egress-router-cni-rhel8:v4.8.0-202106291913.p0.git.016bea1.assembly.stream", "8Base-RHOSE-4.8:openshift4/network-tools-rhel8:v4.8.0-202106291913.p0.git.5ac3739.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-ebs-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.d1fe616.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-ebs-csi-driver-rhel8:v4.8.0-202106291913.p0.git.8c036e4.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-machine-controllers:v4.8.0-202107131617.p0.git.4c66f3d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-pod-identity-webhook-rhel8:v4.8.0-202107081650.p0.git.2b8eee2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-azure-disk-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.d3a3c29.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-azure-disk-csi-driver-rhel8:v4.8.0-202106291913.p0.git.2d461b3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-azure-machine-controllers:v4.8.0-202106291913.p0.git.8301076.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-installer-rhel8:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-machine-controllers:v4.8.0-202106291913.p0.git.a60d493.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-rhel8-operator:v4.8.0-202106291913.p0.git.015024f.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-runtimecfg-rhel8:v4.8.0-202106291913.p0.git.c8b1456.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cli-artifacts:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cli:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cloud-credential-operator:v4.8.0-202106291913.p0.git.b8932e9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-authentication-operator:v4.8.0-202106302318.p0.git.0ec8dd7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-autoscaler-operator:v4.8.0-202106291913.p0.git.fdae5ba.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-autoscaler:v4.8.0-202107152024.p0.git.7bbde4c.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-baremetal-operator-rhel8:v4.8.0-202106291913.p0.git.04a2ae2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-bootstrap:v4.8.0-202106291913.p0.git.1af395b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-config-operator:v4.8.0-202106291913.p0.git.c102241.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator:v4.8.0-202106291913.p0.git.07b3f81.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-dns-operator:v4.8.0-202107010313.p0.git.fdb2ebe.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-etcd-rhel8-operator:v4.8.0-202106291913.p0.git.300bdf3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-image-registry-operator:v4.8.0-202106291913.p0.git.f09049a.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-ingress-operator:v4.8.0-202106291913.p0.git.e9e6295.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-apiserver-operator:v4.8.0-202106291913.p0.git.d928754.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-controller-manager-operator:v4.8.0-202107141920.p0.git.9dc35db.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-scheduler-operator:v4.8.0-202106291913.p0.git.170a5a6.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator:v4.8.0-202106291913.p0.git.c4f4f8b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-machine-approver:v4.8.0-202106291913.p0.git.724abd2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-monitoring-operator:v4.8.0-202107151437.p0.git.5cfe241.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-network-operator:v4.8.0-202106291913.p0.git.a5ebd1e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-node-tuning-operator:v4.8.0-202107091725.p0.git.6be3f67.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-openshift-apiserver-operator:v4.8.0-202106291913.p0.git.683d004.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-openshift-controller-manager-operator:v4.8.0-202106291913.p0.git.286c157.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-policy-controller-rhel8:v4.8.0-202106291913.p0.git.ec46ea5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-samples-operator:v4.8.0-202107152024.p0.git.31fb491.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-storage-operator:v4.8.0-202106291913.p0.git.0775fb6.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-update-keys:v4.8.0-202106152230.p0.git.87835b7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-version-operator:v4.8.0-202106291913.p0.git.ea6e779.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-configmap-reloader:v4.8.0-202106291913.p0.git.abc5c26.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-console-operator:v4.8.0-202106291913.p0.git.b5cf3e0.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-console:v4.8.0-202107010336.p0.git.188a490.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-container-networking-plugins-rhel8:v4.8.0-202106291913.p0.git.a8801b0.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-coredns:v4.8.0-202106291913.p0.git.642b46e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-driver-manila-rhel8-operator:v4.8.0-202106291913.p0.git.7e86252.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-driver-manila-rhel8:v4.8.0-202106291913.p0.git.3579ead.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-driver-nfs-rhel8:v4.8.0-202106291913.p0.git.9404d34.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-attacher-rhel8:v4.8.0-202106291913.p0.git.596da63.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-attacher:v4.8.0-202106291913.p0.git.596da63.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-provisioner-rhel8:v4.8.0-202106291913.p0.git.3ea7e68.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-provisioner:v4.8.0-202106291913.p0.git.3ea7e68.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-resizer-rhel8:v4.8.0-202106291913.p0.git.b5dd2b3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-resizer:v4.8.0-202106291913.p0.git.b5dd2b3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-snapshotter-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-snapshotter:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-livenessprobe-rhel8:v4.8.0-202106291913.p0.git.a29b115.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-livenessprobe:v4.8.0-202106291913.p0.git.a29b115.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-node-driver-registrar-rhel8:v4.8.0-202106291913.p0.git.0519730.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-node-driver-registrar:v4.8.0-202106291913.p0.git.0519730.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-snapshot-controller-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-snapshot-controller:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-snapshot-validation-webhook-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-deployer:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-docker-builder:v4.8.0-202107152024.p0.git.70b7b95.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-docker-registry:v4.8.0-202106291913.p0.git.a87e6c5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-etcd:v4.8.0-202106152230.p0.git.aefa6bf.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-gcp-machine-controllers-rhel8:v4.8.0-202106291913.p0.git.34db56e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-gcp-pd-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.35ebe86.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-gcp-pd-csi-driver-rhel8:v4.8.0-202106291913.p0.git.0b61889.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-grafana:v4.8.0-202106291913.p0.git.b987e4b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-haproxy-router:v4.8.0-202106291913.p0.git.207d546.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-hyperkube:v4.8.0-202107161820.p0.git.051ac4f.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-insights-rhel8-operator:v4.8.0-202106291913.p0.git.2040a71.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-installer-artifacts:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-installer:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-hardware-inventory-recorder-rhel8:v4.8.0-202107191801.p0.git.61c4cc7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-inspector-rhel8:v4.8.0-202107191302.p0.git.9aafd07.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-ipa-downloader-rhel8:v4.8.0-202107152024.p0.git.ba87832.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-machine-os-downloader-rhel8:v4.8.0-202107152024.p0.git.71967e7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-rhel8:v4.8.0-202107191302.p0.git.227b76b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-static-ip-manager-rhel8:v4.8.0-202107152024.p0.git.d2e40e3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins-agent-base:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins-agent-maven:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins-agent-nodejs-12-rhel8:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-k8s-prometheus-adapter:v4.8.0-202106291913.p0.git.2856bc2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-keepalived-ipfailover:v4.8.0-202106152230.p0.git.ad38e11.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kube-proxy:v4.8.0-202106291913.p0.git.00d84a9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kube-state-metrics:v4.8.0-202106291913.p0.git.9471662.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kube-storage-version-migrator-rhel8:v4.8.0-202106291913.p0.git.901a6d2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kuryr-cni-rhel8:v4.8.0-202107191610.p0.git.8a4c2d8.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kuryr-controller-rhel8:v4.8.0-202107191610.p0.git.8a4c2d8.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-libvirt-machine-controllers:v4.8.0-202106291913.p0.git.1a48d4b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-machine-api-operator:v4.8.0-202107091016.p0.git.1155220.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-machine-config-operator:v4.8.0-202107011817.p0.git.29813c8.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-mdns-publisher-rhel8:v4.8.0-202106291913.p0.git.2c42cc4.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-admission-controller:v4.8.0-202106291913.p0.git.a7312f5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-cni:v4.8.0-202106291913.p0.git.0c97234.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-networkpolicy-rhel8:v4.8.0-202106291913.p0.git.187ad91.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-route-override-cni-rhel8:v4.8.0-202107152024.p0.git.1662c3e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-whereabouts-ipam-cni-rhel8:v4.8.0-202107152024.p0.git.9a05258.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-must-gather:v4.8.0-202106291913.p0.git.cc7e2a5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-network-metrics-daemon-rhel8:v4.8.0-202106291913.p0.git.f02c63a.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-oauth-apiserver-rhel8:v4.8.0-202106291913.p0.git.09435a5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-oauth-proxy:v4.8.0-202107152024.p0.git.3fc0d89.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-oauth-server-rhel8:v4.8.0-202106291913.p0.git.374e2ee.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openshift-apiserver-rhel8:v4.8.0-202106291913.p0.git.3949869.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openshift-controller-manager-rhel8:v4.8.0-202106291913.p0.git.2e25328.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openshift-state-metrics-rhel8:v4.8.0-202106291913.p0.git.1014291.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openstack-cinder-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.1184ace.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openstack-cinder-csi-driver-rhel8:v4.8.0-202106291913.p0.git.3579ead.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openstack-machine-controllers:v4.8.0-202106291913.p0.git.3024c78.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-operator-lifecycle-manager:v4.8.0-202107160028.p0.git.2b803dd.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-operator-marketplace:v4.8.0-202106291913.p0.git.e39ff59.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-operator-registry:v4.8.0-202107160028.p0.git.2b803dd.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ovirt-machine-controllers-rhel8:v4.8.0-202106291913.p0.git.86c1675.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ovn-kubernetes:v4.8.0-202106291913.p0.git.dbc67b5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-pod:v4.8.0-202107161820.p0.git.051ac4f.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prom-label-proxy:v4.8.0-202106291913.p0.git.2faeb40.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-alertmanager:v4.8.0-202106291913.p0.git.7b5ac87.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-config-reloader:v4.8.0-202106291913.p0.git.9d679a1.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-node-exporter:v4.8.0-202106291913.p0.git.c926449.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-operator:v4.8.0-202106291913.p0.git.9d679a1.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-sdn-rhel8:v4.8.0-202106291913.p0.git.00d84a9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-service-ca-operator:v4.8.0-202107131132.p0.git.bcc6df4.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-telemeter:v4.8.0-202106291913.p0.git.d6ceb8a.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-tests:v4.8.0-202107131424.p0.git.0d958c3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-thanos-rhel8:v4.8.0-202106291913.p0.git.c358e96.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-tools-rhel8:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vmware-vsphere-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.edbdd69.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vmware-vsphere-csi-driver-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.edbdd69.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-csi-driver-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-csi-driver-syncer-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-problem-detector-rhel8:v4.8.0-202106291913.p0.git.bf6f4fa.assembly.stream", "8Base-RHOSE-4.8:openshift4/ovirt-csi-driver-rhel7:v4.8.0-202106291913.p0.git.b1d4ec3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ovirt-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.7b6cd3d.assembly.stream" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla", "text": "https://bugzilla.redhat.com/show_bug.cgi?id=1962718" } ], "notes": [ { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" }, { "category": "description", "text": "An open redirect vulnerability was found in Prometheus. By specially crafted URL and a /new endpoint, an attacker can redirect user to any other URL.", "title": "Vulnerability description" }, { "category": "summary", "text": "prometheus: open redirect under the /new endpoint", "title": "Vulnerability summary" } ], "product_status": { "fixed": [ "8Base-RHOSE-4.8:openshift4/ose-prometheus:v4.8.0-202106291913.p0.git.f3beb88.assembly.stream" ], "known_not_affected": [ "8Base-RHOSE-4.8:openshift4/driver-toolkit-rhel8:v4.8.0-202107210116.p0.git.37de0e6.assembly.stream", "8Base-RHOSE-4.8:openshift4/egress-router-cni-rhel8:v4.8.0-202106291913.p0.git.016bea1.assembly.stream", "8Base-RHOSE-4.8:openshift4/network-tools-rhel8:v4.8.0-202106291913.p0.git.5ac3739.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-ebs-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.d1fe616.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-ebs-csi-driver-rhel8:v4.8.0-202106291913.p0.git.8c036e4.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-machine-controllers:v4.8.0-202107131617.p0.git.4c66f3d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-pod-identity-webhook-rhel8:v4.8.0-202107081650.p0.git.2b8eee2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-azure-disk-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.d3a3c29.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-azure-disk-csi-driver-rhel8:v4.8.0-202106291913.p0.git.2d461b3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-azure-machine-controllers:v4.8.0-202106291913.p0.git.8301076.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-installer-rhel8:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-machine-controllers:v4.8.0-202106291913.p0.git.a60d493.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-rhel8-operator:v4.8.0-202106291913.p0.git.015024f.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-runtimecfg-rhel8:v4.8.0-202106291913.p0.git.c8b1456.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cli-artifacts:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cli:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cloud-credential-operator:v4.8.0-202106291913.p0.git.b8932e9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-authentication-operator:v4.8.0-202106302318.p0.git.0ec8dd7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-autoscaler-operator:v4.8.0-202106291913.p0.git.fdae5ba.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-autoscaler:v4.8.0-202107152024.p0.git.7bbde4c.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-baremetal-operator-rhel8:v4.8.0-202106291913.p0.git.04a2ae2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-bootstrap:v4.8.0-202106291913.p0.git.1af395b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-config-operator:v4.8.0-202106291913.p0.git.c102241.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator:v4.8.0-202106291913.p0.git.07b3f81.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-dns-operator:v4.8.0-202107010313.p0.git.fdb2ebe.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-etcd-rhel8-operator:v4.8.0-202106291913.p0.git.300bdf3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-image-registry-operator:v4.8.0-202106291913.p0.git.f09049a.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-ingress-operator:v4.8.0-202106291913.p0.git.e9e6295.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-apiserver-operator:v4.8.0-202106291913.p0.git.d928754.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-controller-manager-operator:v4.8.0-202107141920.p0.git.9dc35db.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-scheduler-operator:v4.8.0-202106291913.p0.git.170a5a6.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator:v4.8.0-202106291913.p0.git.c4f4f8b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-machine-approver:v4.8.0-202106291913.p0.git.724abd2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-monitoring-operator:v4.8.0-202107151437.p0.git.5cfe241.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-network-operator:v4.8.0-202106291913.p0.git.a5ebd1e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-node-tuning-operator:v4.8.0-202107091725.p0.git.6be3f67.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-openshift-apiserver-operator:v4.8.0-202106291913.p0.git.683d004.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-openshift-controller-manager-operator:v4.8.0-202106291913.p0.git.286c157.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-policy-controller-rhel8:v4.8.0-202106291913.p0.git.ec46ea5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-samples-operator:v4.8.0-202107152024.p0.git.31fb491.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-storage-operator:v4.8.0-202106291913.p0.git.0775fb6.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-update-keys:v4.8.0-202106152230.p0.git.87835b7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-version-operator:v4.8.0-202106291913.p0.git.ea6e779.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-configmap-reloader:v4.8.0-202106291913.p0.git.abc5c26.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-console-operator:v4.8.0-202106291913.p0.git.b5cf3e0.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-console:v4.8.0-202107010336.p0.git.188a490.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-container-networking-plugins-rhel8:v4.8.0-202106291913.p0.git.a8801b0.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-coredns:v4.8.0-202106291913.p0.git.642b46e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-driver-manila-rhel8-operator:v4.8.0-202106291913.p0.git.7e86252.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-driver-manila-rhel8:v4.8.0-202106291913.p0.git.3579ead.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-driver-nfs-rhel8:v4.8.0-202106291913.p0.git.9404d34.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-attacher-rhel8:v4.8.0-202106291913.p0.git.596da63.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-attacher:v4.8.0-202106291913.p0.git.596da63.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-provisioner-rhel8:v4.8.0-202106291913.p0.git.3ea7e68.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-provisioner:v4.8.0-202106291913.p0.git.3ea7e68.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-resizer-rhel8:v4.8.0-202106291913.p0.git.b5dd2b3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-resizer:v4.8.0-202106291913.p0.git.b5dd2b3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-snapshotter-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-snapshotter:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-livenessprobe-rhel8:v4.8.0-202106291913.p0.git.a29b115.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-livenessprobe:v4.8.0-202106291913.p0.git.a29b115.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-node-driver-registrar-rhel8:v4.8.0-202106291913.p0.git.0519730.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-node-driver-registrar:v4.8.0-202106291913.p0.git.0519730.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-snapshot-controller-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-snapshot-controller:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-snapshot-validation-webhook-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-deployer:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-docker-builder:v4.8.0-202107152024.p0.git.70b7b95.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-docker-registry:v4.8.0-202106291913.p0.git.a87e6c5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-etcd:v4.8.0-202106152230.p0.git.aefa6bf.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-gcp-machine-controllers-rhel8:v4.8.0-202106291913.p0.git.34db56e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-gcp-pd-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.35ebe86.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-gcp-pd-csi-driver-rhel8:v4.8.0-202106291913.p0.git.0b61889.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-grafana:v4.8.0-202106291913.p0.git.b987e4b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-haproxy-router:v4.8.0-202106291913.p0.git.207d546.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-hyperkube:v4.8.0-202107161820.p0.git.051ac4f.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-insights-rhel8-operator:v4.8.0-202106291913.p0.git.2040a71.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-installer-artifacts:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-installer:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-hardware-inventory-recorder-rhel8:v4.8.0-202107191801.p0.git.61c4cc7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-inspector-rhel8:v4.8.0-202107191302.p0.git.9aafd07.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-ipa-downloader-rhel8:v4.8.0-202107152024.p0.git.ba87832.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-machine-os-downloader-rhel8:v4.8.0-202107152024.p0.git.71967e7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-rhel8:v4.8.0-202107191302.p0.git.227b76b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-static-ip-manager-rhel8:v4.8.0-202107152024.p0.git.d2e40e3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins-agent-base:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins-agent-maven:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins-agent-nodejs-12-rhel8:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-k8s-prometheus-adapter:v4.8.0-202106291913.p0.git.2856bc2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-keepalived-ipfailover:v4.8.0-202106152230.p0.git.ad38e11.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kube-proxy:v4.8.0-202106291913.p0.git.00d84a9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kube-state-metrics:v4.8.0-202106291913.p0.git.9471662.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kube-storage-version-migrator-rhel8:v4.8.0-202106291913.p0.git.901a6d2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kuryr-cni-rhel8:v4.8.0-202107191610.p0.git.8a4c2d8.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kuryr-controller-rhel8:v4.8.0-202107191610.p0.git.8a4c2d8.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-libvirt-machine-controllers:v4.8.0-202106291913.p0.git.1a48d4b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-machine-api-operator:v4.8.0-202107091016.p0.git.1155220.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-machine-config-operator:v4.8.0-202107011817.p0.git.29813c8.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-mdns-publisher-rhel8:v4.8.0-202106291913.p0.git.2c42cc4.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-admission-controller:v4.8.0-202106291913.p0.git.a7312f5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-cni:v4.8.0-202106291913.p0.git.0c97234.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-networkpolicy-rhel8:v4.8.0-202106291913.p0.git.187ad91.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-route-override-cni-rhel8:v4.8.0-202107152024.p0.git.1662c3e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-whereabouts-ipam-cni-rhel8:v4.8.0-202107152024.p0.git.9a05258.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-must-gather:v4.8.0-202106291913.p0.git.cc7e2a5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-network-metrics-daemon-rhel8:v4.8.0-202106291913.p0.git.f02c63a.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-oauth-apiserver-rhel8:v4.8.0-202106291913.p0.git.09435a5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-oauth-proxy:v4.8.0-202107152024.p0.git.3fc0d89.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-oauth-server-rhel8:v4.8.0-202106291913.p0.git.374e2ee.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openshift-apiserver-rhel8:v4.8.0-202106291913.p0.git.3949869.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openshift-controller-manager-rhel8:v4.8.0-202106291913.p0.git.2e25328.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openshift-state-metrics-rhel8:v4.8.0-202106291913.p0.git.1014291.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openstack-cinder-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.1184ace.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openstack-cinder-csi-driver-rhel8:v4.8.0-202106291913.p0.git.3579ead.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openstack-machine-controllers:v4.8.0-202106291913.p0.git.3024c78.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-operator-lifecycle-manager:v4.8.0-202107160028.p0.git.2b803dd.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-operator-marketplace:v4.8.0-202106291913.p0.git.e39ff59.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-operator-registry:v4.8.0-202107160028.p0.git.2b803dd.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ovirt-machine-controllers-rhel8:v4.8.0-202106291913.p0.git.86c1675.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ovn-kubernetes:v4.8.0-202106291913.p0.git.dbc67b5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-pod:v4.8.0-202107161820.p0.git.051ac4f.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prom-label-proxy:v4.8.0-202106291913.p0.git.2faeb40.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-alertmanager:v4.8.0-202106291913.p0.git.7b5ac87.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-config-reloader:v4.8.0-202106291913.p0.git.9d679a1.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-node-exporter:v4.8.0-202106291913.p0.git.c926449.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-operator:v4.8.0-202106291913.p0.git.9d679a1.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-sdn-rhel8:v4.8.0-202106291913.p0.git.00d84a9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-service-ca-operator:v4.8.0-202107131132.p0.git.bcc6df4.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-telemeter:v4.8.0-202106291913.p0.git.d6ceb8a.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-tests:v4.8.0-202107131424.p0.git.0d958c3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-thanos-rhel8:v4.8.0-202106291913.p0.git.c358e96.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-tools-rhel8:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vmware-vsphere-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.edbdd69.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vmware-vsphere-csi-driver-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.edbdd69.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-csi-driver-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-csi-driver-syncer-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-problem-detector-rhel8:v4.8.0-202106291913.p0.git.bf6f4fa.assembly.stream", "8Base-RHOSE-4.8:openshift4/ovirt-csi-driver-rhel7:v4.8.0-202106291913.p0.git.b1d4ec3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ovirt-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.7b6cd3d.assembly.stream" ] }, "references": [ { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2021-29622", "url": "https://www.cve.org/CVERecord?id=CVE-2021-29622" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-29622", "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-29622" }, { "category": "external", "summary": "CVE-2021-29622", "url": "https://access.redhat.com/security/cve/CVE-2021-29622" }, { "category": "external", "summary": "bz#1962718: CVE-2021-29622 prometheus: open redirect under the /new endpoint", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1962718" } ], "release_date": "2021-05-18T00:00:00Z", "remediations": [ { "category": "vendor_fix", "details": "For OpenShift Container Platform 4.8 see the following documentation, which\nwill be updated shortly for this release, for important instructions on how\nto upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.8/release_notes/ocp-4-8-release-notes.html\n\nDetails on how to access this content are available at\nhttps://docs.openshift.com/container-platform/4.8/updating/updating-cluster-cli.html", "product_ids": [ "8Base-RHOSE-4.8:openshift4/ose-prometheus:v4.8.0-202106291913.p0.git.f3beb88.assembly.stream" ], "url": "https://access.redhat.com/errata/RHSA-2021:2438" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.1" }, "products": [ "8Base-RHOSE-4.8:openshift4/ose-prometheus:v4.8.0-202106291913.p0.git.f3beb88.assembly.stream" ] } ], "threats": [ { "category": "impact", "date": "2021-05-19T00:00:00Z", "details": "Moderate" } ], "title": "CVE-2021-29622 prometheus: open redirect under the /new endpoint" }, { "cve": "CVE-2021-33194", "cwe": { "id": "CWE-835", "name": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)" }, "discovery_date": "2021-05-20T00:00:00Z", "flags": [ { "label": "component_not_present", "product_ids": [ "8Base-RHOSE-4.8:openshift4/driver-toolkit-rhel8:v4.8.0-202107210116.p0.git.37de0e6.assembly.stream", "8Base-RHOSE-4.8:openshift4/egress-router-cni-rhel8:v4.8.0-202106291913.p0.git.016bea1.assembly.stream", "8Base-RHOSE-4.8:openshift4/network-tools-rhel8:v4.8.0-202106291913.p0.git.5ac3739.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-ebs-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.d1fe616.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-ebs-csi-driver-rhel8:v4.8.0-202106291913.p0.git.8c036e4.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-machine-controllers:v4.8.0-202107131617.p0.git.4c66f3d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-pod-identity-webhook-rhel8:v4.8.0-202107081650.p0.git.2b8eee2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-azure-disk-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.d3a3c29.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-azure-disk-csi-driver-rhel8:v4.8.0-202106291913.p0.git.2d461b3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-azure-machine-controllers:v4.8.0-202106291913.p0.git.8301076.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-installer-rhel8:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-machine-controllers:v4.8.0-202106291913.p0.git.a60d493.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-rhel8-operator:v4.8.0-202106291913.p0.git.015024f.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-runtimecfg-rhel8:v4.8.0-202106291913.p0.git.c8b1456.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cli-artifacts:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cli:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cloud-credential-operator:v4.8.0-202106291913.p0.git.b8932e9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-authentication-operator:v4.8.0-202106302318.p0.git.0ec8dd7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-autoscaler-operator:v4.8.0-202106291913.p0.git.fdae5ba.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-autoscaler:v4.8.0-202107152024.p0.git.7bbde4c.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-baremetal-operator-rhel8:v4.8.0-202106291913.p0.git.04a2ae2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-bootstrap:v4.8.0-202106291913.p0.git.1af395b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-config-operator:v4.8.0-202106291913.p0.git.c102241.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator:v4.8.0-202106291913.p0.git.07b3f81.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-dns-operator:v4.8.0-202107010313.p0.git.fdb2ebe.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-etcd-rhel8-operator:v4.8.0-202106291913.p0.git.300bdf3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-image-registry-operator:v4.8.0-202106291913.p0.git.f09049a.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-ingress-operator:v4.8.0-202106291913.p0.git.e9e6295.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-apiserver-operator:v4.8.0-202106291913.p0.git.d928754.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-controller-manager-operator:v4.8.0-202107141920.p0.git.9dc35db.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-scheduler-operator:v4.8.0-202106291913.p0.git.170a5a6.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator:v4.8.0-202106291913.p0.git.c4f4f8b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-machine-approver:v4.8.0-202106291913.p0.git.724abd2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-monitoring-operator:v4.8.0-202107151437.p0.git.5cfe241.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-network-operator:v4.8.0-202106291913.p0.git.a5ebd1e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-openshift-apiserver-operator:v4.8.0-202106291913.p0.git.683d004.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-openshift-controller-manager-operator:v4.8.0-202106291913.p0.git.286c157.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-policy-controller-rhel8:v4.8.0-202106291913.p0.git.ec46ea5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-samples-operator:v4.8.0-202107152024.p0.git.31fb491.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-storage-operator:v4.8.0-202106291913.p0.git.0775fb6.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-update-keys:v4.8.0-202106152230.p0.git.87835b7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-version-operator:v4.8.0-202106291913.p0.git.ea6e779.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-configmap-reloader:v4.8.0-202106291913.p0.git.abc5c26.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-console-operator:v4.8.0-202106291913.p0.git.b5cf3e0.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-console:v4.8.0-202107010336.p0.git.188a490.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-container-networking-plugins-rhel8:v4.8.0-202106291913.p0.git.a8801b0.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-coredns:v4.8.0-202106291913.p0.git.642b46e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-driver-manila-rhel8-operator:v4.8.0-202106291913.p0.git.7e86252.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-driver-manila-rhel8:v4.8.0-202106291913.p0.git.3579ead.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-driver-nfs-rhel8:v4.8.0-202106291913.p0.git.9404d34.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-attacher-rhel8:v4.8.0-202106291913.p0.git.596da63.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-attacher:v4.8.0-202106291913.p0.git.596da63.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-provisioner-rhel8:v4.8.0-202106291913.p0.git.3ea7e68.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-provisioner:v4.8.0-202106291913.p0.git.3ea7e68.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-resizer-rhel8:v4.8.0-202106291913.p0.git.b5dd2b3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-resizer:v4.8.0-202106291913.p0.git.b5dd2b3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-snapshotter-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-snapshotter:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-livenessprobe-rhel8:v4.8.0-202106291913.p0.git.a29b115.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-livenessprobe:v4.8.0-202106291913.p0.git.a29b115.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-node-driver-registrar-rhel8:v4.8.0-202106291913.p0.git.0519730.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-node-driver-registrar:v4.8.0-202106291913.p0.git.0519730.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-snapshot-controller-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-snapshot-controller:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-snapshot-validation-webhook-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-deployer:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-docker-builder:v4.8.0-202107152024.p0.git.70b7b95.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-docker-registry:v4.8.0-202106291913.p0.git.a87e6c5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-etcd:v4.8.0-202106152230.p0.git.aefa6bf.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-gcp-machine-controllers-rhel8:v4.8.0-202106291913.p0.git.34db56e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-gcp-pd-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.35ebe86.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-gcp-pd-csi-driver-rhel8:v4.8.0-202106291913.p0.git.0b61889.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-grafana:v4.8.0-202106291913.p0.git.b987e4b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-haproxy-router:v4.8.0-202106291913.p0.git.207d546.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-hyperkube:v4.8.0-202107161820.p0.git.051ac4f.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-insights-rhel8-operator:v4.8.0-202106291913.p0.git.2040a71.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-installer-artifacts:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-installer:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-hardware-inventory-recorder-rhel8:v4.8.0-202107191801.p0.git.61c4cc7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-inspector-rhel8:v4.8.0-202107191302.p0.git.9aafd07.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-ipa-downloader-rhel8:v4.8.0-202107152024.p0.git.ba87832.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-machine-os-downloader-rhel8:v4.8.0-202107152024.p0.git.71967e7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-rhel8:v4.8.0-202107191302.p0.git.227b76b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-static-ip-manager-rhel8:v4.8.0-202107152024.p0.git.d2e40e3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins-agent-base:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins-agent-maven:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins-agent-nodejs-12-rhel8:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-k8s-prometheus-adapter:v4.8.0-202106291913.p0.git.2856bc2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-keepalived-ipfailover:v4.8.0-202106152230.p0.git.ad38e11.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kube-proxy:v4.8.0-202106291913.p0.git.00d84a9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kube-state-metrics:v4.8.0-202106291913.p0.git.9471662.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kube-storage-version-migrator-rhel8:v4.8.0-202106291913.p0.git.901a6d2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kuryr-cni-rhel8:v4.8.0-202107191610.p0.git.8a4c2d8.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kuryr-controller-rhel8:v4.8.0-202107191610.p0.git.8a4c2d8.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-libvirt-machine-controllers:v4.8.0-202106291913.p0.git.1a48d4b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-machine-api-operator:v4.8.0-202107091016.p0.git.1155220.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-machine-config-operator:v4.8.0-202107011817.p0.git.29813c8.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-mdns-publisher-rhel8:v4.8.0-202106291913.p0.git.2c42cc4.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-admission-controller:v4.8.0-202106291913.p0.git.a7312f5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-cni:v4.8.0-202106291913.p0.git.0c97234.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-networkpolicy-rhel8:v4.8.0-202106291913.p0.git.187ad91.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-route-override-cni-rhel8:v4.8.0-202107152024.p0.git.1662c3e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-whereabouts-ipam-cni-rhel8:v4.8.0-202107152024.p0.git.9a05258.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-must-gather:v4.8.0-202106291913.p0.git.cc7e2a5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-network-metrics-daemon-rhel8:v4.8.0-202106291913.p0.git.f02c63a.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-oauth-apiserver-rhel8:v4.8.0-202106291913.p0.git.09435a5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-oauth-proxy:v4.8.0-202107152024.p0.git.3fc0d89.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-oauth-server-rhel8:v4.8.0-202106291913.p0.git.374e2ee.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openshift-apiserver-rhel8:v4.8.0-202106291913.p0.git.3949869.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openshift-controller-manager-rhel8:v4.8.0-202106291913.p0.git.2e25328.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openshift-state-metrics-rhel8:v4.8.0-202106291913.p0.git.1014291.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openstack-cinder-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.1184ace.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openstack-cinder-csi-driver-rhel8:v4.8.0-202106291913.p0.git.3579ead.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openstack-machine-controllers:v4.8.0-202106291913.p0.git.3024c78.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-operator-lifecycle-manager:v4.8.0-202107160028.p0.git.2b803dd.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-operator-marketplace:v4.8.0-202106291913.p0.git.e39ff59.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-operator-registry:v4.8.0-202107160028.p0.git.2b803dd.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ovirt-machine-controllers-rhel8:v4.8.0-202106291913.p0.git.86c1675.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ovn-kubernetes:v4.8.0-202106291913.p0.git.dbc67b5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-pod:v4.8.0-202107161820.p0.git.051ac4f.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prom-label-proxy:v4.8.0-202106291913.p0.git.2faeb40.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-alertmanager:v4.8.0-202106291913.p0.git.7b5ac87.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-config-reloader:v4.8.0-202106291913.p0.git.9d679a1.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-node-exporter:v4.8.0-202106291913.p0.git.c926449.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-operator:v4.8.0-202106291913.p0.git.9d679a1.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus:v4.8.0-202106291913.p0.git.f3beb88.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-sdn-rhel8:v4.8.0-202106291913.p0.git.00d84a9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-service-ca-operator:v4.8.0-202107131132.p0.git.bcc6df4.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-telemeter:v4.8.0-202106291913.p0.git.d6ceb8a.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-tests:v4.8.0-202107131424.p0.git.0d958c3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-thanos-rhel8:v4.8.0-202106291913.p0.git.c358e96.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-tools-rhel8:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vmware-vsphere-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.edbdd69.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vmware-vsphere-csi-driver-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.edbdd69.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-csi-driver-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-csi-driver-syncer-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-problem-detector-rhel8:v4.8.0-202106291913.p0.git.bf6f4fa.assembly.stream", "8Base-RHOSE-4.8:openshift4/ovirt-csi-driver-rhel7:v4.8.0-202106291913.p0.git.b1d4ec3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ovirt-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.7b6cd3d.assembly.stream" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla", "text": "https://bugzilla.redhat.com/show_bug.cgi?id=1963232" } ], "notes": [ { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" }, { "category": "description", "text": "A flaw was found in golang. An attacker can craft an input to ParseFragment within parse.go that would cause it to enter an infinite loop and never return. The greatest threat to the system is of availability.", "title": "Vulnerability description" }, { "category": "summary", "text": "golang: x/net/html: infinite loop in ParseFragment", "title": "Vulnerability summary" } ], "product_status": { "fixed": [ "8Base-RHOSE-4.8:openshift4/ose-cluster-node-tuning-operator:v4.8.0-202107091725.p0.git.6be3f67.assembly.stream" ], "known_not_affected": [ "8Base-RHOSE-4.8:openshift4/driver-toolkit-rhel8:v4.8.0-202107210116.p0.git.37de0e6.assembly.stream", "8Base-RHOSE-4.8:openshift4/egress-router-cni-rhel8:v4.8.0-202106291913.p0.git.016bea1.assembly.stream", "8Base-RHOSE-4.8:openshift4/network-tools-rhel8:v4.8.0-202106291913.p0.git.5ac3739.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-ebs-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.d1fe616.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-ebs-csi-driver-rhel8:v4.8.0-202106291913.p0.git.8c036e4.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-machine-controllers:v4.8.0-202107131617.p0.git.4c66f3d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-pod-identity-webhook-rhel8:v4.8.0-202107081650.p0.git.2b8eee2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-azure-disk-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.d3a3c29.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-azure-disk-csi-driver-rhel8:v4.8.0-202106291913.p0.git.2d461b3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-azure-machine-controllers:v4.8.0-202106291913.p0.git.8301076.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-installer-rhel8:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-machine-controllers:v4.8.0-202106291913.p0.git.a60d493.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-rhel8-operator:v4.8.0-202106291913.p0.git.015024f.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-runtimecfg-rhel8:v4.8.0-202106291913.p0.git.c8b1456.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cli-artifacts:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cli:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cloud-credential-operator:v4.8.0-202106291913.p0.git.b8932e9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-authentication-operator:v4.8.0-202106302318.p0.git.0ec8dd7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-autoscaler-operator:v4.8.0-202106291913.p0.git.fdae5ba.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-autoscaler:v4.8.0-202107152024.p0.git.7bbde4c.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-baremetal-operator-rhel8:v4.8.0-202106291913.p0.git.04a2ae2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-bootstrap:v4.8.0-202106291913.p0.git.1af395b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-config-operator:v4.8.0-202106291913.p0.git.c102241.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator:v4.8.0-202106291913.p0.git.07b3f81.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-dns-operator:v4.8.0-202107010313.p0.git.fdb2ebe.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-etcd-rhel8-operator:v4.8.0-202106291913.p0.git.300bdf3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-image-registry-operator:v4.8.0-202106291913.p0.git.f09049a.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-ingress-operator:v4.8.0-202106291913.p0.git.e9e6295.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-apiserver-operator:v4.8.0-202106291913.p0.git.d928754.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-controller-manager-operator:v4.8.0-202107141920.p0.git.9dc35db.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-scheduler-operator:v4.8.0-202106291913.p0.git.170a5a6.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator:v4.8.0-202106291913.p0.git.c4f4f8b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-machine-approver:v4.8.0-202106291913.p0.git.724abd2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-monitoring-operator:v4.8.0-202107151437.p0.git.5cfe241.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-network-operator:v4.8.0-202106291913.p0.git.a5ebd1e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-openshift-apiserver-operator:v4.8.0-202106291913.p0.git.683d004.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-openshift-controller-manager-operator:v4.8.0-202106291913.p0.git.286c157.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-policy-controller-rhel8:v4.8.0-202106291913.p0.git.ec46ea5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-samples-operator:v4.8.0-202107152024.p0.git.31fb491.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-storage-operator:v4.8.0-202106291913.p0.git.0775fb6.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-update-keys:v4.8.0-202106152230.p0.git.87835b7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-version-operator:v4.8.0-202106291913.p0.git.ea6e779.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-configmap-reloader:v4.8.0-202106291913.p0.git.abc5c26.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-console-operator:v4.8.0-202106291913.p0.git.b5cf3e0.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-console:v4.8.0-202107010336.p0.git.188a490.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-container-networking-plugins-rhel8:v4.8.0-202106291913.p0.git.a8801b0.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-coredns:v4.8.0-202106291913.p0.git.642b46e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-driver-manila-rhel8-operator:v4.8.0-202106291913.p0.git.7e86252.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-driver-manila-rhel8:v4.8.0-202106291913.p0.git.3579ead.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-driver-nfs-rhel8:v4.8.0-202106291913.p0.git.9404d34.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-attacher-rhel8:v4.8.0-202106291913.p0.git.596da63.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-attacher:v4.8.0-202106291913.p0.git.596da63.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-provisioner-rhel8:v4.8.0-202106291913.p0.git.3ea7e68.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-provisioner:v4.8.0-202106291913.p0.git.3ea7e68.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-resizer-rhel8:v4.8.0-202106291913.p0.git.b5dd2b3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-resizer:v4.8.0-202106291913.p0.git.b5dd2b3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-snapshotter-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-snapshotter:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-livenessprobe-rhel8:v4.8.0-202106291913.p0.git.a29b115.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-livenessprobe:v4.8.0-202106291913.p0.git.a29b115.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-node-driver-registrar-rhel8:v4.8.0-202106291913.p0.git.0519730.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-node-driver-registrar:v4.8.0-202106291913.p0.git.0519730.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-snapshot-controller-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-snapshot-controller:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-snapshot-validation-webhook-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-deployer:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-docker-builder:v4.8.0-202107152024.p0.git.70b7b95.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-docker-registry:v4.8.0-202106291913.p0.git.a87e6c5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-etcd:v4.8.0-202106152230.p0.git.aefa6bf.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-gcp-machine-controllers-rhel8:v4.8.0-202106291913.p0.git.34db56e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-gcp-pd-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.35ebe86.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-gcp-pd-csi-driver-rhel8:v4.8.0-202106291913.p0.git.0b61889.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-grafana:v4.8.0-202106291913.p0.git.b987e4b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-haproxy-router:v4.8.0-202106291913.p0.git.207d546.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-hyperkube:v4.8.0-202107161820.p0.git.051ac4f.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-insights-rhel8-operator:v4.8.0-202106291913.p0.git.2040a71.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-installer-artifacts:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-installer:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-hardware-inventory-recorder-rhel8:v4.8.0-202107191801.p0.git.61c4cc7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-inspector-rhel8:v4.8.0-202107191302.p0.git.9aafd07.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-ipa-downloader-rhel8:v4.8.0-202107152024.p0.git.ba87832.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-machine-os-downloader-rhel8:v4.8.0-202107152024.p0.git.71967e7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-rhel8:v4.8.0-202107191302.p0.git.227b76b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-static-ip-manager-rhel8:v4.8.0-202107152024.p0.git.d2e40e3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins-agent-base:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins-agent-maven:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins-agent-nodejs-12-rhel8:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-k8s-prometheus-adapter:v4.8.0-202106291913.p0.git.2856bc2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-keepalived-ipfailover:v4.8.0-202106152230.p0.git.ad38e11.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kube-proxy:v4.8.0-202106291913.p0.git.00d84a9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kube-state-metrics:v4.8.0-202106291913.p0.git.9471662.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kube-storage-version-migrator-rhel8:v4.8.0-202106291913.p0.git.901a6d2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kuryr-cni-rhel8:v4.8.0-202107191610.p0.git.8a4c2d8.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kuryr-controller-rhel8:v4.8.0-202107191610.p0.git.8a4c2d8.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-libvirt-machine-controllers:v4.8.0-202106291913.p0.git.1a48d4b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-machine-api-operator:v4.8.0-202107091016.p0.git.1155220.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-machine-config-operator:v4.8.0-202107011817.p0.git.29813c8.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-mdns-publisher-rhel8:v4.8.0-202106291913.p0.git.2c42cc4.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-admission-controller:v4.8.0-202106291913.p0.git.a7312f5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-cni:v4.8.0-202106291913.p0.git.0c97234.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-networkpolicy-rhel8:v4.8.0-202106291913.p0.git.187ad91.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-route-override-cni-rhel8:v4.8.0-202107152024.p0.git.1662c3e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-whereabouts-ipam-cni-rhel8:v4.8.0-202107152024.p0.git.9a05258.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-must-gather:v4.8.0-202106291913.p0.git.cc7e2a5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-network-metrics-daemon-rhel8:v4.8.0-202106291913.p0.git.f02c63a.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-oauth-apiserver-rhel8:v4.8.0-202106291913.p0.git.09435a5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-oauth-proxy:v4.8.0-202107152024.p0.git.3fc0d89.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-oauth-server-rhel8:v4.8.0-202106291913.p0.git.374e2ee.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openshift-apiserver-rhel8:v4.8.0-202106291913.p0.git.3949869.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openshift-controller-manager-rhel8:v4.8.0-202106291913.p0.git.2e25328.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openshift-state-metrics-rhel8:v4.8.0-202106291913.p0.git.1014291.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openstack-cinder-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.1184ace.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openstack-cinder-csi-driver-rhel8:v4.8.0-202106291913.p0.git.3579ead.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openstack-machine-controllers:v4.8.0-202106291913.p0.git.3024c78.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-operator-lifecycle-manager:v4.8.0-202107160028.p0.git.2b803dd.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-operator-marketplace:v4.8.0-202106291913.p0.git.e39ff59.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-operator-registry:v4.8.0-202107160028.p0.git.2b803dd.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ovirt-machine-controllers-rhel8:v4.8.0-202106291913.p0.git.86c1675.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ovn-kubernetes:v4.8.0-202106291913.p0.git.dbc67b5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-pod:v4.8.0-202107161820.p0.git.051ac4f.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prom-label-proxy:v4.8.0-202106291913.p0.git.2faeb40.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-alertmanager:v4.8.0-202106291913.p0.git.7b5ac87.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-config-reloader:v4.8.0-202106291913.p0.git.9d679a1.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-node-exporter:v4.8.0-202106291913.p0.git.c926449.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-operator:v4.8.0-202106291913.p0.git.9d679a1.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus:v4.8.0-202106291913.p0.git.f3beb88.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-sdn-rhel8:v4.8.0-202106291913.p0.git.00d84a9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-service-ca-operator:v4.8.0-202107131132.p0.git.bcc6df4.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-telemeter:v4.8.0-202106291913.p0.git.d6ceb8a.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-tests:v4.8.0-202107131424.p0.git.0d958c3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-thanos-rhel8:v4.8.0-202106291913.p0.git.c358e96.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-tools-rhel8:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vmware-vsphere-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.edbdd69.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vmware-vsphere-csi-driver-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.edbdd69.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-csi-driver-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-csi-driver-syncer-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-problem-detector-rhel8:v4.8.0-202106291913.p0.git.bf6f4fa.assembly.stream", "8Base-RHOSE-4.8:openshift4/ovirt-csi-driver-rhel7:v4.8.0-202106291913.p0.git.b1d4ec3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ovirt-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.7b6cd3d.assembly.stream" ] }, "references": [ { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2021-33194", "url": "https://www.cve.org/CVERecord?id=CVE-2021-33194" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-33194", "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-33194" }, { "category": "external", "summary": "https://groups.google.com/g/golang-dev/c/28x0nthP-c8/m/KqWVTjsnBAAJ", "url": "https://groups.google.com/g/golang-dev/c/28x0nthP-c8/m/KqWVTjsnBAAJ" }, { "category": "external", "summary": "CVE-2021-33194", "url": "https://access.redhat.com/security/cve/CVE-2021-33194" }, { "category": "external", "summary": "bz#1963232: CVE-2021-33194 golang: x/net/html: infinite loop in ParseFragment", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1963232" } ], "release_date": "2021-05-20T00:00:00Z", "remediations": [ { "category": "vendor_fix", "details": "For OpenShift Container Platform 4.8 see the following documentation, which\nwill be updated shortly for this release, for important instructions on how\nto upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.8/release_notes/ocp-4-8-release-notes.html\n\nDetails on how to access this content are available at\nhttps://docs.openshift.com/container-platform/4.8/updating/updating-cluster-cli.html", "product_ids": [ "8Base-RHOSE-4.8:openshift4/ose-cluster-node-tuning-operator:v4.8.0-202107091725.p0.git.6be3f67.assembly.stream" ], "url": "https://access.redhat.com/errata/RHSA-2021:2438" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "8Base-RHOSE-4.8:openshift4/ose-cluster-node-tuning-operator:v4.8.0-202107091725.p0.git.6be3f67.assembly.stream" ] } ], "threats": [ { "category": "impact", "date": "2021-05-20T00:00:00Z", "details": "Moderate" } ], "title": "CVE-2021-33194 golang: x/net/html: infinite loop in ParseFragment" } ] }
rhsa-2019_2859
Vulnerability from csaf_redhat
Notes
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Moderate" }, "category": "csaf_vex", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "An update for golang-github-openshift-oauth-proxy-container is now available for Red Hat OpenShift Container Platform 4.1.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", "title": "Topic" }, { "category": "general", "text": "Red Hat OpenShift Container Platform is Red Hat\u0027s cloud computing\nKubernetes application platform solution designed for on-premise or private\ncloud deployments.\n\nSecurity Fix(es):\n\n* A flaw was found in the way the DES/3DES cipher was used as part of the TLS/SSL protocol. A man-in-the-middle attacker could use this flaw to recover some plaintext data by capturing large amounts of encrypted traffic between TLS/SSL server and client if the communication used a DES/3DES based ciphersuite. (CVE-2016-2183)", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat offerings.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHSA-2019:2859", "url": "https://access.redhat.com/errata/RHSA-2019:2859" }, { "category": "external", "summary": "https://access.redhat.com/security/updates/classification/#moderate", "url": "https://access.redhat.com/security/updates/classification/#moderate" }, { "category": "external", "summary": "1369383", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1369383" }, { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/data/csaf/v2/advisories/2019/rhsa-2019_2859.json" } ], "title": "Red Hat Security Advisory: OpenShift Container Platform 4.1.18 security update", "tracking": { "current_release_date": "2024-09-13T11:34:53+00:00", "generator": { "date": "2024-09-13T11:34:53+00:00", "engine": { "name": "Red Hat SDEngine", "version": "3.33.3" } }, "id": "RHSA-2019:2859", "initial_release_date": "2019-09-27T00:14:29+00:00", "revision_history": [ { "date": "2019-09-27T00:14:29+00:00", "number": "1", "summary": "Initial version" }, { "date": "2019-09-27T00:14:29+00:00", "number": "2", "summary": "Last updated version" }, { "date": "2024-09-13T11:34:53+00:00", "number": "3", "summary": "Last generated version" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "Red Hat OpenShift Container Platform 4.1", "product": { "name": "Red Hat OpenShift Container Platform 4.1", "product_id": "7Server-RH7-RHOSE-4.1", "product_identification_helper": { "cpe": "cpe:/a:redhat:openshift:4.1::el7" } } } ], "category": "product_family", "name": "Red Hat OpenShift Enterprise" }, { "branches": [ { "category": "product_version", "name": "openshift4/ose-oauth-proxy@sha256:64279a4762f987de90db0310f285079247730c582e7af01b5cb2f0d70c1e8e60_amd64", "product": { "name": "openshift4/ose-oauth-proxy@sha256:64279a4762f987de90db0310f285079247730c582e7af01b5cb2f0d70c1e8e60_amd64", "product_id": "openshift4/ose-oauth-proxy@sha256:64279a4762f987de90db0310f285079247730c582e7af01b5cb2f0d70c1e8e60_amd64", "product_identification_helper": { "purl": "pkg:oci/ose-oauth-proxy@sha256:64279a4762f987de90db0310f285079247730c582e7af01b5cb2f0d70c1e8e60?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-oauth-proxy\u0026tag=v4.1.18-201909201915" } } } ], "category": "architecture", "name": "amd64" } ], "category": "vendor", "name": "Red Hat" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-oauth-proxy@sha256:64279a4762f987de90db0310f285079247730c582e7af01b5cb2f0d70c1e8e60_amd64 as a component of Red Hat OpenShift Container Platform 4.1", "product_id": "7Server-RH7-RHOSE-4.1:openshift4/ose-oauth-proxy@sha256:64279a4762f987de90db0310f285079247730c582e7af01b5cb2f0d70c1e8e60_amd64" }, "product_reference": "openshift4/ose-oauth-proxy@sha256:64279a4762f987de90db0310f285079247730c582e7af01b5cb2f0d70c1e8e60_amd64", "relates_to_product_reference": "7Server-RH7-RHOSE-4.1" } ] }, "vulnerabilities": [ { "acknowledgments": [ { "names": [ "OpenVPN" ] }, { "names": [ "Karthikeyan Bhargavan", "Ga\u00ebtan Leurent" ], "organization": "Inria", "summary": "Acknowledged by upstream." } ], "cve": "CVE-2016-2183", "cwe": { "id": "CWE-327", "name": "Use of a Broken or Risky Cryptographic Algorithm" }, "discovery_date": "2016-08-18T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1369383" } ], "notes": [ { "category": "description", "text": "A flaw was found in the way the DES/3DES cipher was used as part of the TLS/SSL protocol. A man-in-the-middle attacker could use this flaw to recover some plaintext data by capturing large amounts of encrypted traffic between TLS/SSL server and client if the communication used a DES/3DES based ciphersuite.", "title": "Vulnerability description" }, { "category": "summary", "text": "SSL/TLS: Birthday attack against 64-bit block ciphers (SWEET32)", "title": "Vulnerability summary" }, { "category": "other", "text": "OpenSSL security update RHSA-2016:1940 mitigates this issue by lowering priority of DES cipher suites so they are not preferred over cipher suites using AES. For compatibility reasons, DES cipher suites remain enabled by default and included in the set of cipher suites identified by the HIGH cipher string. Future updates may move them to MEDIUM or not enable them by default.\n\nNSS addressed this issue by implementing limits on the amount of plain text which can be encrypted by using the same key. Once the limit is reached, the keys will need to be re-negotiated manually. This change will be available in nss-3.27.\n\nGnuTLS is not affected by this issue, since it prioritizes AES before 3DES in the cipher list.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-RH7-RHOSE-4.1:openshift4/ose-oauth-proxy@sha256:64279a4762f987de90db0310f285079247730c582e7af01b5cb2f0d70c1e8e60_amd64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2016-2183" }, { "category": "external", "summary": "RHBZ#1369383", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1369383" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2016-2183", "url": "https://www.cve.org/CVERecord?id=CVE-2016-2183" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-2183", "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-2183" }, { "category": "external", "summary": "https://access.redhat.com/articles/2548661", "url": "https://access.redhat.com/articles/2548661" }, { "category": "external", "summary": "https://access.redhat.com/errata/RHSA-2016:1940", "url": "https://access.redhat.com/errata/RHSA-2016:1940" }, { "category": "external", "summary": "https://sweet32.info/", "url": "https://sweet32.info/" } ], "release_date": "2016-08-24T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "details": "For OpenShift Container Platform 4.1 see the following documentation, which\nwill be updated shortly for release 4.1.18, for important instructions on\nhow to upgrade your cluster and fully apply this asynchronous errata\nupdate:\n\nhttps://docs.openshift.com/container-platform/4.1/release_notes/ocp-4-1-release-notes.html", "product_ids": [ "7Server-RH7-RHOSE-4.1:openshift4/ose-oauth-proxy@sha256:64279a4762f987de90db0310f285079247730c582e7af01b5cb2f0d70c1e8e60_amd64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2019:2859" }, { "category": "workaround", "details": "1.SSL/TLS configurations should prefer AES over DES. Versions of OpenSSL shipped with Red Hat Enterprise Linux 6 and 7 already do so. In the version of OpenSSL shipped with Red Hat Enterprise Linux 5, 3DES is listed below the AES-256 cipher and above the AES-128 cipher, therefore AES-256 based ciphersuite should not be disabled on the server.\n2. Servers using OpenSSL, should not disable AES-128 and AES-256 ciphersuites. Versions of Apache shipped with Red Hat Enterprise Linux use the default cipher string, in which AES is preferred over DES/3DES based ciphersuites.\n\nFor JBoss Middleware, and Java mitigations, please review this knowledge base article:\n\nhttps://access.redhat.com/articles/2598471\n\nThis can be mitigated on OpenShift Container Platform (OCP) by disabling the vulnerable TLS cipher suite in the applicable component. TLS configuration options for OCP are described here:\n\nhttps://access.redhat.com/articles/5348961", "product_ids": [ "7Server-RH7-RHOSE-4.1:openshift4/ose-oauth-proxy@sha256:64279a4762f987de90db0310f285079247730c582e7af01b5cb2f0d70c1e8e60_amd64" ] } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0" }, "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.0" }, "products": [ "7Server-RH7-RHOSE-4.1:openshift4/ose-oauth-proxy@sha256:64279a4762f987de90db0310f285079247730c582e7af01b5cb2f0d70c1e8e60_amd64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "SSL/TLS: Birthday attack against 64-bit block ciphers (SWEET32)" } ] }
rhsa-2020_3842
Vulnerability from csaf_redhat
Notes
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Moderate" }, "category": "csaf_vex", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "An update for openshift-enterprise-console-container is now available for Red Hat OpenShift Container Platform 4.5.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", "title": "Topic" }, { "category": "general", "text": "Red Hat OpenShift Container Platform is Red Hat\u0027s cloud computing\nKubernetes application platform solution designed for on-premise or private\ncloud deployments.\n\nSecurity Fix(es):\n\n* SSL/TLS: Birthday attack against 64-bit block ciphers (SWEET32) (CVE-2016-2183)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat offerings.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHSA-2020:3842", "url": "https://access.redhat.com/errata/RHSA-2020:3842" }, { "category": "external", "summary": "https://access.redhat.com/security/updates/classification/#moderate", "url": "https://access.redhat.com/security/updates/classification/#moderate" }, { "category": "external", "summary": "https://access.redhat.com/articles/2548661", "url": "https://access.redhat.com/articles/2548661" }, { "category": "external", "summary": "1369383", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1369383" }, { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/data/csaf/v2/advisories/2020/rhsa-2020_3842.json" } ], "title": "Red Hat Security Advisory: OpenShift Container Platform 4.5.13 openshift-enterprise-console-container security update", "tracking": { "current_release_date": "2024-09-13T11:35:21+00:00", "generator": { "date": "2024-09-13T11:35:21+00:00", "engine": { "name": "Red Hat SDEngine", "version": "3.33.3" } }, "id": "RHSA-2020:3842", "initial_release_date": "2020-10-01T00:15:26+00:00", "revision_history": [ { "date": "2020-10-01T00:15:26+00:00", "number": "1", "summary": "Initial version" }, { "date": "2020-10-01T00:15:26+00:00", "number": "2", "summary": "Last updated version" }, { "date": "2024-09-13T11:35:21+00:00", "number": "3", "summary": "Last generated version" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "Red Hat OpenShift Container Platform 4.5", "product": { "name": "Red Hat OpenShift Container Platform 4.5", "product_id": "7Server-RH7-RHOSE-4.5", "product_identification_helper": { "cpe": "cpe:/a:redhat:openshift:4.5::el7" } } } ], "category": "product_family", "name": "Red Hat OpenShift Enterprise" }, { "branches": [ { "category": "product_version", "name": "openshift4/ose-console@sha256:00ff55112f7e9c60ad6f0ca86ef16a923e539483aa995c03015ba2142ddb4f13_ppc64le", "product": { "name": "openshift4/ose-console@sha256:00ff55112f7e9c60ad6f0ca86ef16a923e539483aa995c03015ba2142ddb4f13_ppc64le", "product_id": "openshift4/ose-console@sha256:00ff55112f7e9c60ad6f0ca86ef16a923e539483aa995c03015ba2142ddb4f13_ppc64le", "product_identification_helper": { "purl": "pkg:oci/ose-console@sha256:00ff55112f7e9c60ad6f0ca86ef16a923e539483aa995c03015ba2142ddb4f13?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-console\u0026tag=v4.5.0-202009201759.p0" } } } ], "category": "architecture", "name": "ppc64le" }, { "branches": [ { "category": "product_version", "name": "openshift4/ose-console@sha256:48476fda1a77b0514c238256f39566a8c42f89cb5c75ff37638f38399126d8d0_s390x", "product": { "name": "openshift4/ose-console@sha256:48476fda1a77b0514c238256f39566a8c42f89cb5c75ff37638f38399126d8d0_s390x", "product_id": "openshift4/ose-console@sha256:48476fda1a77b0514c238256f39566a8c42f89cb5c75ff37638f38399126d8d0_s390x", "product_identification_helper": { "purl": "pkg:oci/ose-console@sha256:48476fda1a77b0514c238256f39566a8c42f89cb5c75ff37638f38399126d8d0?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-console\u0026tag=v4.5.0-202009201759.p0" } } } ], "category": "architecture", "name": "s390x" }, { "branches": [ { "category": "product_version", "name": "openshift4/ose-console@sha256:1982daa16ec40553b405d5c980dc0db8344e7f525b7177d8cdc7cfde596b33da_amd64", "product": { "name": "openshift4/ose-console@sha256:1982daa16ec40553b405d5c980dc0db8344e7f525b7177d8cdc7cfde596b33da_amd64", "product_id": "openshift4/ose-console@sha256:1982daa16ec40553b405d5c980dc0db8344e7f525b7177d8cdc7cfde596b33da_amd64", "product_identification_helper": { "purl": "pkg:oci/ose-console@sha256:1982daa16ec40553b405d5c980dc0db8344e7f525b7177d8cdc7cfde596b33da?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-console\u0026tag=v4.5.0-202009201759.p0" } } } ], "category": "architecture", "name": "amd64" } ], "category": "vendor", "name": "Red Hat" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-console@sha256:00ff55112f7e9c60ad6f0ca86ef16a923e539483aa995c03015ba2142ddb4f13_ppc64le as a component of Red Hat OpenShift Container Platform 4.5", "product_id": "7Server-RH7-RHOSE-4.5:openshift4/ose-console@sha256:00ff55112f7e9c60ad6f0ca86ef16a923e539483aa995c03015ba2142ddb4f13_ppc64le" }, "product_reference": "openshift4/ose-console@sha256:00ff55112f7e9c60ad6f0ca86ef16a923e539483aa995c03015ba2142ddb4f13_ppc64le", "relates_to_product_reference": "7Server-RH7-RHOSE-4.5" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-console@sha256:1982daa16ec40553b405d5c980dc0db8344e7f525b7177d8cdc7cfde596b33da_amd64 as a component of Red Hat OpenShift Container Platform 4.5", "product_id": "7Server-RH7-RHOSE-4.5:openshift4/ose-console@sha256:1982daa16ec40553b405d5c980dc0db8344e7f525b7177d8cdc7cfde596b33da_amd64" }, "product_reference": "openshift4/ose-console@sha256:1982daa16ec40553b405d5c980dc0db8344e7f525b7177d8cdc7cfde596b33da_amd64", "relates_to_product_reference": "7Server-RH7-RHOSE-4.5" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-console@sha256:48476fda1a77b0514c238256f39566a8c42f89cb5c75ff37638f38399126d8d0_s390x as a component of Red Hat OpenShift Container Platform 4.5", "product_id": "7Server-RH7-RHOSE-4.5:openshift4/ose-console@sha256:48476fda1a77b0514c238256f39566a8c42f89cb5c75ff37638f38399126d8d0_s390x" }, "product_reference": "openshift4/ose-console@sha256:48476fda1a77b0514c238256f39566a8c42f89cb5c75ff37638f38399126d8d0_s390x", "relates_to_product_reference": "7Server-RH7-RHOSE-4.5" } ] }, "vulnerabilities": [ { "acknowledgments": [ { "names": [ "OpenVPN" ] }, { "names": [ "Karthikeyan Bhargavan", "Ga\u00ebtan Leurent" ], "organization": "Inria", "summary": "Acknowledged by upstream." } ], "cve": "CVE-2016-2183", "cwe": { "id": "CWE-327", "name": "Use of a Broken or Risky Cryptographic Algorithm" }, "discovery_date": "2016-08-18T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1369383" } ], "notes": [ { "category": "description", "text": "A flaw was found in the way the DES/3DES cipher was used as part of the TLS/SSL protocol. A man-in-the-middle attacker could use this flaw to recover some plaintext data by capturing large amounts of encrypted traffic between TLS/SSL server and client if the communication used a DES/3DES based ciphersuite.", "title": "Vulnerability description" }, { "category": "summary", "text": "SSL/TLS: Birthday attack against 64-bit block ciphers (SWEET32)", "title": "Vulnerability summary" }, { "category": "other", "text": "OpenSSL security update RHSA-2016:1940 mitigates this issue by lowering priority of DES cipher suites so they are not preferred over cipher suites using AES. For compatibility reasons, DES cipher suites remain enabled by default and included in the set of cipher suites identified by the HIGH cipher string. Future updates may move them to MEDIUM or not enable them by default.\n\nNSS addressed this issue by implementing limits on the amount of plain text which can be encrypted by using the same key. Once the limit is reached, the keys will need to be re-negotiated manually. This change will be available in nss-3.27.\n\nGnuTLS is not affected by this issue, since it prioritizes AES before 3DES in the cipher list.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-RH7-RHOSE-4.5:openshift4/ose-console@sha256:00ff55112f7e9c60ad6f0ca86ef16a923e539483aa995c03015ba2142ddb4f13_ppc64le", "7Server-RH7-RHOSE-4.5:openshift4/ose-console@sha256:1982daa16ec40553b405d5c980dc0db8344e7f525b7177d8cdc7cfde596b33da_amd64", "7Server-RH7-RHOSE-4.5:openshift4/ose-console@sha256:48476fda1a77b0514c238256f39566a8c42f89cb5c75ff37638f38399126d8d0_s390x" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2016-2183" }, { "category": "external", "summary": "RHBZ#1369383", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1369383" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2016-2183", "url": "https://www.cve.org/CVERecord?id=CVE-2016-2183" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-2183", "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-2183" }, { "category": "external", "summary": "https://access.redhat.com/articles/2548661", "url": "https://access.redhat.com/articles/2548661" }, { "category": "external", "summary": "https://access.redhat.com/errata/RHSA-2016:1940", "url": "https://access.redhat.com/errata/RHSA-2016:1940" }, { "category": "external", "summary": "https://sweet32.info/", "url": "https://sweet32.info/" } ], "release_date": "2016-08-24T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "details": "For OpenShift Container Platform 4.5 see the following documentation, which\nwill be updated shortly for this release, for important instructions on how\nto upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.5/release_notes/ocp-4-5-release-notes.html\n\nDetails on how to access this content are available at\nhttps://docs.openshift.com/container-platform/4.5/updating/updating-cluster-cli.html.", "product_ids": [ "7Server-RH7-RHOSE-4.5:openshift4/ose-console@sha256:00ff55112f7e9c60ad6f0ca86ef16a923e539483aa995c03015ba2142ddb4f13_ppc64le", "7Server-RH7-RHOSE-4.5:openshift4/ose-console@sha256:1982daa16ec40553b405d5c980dc0db8344e7f525b7177d8cdc7cfde596b33da_amd64", "7Server-RH7-RHOSE-4.5:openshift4/ose-console@sha256:48476fda1a77b0514c238256f39566a8c42f89cb5c75ff37638f38399126d8d0_s390x" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2020:3842" }, { "category": "workaround", "details": "1.SSL/TLS configurations should prefer AES over DES. Versions of OpenSSL shipped with Red Hat Enterprise Linux 6 and 7 already do so. In the version of OpenSSL shipped with Red Hat Enterprise Linux 5, 3DES is listed below the AES-256 cipher and above the AES-128 cipher, therefore AES-256 based ciphersuite should not be disabled on the server.\n2. Servers using OpenSSL, should not disable AES-128 and AES-256 ciphersuites. Versions of Apache shipped with Red Hat Enterprise Linux use the default cipher string, in which AES is preferred over DES/3DES based ciphersuites.\n\nFor JBoss Middleware, and Java mitigations, please review this knowledge base article:\n\nhttps://access.redhat.com/articles/2598471\n\nThis can be mitigated on OpenShift Container Platform (OCP) by disabling the vulnerable TLS cipher suite in the applicable component. TLS configuration options for OCP are described here:\n\nhttps://access.redhat.com/articles/5348961", "product_ids": [ "7Server-RH7-RHOSE-4.5:openshift4/ose-console@sha256:00ff55112f7e9c60ad6f0ca86ef16a923e539483aa995c03015ba2142ddb4f13_ppc64le", "7Server-RH7-RHOSE-4.5:openshift4/ose-console@sha256:1982daa16ec40553b405d5c980dc0db8344e7f525b7177d8cdc7cfde596b33da_amd64", "7Server-RH7-RHOSE-4.5:openshift4/ose-console@sha256:48476fda1a77b0514c238256f39566a8c42f89cb5c75ff37638f38399126d8d0_s390x" ] } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0" }, "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.0" }, "products": [ "7Server-RH7-RHOSE-4.5:openshift4/ose-console@sha256:00ff55112f7e9c60ad6f0ca86ef16a923e539483aa995c03015ba2142ddb4f13_ppc64le", "7Server-RH7-RHOSE-4.5:openshift4/ose-console@sha256:1982daa16ec40553b405d5c980dc0db8344e7f525b7177d8cdc7cfde596b33da_amd64", "7Server-RH7-RHOSE-4.5:openshift4/ose-console@sha256:48476fda1a77b0514c238256f39566a8c42f89cb5c75ff37638f38399126d8d0_s390x" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "SSL/TLS: Birthday attack against 64-bit block ciphers (SWEET32)" } ] }
rhsa-2018_2123
Vulnerability from csaf_redhat
Notes
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Moderate" }, "category": "csaf_vex", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "An update for python is now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", "title": "Topic" }, { "category": "general", "text": "Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems.\n\nSecurity Fix(es):\n\n* A flaw was found in the way the DES/3DES cipher was used as part of the TLS/SSL protocol. A man-in-the-middle attacker could use this flaw to recover some plaintext data by capturing large amounts of encrypted traffic between TLS/SSL server and client if the communication used a DES/3DES based ciphersuite. (CVE-2016-2183)\n\nNote: This update modifies the Python ssl module to disable 3DES cipher suites by default.\n\nRed Hat would like to thank OpenVPN for reporting this issue. Upstream acknowledges Karthikeyan Bhargavan (Inria) and Ga\u00ebtan Leurent (Inria) as the original reporters.", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat offerings.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHSA-2018:2123", "url": "https://access.redhat.com/errata/RHSA-2018:2123" }, { "category": "external", "summary": "https://access.redhat.com/security/updates/classification/#moderate", "url": "https://access.redhat.com/security/updates/classification/#moderate" }, { "category": "external", "summary": "1369383", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1369383" }, { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/data/csaf/v2/advisories/2018/rhsa-2018_2123.json" } ], "title": "Red Hat Security Advisory: python security update", "tracking": { "current_release_date": "2024-09-13T11:34:40+00:00", "generator": { "date": "2024-09-13T11:34:40+00:00", "engine": { "name": "Red Hat SDEngine", "version": "3.33.3" } }, "id": "RHSA-2018:2123", "initial_release_date": "2018-07-03T14:14:04+00:00", "revision_history": [ { "date": "2018-07-03T14:14:04+00:00", "number": "1", "summary": "Initial version" }, { "date": "2018-07-03T14:14:04+00:00", "number": "2", "summary": "Last updated version" }, { "date": "2024-09-13T11:34:40+00:00", "number": "3", "summary": "Last generated version" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "Red Hat Enterprise Linux Client (v. 7)", "product": { "name": "Red Hat Enterprise Linux Client (v. 7)", "product_id": "7Client-7.5.Z", "product_identification_helper": { "cpe": "cpe:/o:redhat:enterprise_linux:7::client" } } }, { "category": "product_name", "name": "Red Hat Enterprise Linux Client Optional (v. 7)", "product": { "name": "Red Hat Enterprise Linux Client Optional (v. 7)", "product_id": "7Client-optional-7.5.Z", "product_identification_helper": { "cpe": "cpe:/o:redhat:enterprise_linux:7::client" } } }, { "category": "product_name", "name": "Red Hat Enterprise Linux ComputeNode (v. 7)", "product": { "name": "Red Hat Enterprise Linux ComputeNode (v. 7)", "product_id": "7ComputeNode-7.5.Z", "product_identification_helper": { "cpe": "cpe:/o:redhat:enterprise_linux:7::computenode" } } }, { "category": "product_name", "name": "Red Hat Enterprise Linux ComputeNode Optional (v. 7)", "product": { "name": "Red Hat Enterprise Linux ComputeNode Optional (v. 7)", "product_id": "7ComputeNode-optional-7.5.Z", "product_identification_helper": { "cpe": "cpe:/o:redhat:enterprise_linux:7::computenode" } } }, { "category": "product_name", "name": "Red Hat Enterprise Linux Server (v. 7)", "product": { "name": "Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server-7.5.Z", "product_identification_helper": { "cpe": "cpe:/o:redhat:enterprise_linux:7::server" } } }, { "category": "product_name", "name": "Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)", "product": { "name": "Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)", "product_id": "7Server-Alt-7.5.Z", "product_identification_helper": { "cpe": "cpe:/o:redhat:enterprise_linux:7::server" } } }, { "category": "product_name", "name": "Red Hat Enterprise Linux Server Optional (v. 7)", "product": { "name": "Red Hat Enterprise Linux Server Optional (v. 7)", "product_id": "7Server-optional-7.5.Z", "product_identification_helper": { "cpe": "cpe:/o:redhat:enterprise_linux:7::server" } } }, { "category": "product_name", "name": "Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)", "product": { "name": "Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)", "product_id": "7Server-optional-Alt-7.5.Z", "product_identification_helper": { "cpe": "cpe:/o:redhat:enterprise_linux:7::server" } } }, { "category": "product_name", "name": "Red Hat Enterprise Linux Workstation (v. 7)", "product": { "name": "Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation-7.5.Z", "product_identification_helper": { "cpe": "cpe:/o:redhat:enterprise_linux:7::workstation" } } }, { "category": "product_name", "name": "Red Hat Enterprise Linux Workstation Optional (v. 7)", "product": { "name": "Red Hat Enterprise Linux Workstation Optional (v. 7)", "product_id": "7Workstation-optional-7.5.Z", "product_identification_helper": { "cpe": "cpe:/o:redhat:enterprise_linux:7::workstation" } } } ], "category": "product_family", "name": "Red Hat Enterprise Linux" }, { "branches": [ { "category": "product_version", "name": "python-0:2.7.5-69.el7_5.x86_64", "product": { "name": "python-0:2.7.5-69.el7_5.x86_64", "product_id": "python-0:2.7.5-69.el7_5.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/python@2.7.5-69.el7_5?arch=x86_64" } } }, { "category": "product_version", "name": "python-debuginfo-0:2.7.5-69.el7_5.x86_64", "product": { "name": "python-debuginfo-0:2.7.5-69.el7_5.x86_64", "product_id": "python-debuginfo-0:2.7.5-69.el7_5.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/python-debuginfo@2.7.5-69.el7_5?arch=x86_64" } } }, { "category": "product_version", "name": "python-libs-0:2.7.5-69.el7_5.x86_64", "product": { "name": "python-libs-0:2.7.5-69.el7_5.x86_64", "product_id": "python-libs-0:2.7.5-69.el7_5.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/python-libs@2.7.5-69.el7_5?arch=x86_64" } } }, { "category": "product_version", "name": "python-devel-0:2.7.5-69.el7_5.x86_64", "product": { "name": "python-devel-0:2.7.5-69.el7_5.x86_64", "product_id": "python-devel-0:2.7.5-69.el7_5.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/python-devel@2.7.5-69.el7_5?arch=x86_64" } } }, { "category": "product_version", "name": "python-debug-0:2.7.5-69.el7_5.x86_64", "product": { "name": "python-debug-0:2.7.5-69.el7_5.x86_64", "product_id": "python-debug-0:2.7.5-69.el7_5.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/python-debug@2.7.5-69.el7_5?arch=x86_64" } } }, { "category": "product_version", "name": "python-tools-0:2.7.5-69.el7_5.x86_64", "product": { "name": "python-tools-0:2.7.5-69.el7_5.x86_64", "product_id": "python-tools-0:2.7.5-69.el7_5.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/python-tools@2.7.5-69.el7_5?arch=x86_64" } } }, { "category": "product_version", "name": "tkinter-0:2.7.5-69.el7_5.x86_64", "product": { "name": "tkinter-0:2.7.5-69.el7_5.x86_64", "product_id": "tkinter-0:2.7.5-69.el7_5.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/tkinter@2.7.5-69.el7_5?arch=x86_64" } } }, { "category": "product_version", "name": "python-test-0:2.7.5-69.el7_5.x86_64", "product": { "name": "python-test-0:2.7.5-69.el7_5.x86_64", "product_id": "python-test-0:2.7.5-69.el7_5.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/python-test@2.7.5-69.el7_5?arch=x86_64" } } } ], "category": "architecture", "name": "x86_64" }, { "branches": [ { "category": "product_version", "name": "python-debuginfo-0:2.7.5-69.el7_5.i686", "product": { "name": "python-debuginfo-0:2.7.5-69.el7_5.i686", "product_id": "python-debuginfo-0:2.7.5-69.el7_5.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/python-debuginfo@2.7.5-69.el7_5?arch=i686" } } }, { "category": "product_version", "name": "python-libs-0:2.7.5-69.el7_5.i686", "product": { "name": "python-libs-0:2.7.5-69.el7_5.i686", "product_id": "python-libs-0:2.7.5-69.el7_5.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/python-libs@2.7.5-69.el7_5?arch=i686" } } } ], "category": "architecture", "name": "i686" }, { "branches": [ { "category": "product_version", "name": "python-0:2.7.5-69.el7_5.src", "product": { "name": "python-0:2.7.5-69.el7_5.src", "product_id": "python-0:2.7.5-69.el7_5.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/python@2.7.5-69.el7_5?arch=src" } } } ], "category": "architecture", "name": "src" }, { "branches": [ { "category": "product_version", "name": "python-0:2.7.5-69.el7_5.s390x", "product": { "name": "python-0:2.7.5-69.el7_5.s390x", "product_id": "python-0:2.7.5-69.el7_5.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/python@2.7.5-69.el7_5?arch=s390x" } } }, { "category": "product_version", "name": "python-debuginfo-0:2.7.5-69.el7_5.s390x", "product": { "name": "python-debuginfo-0:2.7.5-69.el7_5.s390x", "product_id": "python-debuginfo-0:2.7.5-69.el7_5.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/python-debuginfo@2.7.5-69.el7_5?arch=s390x" } } }, { "category": "product_version", "name": "python-libs-0:2.7.5-69.el7_5.s390x", "product": { "name": "python-libs-0:2.7.5-69.el7_5.s390x", "product_id": "python-libs-0:2.7.5-69.el7_5.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/python-libs@2.7.5-69.el7_5?arch=s390x" } } }, { "category": "product_version", "name": "python-devel-0:2.7.5-69.el7_5.s390x", "product": { "name": "python-devel-0:2.7.5-69.el7_5.s390x", "product_id": "python-devel-0:2.7.5-69.el7_5.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/python-devel@2.7.5-69.el7_5?arch=s390x" } } }, { "category": "product_version", "name": "python-debug-0:2.7.5-69.el7_5.s390x", "product": { "name": "python-debug-0:2.7.5-69.el7_5.s390x", "product_id": "python-debug-0:2.7.5-69.el7_5.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/python-debug@2.7.5-69.el7_5?arch=s390x" } } }, { "category": "product_version", "name": "python-tools-0:2.7.5-69.el7_5.s390x", "product": { "name": "python-tools-0:2.7.5-69.el7_5.s390x", "product_id": "python-tools-0:2.7.5-69.el7_5.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/python-tools@2.7.5-69.el7_5?arch=s390x" } } }, { "category": "product_version", "name": "tkinter-0:2.7.5-69.el7_5.s390x", "product": { "name": "tkinter-0:2.7.5-69.el7_5.s390x", "product_id": "tkinter-0:2.7.5-69.el7_5.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/tkinter@2.7.5-69.el7_5?arch=s390x" } } }, { "category": "product_version", "name": "python-test-0:2.7.5-69.el7_5.s390x", "product": { "name": "python-test-0:2.7.5-69.el7_5.s390x", "product_id": "python-test-0:2.7.5-69.el7_5.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/python-test@2.7.5-69.el7_5?arch=s390x" } } } ], "category": "architecture", "name": "s390x" }, { "branches": [ { "category": "product_version", "name": "python-debuginfo-0:2.7.5-69.el7_5.s390", "product": { "name": "python-debuginfo-0:2.7.5-69.el7_5.s390", "product_id": "python-debuginfo-0:2.7.5-69.el7_5.s390", "product_identification_helper": { "purl": "pkg:rpm/redhat/python-debuginfo@2.7.5-69.el7_5?arch=s390" } } }, { "category": "product_version", "name": "python-libs-0:2.7.5-69.el7_5.s390", "product": { "name": "python-libs-0:2.7.5-69.el7_5.s390", "product_id": "python-libs-0:2.7.5-69.el7_5.s390", "product_identification_helper": { "purl": "pkg:rpm/redhat/python-libs@2.7.5-69.el7_5?arch=s390" } } } ], "category": "architecture", "name": "s390" }, { "branches": [ { "category": "product_version", "name": "python-0:2.7.5-69.el7_5.ppc64", "product": { "name": "python-0:2.7.5-69.el7_5.ppc64", "product_id": "python-0:2.7.5-69.el7_5.ppc64", "product_identification_helper": { "purl": "pkg:rpm/redhat/python@2.7.5-69.el7_5?arch=ppc64" } } }, { "category": "product_version", "name": "python-debuginfo-0:2.7.5-69.el7_5.ppc64", "product": { "name": "python-debuginfo-0:2.7.5-69.el7_5.ppc64", "product_id": "python-debuginfo-0:2.7.5-69.el7_5.ppc64", "product_identification_helper": { "purl": "pkg:rpm/redhat/python-debuginfo@2.7.5-69.el7_5?arch=ppc64" } } }, { "category": "product_version", "name": "python-libs-0:2.7.5-69.el7_5.ppc64", "product": { "name": "python-libs-0:2.7.5-69.el7_5.ppc64", "product_id": "python-libs-0:2.7.5-69.el7_5.ppc64", "product_identification_helper": { "purl": "pkg:rpm/redhat/python-libs@2.7.5-69.el7_5?arch=ppc64" } } }, { "category": "product_version", "name": "python-devel-0:2.7.5-69.el7_5.ppc64", "product": { "name": "python-devel-0:2.7.5-69.el7_5.ppc64", "product_id": "python-devel-0:2.7.5-69.el7_5.ppc64", "product_identification_helper": { "purl": "pkg:rpm/redhat/python-devel@2.7.5-69.el7_5?arch=ppc64" } } }, { "category": "product_version", "name": "python-debug-0:2.7.5-69.el7_5.ppc64", "product": { "name": "python-debug-0:2.7.5-69.el7_5.ppc64", "product_id": "python-debug-0:2.7.5-69.el7_5.ppc64", "product_identification_helper": { "purl": "pkg:rpm/redhat/python-debug@2.7.5-69.el7_5?arch=ppc64" } } }, { "category": "product_version", "name": "python-tools-0:2.7.5-69.el7_5.ppc64", "product": { "name": "python-tools-0:2.7.5-69.el7_5.ppc64", "product_id": "python-tools-0:2.7.5-69.el7_5.ppc64", "product_identification_helper": { "purl": "pkg:rpm/redhat/python-tools@2.7.5-69.el7_5?arch=ppc64" } } }, { "category": "product_version", "name": "tkinter-0:2.7.5-69.el7_5.ppc64", "product": { "name": "tkinter-0:2.7.5-69.el7_5.ppc64", "product_id": "tkinter-0:2.7.5-69.el7_5.ppc64", "product_identification_helper": { "purl": "pkg:rpm/redhat/tkinter@2.7.5-69.el7_5?arch=ppc64" } } }, { "category": "product_version", "name": "python-test-0:2.7.5-69.el7_5.ppc64", "product": { "name": "python-test-0:2.7.5-69.el7_5.ppc64", "product_id": "python-test-0:2.7.5-69.el7_5.ppc64", "product_identification_helper": { "purl": "pkg:rpm/redhat/python-test@2.7.5-69.el7_5?arch=ppc64" } } } ], "category": "architecture", "name": "ppc64" }, { "branches": [ { "category": "product_version", "name": "python-debuginfo-0:2.7.5-69.el7_5.ppc", "product": { "name": "python-debuginfo-0:2.7.5-69.el7_5.ppc", "product_id": "python-debuginfo-0:2.7.5-69.el7_5.ppc", "product_identification_helper": { "purl": "pkg:rpm/redhat/python-debuginfo@2.7.5-69.el7_5?arch=ppc" } } }, { "category": "product_version", "name": "python-libs-0:2.7.5-69.el7_5.ppc", "product": { "name": "python-libs-0:2.7.5-69.el7_5.ppc", "product_id": "python-libs-0:2.7.5-69.el7_5.ppc", "product_identification_helper": { "purl": "pkg:rpm/redhat/python-libs@2.7.5-69.el7_5?arch=ppc" } } } ], "category": "architecture", "name": "ppc" }, { "branches": [ { "category": "product_version", "name": "python-0:2.7.5-69.el7_5.ppc64le", "product": { "name": "python-0:2.7.5-69.el7_5.ppc64le", "product_id": "python-0:2.7.5-69.el7_5.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/python@2.7.5-69.el7_5?arch=ppc64le" } } }, { "category": "product_version", "name": "python-debuginfo-0:2.7.5-69.el7_5.ppc64le", "product": { "name": "python-debuginfo-0:2.7.5-69.el7_5.ppc64le", "product_id": "python-debuginfo-0:2.7.5-69.el7_5.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/python-debuginfo@2.7.5-69.el7_5?arch=ppc64le" } } }, { "category": "product_version", "name": "python-libs-0:2.7.5-69.el7_5.ppc64le", "product": { "name": "python-libs-0:2.7.5-69.el7_5.ppc64le", "product_id": "python-libs-0:2.7.5-69.el7_5.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/python-libs@2.7.5-69.el7_5?arch=ppc64le" } } }, { "category": "product_version", "name": "python-devel-0:2.7.5-69.el7_5.ppc64le", "product": { "name": "python-devel-0:2.7.5-69.el7_5.ppc64le", "product_id": "python-devel-0:2.7.5-69.el7_5.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/python-devel@2.7.5-69.el7_5?arch=ppc64le" } } }, { "category": "product_version", "name": "python-debug-0:2.7.5-69.el7_5.ppc64le", "product": { "name": "python-debug-0:2.7.5-69.el7_5.ppc64le", "product_id": "python-debug-0:2.7.5-69.el7_5.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/python-debug@2.7.5-69.el7_5?arch=ppc64le" } } }, { "category": "product_version", "name": "python-tools-0:2.7.5-69.el7_5.ppc64le", "product": { "name": "python-tools-0:2.7.5-69.el7_5.ppc64le", "product_id": "python-tools-0:2.7.5-69.el7_5.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/python-tools@2.7.5-69.el7_5?arch=ppc64le" } } }, { "category": "product_version", "name": "tkinter-0:2.7.5-69.el7_5.ppc64le", "product": { "name": "tkinter-0:2.7.5-69.el7_5.ppc64le", "product_id": "tkinter-0:2.7.5-69.el7_5.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/tkinter@2.7.5-69.el7_5?arch=ppc64le" } } }, { "category": "product_version", "name": "python-test-0:2.7.5-69.el7_5.ppc64le", "product": { "name": "python-test-0:2.7.5-69.el7_5.ppc64le", "product_id": "python-test-0:2.7.5-69.el7_5.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/python-test@2.7.5-69.el7_5?arch=ppc64le" } } } ], "category": "architecture", "name": "ppc64le" }, { "branches": [ { "category": "product_version", "name": "python-0:2.7.5-69.el7_5.aarch64", "product": { "name": "python-0:2.7.5-69.el7_5.aarch64", "product_id": "python-0:2.7.5-69.el7_5.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/python@2.7.5-69.el7_5?arch=aarch64" } } }, { "category": "product_version", "name": "python-debuginfo-0:2.7.5-69.el7_5.aarch64", "product": { "name": "python-debuginfo-0:2.7.5-69.el7_5.aarch64", "product_id": "python-debuginfo-0:2.7.5-69.el7_5.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/python-debuginfo@2.7.5-69.el7_5?arch=aarch64" } } }, { "category": "product_version", "name": "python-libs-0:2.7.5-69.el7_5.aarch64", "product": { "name": "python-libs-0:2.7.5-69.el7_5.aarch64", "product_id": "python-libs-0:2.7.5-69.el7_5.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/python-libs@2.7.5-69.el7_5?arch=aarch64" } } }, { "category": "product_version", "name": "python-devel-0:2.7.5-69.el7_5.aarch64", "product": { "name": "python-devel-0:2.7.5-69.el7_5.aarch64", "product_id": "python-devel-0:2.7.5-69.el7_5.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/python-devel@2.7.5-69.el7_5?arch=aarch64" } } }, { "category": "product_version", "name": "python-debug-0:2.7.5-69.el7_5.aarch64", "product": { "name": "python-debug-0:2.7.5-69.el7_5.aarch64", "product_id": "python-debug-0:2.7.5-69.el7_5.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/python-debug@2.7.5-69.el7_5?arch=aarch64" } } }, { "category": "product_version", "name": "python-tools-0:2.7.5-69.el7_5.aarch64", "product": { "name": "python-tools-0:2.7.5-69.el7_5.aarch64", "product_id": "python-tools-0:2.7.5-69.el7_5.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/python-tools@2.7.5-69.el7_5?arch=aarch64" } } }, { "category": "product_version", "name": "tkinter-0:2.7.5-69.el7_5.aarch64", "product": { "name": "tkinter-0:2.7.5-69.el7_5.aarch64", "product_id": "tkinter-0:2.7.5-69.el7_5.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/tkinter@2.7.5-69.el7_5?arch=aarch64" } } }, { "category": "product_version", "name": "python-test-0:2.7.5-69.el7_5.aarch64", "product": { "name": "python-test-0:2.7.5-69.el7_5.aarch64", "product_id": "python-test-0:2.7.5-69.el7_5.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/python-test@2.7.5-69.el7_5?arch=aarch64" } } } ], "category": "architecture", "name": "aarch64" } ], "category": "vendor", "name": "Red Hat" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "python-0:2.7.5-69.el7_5.aarch64 as a component of Red Hat Enterprise Linux Client (v. 7)", "product_id": "7Client-7.5.Z:python-0:2.7.5-69.el7_5.aarch64" }, "product_reference": "python-0:2.7.5-69.el7_5.aarch64", "relates_to_product_reference": "7Client-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-0:2.7.5-69.el7_5.ppc64 as a component of Red Hat Enterprise Linux Client (v. 7)", "product_id": "7Client-7.5.Z:python-0:2.7.5-69.el7_5.ppc64" }, "product_reference": "python-0:2.7.5-69.el7_5.ppc64", "relates_to_product_reference": "7Client-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-0:2.7.5-69.el7_5.ppc64le as a component of Red Hat Enterprise Linux Client (v. 7)", "product_id": "7Client-7.5.Z:python-0:2.7.5-69.el7_5.ppc64le" }, "product_reference": "python-0:2.7.5-69.el7_5.ppc64le", "relates_to_product_reference": "7Client-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-0:2.7.5-69.el7_5.s390x as a component of Red Hat Enterprise Linux Client (v. 7)", "product_id": "7Client-7.5.Z:python-0:2.7.5-69.el7_5.s390x" }, "product_reference": "python-0:2.7.5-69.el7_5.s390x", "relates_to_product_reference": "7Client-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-0:2.7.5-69.el7_5.src as a component of Red Hat Enterprise Linux Client (v. 7)", "product_id": "7Client-7.5.Z:python-0:2.7.5-69.el7_5.src" }, "product_reference": "python-0:2.7.5-69.el7_5.src", "relates_to_product_reference": "7Client-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-0:2.7.5-69.el7_5.x86_64 as a component of Red Hat Enterprise Linux Client (v. 7)", "product_id": "7Client-7.5.Z:python-0:2.7.5-69.el7_5.x86_64" }, "product_reference": "python-0:2.7.5-69.el7_5.x86_64", "relates_to_product_reference": "7Client-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-debug-0:2.7.5-69.el7_5.aarch64 as a component of Red Hat Enterprise Linux Client (v. 7)", "product_id": "7Client-7.5.Z:python-debug-0:2.7.5-69.el7_5.aarch64" }, "product_reference": "python-debug-0:2.7.5-69.el7_5.aarch64", "relates_to_product_reference": "7Client-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-debug-0:2.7.5-69.el7_5.ppc64 as a component of Red Hat Enterprise Linux Client (v. 7)", "product_id": "7Client-7.5.Z:python-debug-0:2.7.5-69.el7_5.ppc64" }, "product_reference": "python-debug-0:2.7.5-69.el7_5.ppc64", "relates_to_product_reference": "7Client-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-debug-0:2.7.5-69.el7_5.ppc64le as a component of Red Hat Enterprise Linux Client (v. 7)", "product_id": "7Client-7.5.Z:python-debug-0:2.7.5-69.el7_5.ppc64le" }, "product_reference": "python-debug-0:2.7.5-69.el7_5.ppc64le", "relates_to_product_reference": "7Client-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-debug-0:2.7.5-69.el7_5.s390x as a component of Red Hat Enterprise Linux Client (v. 7)", "product_id": "7Client-7.5.Z:python-debug-0:2.7.5-69.el7_5.s390x" }, "product_reference": "python-debug-0:2.7.5-69.el7_5.s390x", "relates_to_product_reference": "7Client-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-debug-0:2.7.5-69.el7_5.x86_64 as a component of Red Hat Enterprise Linux Client (v. 7)", "product_id": "7Client-7.5.Z:python-debug-0:2.7.5-69.el7_5.x86_64" }, "product_reference": "python-debug-0:2.7.5-69.el7_5.x86_64", "relates_to_product_reference": "7Client-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-debuginfo-0:2.7.5-69.el7_5.aarch64 as a component of Red Hat Enterprise Linux Client (v. 7)", "product_id": "7Client-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.aarch64" }, "product_reference": "python-debuginfo-0:2.7.5-69.el7_5.aarch64", "relates_to_product_reference": "7Client-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-debuginfo-0:2.7.5-69.el7_5.i686 as a component of Red Hat Enterprise Linux Client (v. 7)", "product_id": "7Client-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.i686" }, "product_reference": "python-debuginfo-0:2.7.5-69.el7_5.i686", "relates_to_product_reference": "7Client-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-debuginfo-0:2.7.5-69.el7_5.ppc as a component of Red Hat Enterprise Linux Client (v. 7)", "product_id": "7Client-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.ppc" }, "product_reference": "python-debuginfo-0:2.7.5-69.el7_5.ppc", "relates_to_product_reference": "7Client-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-debuginfo-0:2.7.5-69.el7_5.ppc64 as a component of Red Hat Enterprise Linux Client (v. 7)", "product_id": "7Client-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.ppc64" }, "product_reference": "python-debuginfo-0:2.7.5-69.el7_5.ppc64", "relates_to_product_reference": "7Client-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-debuginfo-0:2.7.5-69.el7_5.ppc64le as a component of Red Hat Enterprise Linux Client (v. 7)", "product_id": "7Client-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.ppc64le" }, "product_reference": "python-debuginfo-0:2.7.5-69.el7_5.ppc64le", "relates_to_product_reference": "7Client-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-debuginfo-0:2.7.5-69.el7_5.s390 as a component of Red Hat Enterprise Linux Client (v. 7)", "product_id": "7Client-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.s390" }, "product_reference": "python-debuginfo-0:2.7.5-69.el7_5.s390", "relates_to_product_reference": "7Client-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-debuginfo-0:2.7.5-69.el7_5.s390x as a component of Red Hat Enterprise Linux Client (v. 7)", "product_id": "7Client-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.s390x" }, "product_reference": "python-debuginfo-0:2.7.5-69.el7_5.s390x", "relates_to_product_reference": "7Client-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-debuginfo-0:2.7.5-69.el7_5.x86_64 as a component of Red Hat Enterprise Linux Client (v. 7)", "product_id": "7Client-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.x86_64" }, "product_reference": "python-debuginfo-0:2.7.5-69.el7_5.x86_64", "relates_to_product_reference": "7Client-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-devel-0:2.7.5-69.el7_5.aarch64 as a component of Red Hat Enterprise Linux Client (v. 7)", "product_id": "7Client-7.5.Z:python-devel-0:2.7.5-69.el7_5.aarch64" }, "product_reference": "python-devel-0:2.7.5-69.el7_5.aarch64", "relates_to_product_reference": "7Client-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-devel-0:2.7.5-69.el7_5.ppc64 as a component of Red Hat Enterprise Linux Client (v. 7)", "product_id": "7Client-7.5.Z:python-devel-0:2.7.5-69.el7_5.ppc64" }, "product_reference": "python-devel-0:2.7.5-69.el7_5.ppc64", "relates_to_product_reference": "7Client-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-devel-0:2.7.5-69.el7_5.ppc64le as a component of Red Hat Enterprise Linux Client (v. 7)", "product_id": "7Client-7.5.Z:python-devel-0:2.7.5-69.el7_5.ppc64le" }, "product_reference": "python-devel-0:2.7.5-69.el7_5.ppc64le", "relates_to_product_reference": "7Client-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-devel-0:2.7.5-69.el7_5.s390x as a component of Red Hat Enterprise Linux Client (v. 7)", "product_id": "7Client-7.5.Z:python-devel-0:2.7.5-69.el7_5.s390x" }, "product_reference": "python-devel-0:2.7.5-69.el7_5.s390x", "relates_to_product_reference": "7Client-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-devel-0:2.7.5-69.el7_5.x86_64 as a component of Red Hat Enterprise Linux Client (v. 7)", "product_id": "7Client-7.5.Z:python-devel-0:2.7.5-69.el7_5.x86_64" }, "product_reference": "python-devel-0:2.7.5-69.el7_5.x86_64", "relates_to_product_reference": "7Client-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-libs-0:2.7.5-69.el7_5.aarch64 as a component of Red Hat Enterprise Linux Client (v. 7)", "product_id": "7Client-7.5.Z:python-libs-0:2.7.5-69.el7_5.aarch64" }, "product_reference": "python-libs-0:2.7.5-69.el7_5.aarch64", "relates_to_product_reference": "7Client-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-libs-0:2.7.5-69.el7_5.i686 as a component of Red Hat Enterprise Linux Client (v. 7)", "product_id": "7Client-7.5.Z:python-libs-0:2.7.5-69.el7_5.i686" }, "product_reference": "python-libs-0:2.7.5-69.el7_5.i686", "relates_to_product_reference": "7Client-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-libs-0:2.7.5-69.el7_5.ppc as a component of Red Hat Enterprise Linux Client (v. 7)", "product_id": "7Client-7.5.Z:python-libs-0:2.7.5-69.el7_5.ppc" }, "product_reference": "python-libs-0:2.7.5-69.el7_5.ppc", "relates_to_product_reference": "7Client-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-libs-0:2.7.5-69.el7_5.ppc64 as a component of Red Hat Enterprise Linux Client (v. 7)", "product_id": "7Client-7.5.Z:python-libs-0:2.7.5-69.el7_5.ppc64" }, "product_reference": "python-libs-0:2.7.5-69.el7_5.ppc64", "relates_to_product_reference": "7Client-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-libs-0:2.7.5-69.el7_5.ppc64le as a component of Red Hat Enterprise Linux Client (v. 7)", "product_id": "7Client-7.5.Z:python-libs-0:2.7.5-69.el7_5.ppc64le" }, "product_reference": "python-libs-0:2.7.5-69.el7_5.ppc64le", "relates_to_product_reference": "7Client-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-libs-0:2.7.5-69.el7_5.s390 as a component of Red Hat Enterprise Linux Client (v. 7)", "product_id": "7Client-7.5.Z:python-libs-0:2.7.5-69.el7_5.s390" }, "product_reference": "python-libs-0:2.7.5-69.el7_5.s390", "relates_to_product_reference": "7Client-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-libs-0:2.7.5-69.el7_5.s390x as a component of Red Hat Enterprise Linux Client (v. 7)", "product_id": "7Client-7.5.Z:python-libs-0:2.7.5-69.el7_5.s390x" }, "product_reference": "python-libs-0:2.7.5-69.el7_5.s390x", "relates_to_product_reference": "7Client-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-libs-0:2.7.5-69.el7_5.x86_64 as a component of Red Hat Enterprise Linux Client (v. 7)", "product_id": "7Client-7.5.Z:python-libs-0:2.7.5-69.el7_5.x86_64" }, "product_reference": "python-libs-0:2.7.5-69.el7_5.x86_64", "relates_to_product_reference": "7Client-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-test-0:2.7.5-69.el7_5.aarch64 as a component of Red Hat Enterprise Linux Client (v. 7)", "product_id": "7Client-7.5.Z:python-test-0:2.7.5-69.el7_5.aarch64" }, "product_reference": "python-test-0:2.7.5-69.el7_5.aarch64", "relates_to_product_reference": "7Client-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-test-0:2.7.5-69.el7_5.ppc64 as a component of Red Hat Enterprise Linux Client (v. 7)", "product_id": "7Client-7.5.Z:python-test-0:2.7.5-69.el7_5.ppc64" }, "product_reference": "python-test-0:2.7.5-69.el7_5.ppc64", "relates_to_product_reference": "7Client-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-test-0:2.7.5-69.el7_5.ppc64le as a component of Red Hat Enterprise Linux Client (v. 7)", "product_id": "7Client-7.5.Z:python-test-0:2.7.5-69.el7_5.ppc64le" }, "product_reference": "python-test-0:2.7.5-69.el7_5.ppc64le", "relates_to_product_reference": "7Client-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-test-0:2.7.5-69.el7_5.s390x as a component of Red Hat Enterprise Linux Client (v. 7)", "product_id": "7Client-7.5.Z:python-test-0:2.7.5-69.el7_5.s390x" }, "product_reference": "python-test-0:2.7.5-69.el7_5.s390x", "relates_to_product_reference": "7Client-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-test-0:2.7.5-69.el7_5.x86_64 as a component of Red Hat Enterprise Linux Client (v. 7)", "product_id": "7Client-7.5.Z:python-test-0:2.7.5-69.el7_5.x86_64" }, "product_reference": "python-test-0:2.7.5-69.el7_5.x86_64", "relates_to_product_reference": "7Client-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-tools-0:2.7.5-69.el7_5.aarch64 as a component of Red Hat Enterprise Linux Client (v. 7)", "product_id": "7Client-7.5.Z:python-tools-0:2.7.5-69.el7_5.aarch64" }, "product_reference": "python-tools-0:2.7.5-69.el7_5.aarch64", "relates_to_product_reference": "7Client-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-tools-0:2.7.5-69.el7_5.ppc64 as a component of Red Hat Enterprise Linux Client (v. 7)", "product_id": "7Client-7.5.Z:python-tools-0:2.7.5-69.el7_5.ppc64" }, "product_reference": "python-tools-0:2.7.5-69.el7_5.ppc64", "relates_to_product_reference": "7Client-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-tools-0:2.7.5-69.el7_5.ppc64le as a component of Red Hat Enterprise Linux Client (v. 7)", "product_id": "7Client-7.5.Z:python-tools-0:2.7.5-69.el7_5.ppc64le" }, "product_reference": "python-tools-0:2.7.5-69.el7_5.ppc64le", "relates_to_product_reference": "7Client-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-tools-0:2.7.5-69.el7_5.s390x as a component of Red Hat Enterprise Linux Client (v. 7)", "product_id": "7Client-7.5.Z:python-tools-0:2.7.5-69.el7_5.s390x" }, "product_reference": "python-tools-0:2.7.5-69.el7_5.s390x", "relates_to_product_reference": "7Client-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-tools-0:2.7.5-69.el7_5.x86_64 as a component of Red Hat Enterprise Linux Client (v. 7)", "product_id": "7Client-7.5.Z:python-tools-0:2.7.5-69.el7_5.x86_64" }, "product_reference": "python-tools-0:2.7.5-69.el7_5.x86_64", "relates_to_product_reference": "7Client-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "tkinter-0:2.7.5-69.el7_5.aarch64 as a component of Red Hat Enterprise Linux Client (v. 7)", "product_id": "7Client-7.5.Z:tkinter-0:2.7.5-69.el7_5.aarch64" }, "product_reference": "tkinter-0:2.7.5-69.el7_5.aarch64", "relates_to_product_reference": "7Client-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "tkinter-0:2.7.5-69.el7_5.ppc64 as a component of Red Hat Enterprise Linux Client (v. 7)", "product_id": "7Client-7.5.Z:tkinter-0:2.7.5-69.el7_5.ppc64" }, "product_reference": "tkinter-0:2.7.5-69.el7_5.ppc64", "relates_to_product_reference": "7Client-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "tkinter-0:2.7.5-69.el7_5.ppc64le as a component of Red Hat Enterprise Linux Client (v. 7)", "product_id": "7Client-7.5.Z:tkinter-0:2.7.5-69.el7_5.ppc64le" }, "product_reference": "tkinter-0:2.7.5-69.el7_5.ppc64le", "relates_to_product_reference": "7Client-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "tkinter-0:2.7.5-69.el7_5.s390x as a component of Red Hat Enterprise Linux Client (v. 7)", "product_id": "7Client-7.5.Z:tkinter-0:2.7.5-69.el7_5.s390x" }, "product_reference": "tkinter-0:2.7.5-69.el7_5.s390x", "relates_to_product_reference": "7Client-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "tkinter-0:2.7.5-69.el7_5.x86_64 as a component of Red Hat Enterprise Linux Client (v. 7)", "product_id": "7Client-7.5.Z:tkinter-0:2.7.5-69.el7_5.x86_64" }, "product_reference": "tkinter-0:2.7.5-69.el7_5.x86_64", "relates_to_product_reference": "7Client-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-0:2.7.5-69.el7_5.aarch64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)", "product_id": "7Client-optional-7.5.Z:python-0:2.7.5-69.el7_5.aarch64" }, "product_reference": "python-0:2.7.5-69.el7_5.aarch64", "relates_to_product_reference": "7Client-optional-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-0:2.7.5-69.el7_5.ppc64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)", "product_id": "7Client-optional-7.5.Z:python-0:2.7.5-69.el7_5.ppc64" }, "product_reference": "python-0:2.7.5-69.el7_5.ppc64", "relates_to_product_reference": "7Client-optional-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-0:2.7.5-69.el7_5.ppc64le as a component of Red Hat Enterprise Linux Client Optional (v. 7)", "product_id": "7Client-optional-7.5.Z:python-0:2.7.5-69.el7_5.ppc64le" }, "product_reference": "python-0:2.7.5-69.el7_5.ppc64le", "relates_to_product_reference": "7Client-optional-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-0:2.7.5-69.el7_5.s390x as a component of Red Hat Enterprise Linux Client Optional (v. 7)", "product_id": "7Client-optional-7.5.Z:python-0:2.7.5-69.el7_5.s390x" }, "product_reference": "python-0:2.7.5-69.el7_5.s390x", "relates_to_product_reference": "7Client-optional-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-0:2.7.5-69.el7_5.src as a component of Red Hat Enterprise Linux Client Optional (v. 7)", "product_id": "7Client-optional-7.5.Z:python-0:2.7.5-69.el7_5.src" }, "product_reference": "python-0:2.7.5-69.el7_5.src", "relates_to_product_reference": "7Client-optional-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-0:2.7.5-69.el7_5.x86_64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)", "product_id": "7Client-optional-7.5.Z:python-0:2.7.5-69.el7_5.x86_64" }, "product_reference": "python-0:2.7.5-69.el7_5.x86_64", "relates_to_product_reference": "7Client-optional-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-debug-0:2.7.5-69.el7_5.aarch64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)", "product_id": "7Client-optional-7.5.Z:python-debug-0:2.7.5-69.el7_5.aarch64" }, "product_reference": "python-debug-0:2.7.5-69.el7_5.aarch64", "relates_to_product_reference": "7Client-optional-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-debug-0:2.7.5-69.el7_5.ppc64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)", "product_id": "7Client-optional-7.5.Z:python-debug-0:2.7.5-69.el7_5.ppc64" }, "product_reference": "python-debug-0:2.7.5-69.el7_5.ppc64", "relates_to_product_reference": "7Client-optional-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-debug-0:2.7.5-69.el7_5.ppc64le as a component of Red Hat Enterprise Linux Client Optional (v. 7)", "product_id": "7Client-optional-7.5.Z:python-debug-0:2.7.5-69.el7_5.ppc64le" }, "product_reference": "python-debug-0:2.7.5-69.el7_5.ppc64le", "relates_to_product_reference": "7Client-optional-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-debug-0:2.7.5-69.el7_5.s390x as a component of Red Hat Enterprise Linux Client Optional (v. 7)", "product_id": "7Client-optional-7.5.Z:python-debug-0:2.7.5-69.el7_5.s390x" }, "product_reference": "python-debug-0:2.7.5-69.el7_5.s390x", "relates_to_product_reference": "7Client-optional-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-debug-0:2.7.5-69.el7_5.x86_64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)", "product_id": "7Client-optional-7.5.Z:python-debug-0:2.7.5-69.el7_5.x86_64" }, "product_reference": "python-debug-0:2.7.5-69.el7_5.x86_64", "relates_to_product_reference": "7Client-optional-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-debuginfo-0:2.7.5-69.el7_5.aarch64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)", "product_id": "7Client-optional-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.aarch64" }, "product_reference": "python-debuginfo-0:2.7.5-69.el7_5.aarch64", "relates_to_product_reference": "7Client-optional-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-debuginfo-0:2.7.5-69.el7_5.i686 as a component of Red Hat Enterprise Linux Client Optional (v. 7)", "product_id": "7Client-optional-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.i686" }, "product_reference": "python-debuginfo-0:2.7.5-69.el7_5.i686", "relates_to_product_reference": "7Client-optional-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-debuginfo-0:2.7.5-69.el7_5.ppc as a component of Red Hat Enterprise Linux Client Optional (v. 7)", "product_id": "7Client-optional-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.ppc" }, "product_reference": "python-debuginfo-0:2.7.5-69.el7_5.ppc", "relates_to_product_reference": "7Client-optional-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-debuginfo-0:2.7.5-69.el7_5.ppc64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)", "product_id": "7Client-optional-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.ppc64" }, "product_reference": "python-debuginfo-0:2.7.5-69.el7_5.ppc64", "relates_to_product_reference": "7Client-optional-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-debuginfo-0:2.7.5-69.el7_5.ppc64le as a component of Red Hat Enterprise Linux Client Optional (v. 7)", "product_id": "7Client-optional-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.ppc64le" }, "product_reference": "python-debuginfo-0:2.7.5-69.el7_5.ppc64le", "relates_to_product_reference": "7Client-optional-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-debuginfo-0:2.7.5-69.el7_5.s390 as a component of Red Hat Enterprise Linux Client Optional (v. 7)", "product_id": "7Client-optional-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.s390" }, "product_reference": "python-debuginfo-0:2.7.5-69.el7_5.s390", "relates_to_product_reference": "7Client-optional-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-debuginfo-0:2.7.5-69.el7_5.s390x as a component of Red Hat Enterprise Linux Client Optional (v. 7)", "product_id": "7Client-optional-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.s390x" }, "product_reference": "python-debuginfo-0:2.7.5-69.el7_5.s390x", "relates_to_product_reference": "7Client-optional-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-debuginfo-0:2.7.5-69.el7_5.x86_64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)", "product_id": "7Client-optional-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.x86_64" }, "product_reference": "python-debuginfo-0:2.7.5-69.el7_5.x86_64", "relates_to_product_reference": "7Client-optional-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-devel-0:2.7.5-69.el7_5.aarch64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)", "product_id": "7Client-optional-7.5.Z:python-devel-0:2.7.5-69.el7_5.aarch64" }, "product_reference": "python-devel-0:2.7.5-69.el7_5.aarch64", "relates_to_product_reference": "7Client-optional-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-devel-0:2.7.5-69.el7_5.ppc64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)", "product_id": "7Client-optional-7.5.Z:python-devel-0:2.7.5-69.el7_5.ppc64" }, "product_reference": "python-devel-0:2.7.5-69.el7_5.ppc64", "relates_to_product_reference": "7Client-optional-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-devel-0:2.7.5-69.el7_5.ppc64le as a component of Red Hat Enterprise Linux Client Optional (v. 7)", "product_id": "7Client-optional-7.5.Z:python-devel-0:2.7.5-69.el7_5.ppc64le" }, "product_reference": "python-devel-0:2.7.5-69.el7_5.ppc64le", "relates_to_product_reference": "7Client-optional-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-devel-0:2.7.5-69.el7_5.s390x as a component of Red Hat Enterprise Linux Client Optional (v. 7)", "product_id": "7Client-optional-7.5.Z:python-devel-0:2.7.5-69.el7_5.s390x" }, "product_reference": "python-devel-0:2.7.5-69.el7_5.s390x", "relates_to_product_reference": "7Client-optional-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-devel-0:2.7.5-69.el7_5.x86_64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)", "product_id": "7Client-optional-7.5.Z:python-devel-0:2.7.5-69.el7_5.x86_64" }, "product_reference": "python-devel-0:2.7.5-69.el7_5.x86_64", "relates_to_product_reference": "7Client-optional-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-libs-0:2.7.5-69.el7_5.aarch64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)", "product_id": "7Client-optional-7.5.Z:python-libs-0:2.7.5-69.el7_5.aarch64" }, "product_reference": "python-libs-0:2.7.5-69.el7_5.aarch64", "relates_to_product_reference": "7Client-optional-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-libs-0:2.7.5-69.el7_5.i686 as a component of Red Hat Enterprise Linux Client Optional (v. 7)", "product_id": "7Client-optional-7.5.Z:python-libs-0:2.7.5-69.el7_5.i686" }, "product_reference": "python-libs-0:2.7.5-69.el7_5.i686", "relates_to_product_reference": "7Client-optional-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-libs-0:2.7.5-69.el7_5.ppc as a component of Red Hat Enterprise Linux Client Optional (v. 7)", "product_id": "7Client-optional-7.5.Z:python-libs-0:2.7.5-69.el7_5.ppc" }, "product_reference": "python-libs-0:2.7.5-69.el7_5.ppc", "relates_to_product_reference": "7Client-optional-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-libs-0:2.7.5-69.el7_5.ppc64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)", "product_id": "7Client-optional-7.5.Z:python-libs-0:2.7.5-69.el7_5.ppc64" }, "product_reference": "python-libs-0:2.7.5-69.el7_5.ppc64", "relates_to_product_reference": "7Client-optional-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-libs-0:2.7.5-69.el7_5.ppc64le as a component of Red Hat Enterprise Linux Client Optional (v. 7)", "product_id": "7Client-optional-7.5.Z:python-libs-0:2.7.5-69.el7_5.ppc64le" }, "product_reference": "python-libs-0:2.7.5-69.el7_5.ppc64le", "relates_to_product_reference": "7Client-optional-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-libs-0:2.7.5-69.el7_5.s390 as a component of Red Hat Enterprise Linux Client Optional (v. 7)", "product_id": "7Client-optional-7.5.Z:python-libs-0:2.7.5-69.el7_5.s390" }, "product_reference": "python-libs-0:2.7.5-69.el7_5.s390", "relates_to_product_reference": "7Client-optional-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-libs-0:2.7.5-69.el7_5.s390x as a component of Red Hat Enterprise Linux Client Optional (v. 7)", "product_id": "7Client-optional-7.5.Z:python-libs-0:2.7.5-69.el7_5.s390x" }, "product_reference": "python-libs-0:2.7.5-69.el7_5.s390x", "relates_to_product_reference": "7Client-optional-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-libs-0:2.7.5-69.el7_5.x86_64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)", "product_id": "7Client-optional-7.5.Z:python-libs-0:2.7.5-69.el7_5.x86_64" }, "product_reference": "python-libs-0:2.7.5-69.el7_5.x86_64", "relates_to_product_reference": "7Client-optional-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-test-0:2.7.5-69.el7_5.aarch64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)", "product_id": "7Client-optional-7.5.Z:python-test-0:2.7.5-69.el7_5.aarch64" }, "product_reference": "python-test-0:2.7.5-69.el7_5.aarch64", "relates_to_product_reference": "7Client-optional-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-test-0:2.7.5-69.el7_5.ppc64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)", "product_id": "7Client-optional-7.5.Z:python-test-0:2.7.5-69.el7_5.ppc64" }, "product_reference": "python-test-0:2.7.5-69.el7_5.ppc64", "relates_to_product_reference": "7Client-optional-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-test-0:2.7.5-69.el7_5.ppc64le as a component of Red Hat Enterprise Linux Client Optional (v. 7)", "product_id": "7Client-optional-7.5.Z:python-test-0:2.7.5-69.el7_5.ppc64le" }, "product_reference": "python-test-0:2.7.5-69.el7_5.ppc64le", "relates_to_product_reference": "7Client-optional-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-test-0:2.7.5-69.el7_5.s390x as a component of Red Hat Enterprise Linux Client Optional (v. 7)", "product_id": "7Client-optional-7.5.Z:python-test-0:2.7.5-69.el7_5.s390x" }, "product_reference": "python-test-0:2.7.5-69.el7_5.s390x", "relates_to_product_reference": "7Client-optional-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-test-0:2.7.5-69.el7_5.x86_64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)", "product_id": "7Client-optional-7.5.Z:python-test-0:2.7.5-69.el7_5.x86_64" }, "product_reference": "python-test-0:2.7.5-69.el7_5.x86_64", "relates_to_product_reference": "7Client-optional-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-tools-0:2.7.5-69.el7_5.aarch64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)", "product_id": "7Client-optional-7.5.Z:python-tools-0:2.7.5-69.el7_5.aarch64" }, "product_reference": "python-tools-0:2.7.5-69.el7_5.aarch64", "relates_to_product_reference": "7Client-optional-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-tools-0:2.7.5-69.el7_5.ppc64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)", "product_id": "7Client-optional-7.5.Z:python-tools-0:2.7.5-69.el7_5.ppc64" }, "product_reference": "python-tools-0:2.7.5-69.el7_5.ppc64", "relates_to_product_reference": "7Client-optional-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-tools-0:2.7.5-69.el7_5.ppc64le as a component of Red Hat Enterprise Linux Client Optional (v. 7)", "product_id": "7Client-optional-7.5.Z:python-tools-0:2.7.5-69.el7_5.ppc64le" }, "product_reference": "python-tools-0:2.7.5-69.el7_5.ppc64le", "relates_to_product_reference": "7Client-optional-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-tools-0:2.7.5-69.el7_5.s390x as a component of Red Hat Enterprise Linux Client Optional (v. 7)", "product_id": "7Client-optional-7.5.Z:python-tools-0:2.7.5-69.el7_5.s390x" }, "product_reference": "python-tools-0:2.7.5-69.el7_5.s390x", "relates_to_product_reference": "7Client-optional-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-tools-0:2.7.5-69.el7_5.x86_64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)", "product_id": "7Client-optional-7.5.Z:python-tools-0:2.7.5-69.el7_5.x86_64" }, "product_reference": "python-tools-0:2.7.5-69.el7_5.x86_64", "relates_to_product_reference": "7Client-optional-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "tkinter-0:2.7.5-69.el7_5.aarch64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)", "product_id": "7Client-optional-7.5.Z:tkinter-0:2.7.5-69.el7_5.aarch64" }, "product_reference": "tkinter-0:2.7.5-69.el7_5.aarch64", "relates_to_product_reference": "7Client-optional-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "tkinter-0:2.7.5-69.el7_5.ppc64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)", "product_id": "7Client-optional-7.5.Z:tkinter-0:2.7.5-69.el7_5.ppc64" }, "product_reference": "tkinter-0:2.7.5-69.el7_5.ppc64", "relates_to_product_reference": "7Client-optional-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "tkinter-0:2.7.5-69.el7_5.ppc64le as a component of Red Hat Enterprise Linux Client Optional (v. 7)", "product_id": "7Client-optional-7.5.Z:tkinter-0:2.7.5-69.el7_5.ppc64le" }, "product_reference": "tkinter-0:2.7.5-69.el7_5.ppc64le", "relates_to_product_reference": "7Client-optional-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "tkinter-0:2.7.5-69.el7_5.s390x as a component of Red Hat Enterprise Linux Client Optional (v. 7)", "product_id": "7Client-optional-7.5.Z:tkinter-0:2.7.5-69.el7_5.s390x" }, "product_reference": "tkinter-0:2.7.5-69.el7_5.s390x", "relates_to_product_reference": "7Client-optional-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "tkinter-0:2.7.5-69.el7_5.x86_64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)", "product_id": "7Client-optional-7.5.Z:tkinter-0:2.7.5-69.el7_5.x86_64" }, "product_reference": "tkinter-0:2.7.5-69.el7_5.x86_64", "relates_to_product_reference": "7Client-optional-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-0:2.7.5-69.el7_5.aarch64 as a component of Red Hat Enterprise Linux ComputeNode (v. 7)", "product_id": "7ComputeNode-7.5.Z:python-0:2.7.5-69.el7_5.aarch64" }, "product_reference": "python-0:2.7.5-69.el7_5.aarch64", "relates_to_product_reference": "7ComputeNode-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-0:2.7.5-69.el7_5.ppc64 as a component of Red Hat Enterprise Linux ComputeNode (v. 7)", "product_id": "7ComputeNode-7.5.Z:python-0:2.7.5-69.el7_5.ppc64" }, "product_reference": "python-0:2.7.5-69.el7_5.ppc64", "relates_to_product_reference": "7ComputeNode-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-0:2.7.5-69.el7_5.ppc64le as a component of Red Hat Enterprise Linux ComputeNode (v. 7)", "product_id": "7ComputeNode-7.5.Z:python-0:2.7.5-69.el7_5.ppc64le" }, "product_reference": "python-0:2.7.5-69.el7_5.ppc64le", "relates_to_product_reference": "7ComputeNode-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-0:2.7.5-69.el7_5.s390x as a component of Red Hat Enterprise Linux ComputeNode (v. 7)", "product_id": "7ComputeNode-7.5.Z:python-0:2.7.5-69.el7_5.s390x" }, "product_reference": "python-0:2.7.5-69.el7_5.s390x", "relates_to_product_reference": "7ComputeNode-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-0:2.7.5-69.el7_5.src as a component of Red Hat Enterprise Linux ComputeNode (v. 7)", "product_id": "7ComputeNode-7.5.Z:python-0:2.7.5-69.el7_5.src" }, "product_reference": "python-0:2.7.5-69.el7_5.src", "relates_to_product_reference": "7ComputeNode-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-0:2.7.5-69.el7_5.x86_64 as a component of Red Hat Enterprise Linux ComputeNode (v. 7)", "product_id": "7ComputeNode-7.5.Z:python-0:2.7.5-69.el7_5.x86_64" }, "product_reference": "python-0:2.7.5-69.el7_5.x86_64", "relates_to_product_reference": "7ComputeNode-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-debug-0:2.7.5-69.el7_5.aarch64 as a component of Red Hat Enterprise Linux ComputeNode (v. 7)", "product_id": "7ComputeNode-7.5.Z:python-debug-0:2.7.5-69.el7_5.aarch64" }, "product_reference": "python-debug-0:2.7.5-69.el7_5.aarch64", "relates_to_product_reference": "7ComputeNode-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-debug-0:2.7.5-69.el7_5.ppc64 as a component of Red Hat Enterprise Linux ComputeNode (v. 7)", "product_id": "7ComputeNode-7.5.Z:python-debug-0:2.7.5-69.el7_5.ppc64" }, "product_reference": "python-debug-0:2.7.5-69.el7_5.ppc64", "relates_to_product_reference": "7ComputeNode-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-debug-0:2.7.5-69.el7_5.ppc64le as a component of Red Hat Enterprise Linux ComputeNode (v. 7)", "product_id": "7ComputeNode-7.5.Z:python-debug-0:2.7.5-69.el7_5.ppc64le" }, "product_reference": "python-debug-0:2.7.5-69.el7_5.ppc64le", "relates_to_product_reference": "7ComputeNode-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-debug-0:2.7.5-69.el7_5.s390x as a component of Red Hat Enterprise Linux ComputeNode (v. 7)", "product_id": "7ComputeNode-7.5.Z:python-debug-0:2.7.5-69.el7_5.s390x" }, "product_reference": "python-debug-0:2.7.5-69.el7_5.s390x", "relates_to_product_reference": "7ComputeNode-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-debug-0:2.7.5-69.el7_5.x86_64 as a component of Red Hat Enterprise Linux ComputeNode (v. 7)", "product_id": "7ComputeNode-7.5.Z:python-debug-0:2.7.5-69.el7_5.x86_64" }, "product_reference": "python-debug-0:2.7.5-69.el7_5.x86_64", "relates_to_product_reference": "7ComputeNode-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-debuginfo-0:2.7.5-69.el7_5.aarch64 as a component of Red Hat Enterprise Linux ComputeNode (v. 7)", "product_id": "7ComputeNode-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.aarch64" }, "product_reference": "python-debuginfo-0:2.7.5-69.el7_5.aarch64", "relates_to_product_reference": "7ComputeNode-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-debuginfo-0:2.7.5-69.el7_5.i686 as a component of Red Hat Enterprise Linux ComputeNode (v. 7)", "product_id": "7ComputeNode-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.i686" }, "product_reference": "python-debuginfo-0:2.7.5-69.el7_5.i686", "relates_to_product_reference": "7ComputeNode-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-debuginfo-0:2.7.5-69.el7_5.ppc as a component of Red Hat Enterprise Linux ComputeNode (v. 7)", "product_id": "7ComputeNode-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.ppc" }, "product_reference": "python-debuginfo-0:2.7.5-69.el7_5.ppc", "relates_to_product_reference": "7ComputeNode-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-debuginfo-0:2.7.5-69.el7_5.ppc64 as a component of Red Hat Enterprise Linux ComputeNode (v. 7)", "product_id": "7ComputeNode-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.ppc64" }, "product_reference": "python-debuginfo-0:2.7.5-69.el7_5.ppc64", "relates_to_product_reference": "7ComputeNode-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-debuginfo-0:2.7.5-69.el7_5.ppc64le as a component of Red Hat Enterprise Linux ComputeNode (v. 7)", "product_id": "7ComputeNode-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.ppc64le" }, "product_reference": "python-debuginfo-0:2.7.5-69.el7_5.ppc64le", "relates_to_product_reference": "7ComputeNode-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-debuginfo-0:2.7.5-69.el7_5.s390 as a component of Red Hat Enterprise Linux ComputeNode (v. 7)", "product_id": "7ComputeNode-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.s390" }, "product_reference": "python-debuginfo-0:2.7.5-69.el7_5.s390", "relates_to_product_reference": "7ComputeNode-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-debuginfo-0:2.7.5-69.el7_5.s390x as a component of Red Hat Enterprise Linux ComputeNode (v. 7)", "product_id": "7ComputeNode-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.s390x" }, "product_reference": "python-debuginfo-0:2.7.5-69.el7_5.s390x", "relates_to_product_reference": "7ComputeNode-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-debuginfo-0:2.7.5-69.el7_5.x86_64 as a component of Red Hat Enterprise Linux ComputeNode (v. 7)", "product_id": "7ComputeNode-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.x86_64" }, "product_reference": "python-debuginfo-0:2.7.5-69.el7_5.x86_64", "relates_to_product_reference": "7ComputeNode-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-devel-0:2.7.5-69.el7_5.aarch64 as a component of Red Hat Enterprise Linux ComputeNode (v. 7)", "product_id": "7ComputeNode-7.5.Z:python-devel-0:2.7.5-69.el7_5.aarch64" }, "product_reference": "python-devel-0:2.7.5-69.el7_5.aarch64", "relates_to_product_reference": "7ComputeNode-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-devel-0:2.7.5-69.el7_5.ppc64 as a component of Red Hat Enterprise Linux ComputeNode (v. 7)", "product_id": "7ComputeNode-7.5.Z:python-devel-0:2.7.5-69.el7_5.ppc64" }, "product_reference": "python-devel-0:2.7.5-69.el7_5.ppc64", "relates_to_product_reference": "7ComputeNode-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-devel-0:2.7.5-69.el7_5.ppc64le as a component of Red Hat Enterprise Linux ComputeNode (v. 7)", "product_id": "7ComputeNode-7.5.Z:python-devel-0:2.7.5-69.el7_5.ppc64le" }, "product_reference": "python-devel-0:2.7.5-69.el7_5.ppc64le", "relates_to_product_reference": "7ComputeNode-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-devel-0:2.7.5-69.el7_5.s390x as a component of Red Hat Enterprise Linux ComputeNode (v. 7)", "product_id": "7ComputeNode-7.5.Z:python-devel-0:2.7.5-69.el7_5.s390x" }, "product_reference": "python-devel-0:2.7.5-69.el7_5.s390x", "relates_to_product_reference": "7ComputeNode-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-devel-0:2.7.5-69.el7_5.x86_64 as a component of Red Hat Enterprise Linux ComputeNode (v. 7)", "product_id": "7ComputeNode-7.5.Z:python-devel-0:2.7.5-69.el7_5.x86_64" }, "product_reference": "python-devel-0:2.7.5-69.el7_5.x86_64", "relates_to_product_reference": "7ComputeNode-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-libs-0:2.7.5-69.el7_5.aarch64 as a component of Red Hat Enterprise Linux ComputeNode (v. 7)", "product_id": "7ComputeNode-7.5.Z:python-libs-0:2.7.5-69.el7_5.aarch64" }, "product_reference": "python-libs-0:2.7.5-69.el7_5.aarch64", "relates_to_product_reference": "7ComputeNode-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-libs-0:2.7.5-69.el7_5.i686 as a component of Red Hat Enterprise Linux ComputeNode (v. 7)", "product_id": "7ComputeNode-7.5.Z:python-libs-0:2.7.5-69.el7_5.i686" }, "product_reference": "python-libs-0:2.7.5-69.el7_5.i686", "relates_to_product_reference": "7ComputeNode-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-libs-0:2.7.5-69.el7_5.ppc as a component of Red Hat Enterprise Linux ComputeNode (v. 7)", "product_id": "7ComputeNode-7.5.Z:python-libs-0:2.7.5-69.el7_5.ppc" }, "product_reference": "python-libs-0:2.7.5-69.el7_5.ppc", "relates_to_product_reference": "7ComputeNode-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-libs-0:2.7.5-69.el7_5.ppc64 as a component of Red Hat Enterprise Linux ComputeNode (v. 7)", "product_id": "7ComputeNode-7.5.Z:python-libs-0:2.7.5-69.el7_5.ppc64" }, "product_reference": "python-libs-0:2.7.5-69.el7_5.ppc64", "relates_to_product_reference": "7ComputeNode-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-libs-0:2.7.5-69.el7_5.ppc64le as a component of Red Hat Enterprise Linux ComputeNode (v. 7)", "product_id": "7ComputeNode-7.5.Z:python-libs-0:2.7.5-69.el7_5.ppc64le" }, "product_reference": "python-libs-0:2.7.5-69.el7_5.ppc64le", "relates_to_product_reference": "7ComputeNode-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-libs-0:2.7.5-69.el7_5.s390 as a component of Red Hat Enterprise Linux ComputeNode (v. 7)", "product_id": "7ComputeNode-7.5.Z:python-libs-0:2.7.5-69.el7_5.s390" }, "product_reference": "python-libs-0:2.7.5-69.el7_5.s390", "relates_to_product_reference": "7ComputeNode-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-libs-0:2.7.5-69.el7_5.s390x as a component of Red Hat Enterprise Linux ComputeNode (v. 7)", "product_id": "7ComputeNode-7.5.Z:python-libs-0:2.7.5-69.el7_5.s390x" }, "product_reference": "python-libs-0:2.7.5-69.el7_5.s390x", "relates_to_product_reference": "7ComputeNode-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-libs-0:2.7.5-69.el7_5.x86_64 as a component of Red Hat Enterprise Linux ComputeNode (v. 7)", "product_id": "7ComputeNode-7.5.Z:python-libs-0:2.7.5-69.el7_5.x86_64" }, "product_reference": "python-libs-0:2.7.5-69.el7_5.x86_64", "relates_to_product_reference": "7ComputeNode-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-test-0:2.7.5-69.el7_5.aarch64 as a component of Red Hat Enterprise Linux ComputeNode (v. 7)", "product_id": "7ComputeNode-7.5.Z:python-test-0:2.7.5-69.el7_5.aarch64" }, "product_reference": "python-test-0:2.7.5-69.el7_5.aarch64", "relates_to_product_reference": "7ComputeNode-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-test-0:2.7.5-69.el7_5.ppc64 as a component of Red Hat Enterprise Linux ComputeNode (v. 7)", "product_id": "7ComputeNode-7.5.Z:python-test-0:2.7.5-69.el7_5.ppc64" }, "product_reference": "python-test-0:2.7.5-69.el7_5.ppc64", "relates_to_product_reference": "7ComputeNode-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-test-0:2.7.5-69.el7_5.ppc64le as a component of Red Hat Enterprise Linux ComputeNode (v. 7)", "product_id": "7ComputeNode-7.5.Z:python-test-0:2.7.5-69.el7_5.ppc64le" }, "product_reference": "python-test-0:2.7.5-69.el7_5.ppc64le", "relates_to_product_reference": "7ComputeNode-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-test-0:2.7.5-69.el7_5.s390x as a component of Red Hat Enterprise Linux ComputeNode (v. 7)", "product_id": "7ComputeNode-7.5.Z:python-test-0:2.7.5-69.el7_5.s390x" }, "product_reference": "python-test-0:2.7.5-69.el7_5.s390x", "relates_to_product_reference": "7ComputeNode-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-test-0:2.7.5-69.el7_5.x86_64 as a component of Red Hat Enterprise Linux ComputeNode (v. 7)", "product_id": "7ComputeNode-7.5.Z:python-test-0:2.7.5-69.el7_5.x86_64" }, "product_reference": "python-test-0:2.7.5-69.el7_5.x86_64", "relates_to_product_reference": "7ComputeNode-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-tools-0:2.7.5-69.el7_5.aarch64 as a component of Red Hat Enterprise Linux ComputeNode (v. 7)", "product_id": "7ComputeNode-7.5.Z:python-tools-0:2.7.5-69.el7_5.aarch64" }, "product_reference": "python-tools-0:2.7.5-69.el7_5.aarch64", "relates_to_product_reference": "7ComputeNode-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-tools-0:2.7.5-69.el7_5.ppc64 as a component of Red Hat Enterprise Linux ComputeNode (v. 7)", "product_id": "7ComputeNode-7.5.Z:python-tools-0:2.7.5-69.el7_5.ppc64" }, "product_reference": "python-tools-0:2.7.5-69.el7_5.ppc64", "relates_to_product_reference": "7ComputeNode-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-tools-0:2.7.5-69.el7_5.ppc64le as a component of Red Hat Enterprise Linux ComputeNode (v. 7)", "product_id": "7ComputeNode-7.5.Z:python-tools-0:2.7.5-69.el7_5.ppc64le" }, "product_reference": "python-tools-0:2.7.5-69.el7_5.ppc64le", "relates_to_product_reference": "7ComputeNode-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-tools-0:2.7.5-69.el7_5.s390x as a component of Red Hat Enterprise Linux ComputeNode (v. 7)", "product_id": "7ComputeNode-7.5.Z:python-tools-0:2.7.5-69.el7_5.s390x" }, "product_reference": "python-tools-0:2.7.5-69.el7_5.s390x", "relates_to_product_reference": "7ComputeNode-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-tools-0:2.7.5-69.el7_5.x86_64 as a component of Red Hat Enterprise Linux ComputeNode (v. 7)", "product_id": "7ComputeNode-7.5.Z:python-tools-0:2.7.5-69.el7_5.x86_64" }, "product_reference": "python-tools-0:2.7.5-69.el7_5.x86_64", "relates_to_product_reference": "7ComputeNode-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "tkinter-0:2.7.5-69.el7_5.aarch64 as a component of Red Hat Enterprise Linux ComputeNode (v. 7)", "product_id": "7ComputeNode-7.5.Z:tkinter-0:2.7.5-69.el7_5.aarch64" }, "product_reference": "tkinter-0:2.7.5-69.el7_5.aarch64", "relates_to_product_reference": "7ComputeNode-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "tkinter-0:2.7.5-69.el7_5.ppc64 as a component of Red Hat Enterprise Linux ComputeNode (v. 7)", "product_id": "7ComputeNode-7.5.Z:tkinter-0:2.7.5-69.el7_5.ppc64" }, "product_reference": "tkinter-0:2.7.5-69.el7_5.ppc64", "relates_to_product_reference": "7ComputeNode-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "tkinter-0:2.7.5-69.el7_5.ppc64le as a component of Red Hat Enterprise Linux ComputeNode (v. 7)", "product_id": "7ComputeNode-7.5.Z:tkinter-0:2.7.5-69.el7_5.ppc64le" }, "product_reference": "tkinter-0:2.7.5-69.el7_5.ppc64le", "relates_to_product_reference": "7ComputeNode-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "tkinter-0:2.7.5-69.el7_5.s390x as a component of Red Hat Enterprise Linux ComputeNode (v. 7)", "product_id": "7ComputeNode-7.5.Z:tkinter-0:2.7.5-69.el7_5.s390x" }, "product_reference": "tkinter-0:2.7.5-69.el7_5.s390x", "relates_to_product_reference": "7ComputeNode-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "tkinter-0:2.7.5-69.el7_5.x86_64 as a component of Red Hat Enterprise Linux ComputeNode (v. 7)", "product_id": "7ComputeNode-7.5.Z:tkinter-0:2.7.5-69.el7_5.x86_64" }, "product_reference": "tkinter-0:2.7.5-69.el7_5.x86_64", "relates_to_product_reference": "7ComputeNode-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-0:2.7.5-69.el7_5.aarch64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", "product_id": "7ComputeNode-optional-7.5.Z:python-0:2.7.5-69.el7_5.aarch64" }, "product_reference": "python-0:2.7.5-69.el7_5.aarch64", "relates_to_product_reference": "7ComputeNode-optional-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-0:2.7.5-69.el7_5.ppc64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", "product_id": "7ComputeNode-optional-7.5.Z:python-0:2.7.5-69.el7_5.ppc64" }, "product_reference": "python-0:2.7.5-69.el7_5.ppc64", "relates_to_product_reference": "7ComputeNode-optional-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-0:2.7.5-69.el7_5.ppc64le as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", "product_id": "7ComputeNode-optional-7.5.Z:python-0:2.7.5-69.el7_5.ppc64le" }, "product_reference": "python-0:2.7.5-69.el7_5.ppc64le", "relates_to_product_reference": "7ComputeNode-optional-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-0:2.7.5-69.el7_5.s390x as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", "product_id": "7ComputeNode-optional-7.5.Z:python-0:2.7.5-69.el7_5.s390x" }, "product_reference": "python-0:2.7.5-69.el7_5.s390x", "relates_to_product_reference": "7ComputeNode-optional-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-0:2.7.5-69.el7_5.src as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", "product_id": "7ComputeNode-optional-7.5.Z:python-0:2.7.5-69.el7_5.src" }, "product_reference": "python-0:2.7.5-69.el7_5.src", "relates_to_product_reference": "7ComputeNode-optional-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-0:2.7.5-69.el7_5.x86_64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", "product_id": "7ComputeNode-optional-7.5.Z:python-0:2.7.5-69.el7_5.x86_64" }, "product_reference": "python-0:2.7.5-69.el7_5.x86_64", "relates_to_product_reference": "7ComputeNode-optional-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-debug-0:2.7.5-69.el7_5.aarch64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", "product_id": "7ComputeNode-optional-7.5.Z:python-debug-0:2.7.5-69.el7_5.aarch64" }, "product_reference": "python-debug-0:2.7.5-69.el7_5.aarch64", "relates_to_product_reference": "7ComputeNode-optional-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-debug-0:2.7.5-69.el7_5.ppc64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", "product_id": "7ComputeNode-optional-7.5.Z:python-debug-0:2.7.5-69.el7_5.ppc64" }, "product_reference": "python-debug-0:2.7.5-69.el7_5.ppc64", "relates_to_product_reference": "7ComputeNode-optional-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-debug-0:2.7.5-69.el7_5.ppc64le as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", "product_id": "7ComputeNode-optional-7.5.Z:python-debug-0:2.7.5-69.el7_5.ppc64le" }, "product_reference": "python-debug-0:2.7.5-69.el7_5.ppc64le", "relates_to_product_reference": "7ComputeNode-optional-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-debug-0:2.7.5-69.el7_5.s390x as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", "product_id": "7ComputeNode-optional-7.5.Z:python-debug-0:2.7.5-69.el7_5.s390x" }, "product_reference": "python-debug-0:2.7.5-69.el7_5.s390x", "relates_to_product_reference": "7ComputeNode-optional-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-debug-0:2.7.5-69.el7_5.x86_64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", "product_id": "7ComputeNode-optional-7.5.Z:python-debug-0:2.7.5-69.el7_5.x86_64" }, "product_reference": "python-debug-0:2.7.5-69.el7_5.x86_64", "relates_to_product_reference": "7ComputeNode-optional-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-debuginfo-0:2.7.5-69.el7_5.aarch64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", "product_id": "7ComputeNode-optional-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.aarch64" }, "product_reference": "python-debuginfo-0:2.7.5-69.el7_5.aarch64", "relates_to_product_reference": "7ComputeNode-optional-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-debuginfo-0:2.7.5-69.el7_5.i686 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", "product_id": "7ComputeNode-optional-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.i686" }, "product_reference": "python-debuginfo-0:2.7.5-69.el7_5.i686", "relates_to_product_reference": "7ComputeNode-optional-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-debuginfo-0:2.7.5-69.el7_5.ppc as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", "product_id": "7ComputeNode-optional-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.ppc" }, "product_reference": "python-debuginfo-0:2.7.5-69.el7_5.ppc", "relates_to_product_reference": "7ComputeNode-optional-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-debuginfo-0:2.7.5-69.el7_5.ppc64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", "product_id": "7ComputeNode-optional-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.ppc64" }, "product_reference": "python-debuginfo-0:2.7.5-69.el7_5.ppc64", "relates_to_product_reference": "7ComputeNode-optional-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-debuginfo-0:2.7.5-69.el7_5.ppc64le as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", "product_id": "7ComputeNode-optional-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.ppc64le" }, "product_reference": "python-debuginfo-0:2.7.5-69.el7_5.ppc64le", "relates_to_product_reference": "7ComputeNode-optional-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-debuginfo-0:2.7.5-69.el7_5.s390 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", "product_id": "7ComputeNode-optional-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.s390" }, "product_reference": "python-debuginfo-0:2.7.5-69.el7_5.s390", "relates_to_product_reference": "7ComputeNode-optional-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-debuginfo-0:2.7.5-69.el7_5.s390x as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", "product_id": "7ComputeNode-optional-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.s390x" }, "product_reference": "python-debuginfo-0:2.7.5-69.el7_5.s390x", "relates_to_product_reference": "7ComputeNode-optional-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-debuginfo-0:2.7.5-69.el7_5.x86_64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", "product_id": "7ComputeNode-optional-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.x86_64" }, "product_reference": "python-debuginfo-0:2.7.5-69.el7_5.x86_64", "relates_to_product_reference": "7ComputeNode-optional-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-devel-0:2.7.5-69.el7_5.aarch64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", "product_id": "7ComputeNode-optional-7.5.Z:python-devel-0:2.7.5-69.el7_5.aarch64" }, "product_reference": "python-devel-0:2.7.5-69.el7_5.aarch64", "relates_to_product_reference": "7ComputeNode-optional-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-devel-0:2.7.5-69.el7_5.ppc64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", "product_id": "7ComputeNode-optional-7.5.Z:python-devel-0:2.7.5-69.el7_5.ppc64" }, "product_reference": "python-devel-0:2.7.5-69.el7_5.ppc64", "relates_to_product_reference": "7ComputeNode-optional-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-devel-0:2.7.5-69.el7_5.ppc64le as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", "product_id": "7ComputeNode-optional-7.5.Z:python-devel-0:2.7.5-69.el7_5.ppc64le" }, "product_reference": "python-devel-0:2.7.5-69.el7_5.ppc64le", "relates_to_product_reference": "7ComputeNode-optional-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-devel-0:2.7.5-69.el7_5.s390x as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", "product_id": "7ComputeNode-optional-7.5.Z:python-devel-0:2.7.5-69.el7_5.s390x" }, "product_reference": "python-devel-0:2.7.5-69.el7_5.s390x", "relates_to_product_reference": "7ComputeNode-optional-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-devel-0:2.7.5-69.el7_5.x86_64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", "product_id": "7ComputeNode-optional-7.5.Z:python-devel-0:2.7.5-69.el7_5.x86_64" }, "product_reference": "python-devel-0:2.7.5-69.el7_5.x86_64", "relates_to_product_reference": "7ComputeNode-optional-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-libs-0:2.7.5-69.el7_5.aarch64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", "product_id": "7ComputeNode-optional-7.5.Z:python-libs-0:2.7.5-69.el7_5.aarch64" }, "product_reference": "python-libs-0:2.7.5-69.el7_5.aarch64", "relates_to_product_reference": "7ComputeNode-optional-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-libs-0:2.7.5-69.el7_5.i686 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", "product_id": "7ComputeNode-optional-7.5.Z:python-libs-0:2.7.5-69.el7_5.i686" }, "product_reference": "python-libs-0:2.7.5-69.el7_5.i686", "relates_to_product_reference": "7ComputeNode-optional-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-libs-0:2.7.5-69.el7_5.ppc as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", "product_id": "7ComputeNode-optional-7.5.Z:python-libs-0:2.7.5-69.el7_5.ppc" }, "product_reference": "python-libs-0:2.7.5-69.el7_5.ppc", "relates_to_product_reference": "7ComputeNode-optional-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-libs-0:2.7.5-69.el7_5.ppc64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", "product_id": "7ComputeNode-optional-7.5.Z:python-libs-0:2.7.5-69.el7_5.ppc64" }, "product_reference": "python-libs-0:2.7.5-69.el7_5.ppc64", "relates_to_product_reference": "7ComputeNode-optional-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-libs-0:2.7.5-69.el7_5.ppc64le as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", "product_id": "7ComputeNode-optional-7.5.Z:python-libs-0:2.7.5-69.el7_5.ppc64le" }, "product_reference": "python-libs-0:2.7.5-69.el7_5.ppc64le", "relates_to_product_reference": "7ComputeNode-optional-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-libs-0:2.7.5-69.el7_5.s390 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", "product_id": "7ComputeNode-optional-7.5.Z:python-libs-0:2.7.5-69.el7_5.s390" }, "product_reference": "python-libs-0:2.7.5-69.el7_5.s390", "relates_to_product_reference": "7ComputeNode-optional-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-libs-0:2.7.5-69.el7_5.s390x as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", "product_id": "7ComputeNode-optional-7.5.Z:python-libs-0:2.7.5-69.el7_5.s390x" }, "product_reference": "python-libs-0:2.7.5-69.el7_5.s390x", "relates_to_product_reference": "7ComputeNode-optional-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-libs-0:2.7.5-69.el7_5.x86_64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", "product_id": "7ComputeNode-optional-7.5.Z:python-libs-0:2.7.5-69.el7_5.x86_64" }, "product_reference": "python-libs-0:2.7.5-69.el7_5.x86_64", "relates_to_product_reference": "7ComputeNode-optional-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-test-0:2.7.5-69.el7_5.aarch64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", "product_id": "7ComputeNode-optional-7.5.Z:python-test-0:2.7.5-69.el7_5.aarch64" }, "product_reference": "python-test-0:2.7.5-69.el7_5.aarch64", "relates_to_product_reference": "7ComputeNode-optional-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-test-0:2.7.5-69.el7_5.ppc64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", "product_id": "7ComputeNode-optional-7.5.Z:python-test-0:2.7.5-69.el7_5.ppc64" }, "product_reference": "python-test-0:2.7.5-69.el7_5.ppc64", "relates_to_product_reference": "7ComputeNode-optional-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-test-0:2.7.5-69.el7_5.ppc64le as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", "product_id": "7ComputeNode-optional-7.5.Z:python-test-0:2.7.5-69.el7_5.ppc64le" }, "product_reference": "python-test-0:2.7.5-69.el7_5.ppc64le", "relates_to_product_reference": "7ComputeNode-optional-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-test-0:2.7.5-69.el7_5.s390x as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", "product_id": "7ComputeNode-optional-7.5.Z:python-test-0:2.7.5-69.el7_5.s390x" }, "product_reference": "python-test-0:2.7.5-69.el7_5.s390x", "relates_to_product_reference": "7ComputeNode-optional-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-test-0:2.7.5-69.el7_5.x86_64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", "product_id": "7ComputeNode-optional-7.5.Z:python-test-0:2.7.5-69.el7_5.x86_64" }, "product_reference": "python-test-0:2.7.5-69.el7_5.x86_64", "relates_to_product_reference": "7ComputeNode-optional-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-tools-0:2.7.5-69.el7_5.aarch64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", "product_id": "7ComputeNode-optional-7.5.Z:python-tools-0:2.7.5-69.el7_5.aarch64" }, "product_reference": "python-tools-0:2.7.5-69.el7_5.aarch64", "relates_to_product_reference": "7ComputeNode-optional-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-tools-0:2.7.5-69.el7_5.ppc64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", "product_id": "7ComputeNode-optional-7.5.Z:python-tools-0:2.7.5-69.el7_5.ppc64" }, "product_reference": "python-tools-0:2.7.5-69.el7_5.ppc64", "relates_to_product_reference": "7ComputeNode-optional-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-tools-0:2.7.5-69.el7_5.ppc64le as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", "product_id": "7ComputeNode-optional-7.5.Z:python-tools-0:2.7.5-69.el7_5.ppc64le" }, "product_reference": "python-tools-0:2.7.5-69.el7_5.ppc64le", "relates_to_product_reference": "7ComputeNode-optional-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-tools-0:2.7.5-69.el7_5.s390x as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", "product_id": "7ComputeNode-optional-7.5.Z:python-tools-0:2.7.5-69.el7_5.s390x" }, "product_reference": "python-tools-0:2.7.5-69.el7_5.s390x", "relates_to_product_reference": "7ComputeNode-optional-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-tools-0:2.7.5-69.el7_5.x86_64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", "product_id": "7ComputeNode-optional-7.5.Z:python-tools-0:2.7.5-69.el7_5.x86_64" }, "product_reference": "python-tools-0:2.7.5-69.el7_5.x86_64", "relates_to_product_reference": "7ComputeNode-optional-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "tkinter-0:2.7.5-69.el7_5.aarch64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", "product_id": "7ComputeNode-optional-7.5.Z:tkinter-0:2.7.5-69.el7_5.aarch64" }, "product_reference": "tkinter-0:2.7.5-69.el7_5.aarch64", "relates_to_product_reference": "7ComputeNode-optional-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "tkinter-0:2.7.5-69.el7_5.ppc64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", "product_id": "7ComputeNode-optional-7.5.Z:tkinter-0:2.7.5-69.el7_5.ppc64" }, "product_reference": "tkinter-0:2.7.5-69.el7_5.ppc64", "relates_to_product_reference": "7ComputeNode-optional-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "tkinter-0:2.7.5-69.el7_5.ppc64le as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", "product_id": "7ComputeNode-optional-7.5.Z:tkinter-0:2.7.5-69.el7_5.ppc64le" }, "product_reference": "tkinter-0:2.7.5-69.el7_5.ppc64le", "relates_to_product_reference": "7ComputeNode-optional-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "tkinter-0:2.7.5-69.el7_5.s390x as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", "product_id": "7ComputeNode-optional-7.5.Z:tkinter-0:2.7.5-69.el7_5.s390x" }, "product_reference": "tkinter-0:2.7.5-69.el7_5.s390x", "relates_to_product_reference": "7ComputeNode-optional-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "tkinter-0:2.7.5-69.el7_5.x86_64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", "product_id": "7ComputeNode-optional-7.5.Z:tkinter-0:2.7.5-69.el7_5.x86_64" }, "product_reference": "tkinter-0:2.7.5-69.el7_5.x86_64", "relates_to_product_reference": "7ComputeNode-optional-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-0:2.7.5-69.el7_5.aarch64 as a component of Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server-7.5.Z:python-0:2.7.5-69.el7_5.aarch64" }, "product_reference": "python-0:2.7.5-69.el7_5.aarch64", "relates_to_product_reference": "7Server-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-0:2.7.5-69.el7_5.ppc64 as a component of Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server-7.5.Z:python-0:2.7.5-69.el7_5.ppc64" }, "product_reference": "python-0:2.7.5-69.el7_5.ppc64", "relates_to_product_reference": "7Server-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-0:2.7.5-69.el7_5.ppc64le as a component of Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server-7.5.Z:python-0:2.7.5-69.el7_5.ppc64le" }, "product_reference": "python-0:2.7.5-69.el7_5.ppc64le", "relates_to_product_reference": "7Server-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-0:2.7.5-69.el7_5.s390x as a component of Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server-7.5.Z:python-0:2.7.5-69.el7_5.s390x" }, "product_reference": "python-0:2.7.5-69.el7_5.s390x", "relates_to_product_reference": "7Server-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-0:2.7.5-69.el7_5.src as a component of Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server-7.5.Z:python-0:2.7.5-69.el7_5.src" }, "product_reference": "python-0:2.7.5-69.el7_5.src", "relates_to_product_reference": "7Server-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-0:2.7.5-69.el7_5.x86_64 as a component of Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server-7.5.Z:python-0:2.7.5-69.el7_5.x86_64" }, "product_reference": "python-0:2.7.5-69.el7_5.x86_64", "relates_to_product_reference": "7Server-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-debug-0:2.7.5-69.el7_5.aarch64 as a component of Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server-7.5.Z:python-debug-0:2.7.5-69.el7_5.aarch64" }, "product_reference": "python-debug-0:2.7.5-69.el7_5.aarch64", "relates_to_product_reference": "7Server-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-debug-0:2.7.5-69.el7_5.ppc64 as a component of Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server-7.5.Z:python-debug-0:2.7.5-69.el7_5.ppc64" }, "product_reference": "python-debug-0:2.7.5-69.el7_5.ppc64", "relates_to_product_reference": "7Server-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-debug-0:2.7.5-69.el7_5.ppc64le as a component of Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server-7.5.Z:python-debug-0:2.7.5-69.el7_5.ppc64le" }, "product_reference": "python-debug-0:2.7.5-69.el7_5.ppc64le", "relates_to_product_reference": "7Server-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-debug-0:2.7.5-69.el7_5.s390x as a component of Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server-7.5.Z:python-debug-0:2.7.5-69.el7_5.s390x" }, "product_reference": "python-debug-0:2.7.5-69.el7_5.s390x", "relates_to_product_reference": "7Server-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-debug-0:2.7.5-69.el7_5.x86_64 as a component of Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server-7.5.Z:python-debug-0:2.7.5-69.el7_5.x86_64" }, "product_reference": "python-debug-0:2.7.5-69.el7_5.x86_64", "relates_to_product_reference": "7Server-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-debuginfo-0:2.7.5-69.el7_5.aarch64 as a component of Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.aarch64" }, "product_reference": "python-debuginfo-0:2.7.5-69.el7_5.aarch64", "relates_to_product_reference": "7Server-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-debuginfo-0:2.7.5-69.el7_5.i686 as a component of Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.i686" }, "product_reference": "python-debuginfo-0:2.7.5-69.el7_5.i686", "relates_to_product_reference": "7Server-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-debuginfo-0:2.7.5-69.el7_5.ppc as a component of Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.ppc" }, "product_reference": "python-debuginfo-0:2.7.5-69.el7_5.ppc", "relates_to_product_reference": "7Server-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-debuginfo-0:2.7.5-69.el7_5.ppc64 as a component of Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.ppc64" }, "product_reference": "python-debuginfo-0:2.7.5-69.el7_5.ppc64", "relates_to_product_reference": "7Server-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-debuginfo-0:2.7.5-69.el7_5.ppc64le as a component of Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.ppc64le" }, "product_reference": "python-debuginfo-0:2.7.5-69.el7_5.ppc64le", "relates_to_product_reference": "7Server-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-debuginfo-0:2.7.5-69.el7_5.s390 as a component of Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.s390" }, "product_reference": "python-debuginfo-0:2.7.5-69.el7_5.s390", "relates_to_product_reference": "7Server-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-debuginfo-0:2.7.5-69.el7_5.s390x as a component of Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.s390x" }, "product_reference": "python-debuginfo-0:2.7.5-69.el7_5.s390x", "relates_to_product_reference": "7Server-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-debuginfo-0:2.7.5-69.el7_5.x86_64 as a component of Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.x86_64" }, "product_reference": "python-debuginfo-0:2.7.5-69.el7_5.x86_64", "relates_to_product_reference": "7Server-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-devel-0:2.7.5-69.el7_5.aarch64 as a component of Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server-7.5.Z:python-devel-0:2.7.5-69.el7_5.aarch64" }, "product_reference": "python-devel-0:2.7.5-69.el7_5.aarch64", "relates_to_product_reference": "7Server-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-devel-0:2.7.5-69.el7_5.ppc64 as a component of Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server-7.5.Z:python-devel-0:2.7.5-69.el7_5.ppc64" }, "product_reference": "python-devel-0:2.7.5-69.el7_5.ppc64", "relates_to_product_reference": "7Server-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-devel-0:2.7.5-69.el7_5.ppc64le as a component of Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server-7.5.Z:python-devel-0:2.7.5-69.el7_5.ppc64le" }, "product_reference": "python-devel-0:2.7.5-69.el7_5.ppc64le", "relates_to_product_reference": "7Server-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-devel-0:2.7.5-69.el7_5.s390x as a component of Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server-7.5.Z:python-devel-0:2.7.5-69.el7_5.s390x" }, "product_reference": "python-devel-0:2.7.5-69.el7_5.s390x", "relates_to_product_reference": "7Server-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-devel-0:2.7.5-69.el7_5.x86_64 as a component of Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server-7.5.Z:python-devel-0:2.7.5-69.el7_5.x86_64" }, "product_reference": "python-devel-0:2.7.5-69.el7_5.x86_64", "relates_to_product_reference": "7Server-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-libs-0:2.7.5-69.el7_5.aarch64 as a component of Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server-7.5.Z:python-libs-0:2.7.5-69.el7_5.aarch64" }, "product_reference": "python-libs-0:2.7.5-69.el7_5.aarch64", "relates_to_product_reference": "7Server-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-libs-0:2.7.5-69.el7_5.i686 as a component of Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server-7.5.Z:python-libs-0:2.7.5-69.el7_5.i686" }, "product_reference": "python-libs-0:2.7.5-69.el7_5.i686", "relates_to_product_reference": "7Server-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-libs-0:2.7.5-69.el7_5.ppc as a component of Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server-7.5.Z:python-libs-0:2.7.5-69.el7_5.ppc" }, "product_reference": "python-libs-0:2.7.5-69.el7_5.ppc", "relates_to_product_reference": "7Server-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-libs-0:2.7.5-69.el7_5.ppc64 as a component of Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server-7.5.Z:python-libs-0:2.7.5-69.el7_5.ppc64" }, "product_reference": "python-libs-0:2.7.5-69.el7_5.ppc64", "relates_to_product_reference": "7Server-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-libs-0:2.7.5-69.el7_5.ppc64le as a component of Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server-7.5.Z:python-libs-0:2.7.5-69.el7_5.ppc64le" }, "product_reference": "python-libs-0:2.7.5-69.el7_5.ppc64le", "relates_to_product_reference": "7Server-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-libs-0:2.7.5-69.el7_5.s390 as a component of Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server-7.5.Z:python-libs-0:2.7.5-69.el7_5.s390" }, "product_reference": "python-libs-0:2.7.5-69.el7_5.s390", "relates_to_product_reference": "7Server-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-libs-0:2.7.5-69.el7_5.s390x as a component of Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server-7.5.Z:python-libs-0:2.7.5-69.el7_5.s390x" }, "product_reference": "python-libs-0:2.7.5-69.el7_5.s390x", "relates_to_product_reference": "7Server-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-libs-0:2.7.5-69.el7_5.x86_64 as a component of Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server-7.5.Z:python-libs-0:2.7.5-69.el7_5.x86_64" }, "product_reference": "python-libs-0:2.7.5-69.el7_5.x86_64", "relates_to_product_reference": "7Server-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-test-0:2.7.5-69.el7_5.aarch64 as a component of Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server-7.5.Z:python-test-0:2.7.5-69.el7_5.aarch64" }, "product_reference": "python-test-0:2.7.5-69.el7_5.aarch64", "relates_to_product_reference": "7Server-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-test-0:2.7.5-69.el7_5.ppc64 as a component of Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server-7.5.Z:python-test-0:2.7.5-69.el7_5.ppc64" }, "product_reference": "python-test-0:2.7.5-69.el7_5.ppc64", "relates_to_product_reference": "7Server-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-test-0:2.7.5-69.el7_5.ppc64le as a component of Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server-7.5.Z:python-test-0:2.7.5-69.el7_5.ppc64le" }, "product_reference": "python-test-0:2.7.5-69.el7_5.ppc64le", "relates_to_product_reference": "7Server-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-test-0:2.7.5-69.el7_5.s390x as a component of Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server-7.5.Z:python-test-0:2.7.5-69.el7_5.s390x" }, "product_reference": "python-test-0:2.7.5-69.el7_5.s390x", "relates_to_product_reference": "7Server-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-test-0:2.7.5-69.el7_5.x86_64 as a component of Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server-7.5.Z:python-test-0:2.7.5-69.el7_5.x86_64" }, "product_reference": "python-test-0:2.7.5-69.el7_5.x86_64", "relates_to_product_reference": "7Server-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-tools-0:2.7.5-69.el7_5.aarch64 as a component of Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server-7.5.Z:python-tools-0:2.7.5-69.el7_5.aarch64" }, "product_reference": "python-tools-0:2.7.5-69.el7_5.aarch64", "relates_to_product_reference": "7Server-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-tools-0:2.7.5-69.el7_5.ppc64 as a component of Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server-7.5.Z:python-tools-0:2.7.5-69.el7_5.ppc64" }, "product_reference": "python-tools-0:2.7.5-69.el7_5.ppc64", "relates_to_product_reference": "7Server-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-tools-0:2.7.5-69.el7_5.ppc64le as a component of Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server-7.5.Z:python-tools-0:2.7.5-69.el7_5.ppc64le" }, "product_reference": "python-tools-0:2.7.5-69.el7_5.ppc64le", "relates_to_product_reference": "7Server-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-tools-0:2.7.5-69.el7_5.s390x as a component of Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server-7.5.Z:python-tools-0:2.7.5-69.el7_5.s390x" }, "product_reference": "python-tools-0:2.7.5-69.el7_5.s390x", "relates_to_product_reference": "7Server-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-tools-0:2.7.5-69.el7_5.x86_64 as a component of Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server-7.5.Z:python-tools-0:2.7.5-69.el7_5.x86_64" }, "product_reference": "python-tools-0:2.7.5-69.el7_5.x86_64", "relates_to_product_reference": "7Server-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "tkinter-0:2.7.5-69.el7_5.aarch64 as a component of Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server-7.5.Z:tkinter-0:2.7.5-69.el7_5.aarch64" }, "product_reference": "tkinter-0:2.7.5-69.el7_5.aarch64", "relates_to_product_reference": "7Server-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "tkinter-0:2.7.5-69.el7_5.ppc64 as a component of Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server-7.5.Z:tkinter-0:2.7.5-69.el7_5.ppc64" }, "product_reference": "tkinter-0:2.7.5-69.el7_5.ppc64", "relates_to_product_reference": "7Server-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "tkinter-0:2.7.5-69.el7_5.ppc64le as a component of Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server-7.5.Z:tkinter-0:2.7.5-69.el7_5.ppc64le" }, "product_reference": "tkinter-0:2.7.5-69.el7_5.ppc64le", "relates_to_product_reference": "7Server-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "tkinter-0:2.7.5-69.el7_5.s390x as a component of Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server-7.5.Z:tkinter-0:2.7.5-69.el7_5.s390x" }, "product_reference": "tkinter-0:2.7.5-69.el7_5.s390x", "relates_to_product_reference": "7Server-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "tkinter-0:2.7.5-69.el7_5.x86_64 as a component of Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server-7.5.Z:tkinter-0:2.7.5-69.el7_5.x86_64" }, "product_reference": "tkinter-0:2.7.5-69.el7_5.x86_64", "relates_to_product_reference": "7Server-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-0:2.7.5-69.el7_5.aarch64 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)", "product_id": "7Server-Alt-7.5.Z:python-0:2.7.5-69.el7_5.aarch64" }, "product_reference": "python-0:2.7.5-69.el7_5.aarch64", "relates_to_product_reference": "7Server-Alt-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-0:2.7.5-69.el7_5.ppc64 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)", "product_id": "7Server-Alt-7.5.Z:python-0:2.7.5-69.el7_5.ppc64" }, "product_reference": "python-0:2.7.5-69.el7_5.ppc64", "relates_to_product_reference": "7Server-Alt-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-0:2.7.5-69.el7_5.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)", "product_id": "7Server-Alt-7.5.Z:python-0:2.7.5-69.el7_5.ppc64le" }, "product_reference": "python-0:2.7.5-69.el7_5.ppc64le", "relates_to_product_reference": "7Server-Alt-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-0:2.7.5-69.el7_5.s390x as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)", "product_id": "7Server-Alt-7.5.Z:python-0:2.7.5-69.el7_5.s390x" }, "product_reference": "python-0:2.7.5-69.el7_5.s390x", "relates_to_product_reference": "7Server-Alt-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-0:2.7.5-69.el7_5.src as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)", "product_id": "7Server-Alt-7.5.Z:python-0:2.7.5-69.el7_5.src" }, "product_reference": "python-0:2.7.5-69.el7_5.src", "relates_to_product_reference": "7Server-Alt-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-0:2.7.5-69.el7_5.x86_64 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)", "product_id": "7Server-Alt-7.5.Z:python-0:2.7.5-69.el7_5.x86_64" }, "product_reference": "python-0:2.7.5-69.el7_5.x86_64", "relates_to_product_reference": "7Server-Alt-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-debug-0:2.7.5-69.el7_5.aarch64 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)", "product_id": "7Server-Alt-7.5.Z:python-debug-0:2.7.5-69.el7_5.aarch64" }, "product_reference": "python-debug-0:2.7.5-69.el7_5.aarch64", "relates_to_product_reference": "7Server-Alt-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-debug-0:2.7.5-69.el7_5.ppc64 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)", "product_id": "7Server-Alt-7.5.Z:python-debug-0:2.7.5-69.el7_5.ppc64" }, "product_reference": "python-debug-0:2.7.5-69.el7_5.ppc64", "relates_to_product_reference": "7Server-Alt-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-debug-0:2.7.5-69.el7_5.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)", "product_id": "7Server-Alt-7.5.Z:python-debug-0:2.7.5-69.el7_5.ppc64le" }, "product_reference": "python-debug-0:2.7.5-69.el7_5.ppc64le", "relates_to_product_reference": "7Server-Alt-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-debug-0:2.7.5-69.el7_5.s390x as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)", "product_id": "7Server-Alt-7.5.Z:python-debug-0:2.7.5-69.el7_5.s390x" }, "product_reference": "python-debug-0:2.7.5-69.el7_5.s390x", "relates_to_product_reference": "7Server-Alt-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-debug-0:2.7.5-69.el7_5.x86_64 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)", "product_id": "7Server-Alt-7.5.Z:python-debug-0:2.7.5-69.el7_5.x86_64" }, "product_reference": "python-debug-0:2.7.5-69.el7_5.x86_64", "relates_to_product_reference": "7Server-Alt-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-debuginfo-0:2.7.5-69.el7_5.aarch64 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)", "product_id": "7Server-Alt-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.aarch64" }, "product_reference": "python-debuginfo-0:2.7.5-69.el7_5.aarch64", "relates_to_product_reference": "7Server-Alt-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-debuginfo-0:2.7.5-69.el7_5.i686 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)", "product_id": "7Server-Alt-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.i686" }, "product_reference": "python-debuginfo-0:2.7.5-69.el7_5.i686", "relates_to_product_reference": "7Server-Alt-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-debuginfo-0:2.7.5-69.el7_5.ppc as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)", "product_id": "7Server-Alt-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.ppc" }, "product_reference": "python-debuginfo-0:2.7.5-69.el7_5.ppc", "relates_to_product_reference": "7Server-Alt-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-debuginfo-0:2.7.5-69.el7_5.ppc64 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)", "product_id": "7Server-Alt-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.ppc64" }, "product_reference": "python-debuginfo-0:2.7.5-69.el7_5.ppc64", "relates_to_product_reference": "7Server-Alt-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-debuginfo-0:2.7.5-69.el7_5.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)", "product_id": "7Server-Alt-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.ppc64le" }, "product_reference": "python-debuginfo-0:2.7.5-69.el7_5.ppc64le", "relates_to_product_reference": "7Server-Alt-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-debuginfo-0:2.7.5-69.el7_5.s390 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)", "product_id": "7Server-Alt-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.s390" }, "product_reference": "python-debuginfo-0:2.7.5-69.el7_5.s390", "relates_to_product_reference": "7Server-Alt-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-debuginfo-0:2.7.5-69.el7_5.s390x as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)", "product_id": "7Server-Alt-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.s390x" }, "product_reference": "python-debuginfo-0:2.7.5-69.el7_5.s390x", "relates_to_product_reference": "7Server-Alt-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-debuginfo-0:2.7.5-69.el7_5.x86_64 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)", "product_id": "7Server-Alt-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.x86_64" }, "product_reference": "python-debuginfo-0:2.7.5-69.el7_5.x86_64", "relates_to_product_reference": "7Server-Alt-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-devel-0:2.7.5-69.el7_5.aarch64 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)", "product_id": "7Server-Alt-7.5.Z:python-devel-0:2.7.5-69.el7_5.aarch64" }, "product_reference": "python-devel-0:2.7.5-69.el7_5.aarch64", "relates_to_product_reference": "7Server-Alt-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-devel-0:2.7.5-69.el7_5.ppc64 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)", "product_id": "7Server-Alt-7.5.Z:python-devel-0:2.7.5-69.el7_5.ppc64" }, "product_reference": "python-devel-0:2.7.5-69.el7_5.ppc64", "relates_to_product_reference": "7Server-Alt-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-devel-0:2.7.5-69.el7_5.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)", "product_id": "7Server-Alt-7.5.Z:python-devel-0:2.7.5-69.el7_5.ppc64le" }, "product_reference": "python-devel-0:2.7.5-69.el7_5.ppc64le", "relates_to_product_reference": "7Server-Alt-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-devel-0:2.7.5-69.el7_5.s390x as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)", "product_id": "7Server-Alt-7.5.Z:python-devel-0:2.7.5-69.el7_5.s390x" }, "product_reference": "python-devel-0:2.7.5-69.el7_5.s390x", "relates_to_product_reference": "7Server-Alt-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-devel-0:2.7.5-69.el7_5.x86_64 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)", "product_id": "7Server-Alt-7.5.Z:python-devel-0:2.7.5-69.el7_5.x86_64" }, "product_reference": "python-devel-0:2.7.5-69.el7_5.x86_64", "relates_to_product_reference": "7Server-Alt-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-libs-0:2.7.5-69.el7_5.aarch64 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)", "product_id": "7Server-Alt-7.5.Z:python-libs-0:2.7.5-69.el7_5.aarch64" }, "product_reference": "python-libs-0:2.7.5-69.el7_5.aarch64", "relates_to_product_reference": "7Server-Alt-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-libs-0:2.7.5-69.el7_5.i686 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)", "product_id": "7Server-Alt-7.5.Z:python-libs-0:2.7.5-69.el7_5.i686" }, "product_reference": "python-libs-0:2.7.5-69.el7_5.i686", "relates_to_product_reference": "7Server-Alt-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-libs-0:2.7.5-69.el7_5.ppc as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)", "product_id": "7Server-Alt-7.5.Z:python-libs-0:2.7.5-69.el7_5.ppc" }, "product_reference": "python-libs-0:2.7.5-69.el7_5.ppc", "relates_to_product_reference": "7Server-Alt-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-libs-0:2.7.5-69.el7_5.ppc64 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)", "product_id": "7Server-Alt-7.5.Z:python-libs-0:2.7.5-69.el7_5.ppc64" }, "product_reference": "python-libs-0:2.7.5-69.el7_5.ppc64", "relates_to_product_reference": "7Server-Alt-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-libs-0:2.7.5-69.el7_5.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)", "product_id": "7Server-Alt-7.5.Z:python-libs-0:2.7.5-69.el7_5.ppc64le" }, "product_reference": "python-libs-0:2.7.5-69.el7_5.ppc64le", "relates_to_product_reference": "7Server-Alt-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-libs-0:2.7.5-69.el7_5.s390 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)", "product_id": "7Server-Alt-7.5.Z:python-libs-0:2.7.5-69.el7_5.s390" }, "product_reference": "python-libs-0:2.7.5-69.el7_5.s390", "relates_to_product_reference": "7Server-Alt-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-libs-0:2.7.5-69.el7_5.s390x as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)", "product_id": "7Server-Alt-7.5.Z:python-libs-0:2.7.5-69.el7_5.s390x" }, "product_reference": "python-libs-0:2.7.5-69.el7_5.s390x", "relates_to_product_reference": "7Server-Alt-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-libs-0:2.7.5-69.el7_5.x86_64 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)", "product_id": "7Server-Alt-7.5.Z:python-libs-0:2.7.5-69.el7_5.x86_64" }, "product_reference": "python-libs-0:2.7.5-69.el7_5.x86_64", "relates_to_product_reference": "7Server-Alt-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-test-0:2.7.5-69.el7_5.aarch64 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)", "product_id": "7Server-Alt-7.5.Z:python-test-0:2.7.5-69.el7_5.aarch64" }, "product_reference": "python-test-0:2.7.5-69.el7_5.aarch64", "relates_to_product_reference": "7Server-Alt-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-test-0:2.7.5-69.el7_5.ppc64 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)", "product_id": "7Server-Alt-7.5.Z:python-test-0:2.7.5-69.el7_5.ppc64" }, "product_reference": "python-test-0:2.7.5-69.el7_5.ppc64", "relates_to_product_reference": "7Server-Alt-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-test-0:2.7.5-69.el7_5.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)", "product_id": "7Server-Alt-7.5.Z:python-test-0:2.7.5-69.el7_5.ppc64le" }, "product_reference": "python-test-0:2.7.5-69.el7_5.ppc64le", "relates_to_product_reference": "7Server-Alt-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-test-0:2.7.5-69.el7_5.s390x as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)", "product_id": "7Server-Alt-7.5.Z:python-test-0:2.7.5-69.el7_5.s390x" }, "product_reference": "python-test-0:2.7.5-69.el7_5.s390x", "relates_to_product_reference": "7Server-Alt-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-test-0:2.7.5-69.el7_5.x86_64 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)", "product_id": "7Server-Alt-7.5.Z:python-test-0:2.7.5-69.el7_5.x86_64" }, "product_reference": "python-test-0:2.7.5-69.el7_5.x86_64", "relates_to_product_reference": "7Server-Alt-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-tools-0:2.7.5-69.el7_5.aarch64 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)", "product_id": "7Server-Alt-7.5.Z:python-tools-0:2.7.5-69.el7_5.aarch64" }, "product_reference": "python-tools-0:2.7.5-69.el7_5.aarch64", "relates_to_product_reference": "7Server-Alt-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-tools-0:2.7.5-69.el7_5.ppc64 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)", "product_id": "7Server-Alt-7.5.Z:python-tools-0:2.7.5-69.el7_5.ppc64" }, "product_reference": "python-tools-0:2.7.5-69.el7_5.ppc64", "relates_to_product_reference": "7Server-Alt-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-tools-0:2.7.5-69.el7_5.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)", "product_id": "7Server-Alt-7.5.Z:python-tools-0:2.7.5-69.el7_5.ppc64le" }, "product_reference": "python-tools-0:2.7.5-69.el7_5.ppc64le", "relates_to_product_reference": "7Server-Alt-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-tools-0:2.7.5-69.el7_5.s390x as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)", "product_id": "7Server-Alt-7.5.Z:python-tools-0:2.7.5-69.el7_5.s390x" }, "product_reference": "python-tools-0:2.7.5-69.el7_5.s390x", "relates_to_product_reference": "7Server-Alt-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-tools-0:2.7.5-69.el7_5.x86_64 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)", "product_id": "7Server-Alt-7.5.Z:python-tools-0:2.7.5-69.el7_5.x86_64" }, "product_reference": "python-tools-0:2.7.5-69.el7_5.x86_64", "relates_to_product_reference": "7Server-Alt-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "tkinter-0:2.7.5-69.el7_5.aarch64 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)", "product_id": "7Server-Alt-7.5.Z:tkinter-0:2.7.5-69.el7_5.aarch64" }, "product_reference": "tkinter-0:2.7.5-69.el7_5.aarch64", "relates_to_product_reference": "7Server-Alt-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "tkinter-0:2.7.5-69.el7_5.ppc64 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)", "product_id": "7Server-Alt-7.5.Z:tkinter-0:2.7.5-69.el7_5.ppc64" }, "product_reference": "tkinter-0:2.7.5-69.el7_5.ppc64", "relates_to_product_reference": "7Server-Alt-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "tkinter-0:2.7.5-69.el7_5.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)", "product_id": "7Server-Alt-7.5.Z:tkinter-0:2.7.5-69.el7_5.ppc64le" }, "product_reference": "tkinter-0:2.7.5-69.el7_5.ppc64le", "relates_to_product_reference": "7Server-Alt-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "tkinter-0:2.7.5-69.el7_5.s390x as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)", "product_id": "7Server-Alt-7.5.Z:tkinter-0:2.7.5-69.el7_5.s390x" }, "product_reference": "tkinter-0:2.7.5-69.el7_5.s390x", "relates_to_product_reference": "7Server-Alt-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "tkinter-0:2.7.5-69.el7_5.x86_64 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)", "product_id": "7Server-Alt-7.5.Z:tkinter-0:2.7.5-69.el7_5.x86_64" }, "product_reference": "tkinter-0:2.7.5-69.el7_5.x86_64", "relates_to_product_reference": "7Server-Alt-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-0:2.7.5-69.el7_5.aarch64 as a component of Red Hat Enterprise Linux Server Optional (v. 7)", "product_id": "7Server-optional-7.5.Z:python-0:2.7.5-69.el7_5.aarch64" }, "product_reference": "python-0:2.7.5-69.el7_5.aarch64", "relates_to_product_reference": "7Server-optional-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-0:2.7.5-69.el7_5.ppc64 as a component of Red Hat Enterprise Linux Server Optional (v. 7)", "product_id": "7Server-optional-7.5.Z:python-0:2.7.5-69.el7_5.ppc64" }, "product_reference": "python-0:2.7.5-69.el7_5.ppc64", "relates_to_product_reference": "7Server-optional-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-0:2.7.5-69.el7_5.ppc64le as a component of Red Hat Enterprise Linux Server Optional (v. 7)", "product_id": "7Server-optional-7.5.Z:python-0:2.7.5-69.el7_5.ppc64le" }, "product_reference": "python-0:2.7.5-69.el7_5.ppc64le", "relates_to_product_reference": "7Server-optional-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-0:2.7.5-69.el7_5.s390x as a component of Red Hat Enterprise Linux Server Optional (v. 7)", "product_id": "7Server-optional-7.5.Z:python-0:2.7.5-69.el7_5.s390x" }, "product_reference": "python-0:2.7.5-69.el7_5.s390x", "relates_to_product_reference": "7Server-optional-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-0:2.7.5-69.el7_5.src as a component of Red Hat Enterprise Linux Server Optional (v. 7)", "product_id": "7Server-optional-7.5.Z:python-0:2.7.5-69.el7_5.src" }, "product_reference": "python-0:2.7.5-69.el7_5.src", "relates_to_product_reference": "7Server-optional-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-0:2.7.5-69.el7_5.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 7)", "product_id": "7Server-optional-7.5.Z:python-0:2.7.5-69.el7_5.x86_64" }, "product_reference": "python-0:2.7.5-69.el7_5.x86_64", "relates_to_product_reference": "7Server-optional-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-debug-0:2.7.5-69.el7_5.aarch64 as a component of Red Hat Enterprise Linux Server Optional (v. 7)", "product_id": "7Server-optional-7.5.Z:python-debug-0:2.7.5-69.el7_5.aarch64" }, "product_reference": "python-debug-0:2.7.5-69.el7_5.aarch64", "relates_to_product_reference": "7Server-optional-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-debug-0:2.7.5-69.el7_5.ppc64 as a component of Red Hat Enterprise Linux Server Optional (v. 7)", "product_id": "7Server-optional-7.5.Z:python-debug-0:2.7.5-69.el7_5.ppc64" }, "product_reference": "python-debug-0:2.7.5-69.el7_5.ppc64", "relates_to_product_reference": "7Server-optional-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-debug-0:2.7.5-69.el7_5.ppc64le as a component of Red Hat Enterprise Linux Server Optional (v. 7)", "product_id": "7Server-optional-7.5.Z:python-debug-0:2.7.5-69.el7_5.ppc64le" }, "product_reference": "python-debug-0:2.7.5-69.el7_5.ppc64le", "relates_to_product_reference": "7Server-optional-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-debug-0:2.7.5-69.el7_5.s390x as a component of Red Hat Enterprise Linux Server Optional (v. 7)", "product_id": "7Server-optional-7.5.Z:python-debug-0:2.7.5-69.el7_5.s390x" }, "product_reference": "python-debug-0:2.7.5-69.el7_5.s390x", "relates_to_product_reference": "7Server-optional-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-debug-0:2.7.5-69.el7_5.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 7)", "product_id": "7Server-optional-7.5.Z:python-debug-0:2.7.5-69.el7_5.x86_64" }, "product_reference": "python-debug-0:2.7.5-69.el7_5.x86_64", "relates_to_product_reference": "7Server-optional-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-debuginfo-0:2.7.5-69.el7_5.aarch64 as a component of Red Hat Enterprise Linux Server Optional (v. 7)", "product_id": "7Server-optional-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.aarch64" }, "product_reference": "python-debuginfo-0:2.7.5-69.el7_5.aarch64", "relates_to_product_reference": "7Server-optional-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-debuginfo-0:2.7.5-69.el7_5.i686 as a component of Red Hat Enterprise Linux Server Optional (v. 7)", "product_id": "7Server-optional-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.i686" }, "product_reference": "python-debuginfo-0:2.7.5-69.el7_5.i686", "relates_to_product_reference": "7Server-optional-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-debuginfo-0:2.7.5-69.el7_5.ppc as a component of Red Hat Enterprise Linux Server Optional (v. 7)", "product_id": "7Server-optional-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.ppc" }, "product_reference": "python-debuginfo-0:2.7.5-69.el7_5.ppc", "relates_to_product_reference": "7Server-optional-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-debuginfo-0:2.7.5-69.el7_5.ppc64 as a component of Red Hat Enterprise Linux Server Optional (v. 7)", "product_id": "7Server-optional-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.ppc64" }, "product_reference": "python-debuginfo-0:2.7.5-69.el7_5.ppc64", "relates_to_product_reference": "7Server-optional-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-debuginfo-0:2.7.5-69.el7_5.ppc64le as a component of Red Hat Enterprise Linux Server Optional (v. 7)", "product_id": "7Server-optional-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.ppc64le" }, "product_reference": "python-debuginfo-0:2.7.5-69.el7_5.ppc64le", "relates_to_product_reference": "7Server-optional-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-debuginfo-0:2.7.5-69.el7_5.s390 as a component of Red Hat Enterprise Linux Server Optional (v. 7)", "product_id": "7Server-optional-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.s390" }, "product_reference": "python-debuginfo-0:2.7.5-69.el7_5.s390", "relates_to_product_reference": "7Server-optional-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-debuginfo-0:2.7.5-69.el7_5.s390x as a component of Red Hat Enterprise Linux Server Optional (v. 7)", "product_id": "7Server-optional-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.s390x" }, "product_reference": "python-debuginfo-0:2.7.5-69.el7_5.s390x", "relates_to_product_reference": "7Server-optional-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-debuginfo-0:2.7.5-69.el7_5.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 7)", "product_id": "7Server-optional-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.x86_64" }, "product_reference": "python-debuginfo-0:2.7.5-69.el7_5.x86_64", "relates_to_product_reference": "7Server-optional-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-devel-0:2.7.5-69.el7_5.aarch64 as a component of Red Hat Enterprise Linux Server Optional (v. 7)", "product_id": "7Server-optional-7.5.Z:python-devel-0:2.7.5-69.el7_5.aarch64" }, "product_reference": "python-devel-0:2.7.5-69.el7_5.aarch64", "relates_to_product_reference": "7Server-optional-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-devel-0:2.7.5-69.el7_5.ppc64 as a component of Red Hat Enterprise Linux Server Optional (v. 7)", "product_id": "7Server-optional-7.5.Z:python-devel-0:2.7.5-69.el7_5.ppc64" }, "product_reference": "python-devel-0:2.7.5-69.el7_5.ppc64", "relates_to_product_reference": "7Server-optional-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-devel-0:2.7.5-69.el7_5.ppc64le as a component of Red Hat Enterprise Linux Server Optional (v. 7)", "product_id": "7Server-optional-7.5.Z:python-devel-0:2.7.5-69.el7_5.ppc64le" }, "product_reference": "python-devel-0:2.7.5-69.el7_5.ppc64le", "relates_to_product_reference": "7Server-optional-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-devel-0:2.7.5-69.el7_5.s390x as a component of Red Hat Enterprise Linux Server Optional (v. 7)", "product_id": "7Server-optional-7.5.Z:python-devel-0:2.7.5-69.el7_5.s390x" }, "product_reference": "python-devel-0:2.7.5-69.el7_5.s390x", "relates_to_product_reference": "7Server-optional-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-devel-0:2.7.5-69.el7_5.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 7)", "product_id": "7Server-optional-7.5.Z:python-devel-0:2.7.5-69.el7_5.x86_64" }, "product_reference": "python-devel-0:2.7.5-69.el7_5.x86_64", "relates_to_product_reference": "7Server-optional-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-libs-0:2.7.5-69.el7_5.aarch64 as a component of Red Hat Enterprise Linux Server Optional (v. 7)", "product_id": "7Server-optional-7.5.Z:python-libs-0:2.7.5-69.el7_5.aarch64" }, "product_reference": "python-libs-0:2.7.5-69.el7_5.aarch64", "relates_to_product_reference": "7Server-optional-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-libs-0:2.7.5-69.el7_5.i686 as a component of Red Hat Enterprise Linux Server Optional (v. 7)", "product_id": "7Server-optional-7.5.Z:python-libs-0:2.7.5-69.el7_5.i686" }, "product_reference": "python-libs-0:2.7.5-69.el7_5.i686", "relates_to_product_reference": "7Server-optional-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-libs-0:2.7.5-69.el7_5.ppc as a component of Red Hat Enterprise Linux Server Optional (v. 7)", "product_id": "7Server-optional-7.5.Z:python-libs-0:2.7.5-69.el7_5.ppc" }, "product_reference": "python-libs-0:2.7.5-69.el7_5.ppc", "relates_to_product_reference": "7Server-optional-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-libs-0:2.7.5-69.el7_5.ppc64 as a component of Red Hat Enterprise Linux Server Optional (v. 7)", "product_id": "7Server-optional-7.5.Z:python-libs-0:2.7.5-69.el7_5.ppc64" }, "product_reference": "python-libs-0:2.7.5-69.el7_5.ppc64", "relates_to_product_reference": "7Server-optional-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-libs-0:2.7.5-69.el7_5.ppc64le as a component of Red Hat Enterprise Linux Server Optional (v. 7)", "product_id": "7Server-optional-7.5.Z:python-libs-0:2.7.5-69.el7_5.ppc64le" }, "product_reference": "python-libs-0:2.7.5-69.el7_5.ppc64le", "relates_to_product_reference": "7Server-optional-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-libs-0:2.7.5-69.el7_5.s390 as a component of Red Hat Enterprise Linux Server Optional (v. 7)", "product_id": "7Server-optional-7.5.Z:python-libs-0:2.7.5-69.el7_5.s390" }, "product_reference": "python-libs-0:2.7.5-69.el7_5.s390", "relates_to_product_reference": "7Server-optional-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-libs-0:2.7.5-69.el7_5.s390x as a component of Red Hat Enterprise Linux Server Optional (v. 7)", "product_id": "7Server-optional-7.5.Z:python-libs-0:2.7.5-69.el7_5.s390x" }, "product_reference": "python-libs-0:2.7.5-69.el7_5.s390x", "relates_to_product_reference": "7Server-optional-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-libs-0:2.7.5-69.el7_5.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 7)", "product_id": "7Server-optional-7.5.Z:python-libs-0:2.7.5-69.el7_5.x86_64" }, "product_reference": "python-libs-0:2.7.5-69.el7_5.x86_64", "relates_to_product_reference": "7Server-optional-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-test-0:2.7.5-69.el7_5.aarch64 as a component of Red Hat Enterprise Linux Server Optional (v. 7)", "product_id": "7Server-optional-7.5.Z:python-test-0:2.7.5-69.el7_5.aarch64" }, "product_reference": "python-test-0:2.7.5-69.el7_5.aarch64", "relates_to_product_reference": "7Server-optional-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-test-0:2.7.5-69.el7_5.ppc64 as a component of Red Hat Enterprise Linux Server Optional (v. 7)", "product_id": "7Server-optional-7.5.Z:python-test-0:2.7.5-69.el7_5.ppc64" }, "product_reference": "python-test-0:2.7.5-69.el7_5.ppc64", "relates_to_product_reference": "7Server-optional-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-test-0:2.7.5-69.el7_5.ppc64le as a component of Red Hat Enterprise Linux Server Optional (v. 7)", "product_id": "7Server-optional-7.5.Z:python-test-0:2.7.5-69.el7_5.ppc64le" }, "product_reference": "python-test-0:2.7.5-69.el7_5.ppc64le", "relates_to_product_reference": "7Server-optional-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-test-0:2.7.5-69.el7_5.s390x as a component of Red Hat Enterprise Linux Server Optional (v. 7)", "product_id": "7Server-optional-7.5.Z:python-test-0:2.7.5-69.el7_5.s390x" }, "product_reference": "python-test-0:2.7.5-69.el7_5.s390x", "relates_to_product_reference": "7Server-optional-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-test-0:2.7.5-69.el7_5.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 7)", "product_id": "7Server-optional-7.5.Z:python-test-0:2.7.5-69.el7_5.x86_64" }, "product_reference": "python-test-0:2.7.5-69.el7_5.x86_64", "relates_to_product_reference": "7Server-optional-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-tools-0:2.7.5-69.el7_5.aarch64 as a component of Red Hat Enterprise Linux Server Optional (v. 7)", "product_id": "7Server-optional-7.5.Z:python-tools-0:2.7.5-69.el7_5.aarch64" }, "product_reference": "python-tools-0:2.7.5-69.el7_5.aarch64", "relates_to_product_reference": "7Server-optional-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-tools-0:2.7.5-69.el7_5.ppc64 as a component of Red Hat Enterprise Linux Server Optional (v. 7)", "product_id": "7Server-optional-7.5.Z:python-tools-0:2.7.5-69.el7_5.ppc64" }, "product_reference": "python-tools-0:2.7.5-69.el7_5.ppc64", "relates_to_product_reference": "7Server-optional-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-tools-0:2.7.5-69.el7_5.ppc64le as a component of Red Hat Enterprise Linux Server Optional (v. 7)", "product_id": "7Server-optional-7.5.Z:python-tools-0:2.7.5-69.el7_5.ppc64le" }, "product_reference": "python-tools-0:2.7.5-69.el7_5.ppc64le", "relates_to_product_reference": "7Server-optional-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-tools-0:2.7.5-69.el7_5.s390x as a component of Red Hat Enterprise Linux Server Optional (v. 7)", "product_id": "7Server-optional-7.5.Z:python-tools-0:2.7.5-69.el7_5.s390x" }, "product_reference": "python-tools-0:2.7.5-69.el7_5.s390x", "relates_to_product_reference": "7Server-optional-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-tools-0:2.7.5-69.el7_5.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 7)", "product_id": "7Server-optional-7.5.Z:python-tools-0:2.7.5-69.el7_5.x86_64" }, "product_reference": "python-tools-0:2.7.5-69.el7_5.x86_64", "relates_to_product_reference": "7Server-optional-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "tkinter-0:2.7.5-69.el7_5.aarch64 as a component of Red Hat Enterprise Linux Server Optional (v. 7)", "product_id": "7Server-optional-7.5.Z:tkinter-0:2.7.5-69.el7_5.aarch64" }, "product_reference": "tkinter-0:2.7.5-69.el7_5.aarch64", "relates_to_product_reference": "7Server-optional-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "tkinter-0:2.7.5-69.el7_5.ppc64 as a component of Red Hat Enterprise Linux Server Optional (v. 7)", "product_id": "7Server-optional-7.5.Z:tkinter-0:2.7.5-69.el7_5.ppc64" }, "product_reference": "tkinter-0:2.7.5-69.el7_5.ppc64", "relates_to_product_reference": "7Server-optional-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "tkinter-0:2.7.5-69.el7_5.ppc64le as a component of Red Hat Enterprise Linux Server Optional (v. 7)", "product_id": "7Server-optional-7.5.Z:tkinter-0:2.7.5-69.el7_5.ppc64le" }, "product_reference": "tkinter-0:2.7.5-69.el7_5.ppc64le", "relates_to_product_reference": "7Server-optional-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "tkinter-0:2.7.5-69.el7_5.s390x as a component of Red Hat Enterprise Linux Server Optional (v. 7)", "product_id": "7Server-optional-7.5.Z:tkinter-0:2.7.5-69.el7_5.s390x" }, "product_reference": "tkinter-0:2.7.5-69.el7_5.s390x", "relates_to_product_reference": "7Server-optional-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "tkinter-0:2.7.5-69.el7_5.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 7)", "product_id": "7Server-optional-7.5.Z:tkinter-0:2.7.5-69.el7_5.x86_64" }, "product_reference": "tkinter-0:2.7.5-69.el7_5.x86_64", "relates_to_product_reference": "7Server-optional-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-0:2.7.5-69.el7_5.aarch64 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)", "product_id": "7Server-optional-Alt-7.5.Z:python-0:2.7.5-69.el7_5.aarch64" }, "product_reference": "python-0:2.7.5-69.el7_5.aarch64", "relates_to_product_reference": "7Server-optional-Alt-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-0:2.7.5-69.el7_5.ppc64 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)", "product_id": "7Server-optional-Alt-7.5.Z:python-0:2.7.5-69.el7_5.ppc64" }, "product_reference": "python-0:2.7.5-69.el7_5.ppc64", "relates_to_product_reference": "7Server-optional-Alt-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-0:2.7.5-69.el7_5.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)", "product_id": "7Server-optional-Alt-7.5.Z:python-0:2.7.5-69.el7_5.ppc64le" }, "product_reference": "python-0:2.7.5-69.el7_5.ppc64le", "relates_to_product_reference": "7Server-optional-Alt-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-0:2.7.5-69.el7_5.s390x as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)", "product_id": "7Server-optional-Alt-7.5.Z:python-0:2.7.5-69.el7_5.s390x" }, "product_reference": "python-0:2.7.5-69.el7_5.s390x", "relates_to_product_reference": "7Server-optional-Alt-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-0:2.7.5-69.el7_5.src as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)", "product_id": "7Server-optional-Alt-7.5.Z:python-0:2.7.5-69.el7_5.src" }, "product_reference": "python-0:2.7.5-69.el7_5.src", "relates_to_product_reference": "7Server-optional-Alt-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-0:2.7.5-69.el7_5.x86_64 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)", "product_id": "7Server-optional-Alt-7.5.Z:python-0:2.7.5-69.el7_5.x86_64" }, "product_reference": "python-0:2.7.5-69.el7_5.x86_64", "relates_to_product_reference": "7Server-optional-Alt-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-debug-0:2.7.5-69.el7_5.aarch64 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)", "product_id": "7Server-optional-Alt-7.5.Z:python-debug-0:2.7.5-69.el7_5.aarch64" }, "product_reference": "python-debug-0:2.7.5-69.el7_5.aarch64", "relates_to_product_reference": "7Server-optional-Alt-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-debug-0:2.7.5-69.el7_5.ppc64 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)", "product_id": "7Server-optional-Alt-7.5.Z:python-debug-0:2.7.5-69.el7_5.ppc64" }, "product_reference": "python-debug-0:2.7.5-69.el7_5.ppc64", "relates_to_product_reference": "7Server-optional-Alt-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-debug-0:2.7.5-69.el7_5.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)", "product_id": "7Server-optional-Alt-7.5.Z:python-debug-0:2.7.5-69.el7_5.ppc64le" }, "product_reference": "python-debug-0:2.7.5-69.el7_5.ppc64le", "relates_to_product_reference": "7Server-optional-Alt-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-debug-0:2.7.5-69.el7_5.s390x as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)", "product_id": "7Server-optional-Alt-7.5.Z:python-debug-0:2.7.5-69.el7_5.s390x" }, "product_reference": "python-debug-0:2.7.5-69.el7_5.s390x", "relates_to_product_reference": "7Server-optional-Alt-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-debug-0:2.7.5-69.el7_5.x86_64 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)", "product_id": "7Server-optional-Alt-7.5.Z:python-debug-0:2.7.5-69.el7_5.x86_64" }, "product_reference": "python-debug-0:2.7.5-69.el7_5.x86_64", "relates_to_product_reference": "7Server-optional-Alt-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-debuginfo-0:2.7.5-69.el7_5.aarch64 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)", "product_id": "7Server-optional-Alt-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.aarch64" }, "product_reference": "python-debuginfo-0:2.7.5-69.el7_5.aarch64", "relates_to_product_reference": "7Server-optional-Alt-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-debuginfo-0:2.7.5-69.el7_5.i686 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)", "product_id": "7Server-optional-Alt-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.i686" }, "product_reference": "python-debuginfo-0:2.7.5-69.el7_5.i686", "relates_to_product_reference": "7Server-optional-Alt-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-debuginfo-0:2.7.5-69.el7_5.ppc as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)", "product_id": "7Server-optional-Alt-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.ppc" }, "product_reference": "python-debuginfo-0:2.7.5-69.el7_5.ppc", "relates_to_product_reference": "7Server-optional-Alt-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-debuginfo-0:2.7.5-69.el7_5.ppc64 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)", "product_id": "7Server-optional-Alt-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.ppc64" }, "product_reference": "python-debuginfo-0:2.7.5-69.el7_5.ppc64", "relates_to_product_reference": "7Server-optional-Alt-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-debuginfo-0:2.7.5-69.el7_5.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)", "product_id": "7Server-optional-Alt-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.ppc64le" }, "product_reference": "python-debuginfo-0:2.7.5-69.el7_5.ppc64le", "relates_to_product_reference": "7Server-optional-Alt-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-debuginfo-0:2.7.5-69.el7_5.s390 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)", "product_id": "7Server-optional-Alt-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.s390" }, "product_reference": "python-debuginfo-0:2.7.5-69.el7_5.s390", "relates_to_product_reference": "7Server-optional-Alt-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-debuginfo-0:2.7.5-69.el7_5.s390x as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)", "product_id": "7Server-optional-Alt-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.s390x" }, "product_reference": "python-debuginfo-0:2.7.5-69.el7_5.s390x", "relates_to_product_reference": "7Server-optional-Alt-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-debuginfo-0:2.7.5-69.el7_5.x86_64 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)", "product_id": "7Server-optional-Alt-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.x86_64" }, "product_reference": "python-debuginfo-0:2.7.5-69.el7_5.x86_64", "relates_to_product_reference": "7Server-optional-Alt-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-devel-0:2.7.5-69.el7_5.aarch64 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)", "product_id": "7Server-optional-Alt-7.5.Z:python-devel-0:2.7.5-69.el7_5.aarch64" }, "product_reference": "python-devel-0:2.7.5-69.el7_5.aarch64", "relates_to_product_reference": "7Server-optional-Alt-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-devel-0:2.7.5-69.el7_5.ppc64 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)", "product_id": "7Server-optional-Alt-7.5.Z:python-devel-0:2.7.5-69.el7_5.ppc64" }, "product_reference": "python-devel-0:2.7.5-69.el7_5.ppc64", "relates_to_product_reference": "7Server-optional-Alt-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-devel-0:2.7.5-69.el7_5.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)", "product_id": "7Server-optional-Alt-7.5.Z:python-devel-0:2.7.5-69.el7_5.ppc64le" }, "product_reference": "python-devel-0:2.7.5-69.el7_5.ppc64le", "relates_to_product_reference": "7Server-optional-Alt-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-devel-0:2.7.5-69.el7_5.s390x as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)", "product_id": "7Server-optional-Alt-7.5.Z:python-devel-0:2.7.5-69.el7_5.s390x" }, "product_reference": "python-devel-0:2.7.5-69.el7_5.s390x", "relates_to_product_reference": "7Server-optional-Alt-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-devel-0:2.7.5-69.el7_5.x86_64 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)", "product_id": "7Server-optional-Alt-7.5.Z:python-devel-0:2.7.5-69.el7_5.x86_64" }, "product_reference": "python-devel-0:2.7.5-69.el7_5.x86_64", "relates_to_product_reference": "7Server-optional-Alt-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-libs-0:2.7.5-69.el7_5.aarch64 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)", "product_id": "7Server-optional-Alt-7.5.Z:python-libs-0:2.7.5-69.el7_5.aarch64" }, "product_reference": "python-libs-0:2.7.5-69.el7_5.aarch64", "relates_to_product_reference": "7Server-optional-Alt-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-libs-0:2.7.5-69.el7_5.i686 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)", "product_id": "7Server-optional-Alt-7.5.Z:python-libs-0:2.7.5-69.el7_5.i686" }, "product_reference": "python-libs-0:2.7.5-69.el7_5.i686", "relates_to_product_reference": "7Server-optional-Alt-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-libs-0:2.7.5-69.el7_5.ppc as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)", "product_id": "7Server-optional-Alt-7.5.Z:python-libs-0:2.7.5-69.el7_5.ppc" }, "product_reference": "python-libs-0:2.7.5-69.el7_5.ppc", "relates_to_product_reference": "7Server-optional-Alt-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-libs-0:2.7.5-69.el7_5.ppc64 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)", "product_id": "7Server-optional-Alt-7.5.Z:python-libs-0:2.7.5-69.el7_5.ppc64" }, "product_reference": "python-libs-0:2.7.5-69.el7_5.ppc64", "relates_to_product_reference": "7Server-optional-Alt-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-libs-0:2.7.5-69.el7_5.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)", "product_id": "7Server-optional-Alt-7.5.Z:python-libs-0:2.7.5-69.el7_5.ppc64le" }, "product_reference": "python-libs-0:2.7.5-69.el7_5.ppc64le", "relates_to_product_reference": "7Server-optional-Alt-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-libs-0:2.7.5-69.el7_5.s390 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)", "product_id": "7Server-optional-Alt-7.5.Z:python-libs-0:2.7.5-69.el7_5.s390" }, "product_reference": "python-libs-0:2.7.5-69.el7_5.s390", "relates_to_product_reference": "7Server-optional-Alt-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-libs-0:2.7.5-69.el7_5.s390x as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)", "product_id": "7Server-optional-Alt-7.5.Z:python-libs-0:2.7.5-69.el7_5.s390x" }, "product_reference": "python-libs-0:2.7.5-69.el7_5.s390x", "relates_to_product_reference": "7Server-optional-Alt-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-libs-0:2.7.5-69.el7_5.x86_64 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)", "product_id": "7Server-optional-Alt-7.5.Z:python-libs-0:2.7.5-69.el7_5.x86_64" }, "product_reference": "python-libs-0:2.7.5-69.el7_5.x86_64", "relates_to_product_reference": "7Server-optional-Alt-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-test-0:2.7.5-69.el7_5.aarch64 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)", "product_id": "7Server-optional-Alt-7.5.Z:python-test-0:2.7.5-69.el7_5.aarch64" }, "product_reference": "python-test-0:2.7.5-69.el7_5.aarch64", "relates_to_product_reference": "7Server-optional-Alt-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-test-0:2.7.5-69.el7_5.ppc64 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)", "product_id": "7Server-optional-Alt-7.5.Z:python-test-0:2.7.5-69.el7_5.ppc64" }, "product_reference": "python-test-0:2.7.5-69.el7_5.ppc64", "relates_to_product_reference": "7Server-optional-Alt-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-test-0:2.7.5-69.el7_5.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)", "product_id": "7Server-optional-Alt-7.5.Z:python-test-0:2.7.5-69.el7_5.ppc64le" }, "product_reference": "python-test-0:2.7.5-69.el7_5.ppc64le", "relates_to_product_reference": "7Server-optional-Alt-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-test-0:2.7.5-69.el7_5.s390x as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)", "product_id": "7Server-optional-Alt-7.5.Z:python-test-0:2.7.5-69.el7_5.s390x" }, "product_reference": "python-test-0:2.7.5-69.el7_5.s390x", "relates_to_product_reference": "7Server-optional-Alt-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-test-0:2.7.5-69.el7_5.x86_64 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)", "product_id": "7Server-optional-Alt-7.5.Z:python-test-0:2.7.5-69.el7_5.x86_64" }, "product_reference": "python-test-0:2.7.5-69.el7_5.x86_64", "relates_to_product_reference": "7Server-optional-Alt-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-tools-0:2.7.5-69.el7_5.aarch64 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)", "product_id": "7Server-optional-Alt-7.5.Z:python-tools-0:2.7.5-69.el7_5.aarch64" }, "product_reference": "python-tools-0:2.7.5-69.el7_5.aarch64", "relates_to_product_reference": "7Server-optional-Alt-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-tools-0:2.7.5-69.el7_5.ppc64 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)", "product_id": "7Server-optional-Alt-7.5.Z:python-tools-0:2.7.5-69.el7_5.ppc64" }, "product_reference": "python-tools-0:2.7.5-69.el7_5.ppc64", "relates_to_product_reference": "7Server-optional-Alt-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-tools-0:2.7.5-69.el7_5.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)", "product_id": "7Server-optional-Alt-7.5.Z:python-tools-0:2.7.5-69.el7_5.ppc64le" }, "product_reference": "python-tools-0:2.7.5-69.el7_5.ppc64le", "relates_to_product_reference": "7Server-optional-Alt-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-tools-0:2.7.5-69.el7_5.s390x as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)", "product_id": "7Server-optional-Alt-7.5.Z:python-tools-0:2.7.5-69.el7_5.s390x" }, "product_reference": "python-tools-0:2.7.5-69.el7_5.s390x", "relates_to_product_reference": "7Server-optional-Alt-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-tools-0:2.7.5-69.el7_5.x86_64 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)", "product_id": "7Server-optional-Alt-7.5.Z:python-tools-0:2.7.5-69.el7_5.x86_64" }, "product_reference": "python-tools-0:2.7.5-69.el7_5.x86_64", "relates_to_product_reference": "7Server-optional-Alt-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "tkinter-0:2.7.5-69.el7_5.aarch64 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)", "product_id": "7Server-optional-Alt-7.5.Z:tkinter-0:2.7.5-69.el7_5.aarch64" }, "product_reference": "tkinter-0:2.7.5-69.el7_5.aarch64", "relates_to_product_reference": "7Server-optional-Alt-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "tkinter-0:2.7.5-69.el7_5.ppc64 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)", "product_id": "7Server-optional-Alt-7.5.Z:tkinter-0:2.7.5-69.el7_5.ppc64" }, "product_reference": "tkinter-0:2.7.5-69.el7_5.ppc64", "relates_to_product_reference": "7Server-optional-Alt-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "tkinter-0:2.7.5-69.el7_5.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)", "product_id": "7Server-optional-Alt-7.5.Z:tkinter-0:2.7.5-69.el7_5.ppc64le" }, "product_reference": "tkinter-0:2.7.5-69.el7_5.ppc64le", "relates_to_product_reference": "7Server-optional-Alt-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "tkinter-0:2.7.5-69.el7_5.s390x as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)", "product_id": "7Server-optional-Alt-7.5.Z:tkinter-0:2.7.5-69.el7_5.s390x" }, "product_reference": "tkinter-0:2.7.5-69.el7_5.s390x", "relates_to_product_reference": "7Server-optional-Alt-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "tkinter-0:2.7.5-69.el7_5.x86_64 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)", "product_id": "7Server-optional-Alt-7.5.Z:tkinter-0:2.7.5-69.el7_5.x86_64" }, "product_reference": "tkinter-0:2.7.5-69.el7_5.x86_64", "relates_to_product_reference": "7Server-optional-Alt-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-0:2.7.5-69.el7_5.aarch64 as a component of Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation-7.5.Z:python-0:2.7.5-69.el7_5.aarch64" }, "product_reference": "python-0:2.7.5-69.el7_5.aarch64", "relates_to_product_reference": "7Workstation-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-0:2.7.5-69.el7_5.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation-7.5.Z:python-0:2.7.5-69.el7_5.ppc64" }, "product_reference": "python-0:2.7.5-69.el7_5.ppc64", "relates_to_product_reference": "7Workstation-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-0:2.7.5-69.el7_5.ppc64le as a component of Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation-7.5.Z:python-0:2.7.5-69.el7_5.ppc64le" }, "product_reference": "python-0:2.7.5-69.el7_5.ppc64le", "relates_to_product_reference": "7Workstation-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-0:2.7.5-69.el7_5.s390x as a component of Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation-7.5.Z:python-0:2.7.5-69.el7_5.s390x" }, "product_reference": "python-0:2.7.5-69.el7_5.s390x", "relates_to_product_reference": "7Workstation-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-0:2.7.5-69.el7_5.src as a component of Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation-7.5.Z:python-0:2.7.5-69.el7_5.src" }, "product_reference": "python-0:2.7.5-69.el7_5.src", "relates_to_product_reference": "7Workstation-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-0:2.7.5-69.el7_5.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation-7.5.Z:python-0:2.7.5-69.el7_5.x86_64" }, "product_reference": "python-0:2.7.5-69.el7_5.x86_64", "relates_to_product_reference": "7Workstation-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-debug-0:2.7.5-69.el7_5.aarch64 as a component of Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation-7.5.Z:python-debug-0:2.7.5-69.el7_5.aarch64" }, "product_reference": "python-debug-0:2.7.5-69.el7_5.aarch64", "relates_to_product_reference": "7Workstation-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-debug-0:2.7.5-69.el7_5.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation-7.5.Z:python-debug-0:2.7.5-69.el7_5.ppc64" }, "product_reference": "python-debug-0:2.7.5-69.el7_5.ppc64", "relates_to_product_reference": "7Workstation-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-debug-0:2.7.5-69.el7_5.ppc64le as a component of Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation-7.5.Z:python-debug-0:2.7.5-69.el7_5.ppc64le" }, "product_reference": "python-debug-0:2.7.5-69.el7_5.ppc64le", "relates_to_product_reference": "7Workstation-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-debug-0:2.7.5-69.el7_5.s390x as a component of Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation-7.5.Z:python-debug-0:2.7.5-69.el7_5.s390x" }, "product_reference": "python-debug-0:2.7.5-69.el7_5.s390x", "relates_to_product_reference": "7Workstation-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-debug-0:2.7.5-69.el7_5.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation-7.5.Z:python-debug-0:2.7.5-69.el7_5.x86_64" }, "product_reference": "python-debug-0:2.7.5-69.el7_5.x86_64", "relates_to_product_reference": "7Workstation-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-debuginfo-0:2.7.5-69.el7_5.aarch64 as a component of Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.aarch64" }, "product_reference": "python-debuginfo-0:2.7.5-69.el7_5.aarch64", "relates_to_product_reference": "7Workstation-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-debuginfo-0:2.7.5-69.el7_5.i686 as a component of Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.i686" }, "product_reference": "python-debuginfo-0:2.7.5-69.el7_5.i686", "relates_to_product_reference": "7Workstation-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-debuginfo-0:2.7.5-69.el7_5.ppc as a component of Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.ppc" }, "product_reference": "python-debuginfo-0:2.7.5-69.el7_5.ppc", "relates_to_product_reference": "7Workstation-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-debuginfo-0:2.7.5-69.el7_5.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.ppc64" }, "product_reference": "python-debuginfo-0:2.7.5-69.el7_5.ppc64", "relates_to_product_reference": "7Workstation-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-debuginfo-0:2.7.5-69.el7_5.ppc64le as a component of Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.ppc64le" }, "product_reference": "python-debuginfo-0:2.7.5-69.el7_5.ppc64le", "relates_to_product_reference": "7Workstation-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-debuginfo-0:2.7.5-69.el7_5.s390 as a component of Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.s390" }, "product_reference": "python-debuginfo-0:2.7.5-69.el7_5.s390", "relates_to_product_reference": "7Workstation-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-debuginfo-0:2.7.5-69.el7_5.s390x as a component of Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.s390x" }, "product_reference": "python-debuginfo-0:2.7.5-69.el7_5.s390x", "relates_to_product_reference": "7Workstation-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-debuginfo-0:2.7.5-69.el7_5.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.x86_64" }, "product_reference": "python-debuginfo-0:2.7.5-69.el7_5.x86_64", "relates_to_product_reference": "7Workstation-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-devel-0:2.7.5-69.el7_5.aarch64 as a component of Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation-7.5.Z:python-devel-0:2.7.5-69.el7_5.aarch64" }, "product_reference": "python-devel-0:2.7.5-69.el7_5.aarch64", "relates_to_product_reference": "7Workstation-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-devel-0:2.7.5-69.el7_5.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation-7.5.Z:python-devel-0:2.7.5-69.el7_5.ppc64" }, "product_reference": "python-devel-0:2.7.5-69.el7_5.ppc64", "relates_to_product_reference": "7Workstation-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-devel-0:2.7.5-69.el7_5.ppc64le as a component of Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation-7.5.Z:python-devel-0:2.7.5-69.el7_5.ppc64le" }, "product_reference": "python-devel-0:2.7.5-69.el7_5.ppc64le", "relates_to_product_reference": "7Workstation-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-devel-0:2.7.5-69.el7_5.s390x as a component of Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation-7.5.Z:python-devel-0:2.7.5-69.el7_5.s390x" }, "product_reference": "python-devel-0:2.7.5-69.el7_5.s390x", "relates_to_product_reference": "7Workstation-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-devel-0:2.7.5-69.el7_5.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation-7.5.Z:python-devel-0:2.7.5-69.el7_5.x86_64" }, "product_reference": "python-devel-0:2.7.5-69.el7_5.x86_64", "relates_to_product_reference": "7Workstation-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-libs-0:2.7.5-69.el7_5.aarch64 as a component of Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation-7.5.Z:python-libs-0:2.7.5-69.el7_5.aarch64" }, "product_reference": "python-libs-0:2.7.5-69.el7_5.aarch64", "relates_to_product_reference": "7Workstation-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-libs-0:2.7.5-69.el7_5.i686 as a component of Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation-7.5.Z:python-libs-0:2.7.5-69.el7_5.i686" }, "product_reference": "python-libs-0:2.7.5-69.el7_5.i686", "relates_to_product_reference": "7Workstation-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-libs-0:2.7.5-69.el7_5.ppc as a component of Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation-7.5.Z:python-libs-0:2.7.5-69.el7_5.ppc" }, "product_reference": "python-libs-0:2.7.5-69.el7_5.ppc", "relates_to_product_reference": "7Workstation-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-libs-0:2.7.5-69.el7_5.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation-7.5.Z:python-libs-0:2.7.5-69.el7_5.ppc64" }, "product_reference": "python-libs-0:2.7.5-69.el7_5.ppc64", "relates_to_product_reference": "7Workstation-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-libs-0:2.7.5-69.el7_5.ppc64le as a component of Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation-7.5.Z:python-libs-0:2.7.5-69.el7_5.ppc64le" }, "product_reference": "python-libs-0:2.7.5-69.el7_5.ppc64le", "relates_to_product_reference": "7Workstation-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-libs-0:2.7.5-69.el7_5.s390 as a component of Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation-7.5.Z:python-libs-0:2.7.5-69.el7_5.s390" }, "product_reference": "python-libs-0:2.7.5-69.el7_5.s390", "relates_to_product_reference": "7Workstation-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-libs-0:2.7.5-69.el7_5.s390x as a component of Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation-7.5.Z:python-libs-0:2.7.5-69.el7_5.s390x" }, "product_reference": "python-libs-0:2.7.5-69.el7_5.s390x", "relates_to_product_reference": "7Workstation-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-libs-0:2.7.5-69.el7_5.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation-7.5.Z:python-libs-0:2.7.5-69.el7_5.x86_64" }, "product_reference": "python-libs-0:2.7.5-69.el7_5.x86_64", "relates_to_product_reference": "7Workstation-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-test-0:2.7.5-69.el7_5.aarch64 as a component of Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation-7.5.Z:python-test-0:2.7.5-69.el7_5.aarch64" }, "product_reference": "python-test-0:2.7.5-69.el7_5.aarch64", "relates_to_product_reference": "7Workstation-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-test-0:2.7.5-69.el7_5.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation-7.5.Z:python-test-0:2.7.5-69.el7_5.ppc64" }, "product_reference": "python-test-0:2.7.5-69.el7_5.ppc64", "relates_to_product_reference": "7Workstation-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-test-0:2.7.5-69.el7_5.ppc64le as a component of Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation-7.5.Z:python-test-0:2.7.5-69.el7_5.ppc64le" }, "product_reference": "python-test-0:2.7.5-69.el7_5.ppc64le", "relates_to_product_reference": "7Workstation-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-test-0:2.7.5-69.el7_5.s390x as a component of Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation-7.5.Z:python-test-0:2.7.5-69.el7_5.s390x" }, "product_reference": "python-test-0:2.7.5-69.el7_5.s390x", "relates_to_product_reference": "7Workstation-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-test-0:2.7.5-69.el7_5.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation-7.5.Z:python-test-0:2.7.5-69.el7_5.x86_64" }, "product_reference": "python-test-0:2.7.5-69.el7_5.x86_64", "relates_to_product_reference": "7Workstation-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-tools-0:2.7.5-69.el7_5.aarch64 as a component of Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation-7.5.Z:python-tools-0:2.7.5-69.el7_5.aarch64" }, "product_reference": "python-tools-0:2.7.5-69.el7_5.aarch64", "relates_to_product_reference": "7Workstation-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-tools-0:2.7.5-69.el7_5.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation-7.5.Z:python-tools-0:2.7.5-69.el7_5.ppc64" }, "product_reference": "python-tools-0:2.7.5-69.el7_5.ppc64", "relates_to_product_reference": "7Workstation-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-tools-0:2.7.5-69.el7_5.ppc64le as a component of Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation-7.5.Z:python-tools-0:2.7.5-69.el7_5.ppc64le" }, "product_reference": "python-tools-0:2.7.5-69.el7_5.ppc64le", "relates_to_product_reference": "7Workstation-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-tools-0:2.7.5-69.el7_5.s390x as a component of Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation-7.5.Z:python-tools-0:2.7.5-69.el7_5.s390x" }, "product_reference": "python-tools-0:2.7.5-69.el7_5.s390x", "relates_to_product_reference": "7Workstation-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-tools-0:2.7.5-69.el7_5.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation-7.5.Z:python-tools-0:2.7.5-69.el7_5.x86_64" }, "product_reference": "python-tools-0:2.7.5-69.el7_5.x86_64", "relates_to_product_reference": "7Workstation-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "tkinter-0:2.7.5-69.el7_5.aarch64 as a component of Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation-7.5.Z:tkinter-0:2.7.5-69.el7_5.aarch64" }, "product_reference": "tkinter-0:2.7.5-69.el7_5.aarch64", "relates_to_product_reference": "7Workstation-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "tkinter-0:2.7.5-69.el7_5.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation-7.5.Z:tkinter-0:2.7.5-69.el7_5.ppc64" }, "product_reference": "tkinter-0:2.7.5-69.el7_5.ppc64", "relates_to_product_reference": "7Workstation-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "tkinter-0:2.7.5-69.el7_5.ppc64le as a component of Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation-7.5.Z:tkinter-0:2.7.5-69.el7_5.ppc64le" }, "product_reference": "tkinter-0:2.7.5-69.el7_5.ppc64le", "relates_to_product_reference": "7Workstation-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "tkinter-0:2.7.5-69.el7_5.s390x as a component of Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation-7.5.Z:tkinter-0:2.7.5-69.el7_5.s390x" }, "product_reference": "tkinter-0:2.7.5-69.el7_5.s390x", "relates_to_product_reference": "7Workstation-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "tkinter-0:2.7.5-69.el7_5.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation-7.5.Z:tkinter-0:2.7.5-69.el7_5.x86_64" }, "product_reference": "tkinter-0:2.7.5-69.el7_5.x86_64", "relates_to_product_reference": "7Workstation-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-0:2.7.5-69.el7_5.aarch64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", "product_id": "7Workstation-optional-7.5.Z:python-0:2.7.5-69.el7_5.aarch64" }, "product_reference": "python-0:2.7.5-69.el7_5.aarch64", "relates_to_product_reference": "7Workstation-optional-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-0:2.7.5-69.el7_5.ppc64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", "product_id": "7Workstation-optional-7.5.Z:python-0:2.7.5-69.el7_5.ppc64" }, "product_reference": "python-0:2.7.5-69.el7_5.ppc64", "relates_to_product_reference": "7Workstation-optional-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-0:2.7.5-69.el7_5.ppc64le as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", "product_id": "7Workstation-optional-7.5.Z:python-0:2.7.5-69.el7_5.ppc64le" }, "product_reference": "python-0:2.7.5-69.el7_5.ppc64le", "relates_to_product_reference": "7Workstation-optional-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-0:2.7.5-69.el7_5.s390x as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", "product_id": "7Workstation-optional-7.5.Z:python-0:2.7.5-69.el7_5.s390x" }, "product_reference": "python-0:2.7.5-69.el7_5.s390x", "relates_to_product_reference": "7Workstation-optional-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-0:2.7.5-69.el7_5.src as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", "product_id": "7Workstation-optional-7.5.Z:python-0:2.7.5-69.el7_5.src" }, "product_reference": "python-0:2.7.5-69.el7_5.src", "relates_to_product_reference": "7Workstation-optional-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-0:2.7.5-69.el7_5.x86_64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", "product_id": "7Workstation-optional-7.5.Z:python-0:2.7.5-69.el7_5.x86_64" }, "product_reference": "python-0:2.7.5-69.el7_5.x86_64", "relates_to_product_reference": "7Workstation-optional-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-debug-0:2.7.5-69.el7_5.aarch64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", "product_id": "7Workstation-optional-7.5.Z:python-debug-0:2.7.5-69.el7_5.aarch64" }, "product_reference": "python-debug-0:2.7.5-69.el7_5.aarch64", "relates_to_product_reference": "7Workstation-optional-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-debug-0:2.7.5-69.el7_5.ppc64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", "product_id": "7Workstation-optional-7.5.Z:python-debug-0:2.7.5-69.el7_5.ppc64" }, "product_reference": "python-debug-0:2.7.5-69.el7_5.ppc64", "relates_to_product_reference": "7Workstation-optional-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-debug-0:2.7.5-69.el7_5.ppc64le as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", "product_id": "7Workstation-optional-7.5.Z:python-debug-0:2.7.5-69.el7_5.ppc64le" }, "product_reference": "python-debug-0:2.7.5-69.el7_5.ppc64le", "relates_to_product_reference": "7Workstation-optional-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-debug-0:2.7.5-69.el7_5.s390x as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", "product_id": "7Workstation-optional-7.5.Z:python-debug-0:2.7.5-69.el7_5.s390x" }, "product_reference": "python-debug-0:2.7.5-69.el7_5.s390x", "relates_to_product_reference": "7Workstation-optional-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-debug-0:2.7.5-69.el7_5.x86_64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", "product_id": "7Workstation-optional-7.5.Z:python-debug-0:2.7.5-69.el7_5.x86_64" }, "product_reference": "python-debug-0:2.7.5-69.el7_5.x86_64", "relates_to_product_reference": "7Workstation-optional-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-debuginfo-0:2.7.5-69.el7_5.aarch64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", "product_id": "7Workstation-optional-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.aarch64" }, "product_reference": "python-debuginfo-0:2.7.5-69.el7_5.aarch64", "relates_to_product_reference": "7Workstation-optional-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-debuginfo-0:2.7.5-69.el7_5.i686 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", "product_id": "7Workstation-optional-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.i686" }, "product_reference": "python-debuginfo-0:2.7.5-69.el7_5.i686", "relates_to_product_reference": "7Workstation-optional-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-debuginfo-0:2.7.5-69.el7_5.ppc as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", "product_id": "7Workstation-optional-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.ppc" }, "product_reference": "python-debuginfo-0:2.7.5-69.el7_5.ppc", "relates_to_product_reference": "7Workstation-optional-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-debuginfo-0:2.7.5-69.el7_5.ppc64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", "product_id": "7Workstation-optional-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.ppc64" }, "product_reference": "python-debuginfo-0:2.7.5-69.el7_5.ppc64", "relates_to_product_reference": "7Workstation-optional-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-debuginfo-0:2.7.5-69.el7_5.ppc64le as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", "product_id": "7Workstation-optional-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.ppc64le" }, "product_reference": "python-debuginfo-0:2.7.5-69.el7_5.ppc64le", "relates_to_product_reference": "7Workstation-optional-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-debuginfo-0:2.7.5-69.el7_5.s390 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", "product_id": "7Workstation-optional-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.s390" }, "product_reference": "python-debuginfo-0:2.7.5-69.el7_5.s390", "relates_to_product_reference": "7Workstation-optional-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-debuginfo-0:2.7.5-69.el7_5.s390x as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", "product_id": "7Workstation-optional-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.s390x" }, "product_reference": "python-debuginfo-0:2.7.5-69.el7_5.s390x", "relates_to_product_reference": "7Workstation-optional-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-debuginfo-0:2.7.5-69.el7_5.x86_64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", "product_id": "7Workstation-optional-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.x86_64" }, "product_reference": "python-debuginfo-0:2.7.5-69.el7_5.x86_64", "relates_to_product_reference": "7Workstation-optional-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-devel-0:2.7.5-69.el7_5.aarch64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", "product_id": "7Workstation-optional-7.5.Z:python-devel-0:2.7.5-69.el7_5.aarch64" }, "product_reference": "python-devel-0:2.7.5-69.el7_5.aarch64", "relates_to_product_reference": "7Workstation-optional-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-devel-0:2.7.5-69.el7_5.ppc64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", "product_id": "7Workstation-optional-7.5.Z:python-devel-0:2.7.5-69.el7_5.ppc64" }, "product_reference": "python-devel-0:2.7.5-69.el7_5.ppc64", "relates_to_product_reference": "7Workstation-optional-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-devel-0:2.7.5-69.el7_5.ppc64le as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", "product_id": "7Workstation-optional-7.5.Z:python-devel-0:2.7.5-69.el7_5.ppc64le" }, "product_reference": "python-devel-0:2.7.5-69.el7_5.ppc64le", "relates_to_product_reference": "7Workstation-optional-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-devel-0:2.7.5-69.el7_5.s390x as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", "product_id": "7Workstation-optional-7.5.Z:python-devel-0:2.7.5-69.el7_5.s390x" }, "product_reference": "python-devel-0:2.7.5-69.el7_5.s390x", "relates_to_product_reference": "7Workstation-optional-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-devel-0:2.7.5-69.el7_5.x86_64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", "product_id": "7Workstation-optional-7.5.Z:python-devel-0:2.7.5-69.el7_5.x86_64" }, "product_reference": "python-devel-0:2.7.5-69.el7_5.x86_64", "relates_to_product_reference": "7Workstation-optional-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-libs-0:2.7.5-69.el7_5.aarch64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", "product_id": "7Workstation-optional-7.5.Z:python-libs-0:2.7.5-69.el7_5.aarch64" }, "product_reference": "python-libs-0:2.7.5-69.el7_5.aarch64", "relates_to_product_reference": "7Workstation-optional-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-libs-0:2.7.5-69.el7_5.i686 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", "product_id": "7Workstation-optional-7.5.Z:python-libs-0:2.7.5-69.el7_5.i686" }, "product_reference": "python-libs-0:2.7.5-69.el7_5.i686", "relates_to_product_reference": "7Workstation-optional-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-libs-0:2.7.5-69.el7_5.ppc as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", "product_id": "7Workstation-optional-7.5.Z:python-libs-0:2.7.5-69.el7_5.ppc" }, "product_reference": "python-libs-0:2.7.5-69.el7_5.ppc", "relates_to_product_reference": "7Workstation-optional-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-libs-0:2.7.5-69.el7_5.ppc64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", "product_id": "7Workstation-optional-7.5.Z:python-libs-0:2.7.5-69.el7_5.ppc64" }, "product_reference": "python-libs-0:2.7.5-69.el7_5.ppc64", "relates_to_product_reference": "7Workstation-optional-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-libs-0:2.7.5-69.el7_5.ppc64le as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", "product_id": "7Workstation-optional-7.5.Z:python-libs-0:2.7.5-69.el7_5.ppc64le" }, "product_reference": "python-libs-0:2.7.5-69.el7_5.ppc64le", "relates_to_product_reference": "7Workstation-optional-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-libs-0:2.7.5-69.el7_5.s390 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", "product_id": "7Workstation-optional-7.5.Z:python-libs-0:2.7.5-69.el7_5.s390" }, "product_reference": "python-libs-0:2.7.5-69.el7_5.s390", "relates_to_product_reference": "7Workstation-optional-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-libs-0:2.7.5-69.el7_5.s390x as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", "product_id": "7Workstation-optional-7.5.Z:python-libs-0:2.7.5-69.el7_5.s390x" }, "product_reference": "python-libs-0:2.7.5-69.el7_5.s390x", "relates_to_product_reference": "7Workstation-optional-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-libs-0:2.7.5-69.el7_5.x86_64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", "product_id": "7Workstation-optional-7.5.Z:python-libs-0:2.7.5-69.el7_5.x86_64" }, "product_reference": "python-libs-0:2.7.5-69.el7_5.x86_64", "relates_to_product_reference": "7Workstation-optional-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-test-0:2.7.5-69.el7_5.aarch64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", "product_id": "7Workstation-optional-7.5.Z:python-test-0:2.7.5-69.el7_5.aarch64" }, "product_reference": "python-test-0:2.7.5-69.el7_5.aarch64", "relates_to_product_reference": "7Workstation-optional-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-test-0:2.7.5-69.el7_5.ppc64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", "product_id": "7Workstation-optional-7.5.Z:python-test-0:2.7.5-69.el7_5.ppc64" }, "product_reference": "python-test-0:2.7.5-69.el7_5.ppc64", "relates_to_product_reference": "7Workstation-optional-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-test-0:2.7.5-69.el7_5.ppc64le as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", "product_id": "7Workstation-optional-7.5.Z:python-test-0:2.7.5-69.el7_5.ppc64le" }, "product_reference": "python-test-0:2.7.5-69.el7_5.ppc64le", "relates_to_product_reference": "7Workstation-optional-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-test-0:2.7.5-69.el7_5.s390x as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", "product_id": "7Workstation-optional-7.5.Z:python-test-0:2.7.5-69.el7_5.s390x" }, "product_reference": "python-test-0:2.7.5-69.el7_5.s390x", "relates_to_product_reference": "7Workstation-optional-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-test-0:2.7.5-69.el7_5.x86_64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", "product_id": "7Workstation-optional-7.5.Z:python-test-0:2.7.5-69.el7_5.x86_64" }, "product_reference": "python-test-0:2.7.5-69.el7_5.x86_64", "relates_to_product_reference": "7Workstation-optional-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-tools-0:2.7.5-69.el7_5.aarch64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", "product_id": "7Workstation-optional-7.5.Z:python-tools-0:2.7.5-69.el7_5.aarch64" }, "product_reference": "python-tools-0:2.7.5-69.el7_5.aarch64", "relates_to_product_reference": "7Workstation-optional-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-tools-0:2.7.5-69.el7_5.ppc64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", "product_id": "7Workstation-optional-7.5.Z:python-tools-0:2.7.5-69.el7_5.ppc64" }, "product_reference": "python-tools-0:2.7.5-69.el7_5.ppc64", "relates_to_product_reference": "7Workstation-optional-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-tools-0:2.7.5-69.el7_5.ppc64le as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", "product_id": "7Workstation-optional-7.5.Z:python-tools-0:2.7.5-69.el7_5.ppc64le" }, "product_reference": "python-tools-0:2.7.5-69.el7_5.ppc64le", "relates_to_product_reference": "7Workstation-optional-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-tools-0:2.7.5-69.el7_5.s390x as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", "product_id": "7Workstation-optional-7.5.Z:python-tools-0:2.7.5-69.el7_5.s390x" }, "product_reference": "python-tools-0:2.7.5-69.el7_5.s390x", "relates_to_product_reference": "7Workstation-optional-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python-tools-0:2.7.5-69.el7_5.x86_64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", "product_id": "7Workstation-optional-7.5.Z:python-tools-0:2.7.5-69.el7_5.x86_64" }, "product_reference": "python-tools-0:2.7.5-69.el7_5.x86_64", "relates_to_product_reference": "7Workstation-optional-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "tkinter-0:2.7.5-69.el7_5.aarch64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", "product_id": "7Workstation-optional-7.5.Z:tkinter-0:2.7.5-69.el7_5.aarch64" }, "product_reference": "tkinter-0:2.7.5-69.el7_5.aarch64", "relates_to_product_reference": "7Workstation-optional-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "tkinter-0:2.7.5-69.el7_5.ppc64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", "product_id": "7Workstation-optional-7.5.Z:tkinter-0:2.7.5-69.el7_5.ppc64" }, "product_reference": "tkinter-0:2.7.5-69.el7_5.ppc64", "relates_to_product_reference": "7Workstation-optional-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "tkinter-0:2.7.5-69.el7_5.ppc64le as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", "product_id": "7Workstation-optional-7.5.Z:tkinter-0:2.7.5-69.el7_5.ppc64le" }, "product_reference": "tkinter-0:2.7.5-69.el7_5.ppc64le", "relates_to_product_reference": "7Workstation-optional-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "tkinter-0:2.7.5-69.el7_5.s390x as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", "product_id": "7Workstation-optional-7.5.Z:tkinter-0:2.7.5-69.el7_5.s390x" }, "product_reference": "tkinter-0:2.7.5-69.el7_5.s390x", "relates_to_product_reference": "7Workstation-optional-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "tkinter-0:2.7.5-69.el7_5.x86_64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", "product_id": "7Workstation-optional-7.5.Z:tkinter-0:2.7.5-69.el7_5.x86_64" }, "product_reference": "tkinter-0:2.7.5-69.el7_5.x86_64", "relates_to_product_reference": "7Workstation-optional-7.5.Z" } ] }, "vulnerabilities": [ { "acknowledgments": [ { "names": [ "OpenVPN" ] }, { "names": [ "Karthikeyan Bhargavan", "Ga\u00ebtan Leurent" ], "organization": "Inria", "summary": "Acknowledged by upstream." } ], "cve": "CVE-2016-2183", "cwe": { "id": "CWE-327", "name": "Use of a Broken or Risky Cryptographic Algorithm" }, "discovery_date": "2016-08-18T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1369383" } ], "notes": [ { "category": "description", "text": "A flaw was found in the way the DES/3DES cipher was used as part of the TLS/SSL protocol. A man-in-the-middle attacker could use this flaw to recover some plaintext data by capturing large amounts of encrypted traffic between TLS/SSL server and client if the communication used a DES/3DES based ciphersuite.", "title": "Vulnerability description" }, { "category": "summary", "text": "SSL/TLS: Birthday attack against 64-bit block ciphers (SWEET32)", "title": "Vulnerability summary" }, { "category": "other", "text": "OpenSSL security update RHSA-2016:1940 mitigates this issue by lowering priority of DES cipher suites so they are not preferred over cipher suites using AES. For compatibility reasons, DES cipher suites remain enabled by default and included in the set of cipher suites identified by the HIGH cipher string. Future updates may move them to MEDIUM or not enable them by default.\n\nNSS addressed this issue by implementing limits on the amount of plain text which can be encrypted by using the same key. Once the limit is reached, the keys will need to be re-negotiated manually. This change will be available in nss-3.27.\n\nGnuTLS is not affected by this issue, since it prioritizes AES before 3DES in the cipher list.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Client-7.5.Z:python-0:2.7.5-69.el7_5.aarch64", "7Client-7.5.Z:python-0:2.7.5-69.el7_5.ppc64", "7Client-7.5.Z:python-0:2.7.5-69.el7_5.ppc64le", "7Client-7.5.Z:python-0:2.7.5-69.el7_5.s390x", "7Client-7.5.Z:python-0:2.7.5-69.el7_5.src", "7Client-7.5.Z:python-0:2.7.5-69.el7_5.x86_64", "7Client-7.5.Z:python-debug-0:2.7.5-69.el7_5.aarch64", "7Client-7.5.Z:python-debug-0:2.7.5-69.el7_5.ppc64", "7Client-7.5.Z:python-debug-0:2.7.5-69.el7_5.ppc64le", "7Client-7.5.Z:python-debug-0:2.7.5-69.el7_5.s390x", "7Client-7.5.Z:python-debug-0:2.7.5-69.el7_5.x86_64", "7Client-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.aarch64", "7Client-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.i686", "7Client-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.ppc", "7Client-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.ppc64", "7Client-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.ppc64le", "7Client-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.s390", "7Client-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.s390x", "7Client-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.x86_64", "7Client-7.5.Z:python-devel-0:2.7.5-69.el7_5.aarch64", "7Client-7.5.Z:python-devel-0:2.7.5-69.el7_5.ppc64", "7Client-7.5.Z:python-devel-0:2.7.5-69.el7_5.ppc64le", "7Client-7.5.Z:python-devel-0:2.7.5-69.el7_5.s390x", "7Client-7.5.Z:python-devel-0:2.7.5-69.el7_5.x86_64", "7Client-7.5.Z:python-libs-0:2.7.5-69.el7_5.aarch64", "7Client-7.5.Z:python-libs-0:2.7.5-69.el7_5.i686", "7Client-7.5.Z:python-libs-0:2.7.5-69.el7_5.ppc", "7Client-7.5.Z:python-libs-0:2.7.5-69.el7_5.ppc64", "7Client-7.5.Z:python-libs-0:2.7.5-69.el7_5.ppc64le", "7Client-7.5.Z:python-libs-0:2.7.5-69.el7_5.s390", "7Client-7.5.Z:python-libs-0:2.7.5-69.el7_5.s390x", "7Client-7.5.Z:python-libs-0:2.7.5-69.el7_5.x86_64", "7Client-7.5.Z:python-test-0:2.7.5-69.el7_5.aarch64", "7Client-7.5.Z:python-test-0:2.7.5-69.el7_5.ppc64", "7Client-7.5.Z:python-test-0:2.7.5-69.el7_5.ppc64le", "7Client-7.5.Z:python-test-0:2.7.5-69.el7_5.s390x", "7Client-7.5.Z:python-test-0:2.7.5-69.el7_5.x86_64", "7Client-7.5.Z:python-tools-0:2.7.5-69.el7_5.aarch64", "7Client-7.5.Z:python-tools-0:2.7.5-69.el7_5.ppc64", "7Client-7.5.Z:python-tools-0:2.7.5-69.el7_5.ppc64le", "7Client-7.5.Z:python-tools-0:2.7.5-69.el7_5.s390x", "7Client-7.5.Z:python-tools-0:2.7.5-69.el7_5.x86_64", "7Client-7.5.Z:tkinter-0:2.7.5-69.el7_5.aarch64", "7Client-7.5.Z:tkinter-0:2.7.5-69.el7_5.ppc64", "7Client-7.5.Z:tkinter-0:2.7.5-69.el7_5.ppc64le", "7Client-7.5.Z:tkinter-0:2.7.5-69.el7_5.s390x", "7Client-7.5.Z:tkinter-0:2.7.5-69.el7_5.x86_64", "7Client-optional-7.5.Z:python-0:2.7.5-69.el7_5.aarch64", "7Client-optional-7.5.Z:python-0:2.7.5-69.el7_5.ppc64", "7Client-optional-7.5.Z:python-0:2.7.5-69.el7_5.ppc64le", "7Client-optional-7.5.Z:python-0:2.7.5-69.el7_5.s390x", "7Client-optional-7.5.Z:python-0:2.7.5-69.el7_5.src", "7Client-optional-7.5.Z:python-0:2.7.5-69.el7_5.x86_64", "7Client-optional-7.5.Z:python-debug-0:2.7.5-69.el7_5.aarch64", "7Client-optional-7.5.Z:python-debug-0:2.7.5-69.el7_5.ppc64", "7Client-optional-7.5.Z:python-debug-0:2.7.5-69.el7_5.ppc64le", "7Client-optional-7.5.Z:python-debug-0:2.7.5-69.el7_5.s390x", "7Client-optional-7.5.Z:python-debug-0:2.7.5-69.el7_5.x86_64", "7Client-optional-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.aarch64", "7Client-optional-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.i686", "7Client-optional-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.ppc", "7Client-optional-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.ppc64", "7Client-optional-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.ppc64le", "7Client-optional-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.s390", "7Client-optional-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.s390x", "7Client-optional-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.x86_64", "7Client-optional-7.5.Z:python-devel-0:2.7.5-69.el7_5.aarch64", "7Client-optional-7.5.Z:python-devel-0:2.7.5-69.el7_5.ppc64", "7Client-optional-7.5.Z:python-devel-0:2.7.5-69.el7_5.ppc64le", "7Client-optional-7.5.Z:python-devel-0:2.7.5-69.el7_5.s390x", "7Client-optional-7.5.Z:python-devel-0:2.7.5-69.el7_5.x86_64", "7Client-optional-7.5.Z:python-libs-0:2.7.5-69.el7_5.aarch64", "7Client-optional-7.5.Z:python-libs-0:2.7.5-69.el7_5.i686", "7Client-optional-7.5.Z:python-libs-0:2.7.5-69.el7_5.ppc", "7Client-optional-7.5.Z:python-libs-0:2.7.5-69.el7_5.ppc64", "7Client-optional-7.5.Z:python-libs-0:2.7.5-69.el7_5.ppc64le", "7Client-optional-7.5.Z:python-libs-0:2.7.5-69.el7_5.s390", "7Client-optional-7.5.Z:python-libs-0:2.7.5-69.el7_5.s390x", "7Client-optional-7.5.Z:python-libs-0:2.7.5-69.el7_5.x86_64", "7Client-optional-7.5.Z:python-test-0:2.7.5-69.el7_5.aarch64", "7Client-optional-7.5.Z:python-test-0:2.7.5-69.el7_5.ppc64", "7Client-optional-7.5.Z:python-test-0:2.7.5-69.el7_5.ppc64le", "7Client-optional-7.5.Z:python-test-0:2.7.5-69.el7_5.s390x", "7Client-optional-7.5.Z:python-test-0:2.7.5-69.el7_5.x86_64", "7Client-optional-7.5.Z:python-tools-0:2.7.5-69.el7_5.aarch64", "7Client-optional-7.5.Z:python-tools-0:2.7.5-69.el7_5.ppc64", "7Client-optional-7.5.Z:python-tools-0:2.7.5-69.el7_5.ppc64le", "7Client-optional-7.5.Z:python-tools-0:2.7.5-69.el7_5.s390x", "7Client-optional-7.5.Z:python-tools-0:2.7.5-69.el7_5.x86_64", "7Client-optional-7.5.Z:tkinter-0:2.7.5-69.el7_5.aarch64", "7Client-optional-7.5.Z:tkinter-0:2.7.5-69.el7_5.ppc64", "7Client-optional-7.5.Z:tkinter-0:2.7.5-69.el7_5.ppc64le", "7Client-optional-7.5.Z:tkinter-0:2.7.5-69.el7_5.s390x", "7Client-optional-7.5.Z:tkinter-0:2.7.5-69.el7_5.x86_64", "7ComputeNode-7.5.Z:python-0:2.7.5-69.el7_5.aarch64", "7ComputeNode-7.5.Z:python-0:2.7.5-69.el7_5.ppc64", "7ComputeNode-7.5.Z:python-0:2.7.5-69.el7_5.ppc64le", "7ComputeNode-7.5.Z:python-0:2.7.5-69.el7_5.s390x", "7ComputeNode-7.5.Z:python-0:2.7.5-69.el7_5.src", "7ComputeNode-7.5.Z:python-0:2.7.5-69.el7_5.x86_64", "7ComputeNode-7.5.Z:python-debug-0:2.7.5-69.el7_5.aarch64", "7ComputeNode-7.5.Z:python-debug-0:2.7.5-69.el7_5.ppc64", "7ComputeNode-7.5.Z:python-debug-0:2.7.5-69.el7_5.ppc64le", "7ComputeNode-7.5.Z:python-debug-0:2.7.5-69.el7_5.s390x", "7ComputeNode-7.5.Z:python-debug-0:2.7.5-69.el7_5.x86_64", "7ComputeNode-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.aarch64", "7ComputeNode-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.i686", "7ComputeNode-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.ppc", "7ComputeNode-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.ppc64", "7ComputeNode-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.ppc64le", "7ComputeNode-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.s390", "7ComputeNode-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.s390x", "7ComputeNode-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.x86_64", "7ComputeNode-7.5.Z:python-devel-0:2.7.5-69.el7_5.aarch64", "7ComputeNode-7.5.Z:python-devel-0:2.7.5-69.el7_5.ppc64", "7ComputeNode-7.5.Z:python-devel-0:2.7.5-69.el7_5.ppc64le", "7ComputeNode-7.5.Z:python-devel-0:2.7.5-69.el7_5.s390x", "7ComputeNode-7.5.Z:python-devel-0:2.7.5-69.el7_5.x86_64", "7ComputeNode-7.5.Z:python-libs-0:2.7.5-69.el7_5.aarch64", "7ComputeNode-7.5.Z:python-libs-0:2.7.5-69.el7_5.i686", "7ComputeNode-7.5.Z:python-libs-0:2.7.5-69.el7_5.ppc", "7ComputeNode-7.5.Z:python-libs-0:2.7.5-69.el7_5.ppc64", "7ComputeNode-7.5.Z:python-libs-0:2.7.5-69.el7_5.ppc64le", "7ComputeNode-7.5.Z:python-libs-0:2.7.5-69.el7_5.s390", "7ComputeNode-7.5.Z:python-libs-0:2.7.5-69.el7_5.s390x", "7ComputeNode-7.5.Z:python-libs-0:2.7.5-69.el7_5.x86_64", "7ComputeNode-7.5.Z:python-test-0:2.7.5-69.el7_5.aarch64", "7ComputeNode-7.5.Z:python-test-0:2.7.5-69.el7_5.ppc64", "7ComputeNode-7.5.Z:python-test-0:2.7.5-69.el7_5.ppc64le", "7ComputeNode-7.5.Z:python-test-0:2.7.5-69.el7_5.s390x", "7ComputeNode-7.5.Z:python-test-0:2.7.5-69.el7_5.x86_64", "7ComputeNode-7.5.Z:python-tools-0:2.7.5-69.el7_5.aarch64", "7ComputeNode-7.5.Z:python-tools-0:2.7.5-69.el7_5.ppc64", "7ComputeNode-7.5.Z:python-tools-0:2.7.5-69.el7_5.ppc64le", "7ComputeNode-7.5.Z:python-tools-0:2.7.5-69.el7_5.s390x", "7ComputeNode-7.5.Z:python-tools-0:2.7.5-69.el7_5.x86_64", "7ComputeNode-7.5.Z:tkinter-0:2.7.5-69.el7_5.aarch64", "7ComputeNode-7.5.Z:tkinter-0:2.7.5-69.el7_5.ppc64", "7ComputeNode-7.5.Z:tkinter-0:2.7.5-69.el7_5.ppc64le", "7ComputeNode-7.5.Z:tkinter-0:2.7.5-69.el7_5.s390x", "7ComputeNode-7.5.Z:tkinter-0:2.7.5-69.el7_5.x86_64", "7ComputeNode-optional-7.5.Z:python-0:2.7.5-69.el7_5.aarch64", "7ComputeNode-optional-7.5.Z:python-0:2.7.5-69.el7_5.ppc64", "7ComputeNode-optional-7.5.Z:python-0:2.7.5-69.el7_5.ppc64le", "7ComputeNode-optional-7.5.Z:python-0:2.7.5-69.el7_5.s390x", "7ComputeNode-optional-7.5.Z:python-0:2.7.5-69.el7_5.src", "7ComputeNode-optional-7.5.Z:python-0:2.7.5-69.el7_5.x86_64", "7ComputeNode-optional-7.5.Z:python-debug-0:2.7.5-69.el7_5.aarch64", "7ComputeNode-optional-7.5.Z:python-debug-0:2.7.5-69.el7_5.ppc64", "7ComputeNode-optional-7.5.Z:python-debug-0:2.7.5-69.el7_5.ppc64le", "7ComputeNode-optional-7.5.Z:python-debug-0:2.7.5-69.el7_5.s390x", "7ComputeNode-optional-7.5.Z:python-debug-0:2.7.5-69.el7_5.x86_64", "7ComputeNode-optional-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.aarch64", "7ComputeNode-optional-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.i686", "7ComputeNode-optional-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.ppc", "7ComputeNode-optional-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.ppc64", "7ComputeNode-optional-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.ppc64le", "7ComputeNode-optional-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.s390", "7ComputeNode-optional-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.s390x", "7ComputeNode-optional-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.x86_64", "7ComputeNode-optional-7.5.Z:python-devel-0:2.7.5-69.el7_5.aarch64", "7ComputeNode-optional-7.5.Z:python-devel-0:2.7.5-69.el7_5.ppc64", "7ComputeNode-optional-7.5.Z:python-devel-0:2.7.5-69.el7_5.ppc64le", "7ComputeNode-optional-7.5.Z:python-devel-0:2.7.5-69.el7_5.s390x", "7ComputeNode-optional-7.5.Z:python-devel-0:2.7.5-69.el7_5.x86_64", "7ComputeNode-optional-7.5.Z:python-libs-0:2.7.5-69.el7_5.aarch64", "7ComputeNode-optional-7.5.Z:python-libs-0:2.7.5-69.el7_5.i686", "7ComputeNode-optional-7.5.Z:python-libs-0:2.7.5-69.el7_5.ppc", "7ComputeNode-optional-7.5.Z:python-libs-0:2.7.5-69.el7_5.ppc64", "7ComputeNode-optional-7.5.Z:python-libs-0:2.7.5-69.el7_5.ppc64le", "7ComputeNode-optional-7.5.Z:python-libs-0:2.7.5-69.el7_5.s390", "7ComputeNode-optional-7.5.Z:python-libs-0:2.7.5-69.el7_5.s390x", "7ComputeNode-optional-7.5.Z:python-libs-0:2.7.5-69.el7_5.x86_64", "7ComputeNode-optional-7.5.Z:python-test-0:2.7.5-69.el7_5.aarch64", "7ComputeNode-optional-7.5.Z:python-test-0:2.7.5-69.el7_5.ppc64", "7ComputeNode-optional-7.5.Z:python-test-0:2.7.5-69.el7_5.ppc64le", "7ComputeNode-optional-7.5.Z:python-test-0:2.7.5-69.el7_5.s390x", "7ComputeNode-optional-7.5.Z:python-test-0:2.7.5-69.el7_5.x86_64", "7ComputeNode-optional-7.5.Z:python-tools-0:2.7.5-69.el7_5.aarch64", "7ComputeNode-optional-7.5.Z:python-tools-0:2.7.5-69.el7_5.ppc64", "7ComputeNode-optional-7.5.Z:python-tools-0:2.7.5-69.el7_5.ppc64le", "7ComputeNode-optional-7.5.Z:python-tools-0:2.7.5-69.el7_5.s390x", "7ComputeNode-optional-7.5.Z:python-tools-0:2.7.5-69.el7_5.x86_64", "7ComputeNode-optional-7.5.Z:tkinter-0:2.7.5-69.el7_5.aarch64", "7ComputeNode-optional-7.5.Z:tkinter-0:2.7.5-69.el7_5.ppc64", "7ComputeNode-optional-7.5.Z:tkinter-0:2.7.5-69.el7_5.ppc64le", "7ComputeNode-optional-7.5.Z:tkinter-0:2.7.5-69.el7_5.s390x", "7ComputeNode-optional-7.5.Z:tkinter-0:2.7.5-69.el7_5.x86_64", "7Server-7.5.Z:python-0:2.7.5-69.el7_5.aarch64", "7Server-7.5.Z:python-0:2.7.5-69.el7_5.ppc64", "7Server-7.5.Z:python-0:2.7.5-69.el7_5.ppc64le", "7Server-7.5.Z:python-0:2.7.5-69.el7_5.s390x", "7Server-7.5.Z:python-0:2.7.5-69.el7_5.src", "7Server-7.5.Z:python-0:2.7.5-69.el7_5.x86_64", "7Server-7.5.Z:python-debug-0:2.7.5-69.el7_5.aarch64", "7Server-7.5.Z:python-debug-0:2.7.5-69.el7_5.ppc64", "7Server-7.5.Z:python-debug-0:2.7.5-69.el7_5.ppc64le", "7Server-7.5.Z:python-debug-0:2.7.5-69.el7_5.s390x", "7Server-7.5.Z:python-debug-0:2.7.5-69.el7_5.x86_64", "7Server-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.aarch64", "7Server-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.i686", "7Server-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.ppc", "7Server-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.ppc64", "7Server-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.ppc64le", "7Server-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.s390", "7Server-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.s390x", "7Server-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.x86_64", "7Server-7.5.Z:python-devel-0:2.7.5-69.el7_5.aarch64", "7Server-7.5.Z:python-devel-0:2.7.5-69.el7_5.ppc64", "7Server-7.5.Z:python-devel-0:2.7.5-69.el7_5.ppc64le", "7Server-7.5.Z:python-devel-0:2.7.5-69.el7_5.s390x", "7Server-7.5.Z:python-devel-0:2.7.5-69.el7_5.x86_64", "7Server-7.5.Z:python-libs-0:2.7.5-69.el7_5.aarch64", "7Server-7.5.Z:python-libs-0:2.7.5-69.el7_5.i686", "7Server-7.5.Z:python-libs-0:2.7.5-69.el7_5.ppc", "7Server-7.5.Z:python-libs-0:2.7.5-69.el7_5.ppc64", "7Server-7.5.Z:python-libs-0:2.7.5-69.el7_5.ppc64le", "7Server-7.5.Z:python-libs-0:2.7.5-69.el7_5.s390", "7Server-7.5.Z:python-libs-0:2.7.5-69.el7_5.s390x", "7Server-7.5.Z:python-libs-0:2.7.5-69.el7_5.x86_64", "7Server-7.5.Z:python-test-0:2.7.5-69.el7_5.aarch64", "7Server-7.5.Z:python-test-0:2.7.5-69.el7_5.ppc64", "7Server-7.5.Z:python-test-0:2.7.5-69.el7_5.ppc64le", "7Server-7.5.Z:python-test-0:2.7.5-69.el7_5.s390x", "7Server-7.5.Z:python-test-0:2.7.5-69.el7_5.x86_64", "7Server-7.5.Z:python-tools-0:2.7.5-69.el7_5.aarch64", "7Server-7.5.Z:python-tools-0:2.7.5-69.el7_5.ppc64", "7Server-7.5.Z:python-tools-0:2.7.5-69.el7_5.ppc64le", "7Server-7.5.Z:python-tools-0:2.7.5-69.el7_5.s390x", "7Server-7.5.Z:python-tools-0:2.7.5-69.el7_5.x86_64", "7Server-7.5.Z:tkinter-0:2.7.5-69.el7_5.aarch64", "7Server-7.5.Z:tkinter-0:2.7.5-69.el7_5.ppc64", "7Server-7.5.Z:tkinter-0:2.7.5-69.el7_5.ppc64le", "7Server-7.5.Z:tkinter-0:2.7.5-69.el7_5.s390x", "7Server-7.5.Z:tkinter-0:2.7.5-69.el7_5.x86_64", "7Server-Alt-7.5.Z:python-0:2.7.5-69.el7_5.aarch64", "7Server-Alt-7.5.Z:python-0:2.7.5-69.el7_5.ppc64", "7Server-Alt-7.5.Z:python-0:2.7.5-69.el7_5.ppc64le", "7Server-Alt-7.5.Z:python-0:2.7.5-69.el7_5.s390x", "7Server-Alt-7.5.Z:python-0:2.7.5-69.el7_5.src", "7Server-Alt-7.5.Z:python-0:2.7.5-69.el7_5.x86_64", "7Server-Alt-7.5.Z:python-debug-0:2.7.5-69.el7_5.aarch64", "7Server-Alt-7.5.Z:python-debug-0:2.7.5-69.el7_5.ppc64", "7Server-Alt-7.5.Z:python-debug-0:2.7.5-69.el7_5.ppc64le", "7Server-Alt-7.5.Z:python-debug-0:2.7.5-69.el7_5.s390x", "7Server-Alt-7.5.Z:python-debug-0:2.7.5-69.el7_5.x86_64", "7Server-Alt-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.aarch64", "7Server-Alt-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.i686", "7Server-Alt-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.ppc", "7Server-Alt-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.ppc64", "7Server-Alt-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.ppc64le", "7Server-Alt-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.s390", "7Server-Alt-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.s390x", "7Server-Alt-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.x86_64", "7Server-Alt-7.5.Z:python-devel-0:2.7.5-69.el7_5.aarch64", "7Server-Alt-7.5.Z:python-devel-0:2.7.5-69.el7_5.ppc64", "7Server-Alt-7.5.Z:python-devel-0:2.7.5-69.el7_5.ppc64le", "7Server-Alt-7.5.Z:python-devel-0:2.7.5-69.el7_5.s390x", "7Server-Alt-7.5.Z:python-devel-0:2.7.5-69.el7_5.x86_64", "7Server-Alt-7.5.Z:python-libs-0:2.7.5-69.el7_5.aarch64", "7Server-Alt-7.5.Z:python-libs-0:2.7.5-69.el7_5.i686", "7Server-Alt-7.5.Z:python-libs-0:2.7.5-69.el7_5.ppc", "7Server-Alt-7.5.Z:python-libs-0:2.7.5-69.el7_5.ppc64", "7Server-Alt-7.5.Z:python-libs-0:2.7.5-69.el7_5.ppc64le", "7Server-Alt-7.5.Z:python-libs-0:2.7.5-69.el7_5.s390", "7Server-Alt-7.5.Z:python-libs-0:2.7.5-69.el7_5.s390x", "7Server-Alt-7.5.Z:python-libs-0:2.7.5-69.el7_5.x86_64", "7Server-Alt-7.5.Z:python-test-0:2.7.5-69.el7_5.aarch64", "7Server-Alt-7.5.Z:python-test-0:2.7.5-69.el7_5.ppc64", "7Server-Alt-7.5.Z:python-test-0:2.7.5-69.el7_5.ppc64le", "7Server-Alt-7.5.Z:python-test-0:2.7.5-69.el7_5.s390x", "7Server-Alt-7.5.Z:python-test-0:2.7.5-69.el7_5.x86_64", "7Server-Alt-7.5.Z:python-tools-0:2.7.5-69.el7_5.aarch64", "7Server-Alt-7.5.Z:python-tools-0:2.7.5-69.el7_5.ppc64", "7Server-Alt-7.5.Z:python-tools-0:2.7.5-69.el7_5.ppc64le", "7Server-Alt-7.5.Z:python-tools-0:2.7.5-69.el7_5.s390x", "7Server-Alt-7.5.Z:python-tools-0:2.7.5-69.el7_5.x86_64", "7Server-Alt-7.5.Z:tkinter-0:2.7.5-69.el7_5.aarch64", "7Server-Alt-7.5.Z:tkinter-0:2.7.5-69.el7_5.ppc64", "7Server-Alt-7.5.Z:tkinter-0:2.7.5-69.el7_5.ppc64le", "7Server-Alt-7.5.Z:tkinter-0:2.7.5-69.el7_5.s390x", "7Server-Alt-7.5.Z:tkinter-0:2.7.5-69.el7_5.x86_64", "7Server-optional-7.5.Z:python-0:2.7.5-69.el7_5.aarch64", "7Server-optional-7.5.Z:python-0:2.7.5-69.el7_5.ppc64", "7Server-optional-7.5.Z:python-0:2.7.5-69.el7_5.ppc64le", "7Server-optional-7.5.Z:python-0:2.7.5-69.el7_5.s390x", "7Server-optional-7.5.Z:python-0:2.7.5-69.el7_5.src", "7Server-optional-7.5.Z:python-0:2.7.5-69.el7_5.x86_64", "7Server-optional-7.5.Z:python-debug-0:2.7.5-69.el7_5.aarch64", "7Server-optional-7.5.Z:python-debug-0:2.7.5-69.el7_5.ppc64", "7Server-optional-7.5.Z:python-debug-0:2.7.5-69.el7_5.ppc64le", "7Server-optional-7.5.Z:python-debug-0:2.7.5-69.el7_5.s390x", "7Server-optional-7.5.Z:python-debug-0:2.7.5-69.el7_5.x86_64", "7Server-optional-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.aarch64", "7Server-optional-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.i686", "7Server-optional-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.ppc", "7Server-optional-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.ppc64", "7Server-optional-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.ppc64le", "7Server-optional-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.s390", "7Server-optional-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.s390x", "7Server-optional-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.x86_64", "7Server-optional-7.5.Z:python-devel-0:2.7.5-69.el7_5.aarch64", "7Server-optional-7.5.Z:python-devel-0:2.7.5-69.el7_5.ppc64", "7Server-optional-7.5.Z:python-devel-0:2.7.5-69.el7_5.ppc64le", "7Server-optional-7.5.Z:python-devel-0:2.7.5-69.el7_5.s390x", "7Server-optional-7.5.Z:python-devel-0:2.7.5-69.el7_5.x86_64", "7Server-optional-7.5.Z:python-libs-0:2.7.5-69.el7_5.aarch64", "7Server-optional-7.5.Z:python-libs-0:2.7.5-69.el7_5.i686", "7Server-optional-7.5.Z:python-libs-0:2.7.5-69.el7_5.ppc", "7Server-optional-7.5.Z:python-libs-0:2.7.5-69.el7_5.ppc64", "7Server-optional-7.5.Z:python-libs-0:2.7.5-69.el7_5.ppc64le", "7Server-optional-7.5.Z:python-libs-0:2.7.5-69.el7_5.s390", "7Server-optional-7.5.Z:python-libs-0:2.7.5-69.el7_5.s390x", "7Server-optional-7.5.Z:python-libs-0:2.7.5-69.el7_5.x86_64", "7Server-optional-7.5.Z:python-test-0:2.7.5-69.el7_5.aarch64", "7Server-optional-7.5.Z:python-test-0:2.7.5-69.el7_5.ppc64", "7Server-optional-7.5.Z:python-test-0:2.7.5-69.el7_5.ppc64le", "7Server-optional-7.5.Z:python-test-0:2.7.5-69.el7_5.s390x", "7Server-optional-7.5.Z:python-test-0:2.7.5-69.el7_5.x86_64", "7Server-optional-7.5.Z:python-tools-0:2.7.5-69.el7_5.aarch64", "7Server-optional-7.5.Z:python-tools-0:2.7.5-69.el7_5.ppc64", "7Server-optional-7.5.Z:python-tools-0:2.7.5-69.el7_5.ppc64le", "7Server-optional-7.5.Z:python-tools-0:2.7.5-69.el7_5.s390x", "7Server-optional-7.5.Z:python-tools-0:2.7.5-69.el7_5.x86_64", "7Server-optional-7.5.Z:tkinter-0:2.7.5-69.el7_5.aarch64", "7Server-optional-7.5.Z:tkinter-0:2.7.5-69.el7_5.ppc64", "7Server-optional-7.5.Z:tkinter-0:2.7.5-69.el7_5.ppc64le", "7Server-optional-7.5.Z:tkinter-0:2.7.5-69.el7_5.s390x", "7Server-optional-7.5.Z:tkinter-0:2.7.5-69.el7_5.x86_64", "7Server-optional-Alt-7.5.Z:python-0:2.7.5-69.el7_5.aarch64", "7Server-optional-Alt-7.5.Z:python-0:2.7.5-69.el7_5.ppc64", "7Server-optional-Alt-7.5.Z:python-0:2.7.5-69.el7_5.ppc64le", "7Server-optional-Alt-7.5.Z:python-0:2.7.5-69.el7_5.s390x", "7Server-optional-Alt-7.5.Z:python-0:2.7.5-69.el7_5.src", "7Server-optional-Alt-7.5.Z:python-0:2.7.5-69.el7_5.x86_64", "7Server-optional-Alt-7.5.Z:python-debug-0:2.7.5-69.el7_5.aarch64", "7Server-optional-Alt-7.5.Z:python-debug-0:2.7.5-69.el7_5.ppc64", "7Server-optional-Alt-7.5.Z:python-debug-0:2.7.5-69.el7_5.ppc64le", "7Server-optional-Alt-7.5.Z:python-debug-0:2.7.5-69.el7_5.s390x", "7Server-optional-Alt-7.5.Z:python-debug-0:2.7.5-69.el7_5.x86_64", "7Server-optional-Alt-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.aarch64", "7Server-optional-Alt-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.i686", "7Server-optional-Alt-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.ppc", "7Server-optional-Alt-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.ppc64", "7Server-optional-Alt-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.ppc64le", "7Server-optional-Alt-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.s390", "7Server-optional-Alt-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.s390x", "7Server-optional-Alt-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.x86_64", "7Server-optional-Alt-7.5.Z:python-devel-0:2.7.5-69.el7_5.aarch64", "7Server-optional-Alt-7.5.Z:python-devel-0:2.7.5-69.el7_5.ppc64", "7Server-optional-Alt-7.5.Z:python-devel-0:2.7.5-69.el7_5.ppc64le", "7Server-optional-Alt-7.5.Z:python-devel-0:2.7.5-69.el7_5.s390x", "7Server-optional-Alt-7.5.Z:python-devel-0:2.7.5-69.el7_5.x86_64", "7Server-optional-Alt-7.5.Z:python-libs-0:2.7.5-69.el7_5.aarch64", "7Server-optional-Alt-7.5.Z:python-libs-0:2.7.5-69.el7_5.i686", "7Server-optional-Alt-7.5.Z:python-libs-0:2.7.5-69.el7_5.ppc", "7Server-optional-Alt-7.5.Z:python-libs-0:2.7.5-69.el7_5.ppc64", "7Server-optional-Alt-7.5.Z:python-libs-0:2.7.5-69.el7_5.ppc64le", "7Server-optional-Alt-7.5.Z:python-libs-0:2.7.5-69.el7_5.s390", "7Server-optional-Alt-7.5.Z:python-libs-0:2.7.5-69.el7_5.s390x", "7Server-optional-Alt-7.5.Z:python-libs-0:2.7.5-69.el7_5.x86_64", "7Server-optional-Alt-7.5.Z:python-test-0:2.7.5-69.el7_5.aarch64", "7Server-optional-Alt-7.5.Z:python-test-0:2.7.5-69.el7_5.ppc64", "7Server-optional-Alt-7.5.Z:python-test-0:2.7.5-69.el7_5.ppc64le", "7Server-optional-Alt-7.5.Z:python-test-0:2.7.5-69.el7_5.s390x", "7Server-optional-Alt-7.5.Z:python-test-0:2.7.5-69.el7_5.x86_64", "7Server-optional-Alt-7.5.Z:python-tools-0:2.7.5-69.el7_5.aarch64", "7Server-optional-Alt-7.5.Z:python-tools-0:2.7.5-69.el7_5.ppc64", "7Server-optional-Alt-7.5.Z:python-tools-0:2.7.5-69.el7_5.ppc64le", "7Server-optional-Alt-7.5.Z:python-tools-0:2.7.5-69.el7_5.s390x", "7Server-optional-Alt-7.5.Z:python-tools-0:2.7.5-69.el7_5.x86_64", "7Server-optional-Alt-7.5.Z:tkinter-0:2.7.5-69.el7_5.aarch64", "7Server-optional-Alt-7.5.Z:tkinter-0:2.7.5-69.el7_5.ppc64", "7Server-optional-Alt-7.5.Z:tkinter-0:2.7.5-69.el7_5.ppc64le", "7Server-optional-Alt-7.5.Z:tkinter-0:2.7.5-69.el7_5.s390x", "7Server-optional-Alt-7.5.Z:tkinter-0:2.7.5-69.el7_5.x86_64", "7Workstation-7.5.Z:python-0:2.7.5-69.el7_5.aarch64", "7Workstation-7.5.Z:python-0:2.7.5-69.el7_5.ppc64", "7Workstation-7.5.Z:python-0:2.7.5-69.el7_5.ppc64le", "7Workstation-7.5.Z:python-0:2.7.5-69.el7_5.s390x", "7Workstation-7.5.Z:python-0:2.7.5-69.el7_5.src", "7Workstation-7.5.Z:python-0:2.7.5-69.el7_5.x86_64", "7Workstation-7.5.Z:python-debug-0:2.7.5-69.el7_5.aarch64", "7Workstation-7.5.Z:python-debug-0:2.7.5-69.el7_5.ppc64", "7Workstation-7.5.Z:python-debug-0:2.7.5-69.el7_5.ppc64le", "7Workstation-7.5.Z:python-debug-0:2.7.5-69.el7_5.s390x", "7Workstation-7.5.Z:python-debug-0:2.7.5-69.el7_5.x86_64", "7Workstation-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.aarch64", "7Workstation-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.i686", "7Workstation-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.ppc", "7Workstation-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.ppc64", "7Workstation-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.ppc64le", "7Workstation-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.s390", "7Workstation-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.s390x", "7Workstation-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.x86_64", "7Workstation-7.5.Z:python-devel-0:2.7.5-69.el7_5.aarch64", "7Workstation-7.5.Z:python-devel-0:2.7.5-69.el7_5.ppc64", "7Workstation-7.5.Z:python-devel-0:2.7.5-69.el7_5.ppc64le", "7Workstation-7.5.Z:python-devel-0:2.7.5-69.el7_5.s390x", "7Workstation-7.5.Z:python-devel-0:2.7.5-69.el7_5.x86_64", "7Workstation-7.5.Z:python-libs-0:2.7.5-69.el7_5.aarch64", "7Workstation-7.5.Z:python-libs-0:2.7.5-69.el7_5.i686", "7Workstation-7.5.Z:python-libs-0:2.7.5-69.el7_5.ppc", "7Workstation-7.5.Z:python-libs-0:2.7.5-69.el7_5.ppc64", "7Workstation-7.5.Z:python-libs-0:2.7.5-69.el7_5.ppc64le", "7Workstation-7.5.Z:python-libs-0:2.7.5-69.el7_5.s390", "7Workstation-7.5.Z:python-libs-0:2.7.5-69.el7_5.s390x", "7Workstation-7.5.Z:python-libs-0:2.7.5-69.el7_5.x86_64", "7Workstation-7.5.Z:python-test-0:2.7.5-69.el7_5.aarch64", "7Workstation-7.5.Z:python-test-0:2.7.5-69.el7_5.ppc64", "7Workstation-7.5.Z:python-test-0:2.7.5-69.el7_5.ppc64le", "7Workstation-7.5.Z:python-test-0:2.7.5-69.el7_5.s390x", "7Workstation-7.5.Z:python-test-0:2.7.5-69.el7_5.x86_64", "7Workstation-7.5.Z:python-tools-0:2.7.5-69.el7_5.aarch64", "7Workstation-7.5.Z:python-tools-0:2.7.5-69.el7_5.ppc64", "7Workstation-7.5.Z:python-tools-0:2.7.5-69.el7_5.ppc64le", "7Workstation-7.5.Z:python-tools-0:2.7.5-69.el7_5.s390x", "7Workstation-7.5.Z:python-tools-0:2.7.5-69.el7_5.x86_64", "7Workstation-7.5.Z:tkinter-0:2.7.5-69.el7_5.aarch64", "7Workstation-7.5.Z:tkinter-0:2.7.5-69.el7_5.ppc64", "7Workstation-7.5.Z:tkinter-0:2.7.5-69.el7_5.ppc64le", "7Workstation-7.5.Z:tkinter-0:2.7.5-69.el7_5.s390x", "7Workstation-7.5.Z:tkinter-0:2.7.5-69.el7_5.x86_64", "7Workstation-optional-7.5.Z:python-0:2.7.5-69.el7_5.aarch64", "7Workstation-optional-7.5.Z:python-0:2.7.5-69.el7_5.ppc64", "7Workstation-optional-7.5.Z:python-0:2.7.5-69.el7_5.ppc64le", "7Workstation-optional-7.5.Z:python-0:2.7.5-69.el7_5.s390x", "7Workstation-optional-7.5.Z:python-0:2.7.5-69.el7_5.src", "7Workstation-optional-7.5.Z:python-0:2.7.5-69.el7_5.x86_64", "7Workstation-optional-7.5.Z:python-debug-0:2.7.5-69.el7_5.aarch64", "7Workstation-optional-7.5.Z:python-debug-0:2.7.5-69.el7_5.ppc64", "7Workstation-optional-7.5.Z:python-debug-0:2.7.5-69.el7_5.ppc64le", "7Workstation-optional-7.5.Z:python-debug-0:2.7.5-69.el7_5.s390x", "7Workstation-optional-7.5.Z:python-debug-0:2.7.5-69.el7_5.x86_64", "7Workstation-optional-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.aarch64", "7Workstation-optional-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.i686", "7Workstation-optional-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.ppc", "7Workstation-optional-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.ppc64", "7Workstation-optional-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.ppc64le", "7Workstation-optional-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.s390", "7Workstation-optional-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.s390x", "7Workstation-optional-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.x86_64", "7Workstation-optional-7.5.Z:python-devel-0:2.7.5-69.el7_5.aarch64", "7Workstation-optional-7.5.Z:python-devel-0:2.7.5-69.el7_5.ppc64", "7Workstation-optional-7.5.Z:python-devel-0:2.7.5-69.el7_5.ppc64le", "7Workstation-optional-7.5.Z:python-devel-0:2.7.5-69.el7_5.s390x", "7Workstation-optional-7.5.Z:python-devel-0:2.7.5-69.el7_5.x86_64", "7Workstation-optional-7.5.Z:python-libs-0:2.7.5-69.el7_5.aarch64", "7Workstation-optional-7.5.Z:python-libs-0:2.7.5-69.el7_5.i686", "7Workstation-optional-7.5.Z:python-libs-0:2.7.5-69.el7_5.ppc", "7Workstation-optional-7.5.Z:python-libs-0:2.7.5-69.el7_5.ppc64", "7Workstation-optional-7.5.Z:python-libs-0:2.7.5-69.el7_5.ppc64le", "7Workstation-optional-7.5.Z:python-libs-0:2.7.5-69.el7_5.s390", "7Workstation-optional-7.5.Z:python-libs-0:2.7.5-69.el7_5.s390x", "7Workstation-optional-7.5.Z:python-libs-0:2.7.5-69.el7_5.x86_64", "7Workstation-optional-7.5.Z:python-test-0:2.7.5-69.el7_5.aarch64", "7Workstation-optional-7.5.Z:python-test-0:2.7.5-69.el7_5.ppc64", "7Workstation-optional-7.5.Z:python-test-0:2.7.5-69.el7_5.ppc64le", "7Workstation-optional-7.5.Z:python-test-0:2.7.5-69.el7_5.s390x", "7Workstation-optional-7.5.Z:python-test-0:2.7.5-69.el7_5.x86_64", "7Workstation-optional-7.5.Z:python-tools-0:2.7.5-69.el7_5.aarch64", "7Workstation-optional-7.5.Z:python-tools-0:2.7.5-69.el7_5.ppc64", "7Workstation-optional-7.5.Z:python-tools-0:2.7.5-69.el7_5.ppc64le", "7Workstation-optional-7.5.Z:python-tools-0:2.7.5-69.el7_5.s390x", "7Workstation-optional-7.5.Z:python-tools-0:2.7.5-69.el7_5.x86_64", "7Workstation-optional-7.5.Z:tkinter-0:2.7.5-69.el7_5.aarch64", "7Workstation-optional-7.5.Z:tkinter-0:2.7.5-69.el7_5.ppc64", "7Workstation-optional-7.5.Z:tkinter-0:2.7.5-69.el7_5.ppc64le", "7Workstation-optional-7.5.Z:tkinter-0:2.7.5-69.el7_5.s390x", "7Workstation-optional-7.5.Z:tkinter-0:2.7.5-69.el7_5.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2016-2183" }, { "category": "external", "summary": "RHBZ#1369383", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1369383" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2016-2183", "url": "https://www.cve.org/CVERecord?id=CVE-2016-2183" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-2183", "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-2183" }, { "category": "external", "summary": "https://access.redhat.com/articles/2548661", "url": "https://access.redhat.com/articles/2548661" }, { "category": "external", "summary": "https://access.redhat.com/errata/RHSA-2016:1940", "url": "https://access.redhat.com/errata/RHSA-2016:1940" }, { "category": "external", "summary": "https://sweet32.info/", "url": "https://sweet32.info/" } ], "release_date": "2016-08-24T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "7Client-7.5.Z:python-0:2.7.5-69.el7_5.aarch64", "7Client-7.5.Z:python-0:2.7.5-69.el7_5.ppc64", "7Client-7.5.Z:python-0:2.7.5-69.el7_5.ppc64le", "7Client-7.5.Z:python-0:2.7.5-69.el7_5.s390x", "7Client-7.5.Z:python-0:2.7.5-69.el7_5.src", "7Client-7.5.Z:python-0:2.7.5-69.el7_5.x86_64", "7Client-7.5.Z:python-debug-0:2.7.5-69.el7_5.aarch64", "7Client-7.5.Z:python-debug-0:2.7.5-69.el7_5.ppc64", "7Client-7.5.Z:python-debug-0:2.7.5-69.el7_5.ppc64le", "7Client-7.5.Z:python-debug-0:2.7.5-69.el7_5.s390x", "7Client-7.5.Z:python-debug-0:2.7.5-69.el7_5.x86_64", "7Client-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.aarch64", "7Client-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.i686", "7Client-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.ppc", "7Client-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.ppc64", "7Client-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.ppc64le", "7Client-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.s390", "7Client-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.s390x", "7Client-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.x86_64", "7Client-7.5.Z:python-devel-0:2.7.5-69.el7_5.aarch64", "7Client-7.5.Z:python-devel-0:2.7.5-69.el7_5.ppc64", "7Client-7.5.Z:python-devel-0:2.7.5-69.el7_5.ppc64le", "7Client-7.5.Z:python-devel-0:2.7.5-69.el7_5.s390x", "7Client-7.5.Z:python-devel-0:2.7.5-69.el7_5.x86_64", "7Client-7.5.Z:python-libs-0:2.7.5-69.el7_5.aarch64", "7Client-7.5.Z:python-libs-0:2.7.5-69.el7_5.i686", "7Client-7.5.Z:python-libs-0:2.7.5-69.el7_5.ppc", "7Client-7.5.Z:python-libs-0:2.7.5-69.el7_5.ppc64", "7Client-7.5.Z:python-libs-0:2.7.5-69.el7_5.ppc64le", "7Client-7.5.Z:python-libs-0:2.7.5-69.el7_5.s390", "7Client-7.5.Z:python-libs-0:2.7.5-69.el7_5.s390x", "7Client-7.5.Z:python-libs-0:2.7.5-69.el7_5.x86_64", "7Client-7.5.Z:python-test-0:2.7.5-69.el7_5.aarch64", "7Client-7.5.Z:python-test-0:2.7.5-69.el7_5.ppc64", "7Client-7.5.Z:python-test-0:2.7.5-69.el7_5.ppc64le", "7Client-7.5.Z:python-test-0:2.7.5-69.el7_5.s390x", "7Client-7.5.Z:python-test-0:2.7.5-69.el7_5.x86_64", "7Client-7.5.Z:python-tools-0:2.7.5-69.el7_5.aarch64", "7Client-7.5.Z:python-tools-0:2.7.5-69.el7_5.ppc64", "7Client-7.5.Z:python-tools-0:2.7.5-69.el7_5.ppc64le", "7Client-7.5.Z:python-tools-0:2.7.5-69.el7_5.s390x", "7Client-7.5.Z:python-tools-0:2.7.5-69.el7_5.x86_64", "7Client-7.5.Z:tkinter-0:2.7.5-69.el7_5.aarch64", "7Client-7.5.Z:tkinter-0:2.7.5-69.el7_5.ppc64", "7Client-7.5.Z:tkinter-0:2.7.5-69.el7_5.ppc64le", "7Client-7.5.Z:tkinter-0:2.7.5-69.el7_5.s390x", "7Client-7.5.Z:tkinter-0:2.7.5-69.el7_5.x86_64", "7Client-optional-7.5.Z:python-0:2.7.5-69.el7_5.aarch64", "7Client-optional-7.5.Z:python-0:2.7.5-69.el7_5.ppc64", "7Client-optional-7.5.Z:python-0:2.7.5-69.el7_5.ppc64le", "7Client-optional-7.5.Z:python-0:2.7.5-69.el7_5.s390x", "7Client-optional-7.5.Z:python-0:2.7.5-69.el7_5.src", "7Client-optional-7.5.Z:python-0:2.7.5-69.el7_5.x86_64", "7Client-optional-7.5.Z:python-debug-0:2.7.5-69.el7_5.aarch64", "7Client-optional-7.5.Z:python-debug-0:2.7.5-69.el7_5.ppc64", "7Client-optional-7.5.Z:python-debug-0:2.7.5-69.el7_5.ppc64le", "7Client-optional-7.5.Z:python-debug-0:2.7.5-69.el7_5.s390x", "7Client-optional-7.5.Z:python-debug-0:2.7.5-69.el7_5.x86_64", "7Client-optional-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.aarch64", "7Client-optional-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.i686", "7Client-optional-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.ppc", "7Client-optional-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.ppc64", "7Client-optional-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.ppc64le", "7Client-optional-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.s390", "7Client-optional-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.s390x", "7Client-optional-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.x86_64", "7Client-optional-7.5.Z:python-devel-0:2.7.5-69.el7_5.aarch64", "7Client-optional-7.5.Z:python-devel-0:2.7.5-69.el7_5.ppc64", "7Client-optional-7.5.Z:python-devel-0:2.7.5-69.el7_5.ppc64le", "7Client-optional-7.5.Z:python-devel-0:2.7.5-69.el7_5.s390x", "7Client-optional-7.5.Z:python-devel-0:2.7.5-69.el7_5.x86_64", "7Client-optional-7.5.Z:python-libs-0:2.7.5-69.el7_5.aarch64", "7Client-optional-7.5.Z:python-libs-0:2.7.5-69.el7_5.i686", "7Client-optional-7.5.Z:python-libs-0:2.7.5-69.el7_5.ppc", "7Client-optional-7.5.Z:python-libs-0:2.7.5-69.el7_5.ppc64", "7Client-optional-7.5.Z:python-libs-0:2.7.5-69.el7_5.ppc64le", "7Client-optional-7.5.Z:python-libs-0:2.7.5-69.el7_5.s390", "7Client-optional-7.5.Z:python-libs-0:2.7.5-69.el7_5.s390x", "7Client-optional-7.5.Z:python-libs-0:2.7.5-69.el7_5.x86_64", "7Client-optional-7.5.Z:python-test-0:2.7.5-69.el7_5.aarch64", "7Client-optional-7.5.Z:python-test-0:2.7.5-69.el7_5.ppc64", "7Client-optional-7.5.Z:python-test-0:2.7.5-69.el7_5.ppc64le", "7Client-optional-7.5.Z:python-test-0:2.7.5-69.el7_5.s390x", "7Client-optional-7.5.Z:python-test-0:2.7.5-69.el7_5.x86_64", "7Client-optional-7.5.Z:python-tools-0:2.7.5-69.el7_5.aarch64", "7Client-optional-7.5.Z:python-tools-0:2.7.5-69.el7_5.ppc64", "7Client-optional-7.5.Z:python-tools-0:2.7.5-69.el7_5.ppc64le", "7Client-optional-7.5.Z:python-tools-0:2.7.5-69.el7_5.s390x", "7Client-optional-7.5.Z:python-tools-0:2.7.5-69.el7_5.x86_64", "7Client-optional-7.5.Z:tkinter-0:2.7.5-69.el7_5.aarch64", "7Client-optional-7.5.Z:tkinter-0:2.7.5-69.el7_5.ppc64", "7Client-optional-7.5.Z:tkinter-0:2.7.5-69.el7_5.ppc64le", "7Client-optional-7.5.Z:tkinter-0:2.7.5-69.el7_5.s390x", "7Client-optional-7.5.Z:tkinter-0:2.7.5-69.el7_5.x86_64", "7ComputeNode-7.5.Z:python-0:2.7.5-69.el7_5.aarch64", "7ComputeNode-7.5.Z:python-0:2.7.5-69.el7_5.ppc64", "7ComputeNode-7.5.Z:python-0:2.7.5-69.el7_5.ppc64le", "7ComputeNode-7.5.Z:python-0:2.7.5-69.el7_5.s390x", "7ComputeNode-7.5.Z:python-0:2.7.5-69.el7_5.src", "7ComputeNode-7.5.Z:python-0:2.7.5-69.el7_5.x86_64", "7ComputeNode-7.5.Z:python-debug-0:2.7.5-69.el7_5.aarch64", "7ComputeNode-7.5.Z:python-debug-0:2.7.5-69.el7_5.ppc64", "7ComputeNode-7.5.Z:python-debug-0:2.7.5-69.el7_5.ppc64le", "7ComputeNode-7.5.Z:python-debug-0:2.7.5-69.el7_5.s390x", "7ComputeNode-7.5.Z:python-debug-0:2.7.5-69.el7_5.x86_64", "7ComputeNode-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.aarch64", "7ComputeNode-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.i686", "7ComputeNode-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.ppc", "7ComputeNode-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.ppc64", "7ComputeNode-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.ppc64le", "7ComputeNode-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.s390", "7ComputeNode-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.s390x", "7ComputeNode-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.x86_64", "7ComputeNode-7.5.Z:python-devel-0:2.7.5-69.el7_5.aarch64", "7ComputeNode-7.5.Z:python-devel-0:2.7.5-69.el7_5.ppc64", "7ComputeNode-7.5.Z:python-devel-0:2.7.5-69.el7_5.ppc64le", "7ComputeNode-7.5.Z:python-devel-0:2.7.5-69.el7_5.s390x", "7ComputeNode-7.5.Z:python-devel-0:2.7.5-69.el7_5.x86_64", "7ComputeNode-7.5.Z:python-libs-0:2.7.5-69.el7_5.aarch64", "7ComputeNode-7.5.Z:python-libs-0:2.7.5-69.el7_5.i686", "7ComputeNode-7.5.Z:python-libs-0:2.7.5-69.el7_5.ppc", "7ComputeNode-7.5.Z:python-libs-0:2.7.5-69.el7_5.ppc64", "7ComputeNode-7.5.Z:python-libs-0:2.7.5-69.el7_5.ppc64le", "7ComputeNode-7.5.Z:python-libs-0:2.7.5-69.el7_5.s390", "7ComputeNode-7.5.Z:python-libs-0:2.7.5-69.el7_5.s390x", "7ComputeNode-7.5.Z:python-libs-0:2.7.5-69.el7_5.x86_64", "7ComputeNode-7.5.Z:python-test-0:2.7.5-69.el7_5.aarch64", "7ComputeNode-7.5.Z:python-test-0:2.7.5-69.el7_5.ppc64", "7ComputeNode-7.5.Z:python-test-0:2.7.5-69.el7_5.ppc64le", "7ComputeNode-7.5.Z:python-test-0:2.7.5-69.el7_5.s390x", "7ComputeNode-7.5.Z:python-test-0:2.7.5-69.el7_5.x86_64", "7ComputeNode-7.5.Z:python-tools-0:2.7.5-69.el7_5.aarch64", "7ComputeNode-7.5.Z:python-tools-0:2.7.5-69.el7_5.ppc64", "7ComputeNode-7.5.Z:python-tools-0:2.7.5-69.el7_5.ppc64le", "7ComputeNode-7.5.Z:python-tools-0:2.7.5-69.el7_5.s390x", "7ComputeNode-7.5.Z:python-tools-0:2.7.5-69.el7_5.x86_64", "7ComputeNode-7.5.Z:tkinter-0:2.7.5-69.el7_5.aarch64", "7ComputeNode-7.5.Z:tkinter-0:2.7.5-69.el7_5.ppc64", "7ComputeNode-7.5.Z:tkinter-0:2.7.5-69.el7_5.ppc64le", "7ComputeNode-7.5.Z:tkinter-0:2.7.5-69.el7_5.s390x", "7ComputeNode-7.5.Z:tkinter-0:2.7.5-69.el7_5.x86_64", "7ComputeNode-optional-7.5.Z:python-0:2.7.5-69.el7_5.aarch64", "7ComputeNode-optional-7.5.Z:python-0:2.7.5-69.el7_5.ppc64", "7ComputeNode-optional-7.5.Z:python-0:2.7.5-69.el7_5.ppc64le", "7ComputeNode-optional-7.5.Z:python-0:2.7.5-69.el7_5.s390x", "7ComputeNode-optional-7.5.Z:python-0:2.7.5-69.el7_5.src", "7ComputeNode-optional-7.5.Z:python-0:2.7.5-69.el7_5.x86_64", "7ComputeNode-optional-7.5.Z:python-debug-0:2.7.5-69.el7_5.aarch64", "7ComputeNode-optional-7.5.Z:python-debug-0:2.7.5-69.el7_5.ppc64", "7ComputeNode-optional-7.5.Z:python-debug-0:2.7.5-69.el7_5.ppc64le", "7ComputeNode-optional-7.5.Z:python-debug-0:2.7.5-69.el7_5.s390x", "7ComputeNode-optional-7.5.Z:python-debug-0:2.7.5-69.el7_5.x86_64", "7ComputeNode-optional-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.aarch64", "7ComputeNode-optional-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.i686", "7ComputeNode-optional-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.ppc", "7ComputeNode-optional-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.ppc64", "7ComputeNode-optional-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.ppc64le", "7ComputeNode-optional-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.s390", "7ComputeNode-optional-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.s390x", "7ComputeNode-optional-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.x86_64", "7ComputeNode-optional-7.5.Z:python-devel-0:2.7.5-69.el7_5.aarch64", "7ComputeNode-optional-7.5.Z:python-devel-0:2.7.5-69.el7_5.ppc64", "7ComputeNode-optional-7.5.Z:python-devel-0:2.7.5-69.el7_5.ppc64le", "7ComputeNode-optional-7.5.Z:python-devel-0:2.7.5-69.el7_5.s390x", "7ComputeNode-optional-7.5.Z:python-devel-0:2.7.5-69.el7_5.x86_64", "7ComputeNode-optional-7.5.Z:python-libs-0:2.7.5-69.el7_5.aarch64", "7ComputeNode-optional-7.5.Z:python-libs-0:2.7.5-69.el7_5.i686", "7ComputeNode-optional-7.5.Z:python-libs-0:2.7.5-69.el7_5.ppc", "7ComputeNode-optional-7.5.Z:python-libs-0:2.7.5-69.el7_5.ppc64", "7ComputeNode-optional-7.5.Z:python-libs-0:2.7.5-69.el7_5.ppc64le", "7ComputeNode-optional-7.5.Z:python-libs-0:2.7.5-69.el7_5.s390", "7ComputeNode-optional-7.5.Z:python-libs-0:2.7.5-69.el7_5.s390x", "7ComputeNode-optional-7.5.Z:python-libs-0:2.7.5-69.el7_5.x86_64", "7ComputeNode-optional-7.5.Z:python-test-0:2.7.5-69.el7_5.aarch64", "7ComputeNode-optional-7.5.Z:python-test-0:2.7.5-69.el7_5.ppc64", "7ComputeNode-optional-7.5.Z:python-test-0:2.7.5-69.el7_5.ppc64le", "7ComputeNode-optional-7.5.Z:python-test-0:2.7.5-69.el7_5.s390x", "7ComputeNode-optional-7.5.Z:python-test-0:2.7.5-69.el7_5.x86_64", "7ComputeNode-optional-7.5.Z:python-tools-0:2.7.5-69.el7_5.aarch64", "7ComputeNode-optional-7.5.Z:python-tools-0:2.7.5-69.el7_5.ppc64", "7ComputeNode-optional-7.5.Z:python-tools-0:2.7.5-69.el7_5.ppc64le", "7ComputeNode-optional-7.5.Z:python-tools-0:2.7.5-69.el7_5.s390x", "7ComputeNode-optional-7.5.Z:python-tools-0:2.7.5-69.el7_5.x86_64", "7ComputeNode-optional-7.5.Z:tkinter-0:2.7.5-69.el7_5.aarch64", "7ComputeNode-optional-7.5.Z:tkinter-0:2.7.5-69.el7_5.ppc64", "7ComputeNode-optional-7.5.Z:tkinter-0:2.7.5-69.el7_5.ppc64le", "7ComputeNode-optional-7.5.Z:tkinter-0:2.7.5-69.el7_5.s390x", "7ComputeNode-optional-7.5.Z:tkinter-0:2.7.5-69.el7_5.x86_64", "7Server-7.5.Z:python-0:2.7.5-69.el7_5.aarch64", "7Server-7.5.Z:python-0:2.7.5-69.el7_5.ppc64", "7Server-7.5.Z:python-0:2.7.5-69.el7_5.ppc64le", "7Server-7.5.Z:python-0:2.7.5-69.el7_5.s390x", "7Server-7.5.Z:python-0:2.7.5-69.el7_5.src", "7Server-7.5.Z:python-0:2.7.5-69.el7_5.x86_64", "7Server-7.5.Z:python-debug-0:2.7.5-69.el7_5.aarch64", "7Server-7.5.Z:python-debug-0:2.7.5-69.el7_5.ppc64", "7Server-7.5.Z:python-debug-0:2.7.5-69.el7_5.ppc64le", "7Server-7.5.Z:python-debug-0:2.7.5-69.el7_5.s390x", "7Server-7.5.Z:python-debug-0:2.7.5-69.el7_5.x86_64", "7Server-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.aarch64", "7Server-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.i686", "7Server-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.ppc", "7Server-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.ppc64", "7Server-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.ppc64le", "7Server-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.s390", "7Server-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.s390x", "7Server-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.x86_64", "7Server-7.5.Z:python-devel-0:2.7.5-69.el7_5.aarch64", "7Server-7.5.Z:python-devel-0:2.7.5-69.el7_5.ppc64", "7Server-7.5.Z:python-devel-0:2.7.5-69.el7_5.ppc64le", "7Server-7.5.Z:python-devel-0:2.7.5-69.el7_5.s390x", "7Server-7.5.Z:python-devel-0:2.7.5-69.el7_5.x86_64", "7Server-7.5.Z:python-libs-0:2.7.5-69.el7_5.aarch64", "7Server-7.5.Z:python-libs-0:2.7.5-69.el7_5.i686", "7Server-7.5.Z:python-libs-0:2.7.5-69.el7_5.ppc", "7Server-7.5.Z:python-libs-0:2.7.5-69.el7_5.ppc64", "7Server-7.5.Z:python-libs-0:2.7.5-69.el7_5.ppc64le", "7Server-7.5.Z:python-libs-0:2.7.5-69.el7_5.s390", "7Server-7.5.Z:python-libs-0:2.7.5-69.el7_5.s390x", "7Server-7.5.Z:python-libs-0:2.7.5-69.el7_5.x86_64", "7Server-7.5.Z:python-test-0:2.7.5-69.el7_5.aarch64", "7Server-7.5.Z:python-test-0:2.7.5-69.el7_5.ppc64", "7Server-7.5.Z:python-test-0:2.7.5-69.el7_5.ppc64le", "7Server-7.5.Z:python-test-0:2.7.5-69.el7_5.s390x", "7Server-7.5.Z:python-test-0:2.7.5-69.el7_5.x86_64", "7Server-7.5.Z:python-tools-0:2.7.5-69.el7_5.aarch64", "7Server-7.5.Z:python-tools-0:2.7.5-69.el7_5.ppc64", "7Server-7.5.Z:python-tools-0:2.7.5-69.el7_5.ppc64le", "7Server-7.5.Z:python-tools-0:2.7.5-69.el7_5.s390x", "7Server-7.5.Z:python-tools-0:2.7.5-69.el7_5.x86_64", "7Server-7.5.Z:tkinter-0:2.7.5-69.el7_5.aarch64", "7Server-7.5.Z:tkinter-0:2.7.5-69.el7_5.ppc64", "7Server-7.5.Z:tkinter-0:2.7.5-69.el7_5.ppc64le", "7Server-7.5.Z:tkinter-0:2.7.5-69.el7_5.s390x", "7Server-7.5.Z:tkinter-0:2.7.5-69.el7_5.x86_64", "7Server-Alt-7.5.Z:python-0:2.7.5-69.el7_5.aarch64", "7Server-Alt-7.5.Z:python-0:2.7.5-69.el7_5.ppc64", "7Server-Alt-7.5.Z:python-0:2.7.5-69.el7_5.ppc64le", "7Server-Alt-7.5.Z:python-0:2.7.5-69.el7_5.s390x", "7Server-Alt-7.5.Z:python-0:2.7.5-69.el7_5.src", "7Server-Alt-7.5.Z:python-0:2.7.5-69.el7_5.x86_64", "7Server-Alt-7.5.Z:python-debug-0:2.7.5-69.el7_5.aarch64", "7Server-Alt-7.5.Z:python-debug-0:2.7.5-69.el7_5.ppc64", "7Server-Alt-7.5.Z:python-debug-0:2.7.5-69.el7_5.ppc64le", "7Server-Alt-7.5.Z:python-debug-0:2.7.5-69.el7_5.s390x", "7Server-Alt-7.5.Z:python-debug-0:2.7.5-69.el7_5.x86_64", "7Server-Alt-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.aarch64", "7Server-Alt-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.i686", "7Server-Alt-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.ppc", "7Server-Alt-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.ppc64", "7Server-Alt-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.ppc64le", "7Server-Alt-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.s390", "7Server-Alt-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.s390x", "7Server-Alt-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.x86_64", "7Server-Alt-7.5.Z:python-devel-0:2.7.5-69.el7_5.aarch64", "7Server-Alt-7.5.Z:python-devel-0:2.7.5-69.el7_5.ppc64", "7Server-Alt-7.5.Z:python-devel-0:2.7.5-69.el7_5.ppc64le", "7Server-Alt-7.5.Z:python-devel-0:2.7.5-69.el7_5.s390x", "7Server-Alt-7.5.Z:python-devel-0:2.7.5-69.el7_5.x86_64", "7Server-Alt-7.5.Z:python-libs-0:2.7.5-69.el7_5.aarch64", "7Server-Alt-7.5.Z:python-libs-0:2.7.5-69.el7_5.i686", "7Server-Alt-7.5.Z:python-libs-0:2.7.5-69.el7_5.ppc", "7Server-Alt-7.5.Z:python-libs-0:2.7.5-69.el7_5.ppc64", "7Server-Alt-7.5.Z:python-libs-0:2.7.5-69.el7_5.ppc64le", "7Server-Alt-7.5.Z:python-libs-0:2.7.5-69.el7_5.s390", "7Server-Alt-7.5.Z:python-libs-0:2.7.5-69.el7_5.s390x", "7Server-Alt-7.5.Z:python-libs-0:2.7.5-69.el7_5.x86_64", "7Server-Alt-7.5.Z:python-test-0:2.7.5-69.el7_5.aarch64", "7Server-Alt-7.5.Z:python-test-0:2.7.5-69.el7_5.ppc64", "7Server-Alt-7.5.Z:python-test-0:2.7.5-69.el7_5.ppc64le", "7Server-Alt-7.5.Z:python-test-0:2.7.5-69.el7_5.s390x", "7Server-Alt-7.5.Z:python-test-0:2.7.5-69.el7_5.x86_64", "7Server-Alt-7.5.Z:python-tools-0:2.7.5-69.el7_5.aarch64", "7Server-Alt-7.5.Z:python-tools-0:2.7.5-69.el7_5.ppc64", "7Server-Alt-7.5.Z:python-tools-0:2.7.5-69.el7_5.ppc64le", "7Server-Alt-7.5.Z:python-tools-0:2.7.5-69.el7_5.s390x", "7Server-Alt-7.5.Z:python-tools-0:2.7.5-69.el7_5.x86_64", "7Server-Alt-7.5.Z:tkinter-0:2.7.5-69.el7_5.aarch64", "7Server-Alt-7.5.Z:tkinter-0:2.7.5-69.el7_5.ppc64", "7Server-Alt-7.5.Z:tkinter-0:2.7.5-69.el7_5.ppc64le", "7Server-Alt-7.5.Z:tkinter-0:2.7.5-69.el7_5.s390x", "7Server-Alt-7.5.Z:tkinter-0:2.7.5-69.el7_5.x86_64", "7Server-optional-7.5.Z:python-0:2.7.5-69.el7_5.aarch64", "7Server-optional-7.5.Z:python-0:2.7.5-69.el7_5.ppc64", "7Server-optional-7.5.Z:python-0:2.7.5-69.el7_5.ppc64le", "7Server-optional-7.5.Z:python-0:2.7.5-69.el7_5.s390x", "7Server-optional-7.5.Z:python-0:2.7.5-69.el7_5.src", "7Server-optional-7.5.Z:python-0:2.7.5-69.el7_5.x86_64", "7Server-optional-7.5.Z:python-debug-0:2.7.5-69.el7_5.aarch64", "7Server-optional-7.5.Z:python-debug-0:2.7.5-69.el7_5.ppc64", "7Server-optional-7.5.Z:python-debug-0:2.7.5-69.el7_5.ppc64le", "7Server-optional-7.5.Z:python-debug-0:2.7.5-69.el7_5.s390x", "7Server-optional-7.5.Z:python-debug-0:2.7.5-69.el7_5.x86_64", "7Server-optional-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.aarch64", "7Server-optional-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.i686", "7Server-optional-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.ppc", "7Server-optional-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.ppc64", "7Server-optional-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.ppc64le", "7Server-optional-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.s390", "7Server-optional-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.s390x", "7Server-optional-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.x86_64", "7Server-optional-7.5.Z:python-devel-0:2.7.5-69.el7_5.aarch64", "7Server-optional-7.5.Z:python-devel-0:2.7.5-69.el7_5.ppc64", "7Server-optional-7.5.Z:python-devel-0:2.7.5-69.el7_5.ppc64le", "7Server-optional-7.5.Z:python-devel-0:2.7.5-69.el7_5.s390x", "7Server-optional-7.5.Z:python-devel-0:2.7.5-69.el7_5.x86_64", "7Server-optional-7.5.Z:python-libs-0:2.7.5-69.el7_5.aarch64", "7Server-optional-7.5.Z:python-libs-0:2.7.5-69.el7_5.i686", "7Server-optional-7.5.Z:python-libs-0:2.7.5-69.el7_5.ppc", "7Server-optional-7.5.Z:python-libs-0:2.7.5-69.el7_5.ppc64", "7Server-optional-7.5.Z:python-libs-0:2.7.5-69.el7_5.ppc64le", "7Server-optional-7.5.Z:python-libs-0:2.7.5-69.el7_5.s390", "7Server-optional-7.5.Z:python-libs-0:2.7.5-69.el7_5.s390x", "7Server-optional-7.5.Z:python-libs-0:2.7.5-69.el7_5.x86_64", "7Server-optional-7.5.Z:python-test-0:2.7.5-69.el7_5.aarch64", "7Server-optional-7.5.Z:python-test-0:2.7.5-69.el7_5.ppc64", "7Server-optional-7.5.Z:python-test-0:2.7.5-69.el7_5.ppc64le", "7Server-optional-7.5.Z:python-test-0:2.7.5-69.el7_5.s390x", "7Server-optional-7.5.Z:python-test-0:2.7.5-69.el7_5.x86_64", "7Server-optional-7.5.Z:python-tools-0:2.7.5-69.el7_5.aarch64", "7Server-optional-7.5.Z:python-tools-0:2.7.5-69.el7_5.ppc64", "7Server-optional-7.5.Z:python-tools-0:2.7.5-69.el7_5.ppc64le", "7Server-optional-7.5.Z:python-tools-0:2.7.5-69.el7_5.s390x", "7Server-optional-7.5.Z:python-tools-0:2.7.5-69.el7_5.x86_64", "7Server-optional-7.5.Z:tkinter-0:2.7.5-69.el7_5.aarch64", "7Server-optional-7.5.Z:tkinter-0:2.7.5-69.el7_5.ppc64", "7Server-optional-7.5.Z:tkinter-0:2.7.5-69.el7_5.ppc64le", "7Server-optional-7.5.Z:tkinter-0:2.7.5-69.el7_5.s390x", "7Server-optional-7.5.Z:tkinter-0:2.7.5-69.el7_5.x86_64", "7Server-optional-Alt-7.5.Z:python-0:2.7.5-69.el7_5.aarch64", "7Server-optional-Alt-7.5.Z:python-0:2.7.5-69.el7_5.ppc64", "7Server-optional-Alt-7.5.Z:python-0:2.7.5-69.el7_5.ppc64le", "7Server-optional-Alt-7.5.Z:python-0:2.7.5-69.el7_5.s390x", "7Server-optional-Alt-7.5.Z:python-0:2.7.5-69.el7_5.src", "7Server-optional-Alt-7.5.Z:python-0:2.7.5-69.el7_5.x86_64", "7Server-optional-Alt-7.5.Z:python-debug-0:2.7.5-69.el7_5.aarch64", "7Server-optional-Alt-7.5.Z:python-debug-0:2.7.5-69.el7_5.ppc64", "7Server-optional-Alt-7.5.Z:python-debug-0:2.7.5-69.el7_5.ppc64le", "7Server-optional-Alt-7.5.Z:python-debug-0:2.7.5-69.el7_5.s390x", "7Server-optional-Alt-7.5.Z:python-debug-0:2.7.5-69.el7_5.x86_64", "7Server-optional-Alt-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.aarch64", "7Server-optional-Alt-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.i686", "7Server-optional-Alt-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.ppc", "7Server-optional-Alt-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.ppc64", "7Server-optional-Alt-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.ppc64le", "7Server-optional-Alt-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.s390", "7Server-optional-Alt-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.s390x", "7Server-optional-Alt-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.x86_64", "7Server-optional-Alt-7.5.Z:python-devel-0:2.7.5-69.el7_5.aarch64", "7Server-optional-Alt-7.5.Z:python-devel-0:2.7.5-69.el7_5.ppc64", "7Server-optional-Alt-7.5.Z:python-devel-0:2.7.5-69.el7_5.ppc64le", "7Server-optional-Alt-7.5.Z:python-devel-0:2.7.5-69.el7_5.s390x", "7Server-optional-Alt-7.5.Z:python-devel-0:2.7.5-69.el7_5.x86_64", "7Server-optional-Alt-7.5.Z:python-libs-0:2.7.5-69.el7_5.aarch64", "7Server-optional-Alt-7.5.Z:python-libs-0:2.7.5-69.el7_5.i686", "7Server-optional-Alt-7.5.Z:python-libs-0:2.7.5-69.el7_5.ppc", "7Server-optional-Alt-7.5.Z:python-libs-0:2.7.5-69.el7_5.ppc64", "7Server-optional-Alt-7.5.Z:python-libs-0:2.7.5-69.el7_5.ppc64le", "7Server-optional-Alt-7.5.Z:python-libs-0:2.7.5-69.el7_5.s390", "7Server-optional-Alt-7.5.Z:python-libs-0:2.7.5-69.el7_5.s390x", "7Server-optional-Alt-7.5.Z:python-libs-0:2.7.5-69.el7_5.x86_64", "7Server-optional-Alt-7.5.Z:python-test-0:2.7.5-69.el7_5.aarch64", "7Server-optional-Alt-7.5.Z:python-test-0:2.7.5-69.el7_5.ppc64", "7Server-optional-Alt-7.5.Z:python-test-0:2.7.5-69.el7_5.ppc64le", "7Server-optional-Alt-7.5.Z:python-test-0:2.7.5-69.el7_5.s390x", "7Server-optional-Alt-7.5.Z:python-test-0:2.7.5-69.el7_5.x86_64", "7Server-optional-Alt-7.5.Z:python-tools-0:2.7.5-69.el7_5.aarch64", "7Server-optional-Alt-7.5.Z:python-tools-0:2.7.5-69.el7_5.ppc64", "7Server-optional-Alt-7.5.Z:python-tools-0:2.7.5-69.el7_5.ppc64le", "7Server-optional-Alt-7.5.Z:python-tools-0:2.7.5-69.el7_5.s390x", "7Server-optional-Alt-7.5.Z:python-tools-0:2.7.5-69.el7_5.x86_64", "7Server-optional-Alt-7.5.Z:tkinter-0:2.7.5-69.el7_5.aarch64", "7Server-optional-Alt-7.5.Z:tkinter-0:2.7.5-69.el7_5.ppc64", "7Server-optional-Alt-7.5.Z:tkinter-0:2.7.5-69.el7_5.ppc64le", "7Server-optional-Alt-7.5.Z:tkinter-0:2.7.5-69.el7_5.s390x", "7Server-optional-Alt-7.5.Z:tkinter-0:2.7.5-69.el7_5.x86_64", "7Workstation-7.5.Z:python-0:2.7.5-69.el7_5.aarch64", "7Workstation-7.5.Z:python-0:2.7.5-69.el7_5.ppc64", "7Workstation-7.5.Z:python-0:2.7.5-69.el7_5.ppc64le", "7Workstation-7.5.Z:python-0:2.7.5-69.el7_5.s390x", "7Workstation-7.5.Z:python-0:2.7.5-69.el7_5.src", "7Workstation-7.5.Z:python-0:2.7.5-69.el7_5.x86_64", "7Workstation-7.5.Z:python-debug-0:2.7.5-69.el7_5.aarch64", "7Workstation-7.5.Z:python-debug-0:2.7.5-69.el7_5.ppc64", "7Workstation-7.5.Z:python-debug-0:2.7.5-69.el7_5.ppc64le", "7Workstation-7.5.Z:python-debug-0:2.7.5-69.el7_5.s390x", "7Workstation-7.5.Z:python-debug-0:2.7.5-69.el7_5.x86_64", "7Workstation-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.aarch64", "7Workstation-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.i686", "7Workstation-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.ppc", "7Workstation-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.ppc64", "7Workstation-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.ppc64le", "7Workstation-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.s390", "7Workstation-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.s390x", "7Workstation-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.x86_64", "7Workstation-7.5.Z:python-devel-0:2.7.5-69.el7_5.aarch64", "7Workstation-7.5.Z:python-devel-0:2.7.5-69.el7_5.ppc64", "7Workstation-7.5.Z:python-devel-0:2.7.5-69.el7_5.ppc64le", "7Workstation-7.5.Z:python-devel-0:2.7.5-69.el7_5.s390x", "7Workstation-7.5.Z:python-devel-0:2.7.5-69.el7_5.x86_64", "7Workstation-7.5.Z:python-libs-0:2.7.5-69.el7_5.aarch64", "7Workstation-7.5.Z:python-libs-0:2.7.5-69.el7_5.i686", "7Workstation-7.5.Z:python-libs-0:2.7.5-69.el7_5.ppc", "7Workstation-7.5.Z:python-libs-0:2.7.5-69.el7_5.ppc64", "7Workstation-7.5.Z:python-libs-0:2.7.5-69.el7_5.ppc64le", "7Workstation-7.5.Z:python-libs-0:2.7.5-69.el7_5.s390", "7Workstation-7.5.Z:python-libs-0:2.7.5-69.el7_5.s390x", "7Workstation-7.5.Z:python-libs-0:2.7.5-69.el7_5.x86_64", "7Workstation-7.5.Z:python-test-0:2.7.5-69.el7_5.aarch64", "7Workstation-7.5.Z:python-test-0:2.7.5-69.el7_5.ppc64", "7Workstation-7.5.Z:python-test-0:2.7.5-69.el7_5.ppc64le", "7Workstation-7.5.Z:python-test-0:2.7.5-69.el7_5.s390x", "7Workstation-7.5.Z:python-test-0:2.7.5-69.el7_5.x86_64", "7Workstation-7.5.Z:python-tools-0:2.7.5-69.el7_5.aarch64", "7Workstation-7.5.Z:python-tools-0:2.7.5-69.el7_5.ppc64", "7Workstation-7.5.Z:python-tools-0:2.7.5-69.el7_5.ppc64le", "7Workstation-7.5.Z:python-tools-0:2.7.5-69.el7_5.s390x", "7Workstation-7.5.Z:python-tools-0:2.7.5-69.el7_5.x86_64", "7Workstation-7.5.Z:tkinter-0:2.7.5-69.el7_5.aarch64", "7Workstation-7.5.Z:tkinter-0:2.7.5-69.el7_5.ppc64", "7Workstation-7.5.Z:tkinter-0:2.7.5-69.el7_5.ppc64le", "7Workstation-7.5.Z:tkinter-0:2.7.5-69.el7_5.s390x", "7Workstation-7.5.Z:tkinter-0:2.7.5-69.el7_5.x86_64", "7Workstation-optional-7.5.Z:python-0:2.7.5-69.el7_5.aarch64", "7Workstation-optional-7.5.Z:python-0:2.7.5-69.el7_5.ppc64", "7Workstation-optional-7.5.Z:python-0:2.7.5-69.el7_5.ppc64le", "7Workstation-optional-7.5.Z:python-0:2.7.5-69.el7_5.s390x", "7Workstation-optional-7.5.Z:python-0:2.7.5-69.el7_5.src", "7Workstation-optional-7.5.Z:python-0:2.7.5-69.el7_5.x86_64", "7Workstation-optional-7.5.Z:python-debug-0:2.7.5-69.el7_5.aarch64", "7Workstation-optional-7.5.Z:python-debug-0:2.7.5-69.el7_5.ppc64", "7Workstation-optional-7.5.Z:python-debug-0:2.7.5-69.el7_5.ppc64le", "7Workstation-optional-7.5.Z:python-debug-0:2.7.5-69.el7_5.s390x", "7Workstation-optional-7.5.Z:python-debug-0:2.7.5-69.el7_5.x86_64", "7Workstation-optional-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.aarch64", "7Workstation-optional-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.i686", "7Workstation-optional-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.ppc", "7Workstation-optional-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.ppc64", "7Workstation-optional-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.ppc64le", "7Workstation-optional-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.s390", "7Workstation-optional-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.s390x", "7Workstation-optional-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.x86_64", "7Workstation-optional-7.5.Z:python-devel-0:2.7.5-69.el7_5.aarch64", "7Workstation-optional-7.5.Z:python-devel-0:2.7.5-69.el7_5.ppc64", "7Workstation-optional-7.5.Z:python-devel-0:2.7.5-69.el7_5.ppc64le", "7Workstation-optional-7.5.Z:python-devel-0:2.7.5-69.el7_5.s390x", "7Workstation-optional-7.5.Z:python-devel-0:2.7.5-69.el7_5.x86_64", "7Workstation-optional-7.5.Z:python-libs-0:2.7.5-69.el7_5.aarch64", "7Workstation-optional-7.5.Z:python-libs-0:2.7.5-69.el7_5.i686", "7Workstation-optional-7.5.Z:python-libs-0:2.7.5-69.el7_5.ppc", "7Workstation-optional-7.5.Z:python-libs-0:2.7.5-69.el7_5.ppc64", "7Workstation-optional-7.5.Z:python-libs-0:2.7.5-69.el7_5.ppc64le", "7Workstation-optional-7.5.Z:python-libs-0:2.7.5-69.el7_5.s390", "7Workstation-optional-7.5.Z:python-libs-0:2.7.5-69.el7_5.s390x", "7Workstation-optional-7.5.Z:python-libs-0:2.7.5-69.el7_5.x86_64", "7Workstation-optional-7.5.Z:python-test-0:2.7.5-69.el7_5.aarch64", "7Workstation-optional-7.5.Z:python-test-0:2.7.5-69.el7_5.ppc64", "7Workstation-optional-7.5.Z:python-test-0:2.7.5-69.el7_5.ppc64le", "7Workstation-optional-7.5.Z:python-test-0:2.7.5-69.el7_5.s390x", "7Workstation-optional-7.5.Z:python-test-0:2.7.5-69.el7_5.x86_64", "7Workstation-optional-7.5.Z:python-tools-0:2.7.5-69.el7_5.aarch64", "7Workstation-optional-7.5.Z:python-tools-0:2.7.5-69.el7_5.ppc64", "7Workstation-optional-7.5.Z:python-tools-0:2.7.5-69.el7_5.ppc64le", "7Workstation-optional-7.5.Z:python-tools-0:2.7.5-69.el7_5.s390x", "7Workstation-optional-7.5.Z:python-tools-0:2.7.5-69.el7_5.x86_64", "7Workstation-optional-7.5.Z:tkinter-0:2.7.5-69.el7_5.aarch64", "7Workstation-optional-7.5.Z:tkinter-0:2.7.5-69.el7_5.ppc64", "7Workstation-optional-7.5.Z:tkinter-0:2.7.5-69.el7_5.ppc64le", "7Workstation-optional-7.5.Z:tkinter-0:2.7.5-69.el7_5.s390x", "7Workstation-optional-7.5.Z:tkinter-0:2.7.5-69.el7_5.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2018:2123" }, { "category": "workaround", "details": "1.SSL/TLS configurations should prefer AES over DES. Versions of OpenSSL shipped with Red Hat Enterprise Linux 6 and 7 already do so. In the version of OpenSSL shipped with Red Hat Enterprise Linux 5, 3DES is listed below the AES-256 cipher and above the AES-128 cipher, therefore AES-256 based ciphersuite should not be disabled on the server.\n2. Servers using OpenSSL, should not disable AES-128 and AES-256 ciphersuites. Versions of Apache shipped with Red Hat Enterprise Linux use the default cipher string, in which AES is preferred over DES/3DES based ciphersuites.\n\nFor JBoss Middleware, and Java mitigations, please review this knowledge base article:\n\nhttps://access.redhat.com/articles/2598471\n\nThis can be mitigated on OpenShift Container Platform (OCP) by disabling the vulnerable TLS cipher suite in the applicable component. TLS configuration options for OCP are described here:\n\nhttps://access.redhat.com/articles/5348961", "product_ids": [ "7Client-7.5.Z:python-0:2.7.5-69.el7_5.aarch64", "7Client-7.5.Z:python-0:2.7.5-69.el7_5.ppc64", "7Client-7.5.Z:python-0:2.7.5-69.el7_5.ppc64le", "7Client-7.5.Z:python-0:2.7.5-69.el7_5.s390x", "7Client-7.5.Z:python-0:2.7.5-69.el7_5.src", "7Client-7.5.Z:python-0:2.7.5-69.el7_5.x86_64", "7Client-7.5.Z:python-debug-0:2.7.5-69.el7_5.aarch64", "7Client-7.5.Z:python-debug-0:2.7.5-69.el7_5.ppc64", "7Client-7.5.Z:python-debug-0:2.7.5-69.el7_5.ppc64le", "7Client-7.5.Z:python-debug-0:2.7.5-69.el7_5.s390x", "7Client-7.5.Z:python-debug-0:2.7.5-69.el7_5.x86_64", "7Client-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.aarch64", "7Client-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.i686", "7Client-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.ppc", "7Client-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.ppc64", "7Client-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.ppc64le", "7Client-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.s390", "7Client-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.s390x", "7Client-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.x86_64", "7Client-7.5.Z:python-devel-0:2.7.5-69.el7_5.aarch64", "7Client-7.5.Z:python-devel-0:2.7.5-69.el7_5.ppc64", "7Client-7.5.Z:python-devel-0:2.7.5-69.el7_5.ppc64le", "7Client-7.5.Z:python-devel-0:2.7.5-69.el7_5.s390x", "7Client-7.5.Z:python-devel-0:2.7.5-69.el7_5.x86_64", "7Client-7.5.Z:python-libs-0:2.7.5-69.el7_5.aarch64", "7Client-7.5.Z:python-libs-0:2.7.5-69.el7_5.i686", "7Client-7.5.Z:python-libs-0:2.7.5-69.el7_5.ppc", "7Client-7.5.Z:python-libs-0:2.7.5-69.el7_5.ppc64", "7Client-7.5.Z:python-libs-0:2.7.5-69.el7_5.ppc64le", "7Client-7.5.Z:python-libs-0:2.7.5-69.el7_5.s390", "7Client-7.5.Z:python-libs-0:2.7.5-69.el7_5.s390x", "7Client-7.5.Z:python-libs-0:2.7.5-69.el7_5.x86_64", "7Client-7.5.Z:python-test-0:2.7.5-69.el7_5.aarch64", "7Client-7.5.Z:python-test-0:2.7.5-69.el7_5.ppc64", "7Client-7.5.Z:python-test-0:2.7.5-69.el7_5.ppc64le", "7Client-7.5.Z:python-test-0:2.7.5-69.el7_5.s390x", "7Client-7.5.Z:python-test-0:2.7.5-69.el7_5.x86_64", "7Client-7.5.Z:python-tools-0:2.7.5-69.el7_5.aarch64", "7Client-7.5.Z:python-tools-0:2.7.5-69.el7_5.ppc64", "7Client-7.5.Z:python-tools-0:2.7.5-69.el7_5.ppc64le", "7Client-7.5.Z:python-tools-0:2.7.5-69.el7_5.s390x", "7Client-7.5.Z:python-tools-0:2.7.5-69.el7_5.x86_64", "7Client-7.5.Z:tkinter-0:2.7.5-69.el7_5.aarch64", "7Client-7.5.Z:tkinter-0:2.7.5-69.el7_5.ppc64", "7Client-7.5.Z:tkinter-0:2.7.5-69.el7_5.ppc64le", "7Client-7.5.Z:tkinter-0:2.7.5-69.el7_5.s390x", "7Client-7.5.Z:tkinter-0:2.7.5-69.el7_5.x86_64", "7Client-optional-7.5.Z:python-0:2.7.5-69.el7_5.aarch64", "7Client-optional-7.5.Z:python-0:2.7.5-69.el7_5.ppc64", "7Client-optional-7.5.Z:python-0:2.7.5-69.el7_5.ppc64le", "7Client-optional-7.5.Z:python-0:2.7.5-69.el7_5.s390x", "7Client-optional-7.5.Z:python-0:2.7.5-69.el7_5.src", "7Client-optional-7.5.Z:python-0:2.7.5-69.el7_5.x86_64", "7Client-optional-7.5.Z:python-debug-0:2.7.5-69.el7_5.aarch64", "7Client-optional-7.5.Z:python-debug-0:2.7.5-69.el7_5.ppc64", "7Client-optional-7.5.Z:python-debug-0:2.7.5-69.el7_5.ppc64le", "7Client-optional-7.5.Z:python-debug-0:2.7.5-69.el7_5.s390x", "7Client-optional-7.5.Z:python-debug-0:2.7.5-69.el7_5.x86_64", "7Client-optional-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.aarch64", "7Client-optional-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.i686", "7Client-optional-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.ppc", "7Client-optional-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.ppc64", "7Client-optional-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.ppc64le", "7Client-optional-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.s390", "7Client-optional-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.s390x", "7Client-optional-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.x86_64", "7Client-optional-7.5.Z:python-devel-0:2.7.5-69.el7_5.aarch64", "7Client-optional-7.5.Z:python-devel-0:2.7.5-69.el7_5.ppc64", "7Client-optional-7.5.Z:python-devel-0:2.7.5-69.el7_5.ppc64le", "7Client-optional-7.5.Z:python-devel-0:2.7.5-69.el7_5.s390x", "7Client-optional-7.5.Z:python-devel-0:2.7.5-69.el7_5.x86_64", "7Client-optional-7.5.Z:python-libs-0:2.7.5-69.el7_5.aarch64", "7Client-optional-7.5.Z:python-libs-0:2.7.5-69.el7_5.i686", "7Client-optional-7.5.Z:python-libs-0:2.7.5-69.el7_5.ppc", "7Client-optional-7.5.Z:python-libs-0:2.7.5-69.el7_5.ppc64", "7Client-optional-7.5.Z:python-libs-0:2.7.5-69.el7_5.ppc64le", "7Client-optional-7.5.Z:python-libs-0:2.7.5-69.el7_5.s390", "7Client-optional-7.5.Z:python-libs-0:2.7.5-69.el7_5.s390x", "7Client-optional-7.5.Z:python-libs-0:2.7.5-69.el7_5.x86_64", "7Client-optional-7.5.Z:python-test-0:2.7.5-69.el7_5.aarch64", "7Client-optional-7.5.Z:python-test-0:2.7.5-69.el7_5.ppc64", "7Client-optional-7.5.Z:python-test-0:2.7.5-69.el7_5.ppc64le", "7Client-optional-7.5.Z:python-test-0:2.7.5-69.el7_5.s390x", "7Client-optional-7.5.Z:python-test-0:2.7.5-69.el7_5.x86_64", "7Client-optional-7.5.Z:python-tools-0:2.7.5-69.el7_5.aarch64", "7Client-optional-7.5.Z:python-tools-0:2.7.5-69.el7_5.ppc64", "7Client-optional-7.5.Z:python-tools-0:2.7.5-69.el7_5.ppc64le", "7Client-optional-7.5.Z:python-tools-0:2.7.5-69.el7_5.s390x", "7Client-optional-7.5.Z:python-tools-0:2.7.5-69.el7_5.x86_64", "7Client-optional-7.5.Z:tkinter-0:2.7.5-69.el7_5.aarch64", "7Client-optional-7.5.Z:tkinter-0:2.7.5-69.el7_5.ppc64", "7Client-optional-7.5.Z:tkinter-0:2.7.5-69.el7_5.ppc64le", "7Client-optional-7.5.Z:tkinter-0:2.7.5-69.el7_5.s390x", "7Client-optional-7.5.Z:tkinter-0:2.7.5-69.el7_5.x86_64", "7ComputeNode-7.5.Z:python-0:2.7.5-69.el7_5.aarch64", "7ComputeNode-7.5.Z:python-0:2.7.5-69.el7_5.ppc64", "7ComputeNode-7.5.Z:python-0:2.7.5-69.el7_5.ppc64le", "7ComputeNode-7.5.Z:python-0:2.7.5-69.el7_5.s390x", "7ComputeNode-7.5.Z:python-0:2.7.5-69.el7_5.src", "7ComputeNode-7.5.Z:python-0:2.7.5-69.el7_5.x86_64", "7ComputeNode-7.5.Z:python-debug-0:2.7.5-69.el7_5.aarch64", "7ComputeNode-7.5.Z:python-debug-0:2.7.5-69.el7_5.ppc64", "7ComputeNode-7.5.Z:python-debug-0:2.7.5-69.el7_5.ppc64le", "7ComputeNode-7.5.Z:python-debug-0:2.7.5-69.el7_5.s390x", "7ComputeNode-7.5.Z:python-debug-0:2.7.5-69.el7_5.x86_64", "7ComputeNode-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.aarch64", "7ComputeNode-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.i686", "7ComputeNode-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.ppc", "7ComputeNode-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.ppc64", "7ComputeNode-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.ppc64le", "7ComputeNode-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.s390", "7ComputeNode-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.s390x", "7ComputeNode-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.x86_64", "7ComputeNode-7.5.Z:python-devel-0:2.7.5-69.el7_5.aarch64", "7ComputeNode-7.5.Z:python-devel-0:2.7.5-69.el7_5.ppc64", "7ComputeNode-7.5.Z:python-devel-0:2.7.5-69.el7_5.ppc64le", "7ComputeNode-7.5.Z:python-devel-0:2.7.5-69.el7_5.s390x", "7ComputeNode-7.5.Z:python-devel-0:2.7.5-69.el7_5.x86_64", "7ComputeNode-7.5.Z:python-libs-0:2.7.5-69.el7_5.aarch64", "7ComputeNode-7.5.Z:python-libs-0:2.7.5-69.el7_5.i686", "7ComputeNode-7.5.Z:python-libs-0:2.7.5-69.el7_5.ppc", "7ComputeNode-7.5.Z:python-libs-0:2.7.5-69.el7_5.ppc64", "7ComputeNode-7.5.Z:python-libs-0:2.7.5-69.el7_5.ppc64le", "7ComputeNode-7.5.Z:python-libs-0:2.7.5-69.el7_5.s390", "7ComputeNode-7.5.Z:python-libs-0:2.7.5-69.el7_5.s390x", "7ComputeNode-7.5.Z:python-libs-0:2.7.5-69.el7_5.x86_64", "7ComputeNode-7.5.Z:python-test-0:2.7.5-69.el7_5.aarch64", "7ComputeNode-7.5.Z:python-test-0:2.7.5-69.el7_5.ppc64", "7ComputeNode-7.5.Z:python-test-0:2.7.5-69.el7_5.ppc64le", "7ComputeNode-7.5.Z:python-test-0:2.7.5-69.el7_5.s390x", "7ComputeNode-7.5.Z:python-test-0:2.7.5-69.el7_5.x86_64", "7ComputeNode-7.5.Z:python-tools-0:2.7.5-69.el7_5.aarch64", "7ComputeNode-7.5.Z:python-tools-0:2.7.5-69.el7_5.ppc64", "7ComputeNode-7.5.Z:python-tools-0:2.7.5-69.el7_5.ppc64le", "7ComputeNode-7.5.Z:python-tools-0:2.7.5-69.el7_5.s390x", "7ComputeNode-7.5.Z:python-tools-0:2.7.5-69.el7_5.x86_64", "7ComputeNode-7.5.Z:tkinter-0:2.7.5-69.el7_5.aarch64", "7ComputeNode-7.5.Z:tkinter-0:2.7.5-69.el7_5.ppc64", "7ComputeNode-7.5.Z:tkinter-0:2.7.5-69.el7_5.ppc64le", "7ComputeNode-7.5.Z:tkinter-0:2.7.5-69.el7_5.s390x", "7ComputeNode-7.5.Z:tkinter-0:2.7.5-69.el7_5.x86_64", "7ComputeNode-optional-7.5.Z:python-0:2.7.5-69.el7_5.aarch64", "7ComputeNode-optional-7.5.Z:python-0:2.7.5-69.el7_5.ppc64", "7ComputeNode-optional-7.5.Z:python-0:2.7.5-69.el7_5.ppc64le", "7ComputeNode-optional-7.5.Z:python-0:2.7.5-69.el7_5.s390x", "7ComputeNode-optional-7.5.Z:python-0:2.7.5-69.el7_5.src", "7ComputeNode-optional-7.5.Z:python-0:2.7.5-69.el7_5.x86_64", "7ComputeNode-optional-7.5.Z:python-debug-0:2.7.5-69.el7_5.aarch64", "7ComputeNode-optional-7.5.Z:python-debug-0:2.7.5-69.el7_5.ppc64", "7ComputeNode-optional-7.5.Z:python-debug-0:2.7.5-69.el7_5.ppc64le", "7ComputeNode-optional-7.5.Z:python-debug-0:2.7.5-69.el7_5.s390x", "7ComputeNode-optional-7.5.Z:python-debug-0:2.7.5-69.el7_5.x86_64", "7ComputeNode-optional-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.aarch64", "7ComputeNode-optional-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.i686", "7ComputeNode-optional-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.ppc", "7ComputeNode-optional-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.ppc64", "7ComputeNode-optional-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.ppc64le", "7ComputeNode-optional-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.s390", "7ComputeNode-optional-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.s390x", "7ComputeNode-optional-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.x86_64", "7ComputeNode-optional-7.5.Z:python-devel-0:2.7.5-69.el7_5.aarch64", "7ComputeNode-optional-7.5.Z:python-devel-0:2.7.5-69.el7_5.ppc64", "7ComputeNode-optional-7.5.Z:python-devel-0:2.7.5-69.el7_5.ppc64le", "7ComputeNode-optional-7.5.Z:python-devel-0:2.7.5-69.el7_5.s390x", "7ComputeNode-optional-7.5.Z:python-devel-0:2.7.5-69.el7_5.x86_64", "7ComputeNode-optional-7.5.Z:python-libs-0:2.7.5-69.el7_5.aarch64", "7ComputeNode-optional-7.5.Z:python-libs-0:2.7.5-69.el7_5.i686", "7ComputeNode-optional-7.5.Z:python-libs-0:2.7.5-69.el7_5.ppc", "7ComputeNode-optional-7.5.Z:python-libs-0:2.7.5-69.el7_5.ppc64", "7ComputeNode-optional-7.5.Z:python-libs-0:2.7.5-69.el7_5.ppc64le", "7ComputeNode-optional-7.5.Z:python-libs-0:2.7.5-69.el7_5.s390", "7ComputeNode-optional-7.5.Z:python-libs-0:2.7.5-69.el7_5.s390x", "7ComputeNode-optional-7.5.Z:python-libs-0:2.7.5-69.el7_5.x86_64", "7ComputeNode-optional-7.5.Z:python-test-0:2.7.5-69.el7_5.aarch64", "7ComputeNode-optional-7.5.Z:python-test-0:2.7.5-69.el7_5.ppc64", "7ComputeNode-optional-7.5.Z:python-test-0:2.7.5-69.el7_5.ppc64le", "7ComputeNode-optional-7.5.Z:python-test-0:2.7.5-69.el7_5.s390x", "7ComputeNode-optional-7.5.Z:python-test-0:2.7.5-69.el7_5.x86_64", "7ComputeNode-optional-7.5.Z:python-tools-0:2.7.5-69.el7_5.aarch64", "7ComputeNode-optional-7.5.Z:python-tools-0:2.7.5-69.el7_5.ppc64", "7ComputeNode-optional-7.5.Z:python-tools-0:2.7.5-69.el7_5.ppc64le", "7ComputeNode-optional-7.5.Z:python-tools-0:2.7.5-69.el7_5.s390x", "7ComputeNode-optional-7.5.Z:python-tools-0:2.7.5-69.el7_5.x86_64", "7ComputeNode-optional-7.5.Z:tkinter-0:2.7.5-69.el7_5.aarch64", "7ComputeNode-optional-7.5.Z:tkinter-0:2.7.5-69.el7_5.ppc64", "7ComputeNode-optional-7.5.Z:tkinter-0:2.7.5-69.el7_5.ppc64le", "7ComputeNode-optional-7.5.Z:tkinter-0:2.7.5-69.el7_5.s390x", "7ComputeNode-optional-7.5.Z:tkinter-0:2.7.5-69.el7_5.x86_64", "7Server-7.5.Z:python-0:2.7.5-69.el7_5.aarch64", "7Server-7.5.Z:python-0:2.7.5-69.el7_5.ppc64", "7Server-7.5.Z:python-0:2.7.5-69.el7_5.ppc64le", "7Server-7.5.Z:python-0:2.7.5-69.el7_5.s390x", "7Server-7.5.Z:python-0:2.7.5-69.el7_5.src", "7Server-7.5.Z:python-0:2.7.5-69.el7_5.x86_64", "7Server-7.5.Z:python-debug-0:2.7.5-69.el7_5.aarch64", "7Server-7.5.Z:python-debug-0:2.7.5-69.el7_5.ppc64", "7Server-7.5.Z:python-debug-0:2.7.5-69.el7_5.ppc64le", "7Server-7.5.Z:python-debug-0:2.7.5-69.el7_5.s390x", "7Server-7.5.Z:python-debug-0:2.7.5-69.el7_5.x86_64", "7Server-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.aarch64", "7Server-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.i686", "7Server-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.ppc", "7Server-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.ppc64", "7Server-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.ppc64le", "7Server-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.s390", "7Server-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.s390x", "7Server-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.x86_64", "7Server-7.5.Z:python-devel-0:2.7.5-69.el7_5.aarch64", "7Server-7.5.Z:python-devel-0:2.7.5-69.el7_5.ppc64", "7Server-7.5.Z:python-devel-0:2.7.5-69.el7_5.ppc64le", "7Server-7.5.Z:python-devel-0:2.7.5-69.el7_5.s390x", "7Server-7.5.Z:python-devel-0:2.7.5-69.el7_5.x86_64", "7Server-7.5.Z:python-libs-0:2.7.5-69.el7_5.aarch64", "7Server-7.5.Z:python-libs-0:2.7.5-69.el7_5.i686", "7Server-7.5.Z:python-libs-0:2.7.5-69.el7_5.ppc", "7Server-7.5.Z:python-libs-0:2.7.5-69.el7_5.ppc64", "7Server-7.5.Z:python-libs-0:2.7.5-69.el7_5.ppc64le", "7Server-7.5.Z:python-libs-0:2.7.5-69.el7_5.s390", "7Server-7.5.Z:python-libs-0:2.7.5-69.el7_5.s390x", "7Server-7.5.Z:python-libs-0:2.7.5-69.el7_5.x86_64", "7Server-7.5.Z:python-test-0:2.7.5-69.el7_5.aarch64", "7Server-7.5.Z:python-test-0:2.7.5-69.el7_5.ppc64", "7Server-7.5.Z:python-test-0:2.7.5-69.el7_5.ppc64le", "7Server-7.5.Z:python-test-0:2.7.5-69.el7_5.s390x", "7Server-7.5.Z:python-test-0:2.7.5-69.el7_5.x86_64", "7Server-7.5.Z:python-tools-0:2.7.5-69.el7_5.aarch64", "7Server-7.5.Z:python-tools-0:2.7.5-69.el7_5.ppc64", "7Server-7.5.Z:python-tools-0:2.7.5-69.el7_5.ppc64le", "7Server-7.5.Z:python-tools-0:2.7.5-69.el7_5.s390x", "7Server-7.5.Z:python-tools-0:2.7.5-69.el7_5.x86_64", "7Server-7.5.Z:tkinter-0:2.7.5-69.el7_5.aarch64", "7Server-7.5.Z:tkinter-0:2.7.5-69.el7_5.ppc64", "7Server-7.5.Z:tkinter-0:2.7.5-69.el7_5.ppc64le", "7Server-7.5.Z:tkinter-0:2.7.5-69.el7_5.s390x", "7Server-7.5.Z:tkinter-0:2.7.5-69.el7_5.x86_64", "7Server-Alt-7.5.Z:python-0:2.7.5-69.el7_5.aarch64", "7Server-Alt-7.5.Z:python-0:2.7.5-69.el7_5.ppc64", "7Server-Alt-7.5.Z:python-0:2.7.5-69.el7_5.ppc64le", "7Server-Alt-7.5.Z:python-0:2.7.5-69.el7_5.s390x", "7Server-Alt-7.5.Z:python-0:2.7.5-69.el7_5.src", "7Server-Alt-7.5.Z:python-0:2.7.5-69.el7_5.x86_64", "7Server-Alt-7.5.Z:python-debug-0:2.7.5-69.el7_5.aarch64", "7Server-Alt-7.5.Z:python-debug-0:2.7.5-69.el7_5.ppc64", "7Server-Alt-7.5.Z:python-debug-0:2.7.5-69.el7_5.ppc64le", "7Server-Alt-7.5.Z:python-debug-0:2.7.5-69.el7_5.s390x", "7Server-Alt-7.5.Z:python-debug-0:2.7.5-69.el7_5.x86_64", "7Server-Alt-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.aarch64", "7Server-Alt-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.i686", "7Server-Alt-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.ppc", "7Server-Alt-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.ppc64", "7Server-Alt-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.ppc64le", "7Server-Alt-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.s390", "7Server-Alt-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.s390x", "7Server-Alt-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.x86_64", "7Server-Alt-7.5.Z:python-devel-0:2.7.5-69.el7_5.aarch64", "7Server-Alt-7.5.Z:python-devel-0:2.7.5-69.el7_5.ppc64", "7Server-Alt-7.5.Z:python-devel-0:2.7.5-69.el7_5.ppc64le", "7Server-Alt-7.5.Z:python-devel-0:2.7.5-69.el7_5.s390x", "7Server-Alt-7.5.Z:python-devel-0:2.7.5-69.el7_5.x86_64", "7Server-Alt-7.5.Z:python-libs-0:2.7.5-69.el7_5.aarch64", "7Server-Alt-7.5.Z:python-libs-0:2.7.5-69.el7_5.i686", "7Server-Alt-7.5.Z:python-libs-0:2.7.5-69.el7_5.ppc", "7Server-Alt-7.5.Z:python-libs-0:2.7.5-69.el7_5.ppc64", "7Server-Alt-7.5.Z:python-libs-0:2.7.5-69.el7_5.ppc64le", "7Server-Alt-7.5.Z:python-libs-0:2.7.5-69.el7_5.s390", "7Server-Alt-7.5.Z:python-libs-0:2.7.5-69.el7_5.s390x", "7Server-Alt-7.5.Z:python-libs-0:2.7.5-69.el7_5.x86_64", "7Server-Alt-7.5.Z:python-test-0:2.7.5-69.el7_5.aarch64", "7Server-Alt-7.5.Z:python-test-0:2.7.5-69.el7_5.ppc64", "7Server-Alt-7.5.Z:python-test-0:2.7.5-69.el7_5.ppc64le", "7Server-Alt-7.5.Z:python-test-0:2.7.5-69.el7_5.s390x", "7Server-Alt-7.5.Z:python-test-0:2.7.5-69.el7_5.x86_64", "7Server-Alt-7.5.Z:python-tools-0:2.7.5-69.el7_5.aarch64", "7Server-Alt-7.5.Z:python-tools-0:2.7.5-69.el7_5.ppc64", "7Server-Alt-7.5.Z:python-tools-0:2.7.5-69.el7_5.ppc64le", "7Server-Alt-7.5.Z:python-tools-0:2.7.5-69.el7_5.s390x", "7Server-Alt-7.5.Z:python-tools-0:2.7.5-69.el7_5.x86_64", "7Server-Alt-7.5.Z:tkinter-0:2.7.5-69.el7_5.aarch64", "7Server-Alt-7.5.Z:tkinter-0:2.7.5-69.el7_5.ppc64", "7Server-Alt-7.5.Z:tkinter-0:2.7.5-69.el7_5.ppc64le", "7Server-Alt-7.5.Z:tkinter-0:2.7.5-69.el7_5.s390x", "7Server-Alt-7.5.Z:tkinter-0:2.7.5-69.el7_5.x86_64", "7Server-optional-7.5.Z:python-0:2.7.5-69.el7_5.aarch64", "7Server-optional-7.5.Z:python-0:2.7.5-69.el7_5.ppc64", "7Server-optional-7.5.Z:python-0:2.7.5-69.el7_5.ppc64le", "7Server-optional-7.5.Z:python-0:2.7.5-69.el7_5.s390x", "7Server-optional-7.5.Z:python-0:2.7.5-69.el7_5.src", "7Server-optional-7.5.Z:python-0:2.7.5-69.el7_5.x86_64", "7Server-optional-7.5.Z:python-debug-0:2.7.5-69.el7_5.aarch64", "7Server-optional-7.5.Z:python-debug-0:2.7.5-69.el7_5.ppc64", "7Server-optional-7.5.Z:python-debug-0:2.7.5-69.el7_5.ppc64le", "7Server-optional-7.5.Z:python-debug-0:2.7.5-69.el7_5.s390x", "7Server-optional-7.5.Z:python-debug-0:2.7.5-69.el7_5.x86_64", "7Server-optional-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.aarch64", "7Server-optional-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.i686", "7Server-optional-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.ppc", "7Server-optional-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.ppc64", "7Server-optional-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.ppc64le", "7Server-optional-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.s390", "7Server-optional-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.s390x", "7Server-optional-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.x86_64", "7Server-optional-7.5.Z:python-devel-0:2.7.5-69.el7_5.aarch64", "7Server-optional-7.5.Z:python-devel-0:2.7.5-69.el7_5.ppc64", "7Server-optional-7.5.Z:python-devel-0:2.7.5-69.el7_5.ppc64le", "7Server-optional-7.5.Z:python-devel-0:2.7.5-69.el7_5.s390x", "7Server-optional-7.5.Z:python-devel-0:2.7.5-69.el7_5.x86_64", "7Server-optional-7.5.Z:python-libs-0:2.7.5-69.el7_5.aarch64", "7Server-optional-7.5.Z:python-libs-0:2.7.5-69.el7_5.i686", "7Server-optional-7.5.Z:python-libs-0:2.7.5-69.el7_5.ppc", "7Server-optional-7.5.Z:python-libs-0:2.7.5-69.el7_5.ppc64", "7Server-optional-7.5.Z:python-libs-0:2.7.5-69.el7_5.ppc64le", "7Server-optional-7.5.Z:python-libs-0:2.7.5-69.el7_5.s390", "7Server-optional-7.5.Z:python-libs-0:2.7.5-69.el7_5.s390x", "7Server-optional-7.5.Z:python-libs-0:2.7.5-69.el7_5.x86_64", "7Server-optional-7.5.Z:python-test-0:2.7.5-69.el7_5.aarch64", "7Server-optional-7.5.Z:python-test-0:2.7.5-69.el7_5.ppc64", "7Server-optional-7.5.Z:python-test-0:2.7.5-69.el7_5.ppc64le", "7Server-optional-7.5.Z:python-test-0:2.7.5-69.el7_5.s390x", "7Server-optional-7.5.Z:python-test-0:2.7.5-69.el7_5.x86_64", "7Server-optional-7.5.Z:python-tools-0:2.7.5-69.el7_5.aarch64", "7Server-optional-7.5.Z:python-tools-0:2.7.5-69.el7_5.ppc64", "7Server-optional-7.5.Z:python-tools-0:2.7.5-69.el7_5.ppc64le", "7Server-optional-7.5.Z:python-tools-0:2.7.5-69.el7_5.s390x", "7Server-optional-7.5.Z:python-tools-0:2.7.5-69.el7_5.x86_64", "7Server-optional-7.5.Z:tkinter-0:2.7.5-69.el7_5.aarch64", "7Server-optional-7.5.Z:tkinter-0:2.7.5-69.el7_5.ppc64", "7Server-optional-7.5.Z:tkinter-0:2.7.5-69.el7_5.ppc64le", "7Server-optional-7.5.Z:tkinter-0:2.7.5-69.el7_5.s390x", "7Server-optional-7.5.Z:tkinter-0:2.7.5-69.el7_5.x86_64", "7Server-optional-Alt-7.5.Z:python-0:2.7.5-69.el7_5.aarch64", "7Server-optional-Alt-7.5.Z:python-0:2.7.5-69.el7_5.ppc64", "7Server-optional-Alt-7.5.Z:python-0:2.7.5-69.el7_5.ppc64le", "7Server-optional-Alt-7.5.Z:python-0:2.7.5-69.el7_5.s390x", "7Server-optional-Alt-7.5.Z:python-0:2.7.5-69.el7_5.src", "7Server-optional-Alt-7.5.Z:python-0:2.7.5-69.el7_5.x86_64", "7Server-optional-Alt-7.5.Z:python-debug-0:2.7.5-69.el7_5.aarch64", "7Server-optional-Alt-7.5.Z:python-debug-0:2.7.5-69.el7_5.ppc64", "7Server-optional-Alt-7.5.Z:python-debug-0:2.7.5-69.el7_5.ppc64le", "7Server-optional-Alt-7.5.Z:python-debug-0:2.7.5-69.el7_5.s390x", "7Server-optional-Alt-7.5.Z:python-debug-0:2.7.5-69.el7_5.x86_64", "7Server-optional-Alt-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.aarch64", "7Server-optional-Alt-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.i686", "7Server-optional-Alt-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.ppc", "7Server-optional-Alt-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.ppc64", "7Server-optional-Alt-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.ppc64le", "7Server-optional-Alt-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.s390", "7Server-optional-Alt-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.s390x", "7Server-optional-Alt-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.x86_64", "7Server-optional-Alt-7.5.Z:python-devel-0:2.7.5-69.el7_5.aarch64", "7Server-optional-Alt-7.5.Z:python-devel-0:2.7.5-69.el7_5.ppc64", "7Server-optional-Alt-7.5.Z:python-devel-0:2.7.5-69.el7_5.ppc64le", "7Server-optional-Alt-7.5.Z:python-devel-0:2.7.5-69.el7_5.s390x", "7Server-optional-Alt-7.5.Z:python-devel-0:2.7.5-69.el7_5.x86_64", "7Server-optional-Alt-7.5.Z:python-libs-0:2.7.5-69.el7_5.aarch64", "7Server-optional-Alt-7.5.Z:python-libs-0:2.7.5-69.el7_5.i686", "7Server-optional-Alt-7.5.Z:python-libs-0:2.7.5-69.el7_5.ppc", "7Server-optional-Alt-7.5.Z:python-libs-0:2.7.5-69.el7_5.ppc64", "7Server-optional-Alt-7.5.Z:python-libs-0:2.7.5-69.el7_5.ppc64le", "7Server-optional-Alt-7.5.Z:python-libs-0:2.7.5-69.el7_5.s390", "7Server-optional-Alt-7.5.Z:python-libs-0:2.7.5-69.el7_5.s390x", "7Server-optional-Alt-7.5.Z:python-libs-0:2.7.5-69.el7_5.x86_64", "7Server-optional-Alt-7.5.Z:python-test-0:2.7.5-69.el7_5.aarch64", "7Server-optional-Alt-7.5.Z:python-test-0:2.7.5-69.el7_5.ppc64", "7Server-optional-Alt-7.5.Z:python-test-0:2.7.5-69.el7_5.ppc64le", "7Server-optional-Alt-7.5.Z:python-test-0:2.7.5-69.el7_5.s390x", "7Server-optional-Alt-7.5.Z:python-test-0:2.7.5-69.el7_5.x86_64", "7Server-optional-Alt-7.5.Z:python-tools-0:2.7.5-69.el7_5.aarch64", "7Server-optional-Alt-7.5.Z:python-tools-0:2.7.5-69.el7_5.ppc64", "7Server-optional-Alt-7.5.Z:python-tools-0:2.7.5-69.el7_5.ppc64le", "7Server-optional-Alt-7.5.Z:python-tools-0:2.7.5-69.el7_5.s390x", "7Server-optional-Alt-7.5.Z:python-tools-0:2.7.5-69.el7_5.x86_64", "7Server-optional-Alt-7.5.Z:tkinter-0:2.7.5-69.el7_5.aarch64", "7Server-optional-Alt-7.5.Z:tkinter-0:2.7.5-69.el7_5.ppc64", "7Server-optional-Alt-7.5.Z:tkinter-0:2.7.5-69.el7_5.ppc64le", "7Server-optional-Alt-7.5.Z:tkinter-0:2.7.5-69.el7_5.s390x", "7Server-optional-Alt-7.5.Z:tkinter-0:2.7.5-69.el7_5.x86_64", "7Workstation-7.5.Z:python-0:2.7.5-69.el7_5.aarch64", "7Workstation-7.5.Z:python-0:2.7.5-69.el7_5.ppc64", "7Workstation-7.5.Z:python-0:2.7.5-69.el7_5.ppc64le", "7Workstation-7.5.Z:python-0:2.7.5-69.el7_5.s390x", "7Workstation-7.5.Z:python-0:2.7.5-69.el7_5.src", "7Workstation-7.5.Z:python-0:2.7.5-69.el7_5.x86_64", "7Workstation-7.5.Z:python-debug-0:2.7.5-69.el7_5.aarch64", "7Workstation-7.5.Z:python-debug-0:2.7.5-69.el7_5.ppc64", "7Workstation-7.5.Z:python-debug-0:2.7.5-69.el7_5.ppc64le", "7Workstation-7.5.Z:python-debug-0:2.7.5-69.el7_5.s390x", "7Workstation-7.5.Z:python-debug-0:2.7.5-69.el7_5.x86_64", "7Workstation-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.aarch64", "7Workstation-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.i686", "7Workstation-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.ppc", "7Workstation-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.ppc64", "7Workstation-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.ppc64le", "7Workstation-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.s390", "7Workstation-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.s390x", "7Workstation-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.x86_64", "7Workstation-7.5.Z:python-devel-0:2.7.5-69.el7_5.aarch64", "7Workstation-7.5.Z:python-devel-0:2.7.5-69.el7_5.ppc64", "7Workstation-7.5.Z:python-devel-0:2.7.5-69.el7_5.ppc64le", "7Workstation-7.5.Z:python-devel-0:2.7.5-69.el7_5.s390x", "7Workstation-7.5.Z:python-devel-0:2.7.5-69.el7_5.x86_64", "7Workstation-7.5.Z:python-libs-0:2.7.5-69.el7_5.aarch64", "7Workstation-7.5.Z:python-libs-0:2.7.5-69.el7_5.i686", "7Workstation-7.5.Z:python-libs-0:2.7.5-69.el7_5.ppc", "7Workstation-7.5.Z:python-libs-0:2.7.5-69.el7_5.ppc64", "7Workstation-7.5.Z:python-libs-0:2.7.5-69.el7_5.ppc64le", "7Workstation-7.5.Z:python-libs-0:2.7.5-69.el7_5.s390", "7Workstation-7.5.Z:python-libs-0:2.7.5-69.el7_5.s390x", "7Workstation-7.5.Z:python-libs-0:2.7.5-69.el7_5.x86_64", "7Workstation-7.5.Z:python-test-0:2.7.5-69.el7_5.aarch64", "7Workstation-7.5.Z:python-test-0:2.7.5-69.el7_5.ppc64", "7Workstation-7.5.Z:python-test-0:2.7.5-69.el7_5.ppc64le", "7Workstation-7.5.Z:python-test-0:2.7.5-69.el7_5.s390x", "7Workstation-7.5.Z:python-test-0:2.7.5-69.el7_5.x86_64", "7Workstation-7.5.Z:python-tools-0:2.7.5-69.el7_5.aarch64", "7Workstation-7.5.Z:python-tools-0:2.7.5-69.el7_5.ppc64", "7Workstation-7.5.Z:python-tools-0:2.7.5-69.el7_5.ppc64le", "7Workstation-7.5.Z:python-tools-0:2.7.5-69.el7_5.s390x", "7Workstation-7.5.Z:python-tools-0:2.7.5-69.el7_5.x86_64", "7Workstation-7.5.Z:tkinter-0:2.7.5-69.el7_5.aarch64", "7Workstation-7.5.Z:tkinter-0:2.7.5-69.el7_5.ppc64", "7Workstation-7.5.Z:tkinter-0:2.7.5-69.el7_5.ppc64le", "7Workstation-7.5.Z:tkinter-0:2.7.5-69.el7_5.s390x", "7Workstation-7.5.Z:tkinter-0:2.7.5-69.el7_5.x86_64", "7Workstation-optional-7.5.Z:python-0:2.7.5-69.el7_5.aarch64", "7Workstation-optional-7.5.Z:python-0:2.7.5-69.el7_5.ppc64", "7Workstation-optional-7.5.Z:python-0:2.7.5-69.el7_5.ppc64le", "7Workstation-optional-7.5.Z:python-0:2.7.5-69.el7_5.s390x", "7Workstation-optional-7.5.Z:python-0:2.7.5-69.el7_5.src", "7Workstation-optional-7.5.Z:python-0:2.7.5-69.el7_5.x86_64", "7Workstation-optional-7.5.Z:python-debug-0:2.7.5-69.el7_5.aarch64", "7Workstation-optional-7.5.Z:python-debug-0:2.7.5-69.el7_5.ppc64", "7Workstation-optional-7.5.Z:python-debug-0:2.7.5-69.el7_5.ppc64le", "7Workstation-optional-7.5.Z:python-debug-0:2.7.5-69.el7_5.s390x", "7Workstation-optional-7.5.Z:python-debug-0:2.7.5-69.el7_5.x86_64", "7Workstation-optional-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.aarch64", "7Workstation-optional-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.i686", "7Workstation-optional-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.ppc", "7Workstation-optional-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.ppc64", "7Workstation-optional-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.ppc64le", "7Workstation-optional-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.s390", "7Workstation-optional-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.s390x", "7Workstation-optional-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.x86_64", "7Workstation-optional-7.5.Z:python-devel-0:2.7.5-69.el7_5.aarch64", "7Workstation-optional-7.5.Z:python-devel-0:2.7.5-69.el7_5.ppc64", "7Workstation-optional-7.5.Z:python-devel-0:2.7.5-69.el7_5.ppc64le", "7Workstation-optional-7.5.Z:python-devel-0:2.7.5-69.el7_5.s390x", "7Workstation-optional-7.5.Z:python-devel-0:2.7.5-69.el7_5.x86_64", "7Workstation-optional-7.5.Z:python-libs-0:2.7.5-69.el7_5.aarch64", "7Workstation-optional-7.5.Z:python-libs-0:2.7.5-69.el7_5.i686", "7Workstation-optional-7.5.Z:python-libs-0:2.7.5-69.el7_5.ppc", "7Workstation-optional-7.5.Z:python-libs-0:2.7.5-69.el7_5.ppc64", "7Workstation-optional-7.5.Z:python-libs-0:2.7.5-69.el7_5.ppc64le", "7Workstation-optional-7.5.Z:python-libs-0:2.7.5-69.el7_5.s390", "7Workstation-optional-7.5.Z:python-libs-0:2.7.5-69.el7_5.s390x", "7Workstation-optional-7.5.Z:python-libs-0:2.7.5-69.el7_5.x86_64", "7Workstation-optional-7.5.Z:python-test-0:2.7.5-69.el7_5.aarch64", "7Workstation-optional-7.5.Z:python-test-0:2.7.5-69.el7_5.ppc64", "7Workstation-optional-7.5.Z:python-test-0:2.7.5-69.el7_5.ppc64le", "7Workstation-optional-7.5.Z:python-test-0:2.7.5-69.el7_5.s390x", "7Workstation-optional-7.5.Z:python-test-0:2.7.5-69.el7_5.x86_64", "7Workstation-optional-7.5.Z:python-tools-0:2.7.5-69.el7_5.aarch64", "7Workstation-optional-7.5.Z:python-tools-0:2.7.5-69.el7_5.ppc64", "7Workstation-optional-7.5.Z:python-tools-0:2.7.5-69.el7_5.ppc64le", "7Workstation-optional-7.5.Z:python-tools-0:2.7.5-69.el7_5.s390x", "7Workstation-optional-7.5.Z:python-tools-0:2.7.5-69.el7_5.x86_64", "7Workstation-optional-7.5.Z:tkinter-0:2.7.5-69.el7_5.aarch64", "7Workstation-optional-7.5.Z:tkinter-0:2.7.5-69.el7_5.ppc64", "7Workstation-optional-7.5.Z:tkinter-0:2.7.5-69.el7_5.ppc64le", "7Workstation-optional-7.5.Z:tkinter-0:2.7.5-69.el7_5.s390x", "7Workstation-optional-7.5.Z:tkinter-0:2.7.5-69.el7_5.x86_64" ] } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0" }, "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.0" }, "products": [ "7Client-7.5.Z:python-0:2.7.5-69.el7_5.aarch64", "7Client-7.5.Z:python-0:2.7.5-69.el7_5.ppc64", "7Client-7.5.Z:python-0:2.7.5-69.el7_5.ppc64le", "7Client-7.5.Z:python-0:2.7.5-69.el7_5.s390x", "7Client-7.5.Z:python-0:2.7.5-69.el7_5.src", "7Client-7.5.Z:python-0:2.7.5-69.el7_5.x86_64", "7Client-7.5.Z:python-debug-0:2.7.5-69.el7_5.aarch64", "7Client-7.5.Z:python-debug-0:2.7.5-69.el7_5.ppc64", "7Client-7.5.Z:python-debug-0:2.7.5-69.el7_5.ppc64le", "7Client-7.5.Z:python-debug-0:2.7.5-69.el7_5.s390x", "7Client-7.5.Z:python-debug-0:2.7.5-69.el7_5.x86_64", "7Client-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.aarch64", "7Client-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.i686", "7Client-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.ppc", "7Client-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.ppc64", "7Client-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.ppc64le", "7Client-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.s390", "7Client-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.s390x", "7Client-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.x86_64", "7Client-7.5.Z:python-devel-0:2.7.5-69.el7_5.aarch64", "7Client-7.5.Z:python-devel-0:2.7.5-69.el7_5.ppc64", "7Client-7.5.Z:python-devel-0:2.7.5-69.el7_5.ppc64le", "7Client-7.5.Z:python-devel-0:2.7.5-69.el7_5.s390x", "7Client-7.5.Z:python-devel-0:2.7.5-69.el7_5.x86_64", "7Client-7.5.Z:python-libs-0:2.7.5-69.el7_5.aarch64", "7Client-7.5.Z:python-libs-0:2.7.5-69.el7_5.i686", "7Client-7.5.Z:python-libs-0:2.7.5-69.el7_5.ppc", "7Client-7.5.Z:python-libs-0:2.7.5-69.el7_5.ppc64", "7Client-7.5.Z:python-libs-0:2.7.5-69.el7_5.ppc64le", "7Client-7.5.Z:python-libs-0:2.7.5-69.el7_5.s390", "7Client-7.5.Z:python-libs-0:2.7.5-69.el7_5.s390x", "7Client-7.5.Z:python-libs-0:2.7.5-69.el7_5.x86_64", "7Client-7.5.Z:python-test-0:2.7.5-69.el7_5.aarch64", "7Client-7.5.Z:python-test-0:2.7.5-69.el7_5.ppc64", "7Client-7.5.Z:python-test-0:2.7.5-69.el7_5.ppc64le", "7Client-7.5.Z:python-test-0:2.7.5-69.el7_5.s390x", "7Client-7.5.Z:python-test-0:2.7.5-69.el7_5.x86_64", "7Client-7.5.Z:python-tools-0:2.7.5-69.el7_5.aarch64", "7Client-7.5.Z:python-tools-0:2.7.5-69.el7_5.ppc64", "7Client-7.5.Z:python-tools-0:2.7.5-69.el7_5.ppc64le", "7Client-7.5.Z:python-tools-0:2.7.5-69.el7_5.s390x", "7Client-7.5.Z:python-tools-0:2.7.5-69.el7_5.x86_64", "7Client-7.5.Z:tkinter-0:2.7.5-69.el7_5.aarch64", "7Client-7.5.Z:tkinter-0:2.7.5-69.el7_5.ppc64", "7Client-7.5.Z:tkinter-0:2.7.5-69.el7_5.ppc64le", "7Client-7.5.Z:tkinter-0:2.7.5-69.el7_5.s390x", "7Client-7.5.Z:tkinter-0:2.7.5-69.el7_5.x86_64", "7Client-optional-7.5.Z:python-0:2.7.5-69.el7_5.aarch64", "7Client-optional-7.5.Z:python-0:2.7.5-69.el7_5.ppc64", "7Client-optional-7.5.Z:python-0:2.7.5-69.el7_5.ppc64le", "7Client-optional-7.5.Z:python-0:2.7.5-69.el7_5.s390x", "7Client-optional-7.5.Z:python-0:2.7.5-69.el7_5.src", "7Client-optional-7.5.Z:python-0:2.7.5-69.el7_5.x86_64", "7Client-optional-7.5.Z:python-debug-0:2.7.5-69.el7_5.aarch64", "7Client-optional-7.5.Z:python-debug-0:2.7.5-69.el7_5.ppc64", "7Client-optional-7.5.Z:python-debug-0:2.7.5-69.el7_5.ppc64le", "7Client-optional-7.5.Z:python-debug-0:2.7.5-69.el7_5.s390x", "7Client-optional-7.5.Z:python-debug-0:2.7.5-69.el7_5.x86_64", "7Client-optional-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.aarch64", "7Client-optional-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.i686", "7Client-optional-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.ppc", "7Client-optional-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.ppc64", "7Client-optional-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.ppc64le", "7Client-optional-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.s390", "7Client-optional-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.s390x", "7Client-optional-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.x86_64", "7Client-optional-7.5.Z:python-devel-0:2.7.5-69.el7_5.aarch64", "7Client-optional-7.5.Z:python-devel-0:2.7.5-69.el7_5.ppc64", "7Client-optional-7.5.Z:python-devel-0:2.7.5-69.el7_5.ppc64le", "7Client-optional-7.5.Z:python-devel-0:2.7.5-69.el7_5.s390x", "7Client-optional-7.5.Z:python-devel-0:2.7.5-69.el7_5.x86_64", "7Client-optional-7.5.Z:python-libs-0:2.7.5-69.el7_5.aarch64", "7Client-optional-7.5.Z:python-libs-0:2.7.5-69.el7_5.i686", "7Client-optional-7.5.Z:python-libs-0:2.7.5-69.el7_5.ppc", "7Client-optional-7.5.Z:python-libs-0:2.7.5-69.el7_5.ppc64", "7Client-optional-7.5.Z:python-libs-0:2.7.5-69.el7_5.ppc64le", "7Client-optional-7.5.Z:python-libs-0:2.7.5-69.el7_5.s390", "7Client-optional-7.5.Z:python-libs-0:2.7.5-69.el7_5.s390x", "7Client-optional-7.5.Z:python-libs-0:2.7.5-69.el7_5.x86_64", "7Client-optional-7.5.Z:python-test-0:2.7.5-69.el7_5.aarch64", "7Client-optional-7.5.Z:python-test-0:2.7.5-69.el7_5.ppc64", "7Client-optional-7.5.Z:python-test-0:2.7.5-69.el7_5.ppc64le", "7Client-optional-7.5.Z:python-test-0:2.7.5-69.el7_5.s390x", "7Client-optional-7.5.Z:python-test-0:2.7.5-69.el7_5.x86_64", "7Client-optional-7.5.Z:python-tools-0:2.7.5-69.el7_5.aarch64", "7Client-optional-7.5.Z:python-tools-0:2.7.5-69.el7_5.ppc64", "7Client-optional-7.5.Z:python-tools-0:2.7.5-69.el7_5.ppc64le", "7Client-optional-7.5.Z:python-tools-0:2.7.5-69.el7_5.s390x", "7Client-optional-7.5.Z:python-tools-0:2.7.5-69.el7_5.x86_64", "7Client-optional-7.5.Z:tkinter-0:2.7.5-69.el7_5.aarch64", "7Client-optional-7.5.Z:tkinter-0:2.7.5-69.el7_5.ppc64", "7Client-optional-7.5.Z:tkinter-0:2.7.5-69.el7_5.ppc64le", "7Client-optional-7.5.Z:tkinter-0:2.7.5-69.el7_5.s390x", "7Client-optional-7.5.Z:tkinter-0:2.7.5-69.el7_5.x86_64", "7ComputeNode-7.5.Z:python-0:2.7.5-69.el7_5.aarch64", "7ComputeNode-7.5.Z:python-0:2.7.5-69.el7_5.ppc64", "7ComputeNode-7.5.Z:python-0:2.7.5-69.el7_5.ppc64le", "7ComputeNode-7.5.Z:python-0:2.7.5-69.el7_5.s390x", "7ComputeNode-7.5.Z:python-0:2.7.5-69.el7_5.src", "7ComputeNode-7.5.Z:python-0:2.7.5-69.el7_5.x86_64", "7ComputeNode-7.5.Z:python-debug-0:2.7.5-69.el7_5.aarch64", "7ComputeNode-7.5.Z:python-debug-0:2.7.5-69.el7_5.ppc64", "7ComputeNode-7.5.Z:python-debug-0:2.7.5-69.el7_5.ppc64le", "7ComputeNode-7.5.Z:python-debug-0:2.7.5-69.el7_5.s390x", "7ComputeNode-7.5.Z:python-debug-0:2.7.5-69.el7_5.x86_64", "7ComputeNode-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.aarch64", "7ComputeNode-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.i686", "7ComputeNode-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.ppc", "7ComputeNode-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.ppc64", "7ComputeNode-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.ppc64le", "7ComputeNode-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.s390", "7ComputeNode-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.s390x", "7ComputeNode-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.x86_64", "7ComputeNode-7.5.Z:python-devel-0:2.7.5-69.el7_5.aarch64", "7ComputeNode-7.5.Z:python-devel-0:2.7.5-69.el7_5.ppc64", "7ComputeNode-7.5.Z:python-devel-0:2.7.5-69.el7_5.ppc64le", "7ComputeNode-7.5.Z:python-devel-0:2.7.5-69.el7_5.s390x", "7ComputeNode-7.5.Z:python-devel-0:2.7.5-69.el7_5.x86_64", "7ComputeNode-7.5.Z:python-libs-0:2.7.5-69.el7_5.aarch64", "7ComputeNode-7.5.Z:python-libs-0:2.7.5-69.el7_5.i686", "7ComputeNode-7.5.Z:python-libs-0:2.7.5-69.el7_5.ppc", "7ComputeNode-7.5.Z:python-libs-0:2.7.5-69.el7_5.ppc64", "7ComputeNode-7.5.Z:python-libs-0:2.7.5-69.el7_5.ppc64le", "7ComputeNode-7.5.Z:python-libs-0:2.7.5-69.el7_5.s390", "7ComputeNode-7.5.Z:python-libs-0:2.7.5-69.el7_5.s390x", "7ComputeNode-7.5.Z:python-libs-0:2.7.5-69.el7_5.x86_64", "7ComputeNode-7.5.Z:python-test-0:2.7.5-69.el7_5.aarch64", "7ComputeNode-7.5.Z:python-test-0:2.7.5-69.el7_5.ppc64", "7ComputeNode-7.5.Z:python-test-0:2.7.5-69.el7_5.ppc64le", "7ComputeNode-7.5.Z:python-test-0:2.7.5-69.el7_5.s390x", "7ComputeNode-7.5.Z:python-test-0:2.7.5-69.el7_5.x86_64", "7ComputeNode-7.5.Z:python-tools-0:2.7.5-69.el7_5.aarch64", "7ComputeNode-7.5.Z:python-tools-0:2.7.5-69.el7_5.ppc64", "7ComputeNode-7.5.Z:python-tools-0:2.7.5-69.el7_5.ppc64le", "7ComputeNode-7.5.Z:python-tools-0:2.7.5-69.el7_5.s390x", "7ComputeNode-7.5.Z:python-tools-0:2.7.5-69.el7_5.x86_64", "7ComputeNode-7.5.Z:tkinter-0:2.7.5-69.el7_5.aarch64", "7ComputeNode-7.5.Z:tkinter-0:2.7.5-69.el7_5.ppc64", "7ComputeNode-7.5.Z:tkinter-0:2.7.5-69.el7_5.ppc64le", "7ComputeNode-7.5.Z:tkinter-0:2.7.5-69.el7_5.s390x", "7ComputeNode-7.5.Z:tkinter-0:2.7.5-69.el7_5.x86_64", "7ComputeNode-optional-7.5.Z:python-0:2.7.5-69.el7_5.aarch64", "7ComputeNode-optional-7.5.Z:python-0:2.7.5-69.el7_5.ppc64", "7ComputeNode-optional-7.5.Z:python-0:2.7.5-69.el7_5.ppc64le", "7ComputeNode-optional-7.5.Z:python-0:2.7.5-69.el7_5.s390x", "7ComputeNode-optional-7.5.Z:python-0:2.7.5-69.el7_5.src", "7ComputeNode-optional-7.5.Z:python-0:2.7.5-69.el7_5.x86_64", "7ComputeNode-optional-7.5.Z:python-debug-0:2.7.5-69.el7_5.aarch64", "7ComputeNode-optional-7.5.Z:python-debug-0:2.7.5-69.el7_5.ppc64", "7ComputeNode-optional-7.5.Z:python-debug-0:2.7.5-69.el7_5.ppc64le", "7ComputeNode-optional-7.5.Z:python-debug-0:2.7.5-69.el7_5.s390x", "7ComputeNode-optional-7.5.Z:python-debug-0:2.7.5-69.el7_5.x86_64", "7ComputeNode-optional-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.aarch64", "7ComputeNode-optional-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.i686", "7ComputeNode-optional-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.ppc", "7ComputeNode-optional-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.ppc64", "7ComputeNode-optional-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.ppc64le", "7ComputeNode-optional-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.s390", "7ComputeNode-optional-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.s390x", "7ComputeNode-optional-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.x86_64", "7ComputeNode-optional-7.5.Z:python-devel-0:2.7.5-69.el7_5.aarch64", "7ComputeNode-optional-7.5.Z:python-devel-0:2.7.5-69.el7_5.ppc64", "7ComputeNode-optional-7.5.Z:python-devel-0:2.7.5-69.el7_5.ppc64le", "7ComputeNode-optional-7.5.Z:python-devel-0:2.7.5-69.el7_5.s390x", "7ComputeNode-optional-7.5.Z:python-devel-0:2.7.5-69.el7_5.x86_64", "7ComputeNode-optional-7.5.Z:python-libs-0:2.7.5-69.el7_5.aarch64", "7ComputeNode-optional-7.5.Z:python-libs-0:2.7.5-69.el7_5.i686", "7ComputeNode-optional-7.5.Z:python-libs-0:2.7.5-69.el7_5.ppc", "7ComputeNode-optional-7.5.Z:python-libs-0:2.7.5-69.el7_5.ppc64", "7ComputeNode-optional-7.5.Z:python-libs-0:2.7.5-69.el7_5.ppc64le", "7ComputeNode-optional-7.5.Z:python-libs-0:2.7.5-69.el7_5.s390", "7ComputeNode-optional-7.5.Z:python-libs-0:2.7.5-69.el7_5.s390x", "7ComputeNode-optional-7.5.Z:python-libs-0:2.7.5-69.el7_5.x86_64", "7ComputeNode-optional-7.5.Z:python-test-0:2.7.5-69.el7_5.aarch64", "7ComputeNode-optional-7.5.Z:python-test-0:2.7.5-69.el7_5.ppc64", "7ComputeNode-optional-7.5.Z:python-test-0:2.7.5-69.el7_5.ppc64le", "7ComputeNode-optional-7.5.Z:python-test-0:2.7.5-69.el7_5.s390x", "7ComputeNode-optional-7.5.Z:python-test-0:2.7.5-69.el7_5.x86_64", "7ComputeNode-optional-7.5.Z:python-tools-0:2.7.5-69.el7_5.aarch64", "7ComputeNode-optional-7.5.Z:python-tools-0:2.7.5-69.el7_5.ppc64", "7ComputeNode-optional-7.5.Z:python-tools-0:2.7.5-69.el7_5.ppc64le", "7ComputeNode-optional-7.5.Z:python-tools-0:2.7.5-69.el7_5.s390x", "7ComputeNode-optional-7.5.Z:python-tools-0:2.7.5-69.el7_5.x86_64", "7ComputeNode-optional-7.5.Z:tkinter-0:2.7.5-69.el7_5.aarch64", "7ComputeNode-optional-7.5.Z:tkinter-0:2.7.5-69.el7_5.ppc64", "7ComputeNode-optional-7.5.Z:tkinter-0:2.7.5-69.el7_5.ppc64le", "7ComputeNode-optional-7.5.Z:tkinter-0:2.7.5-69.el7_5.s390x", "7ComputeNode-optional-7.5.Z:tkinter-0:2.7.5-69.el7_5.x86_64", "7Server-7.5.Z:python-0:2.7.5-69.el7_5.aarch64", "7Server-7.5.Z:python-0:2.7.5-69.el7_5.ppc64", "7Server-7.5.Z:python-0:2.7.5-69.el7_5.ppc64le", "7Server-7.5.Z:python-0:2.7.5-69.el7_5.s390x", "7Server-7.5.Z:python-0:2.7.5-69.el7_5.src", "7Server-7.5.Z:python-0:2.7.5-69.el7_5.x86_64", "7Server-7.5.Z:python-debug-0:2.7.5-69.el7_5.aarch64", "7Server-7.5.Z:python-debug-0:2.7.5-69.el7_5.ppc64", "7Server-7.5.Z:python-debug-0:2.7.5-69.el7_5.ppc64le", "7Server-7.5.Z:python-debug-0:2.7.5-69.el7_5.s390x", "7Server-7.5.Z:python-debug-0:2.7.5-69.el7_5.x86_64", "7Server-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.aarch64", "7Server-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.i686", "7Server-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.ppc", "7Server-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.ppc64", "7Server-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.ppc64le", "7Server-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.s390", "7Server-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.s390x", "7Server-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.x86_64", "7Server-7.5.Z:python-devel-0:2.7.5-69.el7_5.aarch64", "7Server-7.5.Z:python-devel-0:2.7.5-69.el7_5.ppc64", "7Server-7.5.Z:python-devel-0:2.7.5-69.el7_5.ppc64le", "7Server-7.5.Z:python-devel-0:2.7.5-69.el7_5.s390x", "7Server-7.5.Z:python-devel-0:2.7.5-69.el7_5.x86_64", "7Server-7.5.Z:python-libs-0:2.7.5-69.el7_5.aarch64", "7Server-7.5.Z:python-libs-0:2.7.5-69.el7_5.i686", "7Server-7.5.Z:python-libs-0:2.7.5-69.el7_5.ppc", "7Server-7.5.Z:python-libs-0:2.7.5-69.el7_5.ppc64", "7Server-7.5.Z:python-libs-0:2.7.5-69.el7_5.ppc64le", "7Server-7.5.Z:python-libs-0:2.7.5-69.el7_5.s390", "7Server-7.5.Z:python-libs-0:2.7.5-69.el7_5.s390x", "7Server-7.5.Z:python-libs-0:2.7.5-69.el7_5.x86_64", "7Server-7.5.Z:python-test-0:2.7.5-69.el7_5.aarch64", "7Server-7.5.Z:python-test-0:2.7.5-69.el7_5.ppc64", "7Server-7.5.Z:python-test-0:2.7.5-69.el7_5.ppc64le", "7Server-7.5.Z:python-test-0:2.7.5-69.el7_5.s390x", "7Server-7.5.Z:python-test-0:2.7.5-69.el7_5.x86_64", "7Server-7.5.Z:python-tools-0:2.7.5-69.el7_5.aarch64", "7Server-7.5.Z:python-tools-0:2.7.5-69.el7_5.ppc64", "7Server-7.5.Z:python-tools-0:2.7.5-69.el7_5.ppc64le", "7Server-7.5.Z:python-tools-0:2.7.5-69.el7_5.s390x", "7Server-7.5.Z:python-tools-0:2.7.5-69.el7_5.x86_64", "7Server-7.5.Z:tkinter-0:2.7.5-69.el7_5.aarch64", "7Server-7.5.Z:tkinter-0:2.7.5-69.el7_5.ppc64", "7Server-7.5.Z:tkinter-0:2.7.5-69.el7_5.ppc64le", "7Server-7.5.Z:tkinter-0:2.7.5-69.el7_5.s390x", "7Server-7.5.Z:tkinter-0:2.7.5-69.el7_5.x86_64", "7Server-Alt-7.5.Z:python-0:2.7.5-69.el7_5.aarch64", "7Server-Alt-7.5.Z:python-0:2.7.5-69.el7_5.ppc64", "7Server-Alt-7.5.Z:python-0:2.7.5-69.el7_5.ppc64le", "7Server-Alt-7.5.Z:python-0:2.7.5-69.el7_5.s390x", "7Server-Alt-7.5.Z:python-0:2.7.5-69.el7_5.src", "7Server-Alt-7.5.Z:python-0:2.7.5-69.el7_5.x86_64", "7Server-Alt-7.5.Z:python-debug-0:2.7.5-69.el7_5.aarch64", "7Server-Alt-7.5.Z:python-debug-0:2.7.5-69.el7_5.ppc64", "7Server-Alt-7.5.Z:python-debug-0:2.7.5-69.el7_5.ppc64le", "7Server-Alt-7.5.Z:python-debug-0:2.7.5-69.el7_5.s390x", "7Server-Alt-7.5.Z:python-debug-0:2.7.5-69.el7_5.x86_64", "7Server-Alt-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.aarch64", "7Server-Alt-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.i686", "7Server-Alt-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.ppc", "7Server-Alt-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.ppc64", "7Server-Alt-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.ppc64le", "7Server-Alt-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.s390", "7Server-Alt-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.s390x", "7Server-Alt-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.x86_64", "7Server-Alt-7.5.Z:python-devel-0:2.7.5-69.el7_5.aarch64", "7Server-Alt-7.5.Z:python-devel-0:2.7.5-69.el7_5.ppc64", "7Server-Alt-7.5.Z:python-devel-0:2.7.5-69.el7_5.ppc64le", "7Server-Alt-7.5.Z:python-devel-0:2.7.5-69.el7_5.s390x", "7Server-Alt-7.5.Z:python-devel-0:2.7.5-69.el7_5.x86_64", "7Server-Alt-7.5.Z:python-libs-0:2.7.5-69.el7_5.aarch64", "7Server-Alt-7.5.Z:python-libs-0:2.7.5-69.el7_5.i686", "7Server-Alt-7.5.Z:python-libs-0:2.7.5-69.el7_5.ppc", "7Server-Alt-7.5.Z:python-libs-0:2.7.5-69.el7_5.ppc64", "7Server-Alt-7.5.Z:python-libs-0:2.7.5-69.el7_5.ppc64le", "7Server-Alt-7.5.Z:python-libs-0:2.7.5-69.el7_5.s390", "7Server-Alt-7.5.Z:python-libs-0:2.7.5-69.el7_5.s390x", "7Server-Alt-7.5.Z:python-libs-0:2.7.5-69.el7_5.x86_64", "7Server-Alt-7.5.Z:python-test-0:2.7.5-69.el7_5.aarch64", "7Server-Alt-7.5.Z:python-test-0:2.7.5-69.el7_5.ppc64", "7Server-Alt-7.5.Z:python-test-0:2.7.5-69.el7_5.ppc64le", "7Server-Alt-7.5.Z:python-test-0:2.7.5-69.el7_5.s390x", "7Server-Alt-7.5.Z:python-test-0:2.7.5-69.el7_5.x86_64", "7Server-Alt-7.5.Z:python-tools-0:2.7.5-69.el7_5.aarch64", "7Server-Alt-7.5.Z:python-tools-0:2.7.5-69.el7_5.ppc64", "7Server-Alt-7.5.Z:python-tools-0:2.7.5-69.el7_5.ppc64le", "7Server-Alt-7.5.Z:python-tools-0:2.7.5-69.el7_5.s390x", "7Server-Alt-7.5.Z:python-tools-0:2.7.5-69.el7_5.x86_64", "7Server-Alt-7.5.Z:tkinter-0:2.7.5-69.el7_5.aarch64", "7Server-Alt-7.5.Z:tkinter-0:2.7.5-69.el7_5.ppc64", "7Server-Alt-7.5.Z:tkinter-0:2.7.5-69.el7_5.ppc64le", "7Server-Alt-7.5.Z:tkinter-0:2.7.5-69.el7_5.s390x", "7Server-Alt-7.5.Z:tkinter-0:2.7.5-69.el7_5.x86_64", "7Server-optional-7.5.Z:python-0:2.7.5-69.el7_5.aarch64", "7Server-optional-7.5.Z:python-0:2.7.5-69.el7_5.ppc64", "7Server-optional-7.5.Z:python-0:2.7.5-69.el7_5.ppc64le", "7Server-optional-7.5.Z:python-0:2.7.5-69.el7_5.s390x", "7Server-optional-7.5.Z:python-0:2.7.5-69.el7_5.src", "7Server-optional-7.5.Z:python-0:2.7.5-69.el7_5.x86_64", "7Server-optional-7.5.Z:python-debug-0:2.7.5-69.el7_5.aarch64", "7Server-optional-7.5.Z:python-debug-0:2.7.5-69.el7_5.ppc64", "7Server-optional-7.5.Z:python-debug-0:2.7.5-69.el7_5.ppc64le", "7Server-optional-7.5.Z:python-debug-0:2.7.5-69.el7_5.s390x", "7Server-optional-7.5.Z:python-debug-0:2.7.5-69.el7_5.x86_64", "7Server-optional-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.aarch64", "7Server-optional-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.i686", "7Server-optional-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.ppc", "7Server-optional-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.ppc64", "7Server-optional-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.ppc64le", "7Server-optional-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.s390", "7Server-optional-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.s390x", "7Server-optional-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.x86_64", "7Server-optional-7.5.Z:python-devel-0:2.7.5-69.el7_5.aarch64", "7Server-optional-7.5.Z:python-devel-0:2.7.5-69.el7_5.ppc64", "7Server-optional-7.5.Z:python-devel-0:2.7.5-69.el7_5.ppc64le", "7Server-optional-7.5.Z:python-devel-0:2.7.5-69.el7_5.s390x", "7Server-optional-7.5.Z:python-devel-0:2.7.5-69.el7_5.x86_64", "7Server-optional-7.5.Z:python-libs-0:2.7.5-69.el7_5.aarch64", "7Server-optional-7.5.Z:python-libs-0:2.7.5-69.el7_5.i686", "7Server-optional-7.5.Z:python-libs-0:2.7.5-69.el7_5.ppc", "7Server-optional-7.5.Z:python-libs-0:2.7.5-69.el7_5.ppc64", "7Server-optional-7.5.Z:python-libs-0:2.7.5-69.el7_5.ppc64le", "7Server-optional-7.5.Z:python-libs-0:2.7.5-69.el7_5.s390", "7Server-optional-7.5.Z:python-libs-0:2.7.5-69.el7_5.s390x", "7Server-optional-7.5.Z:python-libs-0:2.7.5-69.el7_5.x86_64", "7Server-optional-7.5.Z:python-test-0:2.7.5-69.el7_5.aarch64", "7Server-optional-7.5.Z:python-test-0:2.7.5-69.el7_5.ppc64", "7Server-optional-7.5.Z:python-test-0:2.7.5-69.el7_5.ppc64le", "7Server-optional-7.5.Z:python-test-0:2.7.5-69.el7_5.s390x", "7Server-optional-7.5.Z:python-test-0:2.7.5-69.el7_5.x86_64", "7Server-optional-7.5.Z:python-tools-0:2.7.5-69.el7_5.aarch64", "7Server-optional-7.5.Z:python-tools-0:2.7.5-69.el7_5.ppc64", "7Server-optional-7.5.Z:python-tools-0:2.7.5-69.el7_5.ppc64le", "7Server-optional-7.5.Z:python-tools-0:2.7.5-69.el7_5.s390x", "7Server-optional-7.5.Z:python-tools-0:2.7.5-69.el7_5.x86_64", "7Server-optional-7.5.Z:tkinter-0:2.7.5-69.el7_5.aarch64", "7Server-optional-7.5.Z:tkinter-0:2.7.5-69.el7_5.ppc64", "7Server-optional-7.5.Z:tkinter-0:2.7.5-69.el7_5.ppc64le", "7Server-optional-7.5.Z:tkinter-0:2.7.5-69.el7_5.s390x", "7Server-optional-7.5.Z:tkinter-0:2.7.5-69.el7_5.x86_64", "7Server-optional-Alt-7.5.Z:python-0:2.7.5-69.el7_5.aarch64", "7Server-optional-Alt-7.5.Z:python-0:2.7.5-69.el7_5.ppc64", "7Server-optional-Alt-7.5.Z:python-0:2.7.5-69.el7_5.ppc64le", "7Server-optional-Alt-7.5.Z:python-0:2.7.5-69.el7_5.s390x", "7Server-optional-Alt-7.5.Z:python-0:2.7.5-69.el7_5.src", "7Server-optional-Alt-7.5.Z:python-0:2.7.5-69.el7_5.x86_64", "7Server-optional-Alt-7.5.Z:python-debug-0:2.7.5-69.el7_5.aarch64", "7Server-optional-Alt-7.5.Z:python-debug-0:2.7.5-69.el7_5.ppc64", "7Server-optional-Alt-7.5.Z:python-debug-0:2.7.5-69.el7_5.ppc64le", "7Server-optional-Alt-7.5.Z:python-debug-0:2.7.5-69.el7_5.s390x", "7Server-optional-Alt-7.5.Z:python-debug-0:2.7.5-69.el7_5.x86_64", "7Server-optional-Alt-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.aarch64", "7Server-optional-Alt-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.i686", "7Server-optional-Alt-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.ppc", "7Server-optional-Alt-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.ppc64", "7Server-optional-Alt-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.ppc64le", "7Server-optional-Alt-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.s390", "7Server-optional-Alt-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.s390x", "7Server-optional-Alt-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.x86_64", "7Server-optional-Alt-7.5.Z:python-devel-0:2.7.5-69.el7_5.aarch64", "7Server-optional-Alt-7.5.Z:python-devel-0:2.7.5-69.el7_5.ppc64", "7Server-optional-Alt-7.5.Z:python-devel-0:2.7.5-69.el7_5.ppc64le", "7Server-optional-Alt-7.5.Z:python-devel-0:2.7.5-69.el7_5.s390x", "7Server-optional-Alt-7.5.Z:python-devel-0:2.7.5-69.el7_5.x86_64", "7Server-optional-Alt-7.5.Z:python-libs-0:2.7.5-69.el7_5.aarch64", "7Server-optional-Alt-7.5.Z:python-libs-0:2.7.5-69.el7_5.i686", "7Server-optional-Alt-7.5.Z:python-libs-0:2.7.5-69.el7_5.ppc", "7Server-optional-Alt-7.5.Z:python-libs-0:2.7.5-69.el7_5.ppc64", "7Server-optional-Alt-7.5.Z:python-libs-0:2.7.5-69.el7_5.ppc64le", "7Server-optional-Alt-7.5.Z:python-libs-0:2.7.5-69.el7_5.s390", "7Server-optional-Alt-7.5.Z:python-libs-0:2.7.5-69.el7_5.s390x", "7Server-optional-Alt-7.5.Z:python-libs-0:2.7.5-69.el7_5.x86_64", "7Server-optional-Alt-7.5.Z:python-test-0:2.7.5-69.el7_5.aarch64", "7Server-optional-Alt-7.5.Z:python-test-0:2.7.5-69.el7_5.ppc64", "7Server-optional-Alt-7.5.Z:python-test-0:2.7.5-69.el7_5.ppc64le", "7Server-optional-Alt-7.5.Z:python-test-0:2.7.5-69.el7_5.s390x", "7Server-optional-Alt-7.5.Z:python-test-0:2.7.5-69.el7_5.x86_64", "7Server-optional-Alt-7.5.Z:python-tools-0:2.7.5-69.el7_5.aarch64", "7Server-optional-Alt-7.5.Z:python-tools-0:2.7.5-69.el7_5.ppc64", "7Server-optional-Alt-7.5.Z:python-tools-0:2.7.5-69.el7_5.ppc64le", "7Server-optional-Alt-7.5.Z:python-tools-0:2.7.5-69.el7_5.s390x", "7Server-optional-Alt-7.5.Z:python-tools-0:2.7.5-69.el7_5.x86_64", "7Server-optional-Alt-7.5.Z:tkinter-0:2.7.5-69.el7_5.aarch64", "7Server-optional-Alt-7.5.Z:tkinter-0:2.7.5-69.el7_5.ppc64", "7Server-optional-Alt-7.5.Z:tkinter-0:2.7.5-69.el7_5.ppc64le", "7Server-optional-Alt-7.5.Z:tkinter-0:2.7.5-69.el7_5.s390x", "7Server-optional-Alt-7.5.Z:tkinter-0:2.7.5-69.el7_5.x86_64", "7Workstation-7.5.Z:python-0:2.7.5-69.el7_5.aarch64", "7Workstation-7.5.Z:python-0:2.7.5-69.el7_5.ppc64", "7Workstation-7.5.Z:python-0:2.7.5-69.el7_5.ppc64le", "7Workstation-7.5.Z:python-0:2.7.5-69.el7_5.s390x", "7Workstation-7.5.Z:python-0:2.7.5-69.el7_5.src", "7Workstation-7.5.Z:python-0:2.7.5-69.el7_5.x86_64", "7Workstation-7.5.Z:python-debug-0:2.7.5-69.el7_5.aarch64", "7Workstation-7.5.Z:python-debug-0:2.7.5-69.el7_5.ppc64", "7Workstation-7.5.Z:python-debug-0:2.7.5-69.el7_5.ppc64le", "7Workstation-7.5.Z:python-debug-0:2.7.5-69.el7_5.s390x", "7Workstation-7.5.Z:python-debug-0:2.7.5-69.el7_5.x86_64", "7Workstation-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.aarch64", "7Workstation-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.i686", "7Workstation-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.ppc", "7Workstation-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.ppc64", "7Workstation-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.ppc64le", "7Workstation-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.s390", "7Workstation-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.s390x", "7Workstation-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.x86_64", "7Workstation-7.5.Z:python-devel-0:2.7.5-69.el7_5.aarch64", "7Workstation-7.5.Z:python-devel-0:2.7.5-69.el7_5.ppc64", "7Workstation-7.5.Z:python-devel-0:2.7.5-69.el7_5.ppc64le", "7Workstation-7.5.Z:python-devel-0:2.7.5-69.el7_5.s390x", "7Workstation-7.5.Z:python-devel-0:2.7.5-69.el7_5.x86_64", "7Workstation-7.5.Z:python-libs-0:2.7.5-69.el7_5.aarch64", "7Workstation-7.5.Z:python-libs-0:2.7.5-69.el7_5.i686", "7Workstation-7.5.Z:python-libs-0:2.7.5-69.el7_5.ppc", "7Workstation-7.5.Z:python-libs-0:2.7.5-69.el7_5.ppc64", "7Workstation-7.5.Z:python-libs-0:2.7.5-69.el7_5.ppc64le", "7Workstation-7.5.Z:python-libs-0:2.7.5-69.el7_5.s390", "7Workstation-7.5.Z:python-libs-0:2.7.5-69.el7_5.s390x", "7Workstation-7.5.Z:python-libs-0:2.7.5-69.el7_5.x86_64", "7Workstation-7.5.Z:python-test-0:2.7.5-69.el7_5.aarch64", "7Workstation-7.5.Z:python-test-0:2.7.5-69.el7_5.ppc64", "7Workstation-7.5.Z:python-test-0:2.7.5-69.el7_5.ppc64le", "7Workstation-7.5.Z:python-test-0:2.7.5-69.el7_5.s390x", "7Workstation-7.5.Z:python-test-0:2.7.5-69.el7_5.x86_64", "7Workstation-7.5.Z:python-tools-0:2.7.5-69.el7_5.aarch64", "7Workstation-7.5.Z:python-tools-0:2.7.5-69.el7_5.ppc64", "7Workstation-7.5.Z:python-tools-0:2.7.5-69.el7_5.ppc64le", "7Workstation-7.5.Z:python-tools-0:2.7.5-69.el7_5.s390x", "7Workstation-7.5.Z:python-tools-0:2.7.5-69.el7_5.x86_64", "7Workstation-7.5.Z:tkinter-0:2.7.5-69.el7_5.aarch64", "7Workstation-7.5.Z:tkinter-0:2.7.5-69.el7_5.ppc64", "7Workstation-7.5.Z:tkinter-0:2.7.5-69.el7_5.ppc64le", "7Workstation-7.5.Z:tkinter-0:2.7.5-69.el7_5.s390x", "7Workstation-7.5.Z:tkinter-0:2.7.5-69.el7_5.x86_64", "7Workstation-optional-7.5.Z:python-0:2.7.5-69.el7_5.aarch64", "7Workstation-optional-7.5.Z:python-0:2.7.5-69.el7_5.ppc64", "7Workstation-optional-7.5.Z:python-0:2.7.5-69.el7_5.ppc64le", "7Workstation-optional-7.5.Z:python-0:2.7.5-69.el7_5.s390x", "7Workstation-optional-7.5.Z:python-0:2.7.5-69.el7_5.src", "7Workstation-optional-7.5.Z:python-0:2.7.5-69.el7_5.x86_64", "7Workstation-optional-7.5.Z:python-debug-0:2.7.5-69.el7_5.aarch64", "7Workstation-optional-7.5.Z:python-debug-0:2.7.5-69.el7_5.ppc64", "7Workstation-optional-7.5.Z:python-debug-0:2.7.5-69.el7_5.ppc64le", "7Workstation-optional-7.5.Z:python-debug-0:2.7.5-69.el7_5.s390x", "7Workstation-optional-7.5.Z:python-debug-0:2.7.5-69.el7_5.x86_64", "7Workstation-optional-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.aarch64", "7Workstation-optional-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.i686", "7Workstation-optional-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.ppc", "7Workstation-optional-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.ppc64", "7Workstation-optional-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.ppc64le", "7Workstation-optional-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.s390", "7Workstation-optional-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.s390x", "7Workstation-optional-7.5.Z:python-debuginfo-0:2.7.5-69.el7_5.x86_64", "7Workstation-optional-7.5.Z:python-devel-0:2.7.5-69.el7_5.aarch64", "7Workstation-optional-7.5.Z:python-devel-0:2.7.5-69.el7_5.ppc64", "7Workstation-optional-7.5.Z:python-devel-0:2.7.5-69.el7_5.ppc64le", "7Workstation-optional-7.5.Z:python-devel-0:2.7.5-69.el7_5.s390x", "7Workstation-optional-7.5.Z:python-devel-0:2.7.5-69.el7_5.x86_64", "7Workstation-optional-7.5.Z:python-libs-0:2.7.5-69.el7_5.aarch64", "7Workstation-optional-7.5.Z:python-libs-0:2.7.5-69.el7_5.i686", "7Workstation-optional-7.5.Z:python-libs-0:2.7.5-69.el7_5.ppc", "7Workstation-optional-7.5.Z:python-libs-0:2.7.5-69.el7_5.ppc64", "7Workstation-optional-7.5.Z:python-libs-0:2.7.5-69.el7_5.ppc64le", "7Workstation-optional-7.5.Z:python-libs-0:2.7.5-69.el7_5.s390", "7Workstation-optional-7.5.Z:python-libs-0:2.7.5-69.el7_5.s390x", "7Workstation-optional-7.5.Z:python-libs-0:2.7.5-69.el7_5.x86_64", "7Workstation-optional-7.5.Z:python-test-0:2.7.5-69.el7_5.aarch64", "7Workstation-optional-7.5.Z:python-test-0:2.7.5-69.el7_5.ppc64", "7Workstation-optional-7.5.Z:python-test-0:2.7.5-69.el7_5.ppc64le", "7Workstation-optional-7.5.Z:python-test-0:2.7.5-69.el7_5.s390x", "7Workstation-optional-7.5.Z:python-test-0:2.7.5-69.el7_5.x86_64", "7Workstation-optional-7.5.Z:python-tools-0:2.7.5-69.el7_5.aarch64", "7Workstation-optional-7.5.Z:python-tools-0:2.7.5-69.el7_5.ppc64", "7Workstation-optional-7.5.Z:python-tools-0:2.7.5-69.el7_5.ppc64le", "7Workstation-optional-7.5.Z:python-tools-0:2.7.5-69.el7_5.s390x", "7Workstation-optional-7.5.Z:python-tools-0:2.7.5-69.el7_5.x86_64", "7Workstation-optional-7.5.Z:tkinter-0:2.7.5-69.el7_5.aarch64", "7Workstation-optional-7.5.Z:tkinter-0:2.7.5-69.el7_5.ppc64", "7Workstation-optional-7.5.Z:tkinter-0:2.7.5-69.el7_5.ppc64le", "7Workstation-optional-7.5.Z:tkinter-0:2.7.5-69.el7_5.s390x", "7Workstation-optional-7.5.Z:tkinter-0:2.7.5-69.el7_5.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "SSL/TLS: Birthday attack against 64-bit block ciphers (SWEET32)" } ] }
rhsa-2020_0451
Vulnerability from csaf_redhat
Notes
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Moderate" }, "category": "csaf_vex", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "Red Hat OpenShift Container Platform release 3.11.170 is now available with\nupdates to packages and images that fix several bugs.\n\nRed Hat Product Security has rated this update as having a security impact\nof Moderate. A Common Vulnerability Scoring System (CVSS) base score,\nwhich gives a detailed severity rating, is available for each vulnerability\nfrom the CVE link(s) in the References section.", "title": "Topic" }, { "category": "general", "text": "Red Hat OpenShift Container Platform is Red Hat\u0027s cloud computing\nKubernetes application platform solution designed for on-premise or private\ncloud deployments.\n\nSecurity Fix(es):\n\n* SSL/TLS: Birthday attack against 64-bit block ciphers (SWEET32) (CVE-2016-2183)\n\nFor more details about the security issue(s), including the impact, a CVSS\nscore, acknowledgments, and other related information, refer to the CVE\npage(s)\nlisted in the References section.", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat offerings.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHSA-2020:0451", "url": "https://access.redhat.com/errata/RHSA-2020:0451" }, { "category": "external", "summary": "https://access.redhat.com/security/updates/classification/#moderate", "url": "https://access.redhat.com/security/updates/classification/#moderate" }, { "category": "external", "summary": "https://access.redhat.com/articles/2548661", "url": "https://access.redhat.com/articles/2548661" }, { "category": "external", "summary": "1369383", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1369383" }, { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/data/csaf/v2/advisories/2020/rhsa-2020_0451.json" } ], "title": "Red Hat Security Advisory: OpenShift Container Platform 3.11 security update", "tracking": { "current_release_date": "2024-09-13T11:35:08+00:00", "generator": { "date": "2024-09-13T11:35:08+00:00", "engine": { "name": "Red Hat SDEngine", "version": "3.33.3" } }, "id": "RHSA-2020:0451", "initial_release_date": "2020-02-19T20:13:45+00:00", "revision_history": [ { "date": "2020-02-19T20:13:45+00:00", "number": "1", "summary": "Initial version" }, { "date": "2020-02-19T20:13:45+00:00", "number": "2", "summary": "Last updated version" }, { "date": "2024-09-13T11:35:08+00:00", "number": "3", "summary": "Last generated version" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "Red Hat OpenShift Container Platform 3.11", "product": { "name": "Red Hat OpenShift Container Platform 3.11", "product_id": "7Server-RH7-RHOSE-3.11", "product_identification_helper": { "cpe": "cpe:/a:redhat:openshift:3.11::el7" } } } ], "category": "product_family", "name": "Red Hat OpenShift Enterprise" }, { "branches": [ { "category": "product_version", "name": "openshift3/oauth-proxy@sha256:da75a08e875f76a58028715f402da670f5849317f354ace0e64702acd86b21ae_amd64", "product": { "name": "openshift3/oauth-proxy@sha256:da75a08e875f76a58028715f402da670f5849317f354ace0e64702acd86b21ae_amd64", "product_id": "openshift3/oauth-proxy@sha256:da75a08e875f76a58028715f402da670f5849317f354ace0e64702acd86b21ae_amd64", "product_identification_helper": { "purl": "pkg:oci/oauth-proxy@sha256:da75a08e875f76a58028715f402da670f5849317f354ace0e64702acd86b21ae?arch=amd64\u0026repository_url=registry.redhat.io/openshift3/oauth-proxy\u0026tag=v3.11.170-5" } } } ], "category": "architecture", "name": "amd64" }, { "branches": [ { "category": "product_version", "name": "openshift3/oauth-proxy@sha256:876837ef69aa0e89497b1e22df4bfea76bf32cfa21a537d57dc5818a203e686e_ppc64le", "product": { "name": "openshift3/oauth-proxy@sha256:876837ef69aa0e89497b1e22df4bfea76bf32cfa21a537d57dc5818a203e686e_ppc64le", "product_id": "openshift3/oauth-proxy@sha256:876837ef69aa0e89497b1e22df4bfea76bf32cfa21a537d57dc5818a203e686e_ppc64le", "product_identification_helper": { "purl": "pkg:oci/oauth-proxy@sha256:876837ef69aa0e89497b1e22df4bfea76bf32cfa21a537d57dc5818a203e686e?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift3/oauth-proxy\u0026tag=v3.11.170-5" } } } ], "category": "architecture", "name": "ppc64le" } ], "category": "vendor", "name": "Red Hat" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "openshift3/oauth-proxy@sha256:876837ef69aa0e89497b1e22df4bfea76bf32cfa21a537d57dc5818a203e686e_ppc64le as a component of Red Hat OpenShift Container Platform 3.11", "product_id": "7Server-RH7-RHOSE-3.11:openshift3/oauth-proxy@sha256:876837ef69aa0e89497b1e22df4bfea76bf32cfa21a537d57dc5818a203e686e_ppc64le" }, "product_reference": "openshift3/oauth-proxy@sha256:876837ef69aa0e89497b1e22df4bfea76bf32cfa21a537d57dc5818a203e686e_ppc64le", "relates_to_product_reference": "7Server-RH7-RHOSE-3.11" }, { "category": "default_component_of", "full_product_name": { "name": "openshift3/oauth-proxy@sha256:da75a08e875f76a58028715f402da670f5849317f354ace0e64702acd86b21ae_amd64 as a component of Red Hat OpenShift Container Platform 3.11", "product_id": "7Server-RH7-RHOSE-3.11:openshift3/oauth-proxy@sha256:da75a08e875f76a58028715f402da670f5849317f354ace0e64702acd86b21ae_amd64" }, "product_reference": "openshift3/oauth-proxy@sha256:da75a08e875f76a58028715f402da670f5849317f354ace0e64702acd86b21ae_amd64", "relates_to_product_reference": "7Server-RH7-RHOSE-3.11" } ] }, "vulnerabilities": [ { "acknowledgments": [ { "names": [ "OpenVPN" ] }, { "names": [ "Karthikeyan Bhargavan", "Ga\u00ebtan Leurent" ], "organization": "Inria", "summary": "Acknowledged by upstream." } ], "cve": "CVE-2016-2183", "cwe": { "id": "CWE-327", "name": "Use of a Broken or Risky Cryptographic Algorithm" }, "discovery_date": "2016-08-18T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1369383" } ], "notes": [ { "category": "description", "text": "A flaw was found in the way the DES/3DES cipher was used as part of the TLS/SSL protocol. A man-in-the-middle attacker could use this flaw to recover some plaintext data by capturing large amounts of encrypted traffic between TLS/SSL server and client if the communication used a DES/3DES based ciphersuite.", "title": "Vulnerability description" }, { "category": "summary", "text": "SSL/TLS: Birthday attack against 64-bit block ciphers (SWEET32)", "title": "Vulnerability summary" }, { "category": "other", "text": "OpenSSL security update RHSA-2016:1940 mitigates this issue by lowering priority of DES cipher suites so they are not preferred over cipher suites using AES. For compatibility reasons, DES cipher suites remain enabled by default and included in the set of cipher suites identified by the HIGH cipher string. Future updates may move them to MEDIUM or not enable them by default.\n\nNSS addressed this issue by implementing limits on the amount of plain text which can be encrypted by using the same key. Once the limit is reached, the keys will need to be re-negotiated manually. This change will be available in nss-3.27.\n\nGnuTLS is not affected by this issue, since it prioritizes AES before 3DES in the cipher list.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-RH7-RHOSE-3.11:openshift3/oauth-proxy@sha256:876837ef69aa0e89497b1e22df4bfea76bf32cfa21a537d57dc5818a203e686e_ppc64le", "7Server-RH7-RHOSE-3.11:openshift3/oauth-proxy@sha256:da75a08e875f76a58028715f402da670f5849317f354ace0e64702acd86b21ae_amd64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2016-2183" }, { "category": "external", "summary": "RHBZ#1369383", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1369383" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2016-2183", "url": "https://www.cve.org/CVERecord?id=CVE-2016-2183" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-2183", "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-2183" }, { "category": "external", "summary": "https://access.redhat.com/articles/2548661", "url": "https://access.redhat.com/articles/2548661" }, { "category": "external", "summary": "https://access.redhat.com/errata/RHSA-2016:1940", "url": "https://access.redhat.com/errata/RHSA-2016:1940" }, { "category": "external", "summary": "https://sweet32.info/", "url": "https://sweet32.info/" } ], "release_date": "2016-08-24T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "details": "Before applying this update, ensure all previously released errata relevant\nto your system is applied.\n\nSee the following documentation, which will be updated shortly for release\n3.11.170, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/3.11/release_notes/ocp_3_11_release_notes.html\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/articles/11258.", "product_ids": [ "7Server-RH7-RHOSE-3.11:openshift3/oauth-proxy@sha256:876837ef69aa0e89497b1e22df4bfea76bf32cfa21a537d57dc5818a203e686e_ppc64le", "7Server-RH7-RHOSE-3.11:openshift3/oauth-proxy@sha256:da75a08e875f76a58028715f402da670f5849317f354ace0e64702acd86b21ae_amd64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2020:0451" }, { "category": "workaround", "details": "1.SSL/TLS configurations should prefer AES over DES. Versions of OpenSSL shipped with Red Hat Enterprise Linux 6 and 7 already do so. In the version of OpenSSL shipped with Red Hat Enterprise Linux 5, 3DES is listed below the AES-256 cipher and above the AES-128 cipher, therefore AES-256 based ciphersuite should not be disabled on the server.\n2. Servers using OpenSSL, should not disable AES-128 and AES-256 ciphersuites. Versions of Apache shipped with Red Hat Enterprise Linux use the default cipher string, in which AES is preferred over DES/3DES based ciphersuites.\n\nFor JBoss Middleware, and Java mitigations, please review this knowledge base article:\n\nhttps://access.redhat.com/articles/2598471\n\nThis can be mitigated on OpenShift Container Platform (OCP) by disabling the vulnerable TLS cipher suite in the applicable component. TLS configuration options for OCP are described here:\n\nhttps://access.redhat.com/articles/5348961", "product_ids": [ "7Server-RH7-RHOSE-3.11:openshift3/oauth-proxy@sha256:876837ef69aa0e89497b1e22df4bfea76bf32cfa21a537d57dc5818a203e686e_ppc64le", "7Server-RH7-RHOSE-3.11:openshift3/oauth-proxy@sha256:da75a08e875f76a58028715f402da670f5849317f354ace0e64702acd86b21ae_amd64" ] } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0" }, "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.0" }, "products": [ "7Server-RH7-RHOSE-3.11:openshift3/oauth-proxy@sha256:876837ef69aa0e89497b1e22df4bfea76bf32cfa21a537d57dc5818a203e686e_ppc64le", "7Server-RH7-RHOSE-3.11:openshift3/oauth-proxy@sha256:da75a08e875f76a58028715f402da670f5849317f354ace0e64702acd86b21ae_amd64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "SSL/TLS: Birthday attack against 64-bit block ciphers (SWEET32)" } ] }
rhsa-2017_0336
Vulnerability from csaf_redhat
Notes
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Critical" }, "category": "csaf_vex", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "An update for java-1.7.1-ibm is now available for Red Hat Enterprise Linux 6 Supplementary and Red Hat Enterprise Linux 7 Supplementary.\n\nRed Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", "title": "Topic" }, { "category": "general", "text": "IBM Java SE version 7 Release 1 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit.\n\nThis update upgrades IBM Java SE 7 to version 7R1 SR4-FP1.\n\nSecurity Fix(es):\n\n* This update fixes multiple vulnerabilities in the IBM Java Runtime Environment and the IBM Java Software Development Kit. Further information about these flaws can be found on the IBM Java Security alerts page, listed in the References section. (CVE-2016-2183, CVE-2016-5546, CVE-2016-5547, CVE-2016-5548, CVE-2016-5549, CVE-2016-5552, CVE-2017-3231, CVE-2017-3241, CVE-2017-3252, CVE-2017-3253, CVE-2017-3259, CVE-2017-3261, CVE-2017-3272, CVE-2017-3289)", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat offerings.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHSA-2017:0336", "url": "https://access.redhat.com/errata/RHSA-2017:0336" }, { "category": "external", "summary": "https://access.redhat.com/security/updates/classification/#critical", "url": "https://access.redhat.com/security/updates/classification/#critical" }, { "category": "external", "summary": "https://developer.ibm.com/javasdk/support/security-vulnerabilities/", "url": "https://developer.ibm.com/javasdk/support/security-vulnerabilities/" }, { "category": "external", "summary": "1369383", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1369383" }, { "category": "external", "summary": "1413554", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1413554" }, { "category": "external", "summary": "1413562", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1413562" }, { "category": "external", "summary": "1413583", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1413583" }, { "category": "external", "summary": "1413653", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1413653" }, { "category": "external", "summary": "1413717", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1413717" }, { "category": "external", "summary": "1413764", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1413764" }, { "category": "external", "summary": "1413882", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1413882" }, { "category": "external", "summary": "1413906", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1413906" }, { "category": "external", "summary": "1413911", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1413911" }, { "category": "external", "summary": "1413920", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1413920" }, { "category": "external", "summary": "1413923", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1413923" }, { "category": "external", "summary": "1413955", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1413955" }, { "category": "external", "summary": "1414163", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1414163" }, { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/data/csaf/v2/advisories/2017/rhsa-2017_0336.json" } ], "title": "Red Hat Security Advisory: java-1.7.1-ibm security update", "tracking": { "current_release_date": "2024-09-13T11:58:28+00:00", "generator": { "date": "2024-09-13T11:58:28+00:00", "engine": { "name": "Red Hat SDEngine", "version": "3.33.3" } }, "id": "RHSA-2017:0336", "initial_release_date": "2017-02-28T08:19:38+00:00", "revision_history": [ { "date": "2017-02-28T08:19:38+00:00", "number": "1", "summary": "Initial version" }, { "date": "2017-02-28T08:19:38+00:00", "number": "2", "summary": "Last updated version" }, { "date": "2024-09-13T11:58:28+00:00", "number": "3", "summary": "Last generated version" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "Red Hat Enterprise Linux Desktop Supplementary (v. 6)", "product": { "name": "Red Hat Enterprise Linux Desktop Supplementary (v. 6)", "product_id": "6Client-Supplementary-6.8.z", "product_identification_helper": { "cpe": "cpe:/a:redhat:rhel_extras:6" } } }, { "category": "product_name", "name": "Red Hat Enterprise Linux HPC Node Supplementary (v. 6)", "product": { "name": "Red Hat Enterprise Linux HPC Node Supplementary (v. 6)", "product_id": "6ComputeNode-Supplementary-6.8.z", "product_identification_helper": { "cpe": "cpe:/a:redhat:rhel_extras:6" } } }, { "category": "product_name", "name": "Red Hat Enterprise Linux Server Supplementary (v. 6)", "product": { "name": "Red Hat Enterprise Linux Server Supplementary (v. 6)", "product_id": "6Server-Supplementary-6.8.z", "product_identification_helper": { "cpe": "cpe:/a:redhat:rhel_extras:6" } } }, { "category": "product_name", "name": "Red Hat Enterprise Linux Workstation Supplementary (v. 6)", "product": { "name": "Red Hat Enterprise Linux Workstation Supplementary (v. 6)", "product_id": "6Workstation-Supplementary-6.8.z", "product_identification_helper": { "cpe": "cpe:/a:redhat:rhel_extras:6" } } }, { "category": "product_name", "name": "Red Hat Enterprise Linux Client Supplementary (v. 7)", "product": { "name": "Red Hat Enterprise Linux Client Supplementary (v. 7)", "product_id": "7Client-7.3.Z-Client", "product_identification_helper": { "cpe": "cpe:/a:redhat:rhel_extras:7" } } }, { "category": "product_name", "name": "Red Hat Enterprise Linux ComputeNode Supplementary (v. 7)", "product": { "name": "Red Hat Enterprise Linux ComputeNode Supplementary (v. 7)", "product_id": "7ComputeNode-7.3.Z-ComputeNode", "product_identification_helper": { "cpe": "cpe:/a:redhat:rhel_extras:7" } } }, { "category": "product_name", "name": "Red Hat Enterprise Linux Server Supplementary (v. 7)", "product": { "name": "Red Hat Enterprise Linux Server Supplementary (v. 7)", "product_id": "7Server-7.3.Z-Server", "product_identification_helper": { "cpe": "cpe:/a:redhat:rhel_extras:7" } } }, { "category": "product_name", "name": "Red Hat Enterprise Linux Workstation Supplementary (v. 7)", "product": { "name": "Red Hat Enterprise Linux Workstation Supplementary (v. 7)", "product_id": "7Workstation-7.3.Z-Workstation", "product_identification_helper": { "cpe": "cpe:/a:redhat:rhel_extras:7" } } } ], "category": "product_family", "name": "Red Hat Enterprise Linux Supplementary" }, { "branches": [ { "category": "product_version", "name": "java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "product": { "name": "java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "product_id": "java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.7.1-ibm-jdbc@1.7.1.4.1-1jpp.1.el6_8?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "product": { "name": "java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "product_id": "java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.7.1-ibm-devel@1.7.1.4.1-1jpp.1.el6_8?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "product": { "name": "java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "product_id": "java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.7.1-ibm-src@1.7.1.4.1-1jpp.1.el6_8?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "product": { "name": "java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "product_id": "java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.7.1-ibm@1.7.1.4.1-1jpp.1.el6_8?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "product": { "name": "java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "product_id": "java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.7.1-ibm-demo@1.7.1.4.1-1jpp.1.el6_8?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "product": { "name": "java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "product_id": "java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.7.1-ibm-plugin@1.7.1.4.1-1jpp.1.el6_8?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.x86_64", "product": { "name": "java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.x86_64", "product_id": "java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.7.1-ibm-jdbc@1.7.1.4.1-1jpp.2.el7?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.x86_64", "product": { "name": "java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.x86_64", "product_id": "java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.7.1-ibm-devel@1.7.1.4.1-1jpp.2.el7?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.x86_64", "product": { "name": "java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.x86_64", "product_id": "java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.7.1-ibm-plugin@1.7.1.4.1-1jpp.2.el7?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.x86_64", "product": { "name": "java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.x86_64", "product_id": "java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.7.1-ibm-src@1.7.1.4.1-1jpp.2.el7?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.x86_64", "product": { "name": "java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.x86_64", "product_id": "java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.7.1-ibm-demo@1.7.1.4.1-1jpp.2.el7?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.x86_64", "product": { "name": "java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.x86_64", "product_id": "java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.7.1-ibm@1.7.1.4.1-1jpp.2.el7?arch=x86_64\u0026epoch=1" } } } ], "category": "architecture", "name": "x86_64" }, { "branches": [ { "category": "product_version", "name": "java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.i686", "product": { "name": "java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.i686", "product_id": "java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.7.1-ibm-jdbc@1.7.1.4.1-1jpp.1.el6_8?arch=i686\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.i686", "product": { "name": "java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.i686", "product_id": "java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.7.1-ibm-devel@1.7.1.4.1-1jpp.1.el6_8?arch=i686\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.i686", "product": { "name": "java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.i686", "product_id": "java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.7.1-ibm-src@1.7.1.4.1-1jpp.1.el6_8?arch=i686\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.i686", "product": { "name": "java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.i686", "product_id": "java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.7.1-ibm@1.7.1.4.1-1jpp.1.el6_8?arch=i686\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.i686", "product": { "name": "java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.i686", "product_id": "java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.7.1-ibm-demo@1.7.1.4.1-1jpp.1.el6_8?arch=i686\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.i686", "product": { "name": "java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.i686", "product_id": "java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.7.1-ibm-plugin@1.7.1.4.1-1jpp.1.el6_8?arch=i686\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.i686", "product": { "name": "java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.i686", "product_id": "java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.7.1-ibm-devel@1.7.1.4.1-1jpp.2.el7?arch=i686\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.i686", "product": { "name": "java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.i686", "product_id": "java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.7.1-ibm@1.7.1.4.1-1jpp.2.el7?arch=i686\u0026epoch=1" } } } ], "category": "architecture", "name": "i686" }, { "branches": [ { "category": "product_version", "name": "java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "product": { "name": "java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "product_id": "java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.7.1-ibm-jdbc@1.7.1.4.1-1jpp.1.el6_8?arch=s390x\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "product": { "name": "java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "product_id": "java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.7.1-ibm-devel@1.7.1.4.1-1jpp.1.el6_8?arch=s390x\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "product": { "name": "java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "product_id": "java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.7.1-ibm-src@1.7.1.4.1-1jpp.1.el6_8?arch=s390x\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "product": { "name": "java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "product_id": "java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.7.1-ibm@1.7.1.4.1-1jpp.1.el6_8?arch=s390x\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "product": { "name": "java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "product_id": "java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.7.1-ibm-demo@1.7.1.4.1-1jpp.1.el6_8?arch=s390x\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.s390x", "product": { "name": "java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.s390x", "product_id": "java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.7.1-ibm-jdbc@1.7.1.4.1-1jpp.2.el7?arch=s390x\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390x", "product": { "name": "java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390x", "product_id": "java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.7.1-ibm-devel@1.7.1.4.1-1jpp.2.el7?arch=s390x\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.s390x", "product": { "name": "java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.s390x", "product_id": "java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.7.1-ibm-src@1.7.1.4.1-1jpp.2.el7?arch=s390x\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.s390x", "product": { "name": "java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.s390x", "product_id": "java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.7.1-ibm-demo@1.7.1.4.1-1jpp.2.el7?arch=s390x\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390x", "product": { "name": "java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390x", "product_id": "java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.7.1-ibm@1.7.1.4.1-1jpp.2.el7?arch=s390x\u0026epoch=1" } } } ], "category": "architecture", "name": "s390x" }, { "branches": [ { "category": "product_version", "name": "java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "product": { "name": "java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "product_id": "java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.7.1-ibm-jdbc@1.7.1.4.1-1jpp.1.el6_8?arch=ppc64\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "product": { "name": "java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "product_id": "java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.7.1-ibm-devel@1.7.1.4.1-1jpp.1.el6_8?arch=ppc64\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "product": { "name": "java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "product_id": "java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.7.1-ibm-src@1.7.1.4.1-1jpp.1.el6_8?arch=ppc64\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "product": { "name": "java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "product_id": "java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.7.1-ibm@1.7.1.4.1-1jpp.1.el6_8?arch=ppc64\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "product": { "name": "java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "product_id": "java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.7.1-ibm-demo@1.7.1.4.1-1jpp.1.el6_8?arch=ppc64\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64", "product": { "name": "java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64", "product_id": "java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.7.1-ibm-jdbc@1.7.1.4.1-1jpp.2.el7?arch=ppc64\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64", "product": { "name": "java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64", "product_id": "java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.7.1-ibm-devel@1.7.1.4.1-1jpp.2.el7?arch=ppc64\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64", "product": { "name": "java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64", "product_id": "java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.7.1-ibm-src@1.7.1.4.1-1jpp.2.el7?arch=ppc64\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64", "product": { "name": "java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64", "product_id": "java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.7.1-ibm-demo@1.7.1.4.1-1jpp.2.el7?arch=ppc64\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64", "product": { "name": "java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64", "product_id": "java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.7.1-ibm@1.7.1.4.1-1jpp.2.el7?arch=ppc64\u0026epoch=1" } } } ], "category": "architecture", "name": "ppc64" }, { "branches": [ { "category": "product_version", "name": "java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390", "product": { "name": "java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390", "product_id": "java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.7.1-ibm-devel@1.7.1.4.1-1jpp.2.el7?arch=s390\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390", "product": { "name": "java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390", "product_id": "java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.7.1-ibm@1.7.1.4.1-1jpp.2.el7?arch=s390\u0026epoch=1" } } } ], "category": "architecture", "name": "s390" }, { "branches": [ { "category": "product_version", "name": "java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc", "product": { "name": "java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc", "product_id": "java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.7.1-ibm-devel@1.7.1.4.1-1jpp.2.el7?arch=ppc\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.ppc", "product": { "name": "java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.ppc", "product_id": "java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.ppc", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.7.1-ibm-plugin@1.7.1.4.1-1jpp.2.el7?arch=ppc\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc", "product": { "name": "java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc", "product_id": "java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.7.1-ibm@1.7.1.4.1-1jpp.2.el7?arch=ppc\u0026epoch=1" } } } ], "category": "architecture", "name": "ppc" }, { "branches": [ { "category": "product_version", "name": "java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "product": { "name": "java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "product_id": "java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.7.1-ibm-jdbc@1.7.1.4.1-1jpp.2.el7?arch=ppc64le\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "product": { "name": "java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "product_id": "java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.7.1-ibm-devel@1.7.1.4.1-1jpp.2.el7?arch=ppc64le\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "product": { "name": "java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "product_id": "java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.7.1-ibm-src@1.7.1.4.1-1jpp.2.el7?arch=ppc64le\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "product": { "name": "java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "product_id": "java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.7.1-ibm-demo@1.7.1.4.1-1jpp.2.el7?arch=ppc64le\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "product": { "name": "java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "product_id": "java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.7.1-ibm@1.7.1.4.1-1jpp.2.el7?arch=ppc64le\u0026epoch=1" } } } ], "category": "architecture", "name": "ppc64le" } ], "category": "vendor", "name": "Red Hat" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.i686 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 6)", "product_id": "6Client-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.i686" }, "product_reference": "java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.i686", "relates_to_product_reference": "6Client-Supplementary-6.8.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.ppc64 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 6)", "product_id": "6Client-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.ppc64" }, "product_reference": "java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "relates_to_product_reference": "6Client-Supplementary-6.8.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 6)", "product_id": "6Client-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x" }, "product_reference": "java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "relates_to_product_reference": "6Client-Supplementary-6.8.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 6)", "product_id": "6Client-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64" }, "product_reference": "java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "relates_to_product_reference": "6Client-Supplementary-6.8.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.i686 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 6)", "product_id": "6Client-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.i686" }, "product_reference": "java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.i686", "relates_to_product_reference": "6Client-Supplementary-6.8.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.ppc64 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 6)", "product_id": "6Client-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.ppc64" }, "product_reference": "java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "relates_to_product_reference": "6Client-Supplementary-6.8.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.s390x as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 6)", "product_id": "6Client-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.s390x" }, "product_reference": "java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "relates_to_product_reference": "6Client-Supplementary-6.8.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.x86_64 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 6)", "product_id": "6Client-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.x86_64" }, "product_reference": "java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "relates_to_product_reference": "6Client-Supplementary-6.8.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.i686 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 6)", "product_id": "6Client-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.i686" }, "product_reference": "java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.i686", "relates_to_product_reference": "6Client-Supplementary-6.8.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.ppc64 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 6)", "product_id": "6Client-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.ppc64" }, "product_reference": "java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "relates_to_product_reference": "6Client-Supplementary-6.8.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 6)", "product_id": "6Client-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x" }, "product_reference": "java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "relates_to_product_reference": "6Client-Supplementary-6.8.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 6)", "product_id": "6Client-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64" }, "product_reference": "java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "relates_to_product_reference": "6Client-Supplementary-6.8.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.i686 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 6)", "product_id": "6Client-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.i686" }, "product_reference": "java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.i686", "relates_to_product_reference": "6Client-Supplementary-6.8.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.ppc64 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 6)", "product_id": "6Client-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.ppc64" }, "product_reference": "java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "relates_to_product_reference": "6Client-Supplementary-6.8.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.s390x as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 6)", "product_id": "6Client-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.s390x" }, "product_reference": "java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "relates_to_product_reference": "6Client-Supplementary-6.8.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.x86_64 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 6)", "product_id": "6Client-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.x86_64" }, "product_reference": "java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "relates_to_product_reference": "6Client-Supplementary-6.8.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.i686 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 6)", "product_id": "6Client-Supplementary-6.8.z:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.i686" }, "product_reference": "java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.i686", "relates_to_product_reference": "6Client-Supplementary-6.8.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.x86_64 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 6)", "product_id": "6Client-Supplementary-6.8.z:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.x86_64" }, "product_reference": "java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "relates_to_product_reference": "6Client-Supplementary-6.8.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.i686 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 6)", "product_id": "6Client-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.i686" }, "product_reference": "java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.i686", "relates_to_product_reference": "6Client-Supplementary-6.8.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.ppc64 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 6)", "product_id": "6Client-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.ppc64" }, "product_reference": "java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "relates_to_product_reference": "6Client-Supplementary-6.8.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.s390x as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 6)", "product_id": "6Client-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.s390x" }, "product_reference": "java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "relates_to_product_reference": "6Client-Supplementary-6.8.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.x86_64 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 6)", "product_id": "6Client-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.x86_64" }, "product_reference": "java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "relates_to_product_reference": "6Client-Supplementary-6.8.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.i686 as a component of Red Hat Enterprise Linux HPC Node Supplementary (v. 6)", "product_id": "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.i686" }, "product_reference": "java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.i686", "relates_to_product_reference": "6ComputeNode-Supplementary-6.8.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.ppc64 as a component of Red Hat Enterprise Linux HPC Node Supplementary (v. 6)", "product_id": "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.ppc64" }, "product_reference": "java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "relates_to_product_reference": "6ComputeNode-Supplementary-6.8.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x as a component of Red Hat Enterprise Linux HPC Node Supplementary (v. 6)", "product_id": "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x" }, "product_reference": "java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "relates_to_product_reference": "6ComputeNode-Supplementary-6.8.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64 as a component of Red Hat Enterprise Linux HPC Node Supplementary (v. 6)", "product_id": "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64" }, "product_reference": "java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "relates_to_product_reference": "6ComputeNode-Supplementary-6.8.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.i686 as a component of Red Hat Enterprise Linux HPC Node Supplementary (v. 6)", "product_id": "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.i686" }, "product_reference": "java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.i686", "relates_to_product_reference": "6ComputeNode-Supplementary-6.8.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.ppc64 as a component of Red Hat Enterprise Linux HPC Node Supplementary (v. 6)", "product_id": "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.ppc64" }, "product_reference": "java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "relates_to_product_reference": "6ComputeNode-Supplementary-6.8.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.s390x as a component of Red Hat Enterprise Linux HPC Node Supplementary (v. 6)", "product_id": "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.s390x" }, "product_reference": "java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "relates_to_product_reference": "6ComputeNode-Supplementary-6.8.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.x86_64 as a component of Red Hat Enterprise Linux HPC Node Supplementary (v. 6)", "product_id": "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.x86_64" }, "product_reference": "java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "relates_to_product_reference": "6ComputeNode-Supplementary-6.8.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.i686 as a component of Red Hat Enterprise Linux HPC Node Supplementary (v. 6)", "product_id": "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.i686" }, "product_reference": "java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.i686", "relates_to_product_reference": "6ComputeNode-Supplementary-6.8.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.ppc64 as a component of Red Hat Enterprise Linux HPC Node Supplementary (v. 6)", "product_id": "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.ppc64" }, "product_reference": "java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "relates_to_product_reference": "6ComputeNode-Supplementary-6.8.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x as a component of Red Hat Enterprise Linux HPC Node Supplementary (v. 6)", "product_id": "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x" }, "product_reference": "java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "relates_to_product_reference": "6ComputeNode-Supplementary-6.8.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64 as a component of Red Hat Enterprise Linux HPC Node Supplementary (v. 6)", "product_id": "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64" }, "product_reference": "java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "relates_to_product_reference": "6ComputeNode-Supplementary-6.8.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.i686 as a component of Red Hat Enterprise Linux HPC Node Supplementary (v. 6)", "product_id": "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.i686" }, "product_reference": "java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.i686", "relates_to_product_reference": "6ComputeNode-Supplementary-6.8.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.ppc64 as a component of Red Hat Enterprise Linux HPC Node Supplementary (v. 6)", "product_id": "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.ppc64" }, "product_reference": "java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "relates_to_product_reference": "6ComputeNode-Supplementary-6.8.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.s390x as a component of Red Hat Enterprise Linux HPC Node Supplementary (v. 6)", "product_id": "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.s390x" }, "product_reference": "java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "relates_to_product_reference": "6ComputeNode-Supplementary-6.8.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.x86_64 as a component of Red Hat Enterprise Linux HPC Node Supplementary (v. 6)", "product_id": "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.x86_64" }, "product_reference": "java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "relates_to_product_reference": "6ComputeNode-Supplementary-6.8.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.i686 as a component of Red Hat Enterprise Linux HPC Node Supplementary (v. 6)", "product_id": "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.i686" }, "product_reference": "java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.i686", "relates_to_product_reference": "6ComputeNode-Supplementary-6.8.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.x86_64 as a component of Red Hat Enterprise Linux HPC Node Supplementary (v. 6)", "product_id": "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.x86_64" }, "product_reference": "java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "relates_to_product_reference": "6ComputeNode-Supplementary-6.8.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.i686 as a component of Red Hat Enterprise Linux HPC Node Supplementary (v. 6)", "product_id": "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.i686" }, "product_reference": "java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.i686", "relates_to_product_reference": "6ComputeNode-Supplementary-6.8.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.ppc64 as a component of Red Hat Enterprise Linux HPC Node Supplementary (v. 6)", "product_id": "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.ppc64" }, "product_reference": "java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "relates_to_product_reference": "6ComputeNode-Supplementary-6.8.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.s390x as a component of Red Hat Enterprise Linux HPC Node Supplementary (v. 6)", "product_id": "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.s390x" }, "product_reference": "java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "relates_to_product_reference": "6ComputeNode-Supplementary-6.8.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.x86_64 as a component of Red Hat Enterprise Linux HPC Node Supplementary (v. 6)", "product_id": "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.x86_64" }, "product_reference": "java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "relates_to_product_reference": "6ComputeNode-Supplementary-6.8.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.i686 as a component of Red Hat Enterprise Linux Server Supplementary (v. 6)", "product_id": "6Server-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.i686" }, "product_reference": "java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.i686", "relates_to_product_reference": "6Server-Supplementary-6.8.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.ppc64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 6)", "product_id": "6Server-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.ppc64" }, "product_reference": "java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "relates_to_product_reference": "6Server-Supplementary-6.8.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x as a component of Red Hat Enterprise Linux Server Supplementary (v. 6)", "product_id": "6Server-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x" }, "product_reference": "java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "relates_to_product_reference": "6Server-Supplementary-6.8.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 6)", "product_id": "6Server-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64" }, "product_reference": "java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "relates_to_product_reference": "6Server-Supplementary-6.8.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.i686 as a component of Red Hat Enterprise Linux Server Supplementary (v. 6)", "product_id": "6Server-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.i686" }, "product_reference": "java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.i686", "relates_to_product_reference": "6Server-Supplementary-6.8.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.ppc64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 6)", "product_id": "6Server-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.ppc64" }, "product_reference": "java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "relates_to_product_reference": "6Server-Supplementary-6.8.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.s390x as a component of Red Hat Enterprise Linux Server Supplementary (v. 6)", "product_id": "6Server-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.s390x" }, "product_reference": "java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "relates_to_product_reference": "6Server-Supplementary-6.8.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.x86_64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 6)", "product_id": "6Server-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.x86_64" }, "product_reference": "java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "relates_to_product_reference": "6Server-Supplementary-6.8.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.i686 as a component of Red Hat Enterprise Linux Server Supplementary (v. 6)", "product_id": "6Server-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.i686" }, "product_reference": "java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.i686", "relates_to_product_reference": "6Server-Supplementary-6.8.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.ppc64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 6)", "product_id": "6Server-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.ppc64" }, "product_reference": "java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "relates_to_product_reference": "6Server-Supplementary-6.8.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x as a component of Red Hat Enterprise Linux Server Supplementary (v. 6)", "product_id": "6Server-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x" }, "product_reference": "java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "relates_to_product_reference": "6Server-Supplementary-6.8.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 6)", "product_id": "6Server-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64" }, "product_reference": "java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "relates_to_product_reference": "6Server-Supplementary-6.8.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.i686 as a component of Red Hat Enterprise Linux Server Supplementary (v. 6)", "product_id": "6Server-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.i686" }, "product_reference": "java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.i686", "relates_to_product_reference": "6Server-Supplementary-6.8.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.ppc64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 6)", "product_id": "6Server-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.ppc64" }, "product_reference": "java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "relates_to_product_reference": "6Server-Supplementary-6.8.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.s390x as a component of Red Hat Enterprise Linux Server Supplementary (v. 6)", "product_id": "6Server-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.s390x" }, "product_reference": "java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "relates_to_product_reference": "6Server-Supplementary-6.8.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.x86_64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 6)", "product_id": "6Server-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.x86_64" }, "product_reference": "java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "relates_to_product_reference": "6Server-Supplementary-6.8.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.i686 as a component of Red Hat Enterprise Linux Server Supplementary (v. 6)", "product_id": "6Server-Supplementary-6.8.z:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.i686" }, "product_reference": "java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.i686", "relates_to_product_reference": "6Server-Supplementary-6.8.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.x86_64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 6)", "product_id": "6Server-Supplementary-6.8.z:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.x86_64" }, "product_reference": "java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "relates_to_product_reference": "6Server-Supplementary-6.8.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.i686 as a component of Red Hat Enterprise Linux Server Supplementary (v. 6)", "product_id": "6Server-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.i686" }, "product_reference": "java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.i686", "relates_to_product_reference": "6Server-Supplementary-6.8.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.ppc64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 6)", "product_id": "6Server-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.ppc64" }, "product_reference": "java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "relates_to_product_reference": "6Server-Supplementary-6.8.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.s390x as a component of Red Hat Enterprise Linux Server Supplementary (v. 6)", "product_id": "6Server-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.s390x" }, "product_reference": "java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "relates_to_product_reference": "6Server-Supplementary-6.8.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.x86_64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 6)", "product_id": "6Server-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.x86_64" }, "product_reference": "java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "relates_to_product_reference": "6Server-Supplementary-6.8.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.i686 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 6)", "product_id": "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.i686" }, "product_reference": "java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.i686", "relates_to_product_reference": "6Workstation-Supplementary-6.8.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.ppc64 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 6)", "product_id": "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.ppc64" }, "product_reference": "java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "relates_to_product_reference": "6Workstation-Supplementary-6.8.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 6)", "product_id": "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x" }, "product_reference": "java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "relates_to_product_reference": "6Workstation-Supplementary-6.8.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 6)", "product_id": "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64" }, "product_reference": "java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "relates_to_product_reference": "6Workstation-Supplementary-6.8.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.i686 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 6)", "product_id": "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.i686" }, "product_reference": "java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.i686", "relates_to_product_reference": "6Workstation-Supplementary-6.8.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.ppc64 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 6)", "product_id": "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.ppc64" }, "product_reference": "java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "relates_to_product_reference": "6Workstation-Supplementary-6.8.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.s390x as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 6)", "product_id": "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.s390x" }, "product_reference": "java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "relates_to_product_reference": "6Workstation-Supplementary-6.8.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.x86_64 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 6)", "product_id": "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.x86_64" }, "product_reference": "java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "relates_to_product_reference": "6Workstation-Supplementary-6.8.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.i686 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 6)", "product_id": "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.i686" }, "product_reference": "java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.i686", "relates_to_product_reference": "6Workstation-Supplementary-6.8.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.ppc64 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 6)", "product_id": "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.ppc64" }, "product_reference": "java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "relates_to_product_reference": "6Workstation-Supplementary-6.8.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 6)", "product_id": "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x" }, "product_reference": "java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "relates_to_product_reference": "6Workstation-Supplementary-6.8.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 6)", "product_id": "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64" }, "product_reference": "java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "relates_to_product_reference": "6Workstation-Supplementary-6.8.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.i686 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 6)", "product_id": "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.i686" }, "product_reference": "java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.i686", "relates_to_product_reference": "6Workstation-Supplementary-6.8.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.ppc64 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 6)", "product_id": "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.ppc64" }, "product_reference": "java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "relates_to_product_reference": "6Workstation-Supplementary-6.8.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.s390x as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 6)", "product_id": "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.s390x" }, "product_reference": "java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "relates_to_product_reference": "6Workstation-Supplementary-6.8.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.x86_64 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 6)", "product_id": "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.x86_64" }, "product_reference": "java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "relates_to_product_reference": "6Workstation-Supplementary-6.8.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.i686 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 6)", "product_id": "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.i686" }, "product_reference": "java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.i686", "relates_to_product_reference": "6Workstation-Supplementary-6.8.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.x86_64 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 6)", "product_id": "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.x86_64" }, "product_reference": "java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "relates_to_product_reference": "6Workstation-Supplementary-6.8.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.i686 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 6)", "product_id": "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.i686" }, "product_reference": "java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.i686", "relates_to_product_reference": "6Workstation-Supplementary-6.8.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.ppc64 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 6)", "product_id": "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.ppc64" }, "product_reference": "java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "relates_to_product_reference": "6Workstation-Supplementary-6.8.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.s390x as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 6)", "product_id": "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.s390x" }, "product_reference": "java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "relates_to_product_reference": "6Workstation-Supplementary-6.8.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.x86_64 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 6)", "product_id": "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.x86_64" }, "product_reference": "java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "relates_to_product_reference": "6Workstation-Supplementary-6.8.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.i686 as a component of Red Hat Enterprise Linux Client Supplementary (v. 7)", "product_id": "7Client-7.3.Z-Client:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.i686" }, "product_reference": "java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.i686", "relates_to_product_reference": "7Client-7.3.Z-Client" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc as a component of Red Hat Enterprise Linux Client Supplementary (v. 7)", "product_id": "7Client-7.3.Z-Client:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc" }, "product_reference": "java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc", "relates_to_product_reference": "7Client-7.3.Z-Client" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64 as a component of Red Hat Enterprise Linux Client Supplementary (v. 7)", "product_id": "7Client-7.3.Z-Client:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64" }, "product_reference": "java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64", "relates_to_product_reference": "7Client-7.3.Z-Client" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64le as a component of Red Hat Enterprise Linux Client Supplementary (v. 7)", "product_id": "7Client-7.3.Z-Client:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64le" }, "product_reference": "java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "relates_to_product_reference": "7Client-7.3.Z-Client" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390 as a component of Red Hat Enterprise Linux Client Supplementary (v. 7)", "product_id": "7Client-7.3.Z-Client:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390" }, "product_reference": "java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390", "relates_to_product_reference": "7Client-7.3.Z-Client" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390x as a component of Red Hat Enterprise Linux Client Supplementary (v. 7)", "product_id": "7Client-7.3.Z-Client:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390x" }, "product_reference": "java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390x", "relates_to_product_reference": "7Client-7.3.Z-Client" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.x86_64 as a component of Red Hat Enterprise Linux Client Supplementary (v. 7)", "product_id": "7Client-7.3.Z-Client:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.x86_64" }, "product_reference": "java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.x86_64", "relates_to_product_reference": "7Client-7.3.Z-Client" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64 as a component of Red Hat Enterprise Linux Client Supplementary (v. 7)", "product_id": "7Client-7.3.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64" }, "product_reference": "java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64", "relates_to_product_reference": "7Client-7.3.Z-Client" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64le as a component of Red Hat Enterprise Linux Client Supplementary (v. 7)", "product_id": "7Client-7.3.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64le" }, "product_reference": "java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "relates_to_product_reference": "7Client-7.3.Z-Client" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.s390x as a component of Red Hat Enterprise Linux Client Supplementary (v. 7)", "product_id": "7Client-7.3.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.s390x" }, "product_reference": "java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.s390x", "relates_to_product_reference": "7Client-7.3.Z-Client" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.x86_64 as a component of Red Hat Enterprise Linux Client Supplementary (v. 7)", "product_id": "7Client-7.3.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.x86_64" }, "product_reference": "java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.x86_64", "relates_to_product_reference": "7Client-7.3.Z-Client" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.i686 as a component of Red Hat Enterprise Linux Client Supplementary (v. 7)", "product_id": "7Client-7.3.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.i686" }, "product_reference": "java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.i686", "relates_to_product_reference": "7Client-7.3.Z-Client" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc as a component of Red Hat Enterprise Linux Client Supplementary (v. 7)", "product_id": "7Client-7.3.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc" }, "product_reference": "java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc", "relates_to_product_reference": "7Client-7.3.Z-Client" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64 as a component of Red Hat Enterprise Linux Client Supplementary (v. 7)", "product_id": "7Client-7.3.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64" }, "product_reference": "java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64", "relates_to_product_reference": "7Client-7.3.Z-Client" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64le as a component of Red Hat Enterprise Linux Client Supplementary (v. 7)", "product_id": "7Client-7.3.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64le" }, "product_reference": "java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "relates_to_product_reference": "7Client-7.3.Z-Client" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390 as a component of Red Hat Enterprise Linux Client Supplementary (v. 7)", "product_id": "7Client-7.3.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390" }, "product_reference": "java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390", "relates_to_product_reference": "7Client-7.3.Z-Client" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390x as a component of Red Hat Enterprise Linux Client Supplementary (v. 7)", "product_id": "7Client-7.3.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390x" }, "product_reference": "java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390x", "relates_to_product_reference": "7Client-7.3.Z-Client" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.x86_64 as a component of Red Hat Enterprise Linux Client Supplementary (v. 7)", "product_id": "7Client-7.3.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.x86_64" }, "product_reference": "java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.x86_64", "relates_to_product_reference": "7Client-7.3.Z-Client" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64 as a component of Red Hat Enterprise Linux Client Supplementary (v. 7)", "product_id": "7Client-7.3.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64" }, "product_reference": "java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64", "relates_to_product_reference": "7Client-7.3.Z-Client" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64le as a component of Red Hat Enterprise Linux Client Supplementary (v. 7)", "product_id": "7Client-7.3.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64le" }, "product_reference": "java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "relates_to_product_reference": "7Client-7.3.Z-Client" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.s390x as a component of Red Hat Enterprise Linux Client Supplementary (v. 7)", "product_id": "7Client-7.3.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.s390x" }, "product_reference": "java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.s390x", "relates_to_product_reference": "7Client-7.3.Z-Client" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.x86_64 as a component of Red Hat Enterprise Linux Client Supplementary (v. 7)", "product_id": "7Client-7.3.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.x86_64" }, "product_reference": "java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.x86_64", "relates_to_product_reference": "7Client-7.3.Z-Client" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.ppc as a component of Red Hat Enterprise Linux Client Supplementary (v. 7)", "product_id": "7Client-7.3.Z-Client:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.ppc" }, "product_reference": "java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.ppc", "relates_to_product_reference": "7Client-7.3.Z-Client" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.x86_64 as a component of Red Hat Enterprise Linux Client Supplementary (v. 7)", "product_id": "7Client-7.3.Z-Client:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.x86_64" }, "product_reference": "java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.x86_64", "relates_to_product_reference": "7Client-7.3.Z-Client" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64 as a component of Red Hat Enterprise Linux Client Supplementary (v. 7)", "product_id": "7Client-7.3.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64" }, "product_reference": "java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64", "relates_to_product_reference": "7Client-7.3.Z-Client" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64le as a component of Red Hat Enterprise Linux Client Supplementary (v. 7)", "product_id": "7Client-7.3.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64le" }, "product_reference": "java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "relates_to_product_reference": "7Client-7.3.Z-Client" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.s390x as a component of Red Hat Enterprise Linux Client Supplementary (v. 7)", "product_id": "7Client-7.3.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.s390x" }, "product_reference": "java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.s390x", "relates_to_product_reference": "7Client-7.3.Z-Client" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.x86_64 as a component of Red Hat Enterprise Linux Client Supplementary (v. 7)", "product_id": "7Client-7.3.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.x86_64" }, "product_reference": "java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.x86_64", "relates_to_product_reference": "7Client-7.3.Z-Client" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.i686 as a component of Red Hat Enterprise Linux ComputeNode Supplementary (v. 7)", "product_id": "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.i686" }, "product_reference": "java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.i686", "relates_to_product_reference": "7ComputeNode-7.3.Z-ComputeNode" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc as a component of Red Hat Enterprise Linux ComputeNode Supplementary (v. 7)", "product_id": "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc" }, "product_reference": "java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc", "relates_to_product_reference": "7ComputeNode-7.3.Z-ComputeNode" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64 as a component of Red Hat Enterprise Linux ComputeNode Supplementary (v. 7)", "product_id": "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64" }, "product_reference": "java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64", "relates_to_product_reference": "7ComputeNode-7.3.Z-ComputeNode" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64le as a component of Red Hat Enterprise Linux ComputeNode Supplementary (v. 7)", "product_id": "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64le" }, "product_reference": "java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "relates_to_product_reference": "7ComputeNode-7.3.Z-ComputeNode" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390 as a component of Red Hat Enterprise Linux ComputeNode Supplementary (v. 7)", "product_id": "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390" }, "product_reference": "java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390", "relates_to_product_reference": "7ComputeNode-7.3.Z-ComputeNode" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390x as a component of Red Hat Enterprise Linux ComputeNode Supplementary (v. 7)", "product_id": "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390x" }, "product_reference": "java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390x", "relates_to_product_reference": "7ComputeNode-7.3.Z-ComputeNode" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.x86_64 as a component of Red Hat Enterprise Linux ComputeNode Supplementary (v. 7)", "product_id": "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.x86_64" }, "product_reference": "java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.x86_64", "relates_to_product_reference": "7ComputeNode-7.3.Z-ComputeNode" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64 as a component of Red Hat Enterprise Linux ComputeNode Supplementary (v. 7)", "product_id": "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64" }, "product_reference": "java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64", "relates_to_product_reference": "7ComputeNode-7.3.Z-ComputeNode" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64le as a component of Red Hat Enterprise Linux ComputeNode Supplementary (v. 7)", "product_id": "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64le" }, "product_reference": "java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "relates_to_product_reference": "7ComputeNode-7.3.Z-ComputeNode" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.s390x as a component of Red Hat Enterprise Linux ComputeNode Supplementary (v. 7)", "product_id": "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.s390x" }, "product_reference": "java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.s390x", "relates_to_product_reference": "7ComputeNode-7.3.Z-ComputeNode" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.x86_64 as a component of Red Hat Enterprise Linux ComputeNode Supplementary (v. 7)", "product_id": "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.x86_64" }, "product_reference": "java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.x86_64", "relates_to_product_reference": "7ComputeNode-7.3.Z-ComputeNode" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.i686 as a component of Red Hat Enterprise Linux ComputeNode Supplementary (v. 7)", "product_id": "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.i686" }, "product_reference": "java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.i686", "relates_to_product_reference": "7ComputeNode-7.3.Z-ComputeNode" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc as a component of Red Hat Enterprise Linux ComputeNode Supplementary (v. 7)", "product_id": "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc" }, "product_reference": "java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc", "relates_to_product_reference": "7ComputeNode-7.3.Z-ComputeNode" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64 as a component of Red Hat Enterprise Linux ComputeNode Supplementary (v. 7)", "product_id": "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64" }, "product_reference": "java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64", "relates_to_product_reference": "7ComputeNode-7.3.Z-ComputeNode" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64le as a component of Red Hat Enterprise Linux ComputeNode Supplementary (v. 7)", "product_id": "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64le" }, "product_reference": "java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "relates_to_product_reference": "7ComputeNode-7.3.Z-ComputeNode" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390 as a component of Red Hat Enterprise Linux ComputeNode Supplementary (v. 7)", "product_id": "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390" }, "product_reference": "java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390", "relates_to_product_reference": "7ComputeNode-7.3.Z-ComputeNode" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390x as a component of Red Hat Enterprise Linux ComputeNode Supplementary (v. 7)", "product_id": "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390x" }, "product_reference": "java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390x", "relates_to_product_reference": "7ComputeNode-7.3.Z-ComputeNode" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.x86_64 as a component of Red Hat Enterprise Linux ComputeNode Supplementary (v. 7)", "product_id": "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.x86_64" }, "product_reference": "java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.x86_64", "relates_to_product_reference": "7ComputeNode-7.3.Z-ComputeNode" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64 as a component of Red Hat Enterprise Linux ComputeNode Supplementary (v. 7)", "product_id": "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64" }, "product_reference": "java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64", "relates_to_product_reference": "7ComputeNode-7.3.Z-ComputeNode" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64le as a component of Red Hat Enterprise Linux ComputeNode Supplementary (v. 7)", "product_id": "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64le" }, "product_reference": "java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "relates_to_product_reference": "7ComputeNode-7.3.Z-ComputeNode" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.s390x as a component of Red Hat Enterprise Linux ComputeNode Supplementary (v. 7)", "product_id": "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.s390x" }, "product_reference": "java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.s390x", "relates_to_product_reference": "7ComputeNode-7.3.Z-ComputeNode" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.x86_64 as a component of Red Hat Enterprise Linux ComputeNode Supplementary (v. 7)", "product_id": "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.x86_64" }, "product_reference": "java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.x86_64", "relates_to_product_reference": "7ComputeNode-7.3.Z-ComputeNode" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.ppc as a component of Red Hat Enterprise Linux ComputeNode Supplementary (v. 7)", "product_id": "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.ppc" }, "product_reference": "java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.ppc", "relates_to_product_reference": "7ComputeNode-7.3.Z-ComputeNode" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.x86_64 as a component of Red Hat Enterprise Linux ComputeNode Supplementary (v. 7)", "product_id": "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.x86_64" }, "product_reference": "java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.x86_64", "relates_to_product_reference": "7ComputeNode-7.3.Z-ComputeNode" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64 as a component of Red Hat Enterprise Linux ComputeNode Supplementary (v. 7)", "product_id": "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64" }, "product_reference": "java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64", "relates_to_product_reference": "7ComputeNode-7.3.Z-ComputeNode" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64le as a component of Red Hat Enterprise Linux ComputeNode Supplementary (v. 7)", "product_id": "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64le" }, "product_reference": "java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "relates_to_product_reference": "7ComputeNode-7.3.Z-ComputeNode" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.s390x as a component of Red Hat Enterprise Linux ComputeNode Supplementary (v. 7)", "product_id": "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.s390x" }, "product_reference": "java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.s390x", "relates_to_product_reference": "7ComputeNode-7.3.Z-ComputeNode" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.x86_64 as a component of Red Hat Enterprise Linux ComputeNode Supplementary (v. 7)", "product_id": "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.x86_64" }, "product_reference": "java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.x86_64", "relates_to_product_reference": "7ComputeNode-7.3.Z-ComputeNode" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.i686 as a component of Red Hat Enterprise Linux Server Supplementary (v. 7)", "product_id": "7Server-7.3.Z-Server:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.i686" }, "product_reference": "java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.i686", "relates_to_product_reference": "7Server-7.3.Z-Server" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc as a component of Red Hat Enterprise Linux Server Supplementary (v. 7)", "product_id": "7Server-7.3.Z-Server:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc" }, "product_reference": "java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc", "relates_to_product_reference": "7Server-7.3.Z-Server" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 7)", "product_id": "7Server-7.3.Z-Server:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64" }, "product_reference": "java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64", "relates_to_product_reference": "7Server-7.3.Z-Server" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64le as a component of Red Hat Enterprise Linux Server Supplementary (v. 7)", "product_id": "7Server-7.3.Z-Server:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64le" }, "product_reference": "java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "relates_to_product_reference": "7Server-7.3.Z-Server" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390 as a component of Red Hat Enterprise Linux Server Supplementary (v. 7)", "product_id": "7Server-7.3.Z-Server:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390" }, "product_reference": "java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390", "relates_to_product_reference": "7Server-7.3.Z-Server" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390x as a component of Red Hat Enterprise Linux Server Supplementary (v. 7)", "product_id": "7Server-7.3.Z-Server:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390x" }, "product_reference": "java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390x", "relates_to_product_reference": "7Server-7.3.Z-Server" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.x86_64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 7)", "product_id": "7Server-7.3.Z-Server:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.x86_64" }, "product_reference": "java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.x86_64", "relates_to_product_reference": "7Server-7.3.Z-Server" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 7)", "product_id": "7Server-7.3.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64" }, "product_reference": "java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64", "relates_to_product_reference": "7Server-7.3.Z-Server" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64le as a component of Red Hat Enterprise Linux Server Supplementary (v. 7)", "product_id": "7Server-7.3.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64le" }, "product_reference": "java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "relates_to_product_reference": "7Server-7.3.Z-Server" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.s390x as a component of Red Hat Enterprise Linux Server Supplementary (v. 7)", "product_id": "7Server-7.3.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.s390x" }, "product_reference": "java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.s390x", "relates_to_product_reference": "7Server-7.3.Z-Server" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.x86_64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 7)", "product_id": "7Server-7.3.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.x86_64" }, "product_reference": "java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.x86_64", "relates_to_product_reference": "7Server-7.3.Z-Server" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.i686 as a component of Red Hat Enterprise Linux Server Supplementary (v. 7)", "product_id": "7Server-7.3.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.i686" }, "product_reference": "java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.i686", "relates_to_product_reference": "7Server-7.3.Z-Server" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc as a component of Red Hat Enterprise Linux Server Supplementary (v. 7)", "product_id": "7Server-7.3.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc" }, "product_reference": "java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc", "relates_to_product_reference": "7Server-7.3.Z-Server" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 7)", "product_id": "7Server-7.3.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64" }, "product_reference": "java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64", "relates_to_product_reference": "7Server-7.3.Z-Server" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64le as a component of Red Hat Enterprise Linux Server Supplementary (v. 7)", "product_id": "7Server-7.3.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64le" }, "product_reference": "java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "relates_to_product_reference": "7Server-7.3.Z-Server" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390 as a component of Red Hat Enterprise Linux Server Supplementary (v. 7)", "product_id": "7Server-7.3.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390" }, "product_reference": "java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390", "relates_to_product_reference": "7Server-7.3.Z-Server" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390x as a component of Red Hat Enterprise Linux Server Supplementary (v. 7)", "product_id": "7Server-7.3.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390x" }, "product_reference": "java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390x", "relates_to_product_reference": "7Server-7.3.Z-Server" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.x86_64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 7)", "product_id": "7Server-7.3.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.x86_64" }, "product_reference": "java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.x86_64", "relates_to_product_reference": "7Server-7.3.Z-Server" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 7)", "product_id": "7Server-7.3.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64" }, "product_reference": "java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64", "relates_to_product_reference": "7Server-7.3.Z-Server" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64le as a component of Red Hat Enterprise Linux Server Supplementary (v. 7)", "product_id": "7Server-7.3.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64le" }, "product_reference": "java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "relates_to_product_reference": "7Server-7.3.Z-Server" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.s390x as a component of Red Hat Enterprise Linux Server Supplementary (v. 7)", "product_id": "7Server-7.3.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.s390x" }, "product_reference": "java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.s390x", "relates_to_product_reference": "7Server-7.3.Z-Server" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.x86_64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 7)", "product_id": "7Server-7.3.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.x86_64" }, "product_reference": "java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.x86_64", "relates_to_product_reference": "7Server-7.3.Z-Server" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.ppc as a component of Red Hat Enterprise Linux Server Supplementary (v. 7)", "product_id": "7Server-7.3.Z-Server:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.ppc" }, "product_reference": "java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.ppc", "relates_to_product_reference": "7Server-7.3.Z-Server" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.x86_64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 7)", "product_id": "7Server-7.3.Z-Server:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.x86_64" }, "product_reference": "java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.x86_64", "relates_to_product_reference": "7Server-7.3.Z-Server" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 7)", "product_id": "7Server-7.3.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64" }, "product_reference": "java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64", "relates_to_product_reference": "7Server-7.3.Z-Server" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64le as a component of Red Hat Enterprise Linux Server Supplementary (v. 7)", "product_id": "7Server-7.3.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64le" }, "product_reference": "java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "relates_to_product_reference": "7Server-7.3.Z-Server" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.s390x as a component of Red Hat Enterprise Linux Server Supplementary (v. 7)", "product_id": "7Server-7.3.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.s390x" }, "product_reference": "java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.s390x", "relates_to_product_reference": "7Server-7.3.Z-Server" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.x86_64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 7)", "product_id": "7Server-7.3.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.x86_64" }, "product_reference": "java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.x86_64", "relates_to_product_reference": "7Server-7.3.Z-Server" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.i686 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 7)", "product_id": "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.i686" }, "product_reference": "java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.i686", "relates_to_product_reference": "7Workstation-7.3.Z-Workstation" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 7)", "product_id": "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc" }, "product_reference": "java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc", "relates_to_product_reference": "7Workstation-7.3.Z-Workstation" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 7)", "product_id": "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64" }, "product_reference": "java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64", "relates_to_product_reference": "7Workstation-7.3.Z-Workstation" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64le as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 7)", "product_id": "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64le" }, "product_reference": "java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "relates_to_product_reference": "7Workstation-7.3.Z-Workstation" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 7)", "product_id": "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390" }, "product_reference": "java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390", "relates_to_product_reference": "7Workstation-7.3.Z-Workstation" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390x as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 7)", "product_id": "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390x" }, "product_reference": "java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390x", "relates_to_product_reference": "7Workstation-7.3.Z-Workstation" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.x86_64 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 7)", "product_id": "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.x86_64" }, "product_reference": "java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.x86_64", "relates_to_product_reference": "7Workstation-7.3.Z-Workstation" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 7)", "product_id": "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64" }, "product_reference": "java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64", "relates_to_product_reference": "7Workstation-7.3.Z-Workstation" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64le as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 7)", "product_id": "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64le" }, "product_reference": "java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "relates_to_product_reference": "7Workstation-7.3.Z-Workstation" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.s390x as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 7)", "product_id": "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.s390x" }, "product_reference": "java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.s390x", "relates_to_product_reference": "7Workstation-7.3.Z-Workstation" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.x86_64 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 7)", "product_id": "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.x86_64" }, "product_reference": "java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.x86_64", "relates_to_product_reference": "7Workstation-7.3.Z-Workstation" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.i686 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 7)", "product_id": "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.i686" }, "product_reference": "java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.i686", "relates_to_product_reference": "7Workstation-7.3.Z-Workstation" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 7)", "product_id": "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc" }, "product_reference": "java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc", "relates_to_product_reference": "7Workstation-7.3.Z-Workstation" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 7)", "product_id": "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64" }, "product_reference": "java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64", "relates_to_product_reference": "7Workstation-7.3.Z-Workstation" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64le as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 7)", "product_id": "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64le" }, "product_reference": "java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "relates_to_product_reference": "7Workstation-7.3.Z-Workstation" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 7)", "product_id": "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390" }, "product_reference": "java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390", "relates_to_product_reference": "7Workstation-7.3.Z-Workstation" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390x as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 7)", "product_id": "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390x" }, "product_reference": "java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390x", "relates_to_product_reference": "7Workstation-7.3.Z-Workstation" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.x86_64 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 7)", "product_id": "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.x86_64" }, "product_reference": "java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.x86_64", "relates_to_product_reference": "7Workstation-7.3.Z-Workstation" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 7)", "product_id": "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64" }, "product_reference": "java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64", "relates_to_product_reference": "7Workstation-7.3.Z-Workstation" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64le as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 7)", "product_id": "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64le" }, "product_reference": "java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "relates_to_product_reference": "7Workstation-7.3.Z-Workstation" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.s390x as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 7)", "product_id": "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.s390x" }, "product_reference": "java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.s390x", "relates_to_product_reference": "7Workstation-7.3.Z-Workstation" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.x86_64 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 7)", "product_id": "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.x86_64" }, "product_reference": "java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.x86_64", "relates_to_product_reference": "7Workstation-7.3.Z-Workstation" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.ppc as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 7)", "product_id": "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.ppc" }, "product_reference": "java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.ppc", "relates_to_product_reference": "7Workstation-7.3.Z-Workstation" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.x86_64 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 7)", "product_id": "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.x86_64" }, "product_reference": "java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.x86_64", "relates_to_product_reference": "7Workstation-7.3.Z-Workstation" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 7)", "product_id": "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64" }, "product_reference": "java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64", "relates_to_product_reference": "7Workstation-7.3.Z-Workstation" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64le as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 7)", "product_id": "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64le" }, "product_reference": "java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "relates_to_product_reference": "7Workstation-7.3.Z-Workstation" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.s390x as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 7)", "product_id": "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.s390x" }, "product_reference": "java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.s390x", "relates_to_product_reference": "7Workstation-7.3.Z-Workstation" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.x86_64 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 7)", "product_id": "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.x86_64" }, "product_reference": "java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.x86_64", "relates_to_product_reference": "7Workstation-7.3.Z-Workstation" } ] }, "vulnerabilities": [ { "acknowledgments": [ { "names": [ "OpenVPN" ] }, { "names": [ "Karthikeyan Bhargavan", "Ga\u00ebtan Leurent" ], "organization": "Inria", "summary": "Acknowledged by upstream." } ], "cve": "CVE-2016-2183", "cwe": { "id": "CWE-327", "name": "Use of a Broken or Risky Cryptographic Algorithm" }, "discovery_date": "2016-08-18T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1369383" } ], "notes": [ { "category": "description", "text": "A flaw was found in the way the DES/3DES cipher was used as part of the TLS/SSL protocol. A man-in-the-middle attacker could use this flaw to recover some plaintext data by capturing large amounts of encrypted traffic between TLS/SSL server and client if the communication used a DES/3DES based ciphersuite.", "title": "Vulnerability description" }, { "category": "summary", "text": "SSL/TLS: Birthday attack against 64-bit block ciphers (SWEET32)", "title": "Vulnerability summary" }, { "category": "other", "text": "OpenSSL security update RHSA-2016:1940 mitigates this issue by lowering priority of DES cipher suites so they are not preferred over cipher suites using AES. For compatibility reasons, DES cipher suites remain enabled by default and included in the set of cipher suites identified by the HIGH cipher string. Future updates may move them to MEDIUM or not enable them by default.\n\nNSS addressed this issue by implementing limits on the amount of plain text which can be encrypted by using the same key. Once the limit is reached, the keys will need to be re-negotiated manually. This change will be available in nss-3.27.\n\nGnuTLS is not affected by this issue, since it prioritizes AES before 3DES in the cipher list.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Client-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "7Client-7.3.Z-Client:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.i686", "7Client-7.3.Z-Client:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Client-7.3.Z-Client:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Client-7.3.Z-Client:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Client-7.3.Z-Client:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390", "7Client-7.3.Z-Client:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Client-7.3.Z-Client:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Client-7.3.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Client-7.3.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Client-7.3.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Client-7.3.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Client-7.3.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.i686", "7Client-7.3.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Client-7.3.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Client-7.3.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Client-7.3.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390", "7Client-7.3.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Client-7.3.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Client-7.3.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Client-7.3.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Client-7.3.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Client-7.3.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Client-7.3.Z-Client:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Client-7.3.Z-Client:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Client-7.3.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Client-7.3.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Client-7.3.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Client-7.3.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.i686", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390x", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.s390x", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.i686", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390x", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.s390x", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.ppc", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.s390x", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Server-7.3.Z-Server:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.i686", "7Server-7.3.Z-Server:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Server-7.3.Z-Server:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Server-7.3.Z-Server:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Server-7.3.Z-Server:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390", "7Server-7.3.Z-Server:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Server-7.3.Z-Server:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Server-7.3.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Server-7.3.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Server-7.3.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Server-7.3.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Server-7.3.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.i686", "7Server-7.3.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Server-7.3.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Server-7.3.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Server-7.3.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390", "7Server-7.3.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Server-7.3.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Server-7.3.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Server-7.3.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Server-7.3.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Server-7.3.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Server-7.3.Z-Server:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Server-7.3.Z-Server:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Server-7.3.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Server-7.3.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Server-7.3.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Server-7.3.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.i686", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.i686", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2016-2183" }, { "category": "external", "summary": "RHBZ#1369383", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1369383" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2016-2183", "url": "https://www.cve.org/CVERecord?id=CVE-2016-2183" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-2183", "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-2183" }, { "category": "external", "summary": "https://access.redhat.com/articles/2548661", "url": "https://access.redhat.com/articles/2548661" }, { "category": "external", "summary": "https://access.redhat.com/errata/RHSA-2016:1940", "url": "https://access.redhat.com/errata/RHSA-2016:1940" }, { "category": "external", "summary": "https://sweet32.info/", "url": "https://sweet32.info/" } ], "release_date": "2016-08-24T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of IBM Java must be restarted for this update to take effect.", "product_ids": [ "6Client-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "7Client-7.3.Z-Client:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.i686", "7Client-7.3.Z-Client:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Client-7.3.Z-Client:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Client-7.3.Z-Client:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Client-7.3.Z-Client:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390", "7Client-7.3.Z-Client:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Client-7.3.Z-Client:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Client-7.3.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Client-7.3.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Client-7.3.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Client-7.3.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Client-7.3.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.i686", "7Client-7.3.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Client-7.3.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Client-7.3.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Client-7.3.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390", "7Client-7.3.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Client-7.3.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Client-7.3.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Client-7.3.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Client-7.3.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Client-7.3.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Client-7.3.Z-Client:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Client-7.3.Z-Client:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Client-7.3.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Client-7.3.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Client-7.3.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Client-7.3.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.i686", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390x", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.s390x", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.i686", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390x", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.s390x", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.ppc", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.s390x", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Server-7.3.Z-Server:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.i686", "7Server-7.3.Z-Server:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Server-7.3.Z-Server:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Server-7.3.Z-Server:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Server-7.3.Z-Server:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390", "7Server-7.3.Z-Server:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Server-7.3.Z-Server:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Server-7.3.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Server-7.3.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Server-7.3.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Server-7.3.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Server-7.3.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.i686", "7Server-7.3.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Server-7.3.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Server-7.3.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Server-7.3.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390", "7Server-7.3.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Server-7.3.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Server-7.3.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Server-7.3.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Server-7.3.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Server-7.3.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Server-7.3.Z-Server:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Server-7.3.Z-Server:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Server-7.3.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Server-7.3.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Server-7.3.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Server-7.3.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.i686", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.i686", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2017:0336" }, { "category": "workaround", "details": "1.SSL/TLS configurations should prefer AES over DES. Versions of OpenSSL shipped with Red Hat Enterprise Linux 6 and 7 already do so. In the version of OpenSSL shipped with Red Hat Enterprise Linux 5, 3DES is listed below the AES-256 cipher and above the AES-128 cipher, therefore AES-256 based ciphersuite should not be disabled on the server.\n2. Servers using OpenSSL, should not disable AES-128 and AES-256 ciphersuites. Versions of Apache shipped with Red Hat Enterprise Linux use the default cipher string, in which AES is preferred over DES/3DES based ciphersuites.\n\nFor JBoss Middleware, and Java mitigations, please review this knowledge base article:\n\nhttps://access.redhat.com/articles/2598471\n\nThis can be mitigated on OpenShift Container Platform (OCP) by disabling the vulnerable TLS cipher suite in the applicable component. TLS configuration options for OCP are described here:\n\nhttps://access.redhat.com/articles/5348961", "product_ids": [ "6Client-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "7Client-7.3.Z-Client:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.i686", "7Client-7.3.Z-Client:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Client-7.3.Z-Client:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Client-7.3.Z-Client:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Client-7.3.Z-Client:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390", "7Client-7.3.Z-Client:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Client-7.3.Z-Client:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Client-7.3.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Client-7.3.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Client-7.3.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Client-7.3.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Client-7.3.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.i686", "7Client-7.3.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Client-7.3.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Client-7.3.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Client-7.3.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390", "7Client-7.3.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Client-7.3.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Client-7.3.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Client-7.3.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Client-7.3.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Client-7.3.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Client-7.3.Z-Client:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Client-7.3.Z-Client:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Client-7.3.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Client-7.3.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Client-7.3.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Client-7.3.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.i686", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390x", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.s390x", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.i686", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390x", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.s390x", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.ppc", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.s390x", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Server-7.3.Z-Server:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.i686", "7Server-7.3.Z-Server:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Server-7.3.Z-Server:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Server-7.3.Z-Server:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Server-7.3.Z-Server:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390", "7Server-7.3.Z-Server:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Server-7.3.Z-Server:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Server-7.3.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Server-7.3.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Server-7.3.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Server-7.3.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Server-7.3.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.i686", "7Server-7.3.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Server-7.3.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Server-7.3.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Server-7.3.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390", "7Server-7.3.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Server-7.3.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Server-7.3.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Server-7.3.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Server-7.3.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Server-7.3.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Server-7.3.Z-Server:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Server-7.3.Z-Server:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Server-7.3.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Server-7.3.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Server-7.3.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Server-7.3.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.i686", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.i686", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.x86_64" ] } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0" }, "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.0" }, "products": [ "6Client-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "7Client-7.3.Z-Client:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.i686", "7Client-7.3.Z-Client:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Client-7.3.Z-Client:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Client-7.3.Z-Client:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Client-7.3.Z-Client:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390", "7Client-7.3.Z-Client:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Client-7.3.Z-Client:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Client-7.3.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Client-7.3.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Client-7.3.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Client-7.3.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Client-7.3.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.i686", "7Client-7.3.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Client-7.3.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Client-7.3.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Client-7.3.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390", "7Client-7.3.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Client-7.3.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Client-7.3.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Client-7.3.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Client-7.3.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Client-7.3.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Client-7.3.Z-Client:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Client-7.3.Z-Client:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Client-7.3.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Client-7.3.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Client-7.3.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Client-7.3.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.i686", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390x", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.s390x", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.i686", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390x", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.s390x", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.ppc", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.s390x", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Server-7.3.Z-Server:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.i686", "7Server-7.3.Z-Server:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Server-7.3.Z-Server:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Server-7.3.Z-Server:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Server-7.3.Z-Server:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390", "7Server-7.3.Z-Server:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Server-7.3.Z-Server:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Server-7.3.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Server-7.3.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Server-7.3.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Server-7.3.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Server-7.3.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.i686", "7Server-7.3.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Server-7.3.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Server-7.3.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Server-7.3.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390", "7Server-7.3.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Server-7.3.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Server-7.3.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Server-7.3.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Server-7.3.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Server-7.3.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Server-7.3.Z-Server:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Server-7.3.Z-Server:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Server-7.3.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Server-7.3.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Server-7.3.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Server-7.3.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.i686", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.i686", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "SSL/TLS: Birthday attack against 64-bit block ciphers (SWEET32)" }, { "cve": "CVE-2016-5546", "cwe": { "id": "CWE-20", "name": "Improper Input Validation" }, "discovery_date": "2017-01-15T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1413911" } ], "notes": [ { "category": "description", "text": "It was discovered that the Libraries component of OpenJDK accepted ECDSA signatures using non-canonical DER encoding. This could cause a Java application to accept signature in an incorrect format not accepted by other cryptographic tools.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: incorrect ECDSA signature extraction from the DER input (Libraries, 8168714)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Client-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "7Client-7.3.Z-Client:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.i686", "7Client-7.3.Z-Client:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Client-7.3.Z-Client:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Client-7.3.Z-Client:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Client-7.3.Z-Client:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390", "7Client-7.3.Z-Client:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Client-7.3.Z-Client:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Client-7.3.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Client-7.3.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Client-7.3.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Client-7.3.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Client-7.3.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.i686", "7Client-7.3.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Client-7.3.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Client-7.3.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Client-7.3.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390", "7Client-7.3.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Client-7.3.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Client-7.3.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Client-7.3.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Client-7.3.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Client-7.3.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Client-7.3.Z-Client:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Client-7.3.Z-Client:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Client-7.3.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Client-7.3.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Client-7.3.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Client-7.3.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.i686", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390x", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.s390x", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.i686", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390x", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.s390x", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.ppc", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.s390x", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Server-7.3.Z-Server:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.i686", "7Server-7.3.Z-Server:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Server-7.3.Z-Server:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Server-7.3.Z-Server:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Server-7.3.Z-Server:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390", "7Server-7.3.Z-Server:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Server-7.3.Z-Server:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Server-7.3.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Server-7.3.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Server-7.3.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Server-7.3.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Server-7.3.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.i686", "7Server-7.3.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Server-7.3.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Server-7.3.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Server-7.3.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390", "7Server-7.3.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Server-7.3.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Server-7.3.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Server-7.3.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Server-7.3.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Server-7.3.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Server-7.3.Z-Server:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Server-7.3.Z-Server:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Server-7.3.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Server-7.3.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Server-7.3.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Server-7.3.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.i686", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.i686", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2016-5546" }, { "category": "external", "summary": "RHBZ#1413911", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1413911" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2016-5546", "url": "https://www.cve.org/CVERecord?id=CVE-2016-5546" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-5546", "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-5546" } ], "release_date": "2017-01-17T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of IBM Java must be restarted for this update to take effect.", "product_ids": [ "6Client-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "7Client-7.3.Z-Client:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.i686", "7Client-7.3.Z-Client:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Client-7.3.Z-Client:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Client-7.3.Z-Client:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Client-7.3.Z-Client:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390", "7Client-7.3.Z-Client:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Client-7.3.Z-Client:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Client-7.3.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Client-7.3.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Client-7.3.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Client-7.3.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Client-7.3.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.i686", "7Client-7.3.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Client-7.3.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Client-7.3.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Client-7.3.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390", "7Client-7.3.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Client-7.3.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Client-7.3.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Client-7.3.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Client-7.3.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Client-7.3.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Client-7.3.Z-Client:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Client-7.3.Z-Client:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Client-7.3.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Client-7.3.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Client-7.3.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Client-7.3.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.i686", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390x", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.s390x", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.i686", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390x", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.s390x", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.ppc", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.s390x", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Server-7.3.Z-Server:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.i686", "7Server-7.3.Z-Server:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Server-7.3.Z-Server:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Server-7.3.Z-Server:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Server-7.3.Z-Server:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390", "7Server-7.3.Z-Server:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Server-7.3.Z-Server:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Server-7.3.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Server-7.3.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Server-7.3.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Server-7.3.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Server-7.3.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.i686", "7Server-7.3.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Server-7.3.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Server-7.3.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Server-7.3.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390", "7Server-7.3.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Server-7.3.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Server-7.3.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Server-7.3.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Server-7.3.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Server-7.3.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Server-7.3.Z-Server:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Server-7.3.Z-Server:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Server-7.3.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Server-7.3.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Server-7.3.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Server-7.3.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.i686", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.i686", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2017:0336" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.0" }, "products": [ "6Client-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "7Client-7.3.Z-Client:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.i686", "7Client-7.3.Z-Client:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Client-7.3.Z-Client:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Client-7.3.Z-Client:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Client-7.3.Z-Client:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390", "7Client-7.3.Z-Client:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Client-7.3.Z-Client:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Client-7.3.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Client-7.3.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Client-7.3.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Client-7.3.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Client-7.3.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.i686", "7Client-7.3.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Client-7.3.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Client-7.3.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Client-7.3.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390", "7Client-7.3.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Client-7.3.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Client-7.3.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Client-7.3.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Client-7.3.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Client-7.3.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Client-7.3.Z-Client:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Client-7.3.Z-Client:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Client-7.3.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Client-7.3.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Client-7.3.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Client-7.3.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.i686", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390x", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.s390x", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.i686", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390x", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.s390x", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.ppc", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.s390x", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Server-7.3.Z-Server:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.i686", "7Server-7.3.Z-Server:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Server-7.3.Z-Server:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Server-7.3.Z-Server:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Server-7.3.Z-Server:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390", "7Server-7.3.Z-Server:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Server-7.3.Z-Server:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Server-7.3.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Server-7.3.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Server-7.3.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Server-7.3.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Server-7.3.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.i686", "7Server-7.3.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Server-7.3.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Server-7.3.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Server-7.3.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390", "7Server-7.3.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Server-7.3.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Server-7.3.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Server-7.3.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Server-7.3.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Server-7.3.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Server-7.3.Z-Server:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Server-7.3.Z-Server:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Server-7.3.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Server-7.3.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Server-7.3.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Server-7.3.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.i686", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.i686", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "OpenJDK: incorrect ECDSA signature extraction from the DER input (Libraries, 8168714)" }, { "cve": "CVE-2016-5547", "cwe": { "id": "CWE-770", "name": "Allocation of Resources Without Limits or Throttling" }, "discovery_date": "2017-01-15T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1413764" } ], "notes": [ { "category": "description", "text": "It was discovered that the Libraries component of OpenJDK did not validate the length of the object identifier read from the DER input before allocating memory to store the OID. An attacker able to make a Java application decode a specially crafted DER input could cause the application to consume an excessive amount of memory.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: missing ObjectIdentifier length check (Libraries, 8168705)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Client-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "7Client-7.3.Z-Client:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.i686", "7Client-7.3.Z-Client:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Client-7.3.Z-Client:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Client-7.3.Z-Client:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Client-7.3.Z-Client:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390", "7Client-7.3.Z-Client:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Client-7.3.Z-Client:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Client-7.3.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Client-7.3.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Client-7.3.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Client-7.3.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Client-7.3.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.i686", "7Client-7.3.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Client-7.3.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Client-7.3.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Client-7.3.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390", "7Client-7.3.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Client-7.3.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Client-7.3.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Client-7.3.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Client-7.3.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Client-7.3.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Client-7.3.Z-Client:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Client-7.3.Z-Client:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Client-7.3.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Client-7.3.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Client-7.3.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Client-7.3.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.i686", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390x", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.s390x", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.i686", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390x", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.s390x", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.ppc", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.s390x", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Server-7.3.Z-Server:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.i686", "7Server-7.3.Z-Server:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Server-7.3.Z-Server:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Server-7.3.Z-Server:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Server-7.3.Z-Server:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390", "7Server-7.3.Z-Server:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Server-7.3.Z-Server:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Server-7.3.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Server-7.3.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Server-7.3.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Server-7.3.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Server-7.3.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.i686", "7Server-7.3.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Server-7.3.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Server-7.3.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Server-7.3.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390", "7Server-7.3.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Server-7.3.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Server-7.3.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Server-7.3.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Server-7.3.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Server-7.3.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Server-7.3.Z-Server:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Server-7.3.Z-Server:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Server-7.3.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Server-7.3.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Server-7.3.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Server-7.3.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.i686", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.i686", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2016-5547" }, { "category": "external", "summary": "RHBZ#1413764", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1413764" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2016-5547", "url": "https://www.cve.org/CVERecord?id=CVE-2016-5547" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-5547", "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-5547" } ], "release_date": "2017-01-17T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of IBM Java must be restarted for this update to take effect.", "product_ids": [ "6Client-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "7Client-7.3.Z-Client:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.i686", "7Client-7.3.Z-Client:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Client-7.3.Z-Client:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Client-7.3.Z-Client:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Client-7.3.Z-Client:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390", "7Client-7.3.Z-Client:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Client-7.3.Z-Client:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Client-7.3.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Client-7.3.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Client-7.3.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Client-7.3.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Client-7.3.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.i686", "7Client-7.3.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Client-7.3.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Client-7.3.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Client-7.3.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390", "7Client-7.3.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Client-7.3.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Client-7.3.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Client-7.3.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Client-7.3.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Client-7.3.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Client-7.3.Z-Client:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Client-7.3.Z-Client:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Client-7.3.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Client-7.3.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Client-7.3.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Client-7.3.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.i686", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390x", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.s390x", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.i686", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390x", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.s390x", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.ppc", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.s390x", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Server-7.3.Z-Server:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.i686", "7Server-7.3.Z-Server:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Server-7.3.Z-Server:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Server-7.3.Z-Server:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Server-7.3.Z-Server:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390", "7Server-7.3.Z-Server:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Server-7.3.Z-Server:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Server-7.3.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Server-7.3.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Server-7.3.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Server-7.3.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Server-7.3.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.i686", "7Server-7.3.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Server-7.3.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Server-7.3.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Server-7.3.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390", "7Server-7.3.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Server-7.3.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Server-7.3.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Server-7.3.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Server-7.3.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Server-7.3.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Server-7.3.Z-Server:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Server-7.3.Z-Server:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Server-7.3.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Server-7.3.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Server-7.3.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Server-7.3.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.i686", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.i686", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2017:0336" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "version": "3.0" }, "products": [ "6Client-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "7Client-7.3.Z-Client:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.i686", "7Client-7.3.Z-Client:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Client-7.3.Z-Client:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Client-7.3.Z-Client:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Client-7.3.Z-Client:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390", "7Client-7.3.Z-Client:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Client-7.3.Z-Client:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Client-7.3.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Client-7.3.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Client-7.3.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Client-7.3.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Client-7.3.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.i686", "7Client-7.3.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Client-7.3.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Client-7.3.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Client-7.3.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390", "7Client-7.3.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Client-7.3.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Client-7.3.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Client-7.3.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Client-7.3.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Client-7.3.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Client-7.3.Z-Client:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Client-7.3.Z-Client:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Client-7.3.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Client-7.3.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Client-7.3.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Client-7.3.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.i686", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390x", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.s390x", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.i686", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390x", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.s390x", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.ppc", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.s390x", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Server-7.3.Z-Server:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.i686", "7Server-7.3.Z-Server:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Server-7.3.Z-Server:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Server-7.3.Z-Server:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Server-7.3.Z-Server:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390", "7Server-7.3.Z-Server:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Server-7.3.Z-Server:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Server-7.3.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Server-7.3.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Server-7.3.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Server-7.3.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Server-7.3.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.i686", "7Server-7.3.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Server-7.3.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Server-7.3.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Server-7.3.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390", "7Server-7.3.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Server-7.3.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Server-7.3.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Server-7.3.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Server-7.3.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Server-7.3.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Server-7.3.Z-Server:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Server-7.3.Z-Server:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Server-7.3.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Server-7.3.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Server-7.3.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Server-7.3.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.i686", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.i686", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "OpenJDK: missing ObjectIdentifier length check (Libraries, 8168705)" }, { "cve": "CVE-2016-5548", "cwe": { "id": "CWE-385", "name": "Covert Timing Channel" }, "discovery_date": "2017-01-15T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1413920" } ], "notes": [ { "category": "description", "text": "A covert timing channel flaw was found in the DSA implementation in the Libraries component of OpenJDK. A remote attacker could possibly use this flaw to extract certain information about the used key via a timing side channel.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: DSA implementation timing attack (Libraries, 8168728)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Client-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "7Client-7.3.Z-Client:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.i686", "7Client-7.3.Z-Client:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Client-7.3.Z-Client:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Client-7.3.Z-Client:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Client-7.3.Z-Client:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390", "7Client-7.3.Z-Client:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Client-7.3.Z-Client:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Client-7.3.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Client-7.3.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Client-7.3.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Client-7.3.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Client-7.3.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.i686", "7Client-7.3.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Client-7.3.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Client-7.3.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Client-7.3.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390", "7Client-7.3.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Client-7.3.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Client-7.3.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Client-7.3.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Client-7.3.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Client-7.3.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Client-7.3.Z-Client:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Client-7.3.Z-Client:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Client-7.3.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Client-7.3.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Client-7.3.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Client-7.3.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.i686", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390x", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.s390x", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.i686", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390x", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.s390x", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.ppc", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.s390x", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Server-7.3.Z-Server:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.i686", "7Server-7.3.Z-Server:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Server-7.3.Z-Server:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Server-7.3.Z-Server:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Server-7.3.Z-Server:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390", "7Server-7.3.Z-Server:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Server-7.3.Z-Server:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Server-7.3.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Server-7.3.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Server-7.3.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Server-7.3.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Server-7.3.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.i686", "7Server-7.3.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Server-7.3.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Server-7.3.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Server-7.3.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390", "7Server-7.3.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Server-7.3.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Server-7.3.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Server-7.3.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Server-7.3.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Server-7.3.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Server-7.3.Z-Server:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Server-7.3.Z-Server:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Server-7.3.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Server-7.3.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Server-7.3.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Server-7.3.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.i686", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.i686", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2016-5548" }, { "category": "external", "summary": "RHBZ#1413920", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1413920" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2016-5548", "url": "https://www.cve.org/CVERecord?id=CVE-2016-5548" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-5548", "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-5548" } ], "release_date": "2017-01-17T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of IBM Java must be restarted for this update to take effect.", "product_ids": [ "6Client-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "7Client-7.3.Z-Client:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.i686", "7Client-7.3.Z-Client:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Client-7.3.Z-Client:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Client-7.3.Z-Client:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Client-7.3.Z-Client:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390", "7Client-7.3.Z-Client:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Client-7.3.Z-Client:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Client-7.3.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Client-7.3.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Client-7.3.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Client-7.3.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Client-7.3.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.i686", "7Client-7.3.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Client-7.3.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Client-7.3.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Client-7.3.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390", "7Client-7.3.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Client-7.3.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Client-7.3.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Client-7.3.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Client-7.3.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Client-7.3.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Client-7.3.Z-Client:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Client-7.3.Z-Client:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Client-7.3.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Client-7.3.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Client-7.3.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Client-7.3.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.i686", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390x", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.s390x", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.i686", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390x", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.s390x", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.ppc", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.s390x", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Server-7.3.Z-Server:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.i686", "7Server-7.3.Z-Server:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Server-7.3.Z-Server:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Server-7.3.Z-Server:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Server-7.3.Z-Server:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390", "7Server-7.3.Z-Server:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Server-7.3.Z-Server:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Server-7.3.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Server-7.3.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Server-7.3.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Server-7.3.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Server-7.3.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.i686", "7Server-7.3.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Server-7.3.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Server-7.3.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Server-7.3.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390", "7Server-7.3.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Server-7.3.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Server-7.3.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Server-7.3.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Server-7.3.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Server-7.3.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Server-7.3.Z-Server:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Server-7.3.Z-Server:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Server-7.3.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Server-7.3.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Server-7.3.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Server-7.3.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.i686", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.i686", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2017:0336" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", "version": "3.0" }, "products": [ "6Client-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "7Client-7.3.Z-Client:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.i686", "7Client-7.3.Z-Client:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Client-7.3.Z-Client:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Client-7.3.Z-Client:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Client-7.3.Z-Client:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390", "7Client-7.3.Z-Client:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Client-7.3.Z-Client:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Client-7.3.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Client-7.3.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Client-7.3.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Client-7.3.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Client-7.3.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.i686", "7Client-7.3.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Client-7.3.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Client-7.3.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Client-7.3.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390", "7Client-7.3.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Client-7.3.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Client-7.3.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Client-7.3.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Client-7.3.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Client-7.3.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Client-7.3.Z-Client:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Client-7.3.Z-Client:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Client-7.3.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Client-7.3.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Client-7.3.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Client-7.3.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.i686", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390x", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.s390x", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.i686", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390x", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.s390x", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.ppc", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.s390x", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Server-7.3.Z-Server:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.i686", "7Server-7.3.Z-Server:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Server-7.3.Z-Server:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Server-7.3.Z-Server:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Server-7.3.Z-Server:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390", "7Server-7.3.Z-Server:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Server-7.3.Z-Server:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Server-7.3.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Server-7.3.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Server-7.3.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Server-7.3.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Server-7.3.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.i686", "7Server-7.3.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Server-7.3.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Server-7.3.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Server-7.3.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390", "7Server-7.3.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Server-7.3.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Server-7.3.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Server-7.3.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Server-7.3.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Server-7.3.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Server-7.3.Z-Server:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Server-7.3.Z-Server:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Server-7.3.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Server-7.3.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Server-7.3.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Server-7.3.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.i686", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.i686", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "OpenJDK: DSA implementation timing attack (Libraries, 8168728)" }, { "cve": "CVE-2016-5549", "cwe": { "id": "CWE-385", "name": "Covert Timing Channel" }, "discovery_date": "2017-01-15T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1413923" } ], "notes": [ { "category": "description", "text": "Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Libraries). Supported versions that are affected are Java SE: 7u121 and 8u112; Java SE Embedded: 8u111. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Java SE, Java SE Embedded accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS v3.0 Base Score 6.5 (Confidentiality impacts).", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: ECDSA implementation timing attack (Libraries, 8168724)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Client-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "7Client-7.3.Z-Client:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.i686", "7Client-7.3.Z-Client:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Client-7.3.Z-Client:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Client-7.3.Z-Client:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Client-7.3.Z-Client:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390", "7Client-7.3.Z-Client:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Client-7.3.Z-Client:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Client-7.3.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Client-7.3.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Client-7.3.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Client-7.3.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Client-7.3.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.i686", "7Client-7.3.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Client-7.3.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Client-7.3.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Client-7.3.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390", "7Client-7.3.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Client-7.3.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Client-7.3.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Client-7.3.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Client-7.3.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Client-7.3.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Client-7.3.Z-Client:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Client-7.3.Z-Client:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Client-7.3.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Client-7.3.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Client-7.3.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Client-7.3.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.i686", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390x", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.s390x", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.i686", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390x", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.s390x", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.ppc", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.s390x", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Server-7.3.Z-Server:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.i686", "7Server-7.3.Z-Server:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Server-7.3.Z-Server:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Server-7.3.Z-Server:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Server-7.3.Z-Server:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390", "7Server-7.3.Z-Server:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Server-7.3.Z-Server:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Server-7.3.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Server-7.3.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Server-7.3.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Server-7.3.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Server-7.3.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.i686", "7Server-7.3.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Server-7.3.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Server-7.3.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Server-7.3.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390", "7Server-7.3.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Server-7.3.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Server-7.3.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Server-7.3.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Server-7.3.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Server-7.3.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Server-7.3.Z-Server:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Server-7.3.Z-Server:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Server-7.3.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Server-7.3.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Server-7.3.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Server-7.3.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.i686", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.i686", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2016-5549" }, { "category": "external", "summary": "RHBZ#1413923", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1413923" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2016-5549", "url": "https://www.cve.org/CVERecord?id=CVE-2016-5549" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-5549", "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-5549" } ], "release_date": "2017-01-17T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of IBM Java must be restarted for this update to take effect.", "product_ids": [ "6Client-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "7Client-7.3.Z-Client:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.i686", "7Client-7.3.Z-Client:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Client-7.3.Z-Client:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Client-7.3.Z-Client:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Client-7.3.Z-Client:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390", "7Client-7.3.Z-Client:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Client-7.3.Z-Client:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Client-7.3.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Client-7.3.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Client-7.3.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Client-7.3.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Client-7.3.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.i686", "7Client-7.3.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Client-7.3.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Client-7.3.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Client-7.3.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390", "7Client-7.3.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Client-7.3.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Client-7.3.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Client-7.3.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Client-7.3.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Client-7.3.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Client-7.3.Z-Client:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Client-7.3.Z-Client:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Client-7.3.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Client-7.3.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Client-7.3.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Client-7.3.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.i686", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390x", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.s390x", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.i686", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390x", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.s390x", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.ppc", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.s390x", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Server-7.3.Z-Server:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.i686", "7Server-7.3.Z-Server:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Server-7.3.Z-Server:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Server-7.3.Z-Server:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Server-7.3.Z-Server:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390", "7Server-7.3.Z-Server:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Server-7.3.Z-Server:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Server-7.3.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Server-7.3.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Server-7.3.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Server-7.3.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Server-7.3.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.i686", "7Server-7.3.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Server-7.3.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Server-7.3.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Server-7.3.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390", "7Server-7.3.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Server-7.3.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Server-7.3.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Server-7.3.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Server-7.3.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Server-7.3.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Server-7.3.Z-Server:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Server-7.3.Z-Server:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Server-7.3.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Server-7.3.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Server-7.3.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Server-7.3.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.i686", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.i686", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2017:0336" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", "version": "3.0" }, "products": [ "6Client-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "7Client-7.3.Z-Client:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.i686", "7Client-7.3.Z-Client:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Client-7.3.Z-Client:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Client-7.3.Z-Client:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Client-7.3.Z-Client:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390", "7Client-7.3.Z-Client:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Client-7.3.Z-Client:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Client-7.3.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Client-7.3.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Client-7.3.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Client-7.3.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Client-7.3.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.i686", "7Client-7.3.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Client-7.3.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Client-7.3.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Client-7.3.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390", "7Client-7.3.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Client-7.3.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Client-7.3.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Client-7.3.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Client-7.3.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Client-7.3.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Client-7.3.Z-Client:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Client-7.3.Z-Client:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Client-7.3.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Client-7.3.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Client-7.3.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Client-7.3.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.i686", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390x", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.s390x", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.i686", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390x", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.s390x", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.ppc", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.s390x", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Server-7.3.Z-Server:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.i686", "7Server-7.3.Z-Server:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Server-7.3.Z-Server:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Server-7.3.Z-Server:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Server-7.3.Z-Server:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390", "7Server-7.3.Z-Server:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Server-7.3.Z-Server:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Server-7.3.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Server-7.3.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Server-7.3.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Server-7.3.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Server-7.3.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.i686", "7Server-7.3.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Server-7.3.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Server-7.3.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Server-7.3.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390", "7Server-7.3.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Server-7.3.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Server-7.3.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Server-7.3.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Server-7.3.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Server-7.3.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Server-7.3.Z-Server:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Server-7.3.Z-Server:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Server-7.3.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Server-7.3.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Server-7.3.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Server-7.3.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.i686", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.i686", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "OpenJDK: ECDSA implementation timing attack (Libraries, 8168724)" }, { "cve": "CVE-2016-5552", "cwe": { "id": "CWE-20", "name": "Improper Input Validation" }, "discovery_date": "2017-01-15T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1413882" } ], "notes": [ { "category": "description", "text": "It was discovered that the Networking component of OpenJDK failed to properly parse user info from the URL. A remote attacker could cause a Java application to incorrectly parse an attacker supplied URL and interpret it differently from other applications processing the same URL.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: incorrect URL parsing in URLStreamHandler (Networking, 8167223)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Client-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "7Client-7.3.Z-Client:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.i686", "7Client-7.3.Z-Client:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Client-7.3.Z-Client:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Client-7.3.Z-Client:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Client-7.3.Z-Client:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390", "7Client-7.3.Z-Client:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Client-7.3.Z-Client:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Client-7.3.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Client-7.3.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Client-7.3.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Client-7.3.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Client-7.3.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.i686", "7Client-7.3.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Client-7.3.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Client-7.3.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Client-7.3.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390", "7Client-7.3.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Client-7.3.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Client-7.3.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Client-7.3.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Client-7.3.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Client-7.3.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Client-7.3.Z-Client:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Client-7.3.Z-Client:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Client-7.3.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Client-7.3.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Client-7.3.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Client-7.3.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.i686", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390x", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.s390x", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.i686", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390x", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.s390x", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.ppc", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.s390x", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Server-7.3.Z-Server:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.i686", "7Server-7.3.Z-Server:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Server-7.3.Z-Server:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Server-7.3.Z-Server:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Server-7.3.Z-Server:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390", "7Server-7.3.Z-Server:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Server-7.3.Z-Server:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Server-7.3.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Server-7.3.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Server-7.3.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Server-7.3.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Server-7.3.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.i686", "7Server-7.3.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Server-7.3.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Server-7.3.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Server-7.3.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390", "7Server-7.3.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Server-7.3.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Server-7.3.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Server-7.3.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Server-7.3.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Server-7.3.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Server-7.3.Z-Server:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Server-7.3.Z-Server:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Server-7.3.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Server-7.3.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Server-7.3.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Server-7.3.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.i686", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.i686", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2016-5552" }, { "category": "external", "summary": "RHBZ#1413882", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1413882" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2016-5552", "url": "https://www.cve.org/CVERecord?id=CVE-2016-5552" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-5552", "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-5552" } ], "release_date": "2017-01-17T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of IBM Java must be restarted for this update to take effect.", "product_ids": [ "6Client-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "7Client-7.3.Z-Client:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.i686", "7Client-7.3.Z-Client:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Client-7.3.Z-Client:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Client-7.3.Z-Client:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Client-7.3.Z-Client:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390", "7Client-7.3.Z-Client:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Client-7.3.Z-Client:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Client-7.3.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Client-7.3.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Client-7.3.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Client-7.3.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Client-7.3.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.i686", "7Client-7.3.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Client-7.3.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Client-7.3.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Client-7.3.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390", "7Client-7.3.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Client-7.3.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Client-7.3.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Client-7.3.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Client-7.3.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Client-7.3.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Client-7.3.Z-Client:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Client-7.3.Z-Client:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Client-7.3.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Client-7.3.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Client-7.3.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Client-7.3.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.i686", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390x", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.s390x", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.i686", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390x", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.s390x", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.ppc", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.s390x", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Server-7.3.Z-Server:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.i686", "7Server-7.3.Z-Server:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Server-7.3.Z-Server:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Server-7.3.Z-Server:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Server-7.3.Z-Server:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390", "7Server-7.3.Z-Server:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Server-7.3.Z-Server:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Server-7.3.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Server-7.3.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Server-7.3.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Server-7.3.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Server-7.3.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.i686", "7Server-7.3.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Server-7.3.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Server-7.3.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Server-7.3.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390", "7Server-7.3.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Server-7.3.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Server-7.3.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Server-7.3.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Server-7.3.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Server-7.3.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Server-7.3.Z-Server:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Server-7.3.Z-Server:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Server-7.3.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Server-7.3.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Server-7.3.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Server-7.3.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.i686", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.i686", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2017:0336" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", "version": "3.0" }, "products": [ "6Client-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "7Client-7.3.Z-Client:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.i686", "7Client-7.3.Z-Client:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Client-7.3.Z-Client:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Client-7.3.Z-Client:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Client-7.3.Z-Client:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390", "7Client-7.3.Z-Client:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Client-7.3.Z-Client:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Client-7.3.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Client-7.3.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Client-7.3.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Client-7.3.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Client-7.3.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.i686", "7Client-7.3.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Client-7.3.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Client-7.3.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Client-7.3.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390", "7Client-7.3.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Client-7.3.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Client-7.3.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Client-7.3.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Client-7.3.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Client-7.3.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Client-7.3.Z-Client:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Client-7.3.Z-Client:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Client-7.3.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Client-7.3.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Client-7.3.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Client-7.3.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.i686", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390x", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.s390x", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.i686", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390x", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.s390x", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.ppc", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.s390x", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Server-7.3.Z-Server:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.i686", "7Server-7.3.Z-Server:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Server-7.3.Z-Server:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Server-7.3.Z-Server:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Server-7.3.Z-Server:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390", "7Server-7.3.Z-Server:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Server-7.3.Z-Server:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Server-7.3.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Server-7.3.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Server-7.3.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Server-7.3.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Server-7.3.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.i686", "7Server-7.3.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Server-7.3.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Server-7.3.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Server-7.3.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390", "7Server-7.3.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Server-7.3.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Server-7.3.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Server-7.3.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Server-7.3.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Server-7.3.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Server-7.3.Z-Server:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Server-7.3.Z-Server:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Server-7.3.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Server-7.3.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Server-7.3.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Server-7.3.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.i686", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.i686", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "OpenJDK: incorrect URL parsing in URLStreamHandler (Networking, 8167223)" }, { "cve": "CVE-2017-3231", "discovery_date": "2017-01-15T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1413717" } ], "notes": [ { "category": "description", "text": "Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Networking). Supported versions that are affected are Java SE: 6u131, 7u121 and 8u112; Java SE Embedded: 8u111. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Java SE, Java SE Embedded accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS v3.0 Base Score 4.3 (Confidentiality impacts).", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: URLClassLoader insufficient access control checks (Networking, 8151934)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Client-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "7Client-7.3.Z-Client:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.i686", "7Client-7.3.Z-Client:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Client-7.3.Z-Client:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Client-7.3.Z-Client:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Client-7.3.Z-Client:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390", "7Client-7.3.Z-Client:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Client-7.3.Z-Client:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Client-7.3.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Client-7.3.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Client-7.3.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Client-7.3.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Client-7.3.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.i686", "7Client-7.3.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Client-7.3.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Client-7.3.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Client-7.3.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390", "7Client-7.3.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Client-7.3.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Client-7.3.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Client-7.3.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Client-7.3.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Client-7.3.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Client-7.3.Z-Client:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Client-7.3.Z-Client:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Client-7.3.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Client-7.3.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Client-7.3.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Client-7.3.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.i686", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390x", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.s390x", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.i686", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390x", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.s390x", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.ppc", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.s390x", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Server-7.3.Z-Server:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.i686", "7Server-7.3.Z-Server:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Server-7.3.Z-Server:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Server-7.3.Z-Server:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Server-7.3.Z-Server:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390", "7Server-7.3.Z-Server:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Server-7.3.Z-Server:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Server-7.3.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Server-7.3.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Server-7.3.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Server-7.3.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Server-7.3.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.i686", "7Server-7.3.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Server-7.3.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Server-7.3.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Server-7.3.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390", "7Server-7.3.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Server-7.3.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Server-7.3.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Server-7.3.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Server-7.3.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Server-7.3.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Server-7.3.Z-Server:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Server-7.3.Z-Server:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Server-7.3.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Server-7.3.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Server-7.3.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Server-7.3.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.i686", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.i686", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2017-3231" }, { "category": "external", "summary": "RHBZ#1413717", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1413717" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2017-3231", "url": "https://www.cve.org/CVERecord?id=CVE-2017-3231" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-3231", "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-3231" } ], "release_date": "2017-01-17T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of IBM Java must be restarted for this update to take effect.", "product_ids": [ "6Client-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "7Client-7.3.Z-Client:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.i686", "7Client-7.3.Z-Client:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Client-7.3.Z-Client:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Client-7.3.Z-Client:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Client-7.3.Z-Client:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390", "7Client-7.3.Z-Client:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Client-7.3.Z-Client:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Client-7.3.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Client-7.3.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Client-7.3.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Client-7.3.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Client-7.3.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.i686", "7Client-7.3.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Client-7.3.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Client-7.3.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Client-7.3.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390", "7Client-7.3.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Client-7.3.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Client-7.3.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Client-7.3.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Client-7.3.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Client-7.3.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Client-7.3.Z-Client:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Client-7.3.Z-Client:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Client-7.3.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Client-7.3.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Client-7.3.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Client-7.3.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.i686", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390x", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.s390x", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.i686", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390x", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.s390x", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.ppc", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.s390x", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Server-7.3.Z-Server:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.i686", "7Server-7.3.Z-Server:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Server-7.3.Z-Server:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Server-7.3.Z-Server:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Server-7.3.Z-Server:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390", "7Server-7.3.Z-Server:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Server-7.3.Z-Server:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Server-7.3.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Server-7.3.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Server-7.3.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Server-7.3.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Server-7.3.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.i686", "7Server-7.3.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Server-7.3.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Server-7.3.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Server-7.3.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390", "7Server-7.3.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Server-7.3.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Server-7.3.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Server-7.3.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Server-7.3.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Server-7.3.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Server-7.3.Z-Server:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Server-7.3.Z-Server:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Server-7.3.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Server-7.3.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Server-7.3.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Server-7.3.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.i686", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.i686", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2017:0336" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 4.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N", "version": "3.0" }, "products": [ "6Client-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "7Client-7.3.Z-Client:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.i686", "7Client-7.3.Z-Client:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Client-7.3.Z-Client:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Client-7.3.Z-Client:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Client-7.3.Z-Client:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390", "7Client-7.3.Z-Client:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Client-7.3.Z-Client:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Client-7.3.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Client-7.3.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Client-7.3.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Client-7.3.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Client-7.3.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.i686", "7Client-7.3.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Client-7.3.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Client-7.3.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Client-7.3.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390", "7Client-7.3.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Client-7.3.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Client-7.3.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Client-7.3.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Client-7.3.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Client-7.3.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Client-7.3.Z-Client:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Client-7.3.Z-Client:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Client-7.3.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Client-7.3.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Client-7.3.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Client-7.3.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.i686", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390x", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.s390x", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.i686", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390x", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.s390x", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.ppc", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.s390x", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Server-7.3.Z-Server:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.i686", "7Server-7.3.Z-Server:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Server-7.3.Z-Server:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Server-7.3.Z-Server:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Server-7.3.Z-Server:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390", "7Server-7.3.Z-Server:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Server-7.3.Z-Server:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Server-7.3.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Server-7.3.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Server-7.3.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Server-7.3.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Server-7.3.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.i686", "7Server-7.3.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Server-7.3.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Server-7.3.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Server-7.3.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390", "7Server-7.3.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Server-7.3.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Server-7.3.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Server-7.3.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Server-7.3.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Server-7.3.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Server-7.3.Z-Server:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Server-7.3.Z-Server:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Server-7.3.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Server-7.3.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Server-7.3.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Server-7.3.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.i686", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.i686", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "OpenJDK: URLClassLoader insufficient access control checks (Networking, 8151934)" }, { "cve": "CVE-2017-3241", "cwe": { "id": "CWE-502", "name": "Deserialization of Untrusted Data" }, "discovery_date": "2017-01-15T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1413955" } ], "notes": [ { "category": "description", "text": "It was discovered that the RMI registry and DCG implementations in the RMI component of OpenJDK performed deserialization of untrusted inputs. A remote attacker could possibly use this flaw to execute arbitrary code with the privileges of RMI registry or a Java RMI application.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: untrusted input deserialization in RMI registry and DCG (RMI, 8156802)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Client-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "7Client-7.3.Z-Client:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.i686", "7Client-7.3.Z-Client:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Client-7.3.Z-Client:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Client-7.3.Z-Client:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Client-7.3.Z-Client:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390", "7Client-7.3.Z-Client:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Client-7.3.Z-Client:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Client-7.3.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Client-7.3.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Client-7.3.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Client-7.3.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Client-7.3.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.i686", "7Client-7.3.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Client-7.3.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Client-7.3.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Client-7.3.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390", "7Client-7.3.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Client-7.3.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Client-7.3.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Client-7.3.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Client-7.3.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Client-7.3.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Client-7.3.Z-Client:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Client-7.3.Z-Client:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Client-7.3.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Client-7.3.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Client-7.3.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Client-7.3.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.i686", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390x", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.s390x", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.i686", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390x", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.s390x", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.ppc", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.s390x", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Server-7.3.Z-Server:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.i686", "7Server-7.3.Z-Server:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Server-7.3.Z-Server:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Server-7.3.Z-Server:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Server-7.3.Z-Server:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390", "7Server-7.3.Z-Server:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Server-7.3.Z-Server:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Server-7.3.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Server-7.3.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Server-7.3.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Server-7.3.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Server-7.3.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.i686", "7Server-7.3.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Server-7.3.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Server-7.3.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Server-7.3.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390", "7Server-7.3.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Server-7.3.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Server-7.3.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Server-7.3.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Server-7.3.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Server-7.3.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Server-7.3.Z-Server:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Server-7.3.Z-Server:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Server-7.3.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Server-7.3.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Server-7.3.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Server-7.3.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.i686", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.i686", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2017-3241" }, { "category": "external", "summary": "RHBZ#1413955", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1413955" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2017-3241", "url": "https://www.cve.org/CVERecord?id=CVE-2017-3241" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-3241", "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-3241" } ], "release_date": "2017-01-17T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of IBM Java must be restarted for this update to take effect.", "product_ids": [ "6Client-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "7Client-7.3.Z-Client:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.i686", "7Client-7.3.Z-Client:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Client-7.3.Z-Client:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Client-7.3.Z-Client:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Client-7.3.Z-Client:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390", "7Client-7.3.Z-Client:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Client-7.3.Z-Client:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Client-7.3.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Client-7.3.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Client-7.3.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Client-7.3.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Client-7.3.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.i686", "7Client-7.3.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Client-7.3.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Client-7.3.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Client-7.3.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390", "7Client-7.3.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Client-7.3.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Client-7.3.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Client-7.3.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Client-7.3.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Client-7.3.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Client-7.3.Z-Client:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Client-7.3.Z-Client:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Client-7.3.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Client-7.3.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Client-7.3.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Client-7.3.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.i686", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390x", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.s390x", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.i686", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390x", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.s390x", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.ppc", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.s390x", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Server-7.3.Z-Server:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.i686", "7Server-7.3.Z-Server:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Server-7.3.Z-Server:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Server-7.3.Z-Server:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Server-7.3.Z-Server:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390", "7Server-7.3.Z-Server:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Server-7.3.Z-Server:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Server-7.3.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Server-7.3.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Server-7.3.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Server-7.3.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Server-7.3.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.i686", "7Server-7.3.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Server-7.3.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Server-7.3.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Server-7.3.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390", "7Server-7.3.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Server-7.3.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Server-7.3.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Server-7.3.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Server-7.3.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Server-7.3.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Server-7.3.Z-Server:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Server-7.3.Z-Server:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Server-7.3.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Server-7.3.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Server-7.3.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Server-7.3.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.i686", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.i686", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2017:0336" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" }, "products": [ "6Client-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "7Client-7.3.Z-Client:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.i686", "7Client-7.3.Z-Client:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Client-7.3.Z-Client:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Client-7.3.Z-Client:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Client-7.3.Z-Client:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390", "7Client-7.3.Z-Client:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Client-7.3.Z-Client:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Client-7.3.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Client-7.3.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Client-7.3.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Client-7.3.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Client-7.3.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.i686", "7Client-7.3.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Client-7.3.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Client-7.3.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Client-7.3.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390", "7Client-7.3.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Client-7.3.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Client-7.3.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Client-7.3.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Client-7.3.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Client-7.3.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Client-7.3.Z-Client:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Client-7.3.Z-Client:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Client-7.3.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Client-7.3.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Client-7.3.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Client-7.3.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.i686", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390x", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.s390x", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.i686", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390x", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.s390x", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.ppc", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.s390x", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Server-7.3.Z-Server:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.i686", "7Server-7.3.Z-Server:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Server-7.3.Z-Server:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Server-7.3.Z-Server:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Server-7.3.Z-Server:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390", "7Server-7.3.Z-Server:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Server-7.3.Z-Server:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Server-7.3.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Server-7.3.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Server-7.3.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Server-7.3.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Server-7.3.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.i686", "7Server-7.3.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Server-7.3.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Server-7.3.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Server-7.3.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390", "7Server-7.3.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Server-7.3.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Server-7.3.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Server-7.3.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Server-7.3.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Server-7.3.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Server-7.3.Z-Server:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Server-7.3.Z-Server:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Server-7.3.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Server-7.3.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Server-7.3.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Server-7.3.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.i686", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.i686", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Critical" } ], "title": "OpenJDK: untrusted input deserialization in RMI registry and DCG (RMI, 8156802)" }, { "cve": "CVE-2017-3252", "cwe": { "id": "CWE-20", "name": "Improper Input Validation" }, "discovery_date": "2017-01-15T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1413906" } ], "notes": [ { "category": "description", "text": "It was discovered that the JAAS component of OpenJDK did not use the correct way to extract user DN from the result of the user search LDAP query. A specially crafted user LDAP entry could cause the application to use an incorrect DN.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: LdapLoginModule incorrect userDN extraction (JAAS, 8161743)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Client-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "7Client-7.3.Z-Client:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.i686", "7Client-7.3.Z-Client:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Client-7.3.Z-Client:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Client-7.3.Z-Client:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Client-7.3.Z-Client:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390", "7Client-7.3.Z-Client:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Client-7.3.Z-Client:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Client-7.3.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Client-7.3.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Client-7.3.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Client-7.3.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Client-7.3.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.i686", "7Client-7.3.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Client-7.3.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Client-7.3.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Client-7.3.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390", "7Client-7.3.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Client-7.3.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Client-7.3.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Client-7.3.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Client-7.3.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Client-7.3.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Client-7.3.Z-Client:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Client-7.3.Z-Client:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Client-7.3.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Client-7.3.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Client-7.3.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Client-7.3.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.i686", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390x", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.s390x", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.i686", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390x", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.s390x", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.ppc", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.s390x", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Server-7.3.Z-Server:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.i686", "7Server-7.3.Z-Server:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Server-7.3.Z-Server:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Server-7.3.Z-Server:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Server-7.3.Z-Server:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390", "7Server-7.3.Z-Server:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Server-7.3.Z-Server:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Server-7.3.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Server-7.3.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Server-7.3.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Server-7.3.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Server-7.3.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.i686", "7Server-7.3.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Server-7.3.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Server-7.3.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Server-7.3.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390", "7Server-7.3.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Server-7.3.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Server-7.3.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Server-7.3.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Server-7.3.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Server-7.3.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Server-7.3.Z-Server:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Server-7.3.Z-Server:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Server-7.3.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Server-7.3.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Server-7.3.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Server-7.3.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.i686", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.i686", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2017-3252" }, { "category": "external", "summary": "RHBZ#1413906", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1413906" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2017-3252", "url": "https://www.cve.org/CVERecord?id=CVE-2017-3252" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-3252", "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-3252" } ], "release_date": "2017-01-17T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of IBM Java must be restarted for this update to take effect.", "product_ids": [ "6Client-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "7Client-7.3.Z-Client:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.i686", "7Client-7.3.Z-Client:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Client-7.3.Z-Client:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Client-7.3.Z-Client:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Client-7.3.Z-Client:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390", "7Client-7.3.Z-Client:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Client-7.3.Z-Client:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Client-7.3.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Client-7.3.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Client-7.3.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Client-7.3.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Client-7.3.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.i686", "7Client-7.3.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Client-7.3.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Client-7.3.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Client-7.3.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390", "7Client-7.3.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Client-7.3.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Client-7.3.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Client-7.3.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Client-7.3.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Client-7.3.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Client-7.3.Z-Client:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Client-7.3.Z-Client:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Client-7.3.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Client-7.3.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Client-7.3.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Client-7.3.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.i686", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390x", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.s390x", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.i686", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390x", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.s390x", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.ppc", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.s390x", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Server-7.3.Z-Server:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.i686", "7Server-7.3.Z-Server:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Server-7.3.Z-Server:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Server-7.3.Z-Server:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Server-7.3.Z-Server:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390", "7Server-7.3.Z-Server:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Server-7.3.Z-Server:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Server-7.3.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Server-7.3.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Server-7.3.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Server-7.3.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Server-7.3.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.i686", "7Server-7.3.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Server-7.3.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Server-7.3.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Server-7.3.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390", "7Server-7.3.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Server-7.3.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Server-7.3.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Server-7.3.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Server-7.3.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Server-7.3.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Server-7.3.Z-Server:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Server-7.3.Z-Server:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Server-7.3.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Server-7.3.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Server-7.3.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Server-7.3.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.i686", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.i686", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2017:0336" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N", "version": "3.0" }, "products": [ "6Client-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "7Client-7.3.Z-Client:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.i686", "7Client-7.3.Z-Client:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Client-7.3.Z-Client:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Client-7.3.Z-Client:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Client-7.3.Z-Client:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390", "7Client-7.3.Z-Client:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Client-7.3.Z-Client:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Client-7.3.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Client-7.3.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Client-7.3.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Client-7.3.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Client-7.3.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.i686", "7Client-7.3.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Client-7.3.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Client-7.3.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Client-7.3.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390", "7Client-7.3.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Client-7.3.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Client-7.3.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Client-7.3.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Client-7.3.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Client-7.3.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Client-7.3.Z-Client:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Client-7.3.Z-Client:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Client-7.3.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Client-7.3.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Client-7.3.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Client-7.3.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.i686", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390x", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.s390x", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.i686", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390x", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.s390x", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.ppc", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.s390x", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Server-7.3.Z-Server:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.i686", "7Server-7.3.Z-Server:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Server-7.3.Z-Server:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Server-7.3.Z-Server:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Server-7.3.Z-Server:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390", "7Server-7.3.Z-Server:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Server-7.3.Z-Server:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Server-7.3.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Server-7.3.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Server-7.3.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Server-7.3.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Server-7.3.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.i686", "7Server-7.3.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Server-7.3.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Server-7.3.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Server-7.3.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390", "7Server-7.3.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Server-7.3.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Server-7.3.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Server-7.3.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Server-7.3.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Server-7.3.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Server-7.3.Z-Server:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Server-7.3.Z-Server:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Server-7.3.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Server-7.3.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Server-7.3.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Server-7.3.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.i686", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.i686", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "OpenJDK: LdapLoginModule incorrect userDN extraction (JAAS, 8161743)" }, { "cve": "CVE-2017-3253", "cwe": { "id": "CWE-770", "name": "Allocation of Resources Without Limits or Throttling" }, "discovery_date": "2017-01-15T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1413583" } ], "notes": [ { "category": "description", "text": "It was discovered that the 2D component of OpenJDK performed parsing of iTXt and zTXt PNG image chunks even when configured to ignore metadata. An attacker able to make a Java application parse a specially crafted PNG image could cause the application to consume an excessive amount of memory.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: imageio PNGImageReader failed to honor ignoreMetadata for iTXt and zTXt chunks (2D, 8166988)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Client-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "7Client-7.3.Z-Client:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.i686", "7Client-7.3.Z-Client:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Client-7.3.Z-Client:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Client-7.3.Z-Client:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Client-7.3.Z-Client:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390", "7Client-7.3.Z-Client:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Client-7.3.Z-Client:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Client-7.3.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Client-7.3.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Client-7.3.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Client-7.3.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Client-7.3.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.i686", "7Client-7.3.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Client-7.3.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Client-7.3.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Client-7.3.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390", "7Client-7.3.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Client-7.3.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Client-7.3.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Client-7.3.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Client-7.3.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Client-7.3.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Client-7.3.Z-Client:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Client-7.3.Z-Client:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Client-7.3.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Client-7.3.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Client-7.3.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Client-7.3.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.i686", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390x", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.s390x", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.i686", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390x", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.s390x", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.ppc", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.s390x", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Server-7.3.Z-Server:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.i686", "7Server-7.3.Z-Server:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Server-7.3.Z-Server:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Server-7.3.Z-Server:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Server-7.3.Z-Server:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390", "7Server-7.3.Z-Server:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Server-7.3.Z-Server:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Server-7.3.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Server-7.3.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Server-7.3.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Server-7.3.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Server-7.3.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.i686", "7Server-7.3.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Server-7.3.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Server-7.3.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Server-7.3.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390", "7Server-7.3.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Server-7.3.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Server-7.3.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Server-7.3.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Server-7.3.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Server-7.3.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Server-7.3.Z-Server:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Server-7.3.Z-Server:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Server-7.3.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Server-7.3.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Server-7.3.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Server-7.3.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.i686", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.i686", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2017-3253" }, { "category": "external", "summary": "RHBZ#1413583", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1413583" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2017-3253", "url": "https://www.cve.org/CVERecord?id=CVE-2017-3253" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-3253", "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-3253" } ], "release_date": "2017-01-17T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of IBM Java must be restarted for this update to take effect.", "product_ids": [ "6Client-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "7Client-7.3.Z-Client:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.i686", "7Client-7.3.Z-Client:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Client-7.3.Z-Client:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Client-7.3.Z-Client:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Client-7.3.Z-Client:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390", "7Client-7.3.Z-Client:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Client-7.3.Z-Client:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Client-7.3.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Client-7.3.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Client-7.3.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Client-7.3.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Client-7.3.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.i686", "7Client-7.3.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Client-7.3.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Client-7.3.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Client-7.3.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390", "7Client-7.3.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Client-7.3.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Client-7.3.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Client-7.3.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Client-7.3.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Client-7.3.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Client-7.3.Z-Client:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Client-7.3.Z-Client:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Client-7.3.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Client-7.3.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Client-7.3.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Client-7.3.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.i686", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390x", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.s390x", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.i686", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390x", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.s390x", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.ppc", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.s390x", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Server-7.3.Z-Server:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.i686", "7Server-7.3.Z-Server:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Server-7.3.Z-Server:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Server-7.3.Z-Server:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Server-7.3.Z-Server:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390", "7Server-7.3.Z-Server:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Server-7.3.Z-Server:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Server-7.3.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Server-7.3.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Server-7.3.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Server-7.3.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Server-7.3.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.i686", "7Server-7.3.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Server-7.3.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Server-7.3.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Server-7.3.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390", "7Server-7.3.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Server-7.3.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Server-7.3.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Server-7.3.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Server-7.3.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Server-7.3.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Server-7.3.Z-Server:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Server-7.3.Z-Server:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Server-7.3.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Server-7.3.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Server-7.3.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Server-7.3.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.i686", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.i686", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2017:0336" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0" }, "products": [ "6Client-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "7Client-7.3.Z-Client:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.i686", "7Client-7.3.Z-Client:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Client-7.3.Z-Client:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Client-7.3.Z-Client:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Client-7.3.Z-Client:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390", "7Client-7.3.Z-Client:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Client-7.3.Z-Client:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Client-7.3.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Client-7.3.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Client-7.3.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Client-7.3.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Client-7.3.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.i686", "7Client-7.3.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Client-7.3.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Client-7.3.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Client-7.3.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390", "7Client-7.3.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Client-7.3.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Client-7.3.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Client-7.3.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Client-7.3.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Client-7.3.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Client-7.3.Z-Client:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Client-7.3.Z-Client:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Client-7.3.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Client-7.3.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Client-7.3.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Client-7.3.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.i686", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390x", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.s390x", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.i686", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390x", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.s390x", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.ppc", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.s390x", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Server-7.3.Z-Server:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.i686", "7Server-7.3.Z-Server:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Server-7.3.Z-Server:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Server-7.3.Z-Server:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Server-7.3.Z-Server:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390", "7Server-7.3.Z-Server:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Server-7.3.Z-Server:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Server-7.3.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Server-7.3.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Server-7.3.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Server-7.3.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Server-7.3.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.i686", "7Server-7.3.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Server-7.3.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Server-7.3.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Server-7.3.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390", "7Server-7.3.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Server-7.3.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Server-7.3.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Server-7.3.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Server-7.3.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Server-7.3.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Server-7.3.Z-Server:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Server-7.3.Z-Server:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Server-7.3.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Server-7.3.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Server-7.3.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Server-7.3.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.i686", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.i686", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "OpenJDK: imageio PNGImageReader failed to honor ignoreMetadata for iTXt and zTXt chunks (2D, 8166988)" }, { "cve": "CVE-2017-3259", "discovery_date": "2017-01-17T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1414163" } ], "notes": [ { "category": "description", "text": "Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Deployment). Supported versions that are affected are Java SE: 6u131, 7u121 and 8u112. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Java SE accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS v3.0 Base Score 3.7 (Confidentiality impacts).", "title": "Vulnerability description" }, { "category": "summary", "text": "JDK: unspecified vulnerability fixed in 6u141, 7u131, and 8u121 (Deployment)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Client-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "7Client-7.3.Z-Client:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.i686", "7Client-7.3.Z-Client:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Client-7.3.Z-Client:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Client-7.3.Z-Client:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Client-7.3.Z-Client:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390", "7Client-7.3.Z-Client:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Client-7.3.Z-Client:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Client-7.3.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Client-7.3.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Client-7.3.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Client-7.3.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Client-7.3.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.i686", "7Client-7.3.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Client-7.3.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Client-7.3.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Client-7.3.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390", "7Client-7.3.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Client-7.3.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Client-7.3.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Client-7.3.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Client-7.3.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Client-7.3.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Client-7.3.Z-Client:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Client-7.3.Z-Client:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Client-7.3.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Client-7.3.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Client-7.3.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Client-7.3.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.i686", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390x", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.s390x", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.i686", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390x", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.s390x", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.ppc", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.s390x", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Server-7.3.Z-Server:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.i686", "7Server-7.3.Z-Server:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Server-7.3.Z-Server:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Server-7.3.Z-Server:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Server-7.3.Z-Server:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390", "7Server-7.3.Z-Server:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Server-7.3.Z-Server:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Server-7.3.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Server-7.3.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Server-7.3.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Server-7.3.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Server-7.3.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.i686", "7Server-7.3.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Server-7.3.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Server-7.3.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Server-7.3.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390", "7Server-7.3.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Server-7.3.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Server-7.3.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Server-7.3.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Server-7.3.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Server-7.3.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Server-7.3.Z-Server:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Server-7.3.Z-Server:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Server-7.3.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Server-7.3.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Server-7.3.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Server-7.3.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.i686", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.i686", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2017-3259" }, { "category": "external", "summary": "RHBZ#1414163", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1414163" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2017-3259", "url": "https://www.cve.org/CVERecord?id=CVE-2017-3259" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-3259", "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-3259" }, { "category": "external", "summary": "http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html#AppendixJAVA", "url": "http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html#AppendixJAVA" } ], "release_date": "2017-01-17T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of IBM Java must be restarted for this update to take effect.", "product_ids": [ "6Client-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "7Client-7.3.Z-Client:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.i686", "7Client-7.3.Z-Client:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Client-7.3.Z-Client:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Client-7.3.Z-Client:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Client-7.3.Z-Client:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390", "7Client-7.3.Z-Client:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Client-7.3.Z-Client:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Client-7.3.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Client-7.3.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Client-7.3.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Client-7.3.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Client-7.3.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.i686", "7Client-7.3.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Client-7.3.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Client-7.3.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Client-7.3.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390", "7Client-7.3.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Client-7.3.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Client-7.3.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Client-7.3.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Client-7.3.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Client-7.3.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Client-7.3.Z-Client:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Client-7.3.Z-Client:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Client-7.3.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Client-7.3.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Client-7.3.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Client-7.3.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.i686", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390x", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.s390x", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.i686", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390x", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.s390x", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.ppc", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.s390x", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Server-7.3.Z-Server:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.i686", "7Server-7.3.Z-Server:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Server-7.3.Z-Server:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Server-7.3.Z-Server:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Server-7.3.Z-Server:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390", "7Server-7.3.Z-Server:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Server-7.3.Z-Server:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Server-7.3.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Server-7.3.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Server-7.3.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Server-7.3.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Server-7.3.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.i686", "7Server-7.3.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Server-7.3.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Server-7.3.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Server-7.3.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390", "7Server-7.3.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Server-7.3.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Server-7.3.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Server-7.3.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Server-7.3.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Server-7.3.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Server-7.3.Z-Server:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Server-7.3.Z-Server:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Server-7.3.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Server-7.3.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Server-7.3.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Server-7.3.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.i686", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.i686", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2017:0336" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 3.7, "baseSeverity": "LOW", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N", "version": "3.0" }, "products": [ "6Client-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "7Client-7.3.Z-Client:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.i686", "7Client-7.3.Z-Client:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Client-7.3.Z-Client:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Client-7.3.Z-Client:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Client-7.3.Z-Client:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390", "7Client-7.3.Z-Client:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Client-7.3.Z-Client:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Client-7.3.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Client-7.3.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Client-7.3.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Client-7.3.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Client-7.3.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.i686", "7Client-7.3.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Client-7.3.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Client-7.3.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Client-7.3.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390", "7Client-7.3.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Client-7.3.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Client-7.3.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Client-7.3.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Client-7.3.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Client-7.3.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Client-7.3.Z-Client:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Client-7.3.Z-Client:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Client-7.3.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Client-7.3.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Client-7.3.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Client-7.3.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.i686", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390x", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.s390x", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.i686", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390x", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.s390x", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.ppc", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.s390x", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Server-7.3.Z-Server:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.i686", "7Server-7.3.Z-Server:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Server-7.3.Z-Server:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Server-7.3.Z-Server:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Server-7.3.Z-Server:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390", "7Server-7.3.Z-Server:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Server-7.3.Z-Server:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Server-7.3.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Server-7.3.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Server-7.3.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Server-7.3.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Server-7.3.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.i686", "7Server-7.3.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Server-7.3.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Server-7.3.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Server-7.3.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390", "7Server-7.3.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Server-7.3.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Server-7.3.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Server-7.3.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Server-7.3.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Server-7.3.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Server-7.3.Z-Server:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Server-7.3.Z-Server:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Server-7.3.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Server-7.3.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Server-7.3.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Server-7.3.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.i686", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.i686", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "JDK: unspecified vulnerability fixed in 6u141, 7u131, and 8u121 (Deployment)" }, { "cve": "CVE-2017-3261", "cwe": { "id": "CWE-125", "name": "Out-of-bounds Read" }, "discovery_date": "2017-01-15T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1413653" } ], "notes": [ { "category": "description", "text": "Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Networking). Supported versions that are affected are Java SE: 6u131, 7u121 and 8u112; Java SE Embedded: 8u111. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Java SE, Java SE Embedded accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS v3.0 Base Score 4.3 (Confidentiality impacts).", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: integer overflow in SocketOutputStream boundary check (Networking, 8164147)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Client-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "7Client-7.3.Z-Client:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.i686", "7Client-7.3.Z-Client:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Client-7.3.Z-Client:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Client-7.3.Z-Client:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Client-7.3.Z-Client:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390", "7Client-7.3.Z-Client:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Client-7.3.Z-Client:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Client-7.3.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Client-7.3.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Client-7.3.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Client-7.3.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Client-7.3.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.i686", "7Client-7.3.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Client-7.3.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Client-7.3.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Client-7.3.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390", "7Client-7.3.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Client-7.3.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Client-7.3.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Client-7.3.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Client-7.3.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Client-7.3.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Client-7.3.Z-Client:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Client-7.3.Z-Client:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Client-7.3.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Client-7.3.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Client-7.3.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Client-7.3.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.i686", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390x", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.s390x", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.i686", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390x", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.s390x", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.ppc", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.s390x", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Server-7.3.Z-Server:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.i686", "7Server-7.3.Z-Server:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Server-7.3.Z-Server:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Server-7.3.Z-Server:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Server-7.3.Z-Server:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390", "7Server-7.3.Z-Server:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Server-7.3.Z-Server:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Server-7.3.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Server-7.3.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Server-7.3.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Server-7.3.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Server-7.3.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.i686", "7Server-7.3.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Server-7.3.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Server-7.3.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Server-7.3.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390", "7Server-7.3.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Server-7.3.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Server-7.3.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Server-7.3.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Server-7.3.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Server-7.3.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Server-7.3.Z-Server:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Server-7.3.Z-Server:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Server-7.3.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Server-7.3.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Server-7.3.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Server-7.3.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.i686", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.i686", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2017-3261" }, { "category": "external", "summary": "RHBZ#1413653", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1413653" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2017-3261", "url": "https://www.cve.org/CVERecord?id=CVE-2017-3261" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-3261", "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-3261" } ], "release_date": "2017-01-17T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of IBM Java must be restarted for this update to take effect.", "product_ids": [ "6Client-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "7Client-7.3.Z-Client:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.i686", "7Client-7.3.Z-Client:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Client-7.3.Z-Client:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Client-7.3.Z-Client:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Client-7.3.Z-Client:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390", "7Client-7.3.Z-Client:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Client-7.3.Z-Client:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Client-7.3.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Client-7.3.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Client-7.3.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Client-7.3.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Client-7.3.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.i686", "7Client-7.3.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Client-7.3.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Client-7.3.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Client-7.3.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390", "7Client-7.3.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Client-7.3.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Client-7.3.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Client-7.3.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Client-7.3.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Client-7.3.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Client-7.3.Z-Client:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Client-7.3.Z-Client:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Client-7.3.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Client-7.3.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Client-7.3.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Client-7.3.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.i686", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390x", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.s390x", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.i686", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390x", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.s390x", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.ppc", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.s390x", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Server-7.3.Z-Server:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.i686", "7Server-7.3.Z-Server:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Server-7.3.Z-Server:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Server-7.3.Z-Server:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Server-7.3.Z-Server:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390", "7Server-7.3.Z-Server:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Server-7.3.Z-Server:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Server-7.3.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Server-7.3.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Server-7.3.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Server-7.3.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Server-7.3.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.i686", "7Server-7.3.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Server-7.3.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Server-7.3.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Server-7.3.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390", "7Server-7.3.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Server-7.3.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Server-7.3.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Server-7.3.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Server-7.3.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Server-7.3.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Server-7.3.Z-Server:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Server-7.3.Z-Server:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Server-7.3.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Server-7.3.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Server-7.3.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Server-7.3.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.i686", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.i686", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2017:0336" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 4.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N", "version": "3.0" }, "products": [ "6Client-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "7Client-7.3.Z-Client:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.i686", "7Client-7.3.Z-Client:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Client-7.3.Z-Client:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Client-7.3.Z-Client:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Client-7.3.Z-Client:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390", "7Client-7.3.Z-Client:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Client-7.3.Z-Client:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Client-7.3.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Client-7.3.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Client-7.3.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Client-7.3.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Client-7.3.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.i686", "7Client-7.3.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Client-7.3.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Client-7.3.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Client-7.3.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390", "7Client-7.3.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Client-7.3.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Client-7.3.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Client-7.3.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Client-7.3.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Client-7.3.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Client-7.3.Z-Client:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Client-7.3.Z-Client:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Client-7.3.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Client-7.3.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Client-7.3.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Client-7.3.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.i686", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390x", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.s390x", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.i686", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390x", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.s390x", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.ppc", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.s390x", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Server-7.3.Z-Server:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.i686", "7Server-7.3.Z-Server:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Server-7.3.Z-Server:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Server-7.3.Z-Server:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Server-7.3.Z-Server:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390", "7Server-7.3.Z-Server:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Server-7.3.Z-Server:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Server-7.3.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Server-7.3.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Server-7.3.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Server-7.3.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Server-7.3.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.i686", "7Server-7.3.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Server-7.3.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Server-7.3.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Server-7.3.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390", "7Server-7.3.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Server-7.3.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Server-7.3.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Server-7.3.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Server-7.3.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Server-7.3.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Server-7.3.Z-Server:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Server-7.3.Z-Server:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Server-7.3.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Server-7.3.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Server-7.3.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Server-7.3.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.i686", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.i686", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "OpenJDK: integer overflow in SocketOutputStream boundary check (Networking, 8164147)" }, { "cve": "CVE-2017-3272", "discovery_date": "2017-01-15T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1413554" } ], "notes": [ { "category": "description", "text": "Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Libraries). Supported versions that are affected are Java SE: 6u131, 7u121 and 8u112; Java SE Embedded: 8u111. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Java SE, Java SE Embedded, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Java SE, Java SE Embedded. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS v3.0 Base Score 9.6 (Confidentiality, Integrity and Availability impacts).", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: insufficient protected field access checks in atomic field updaters (Libraries, 8165344)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Client-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "7Client-7.3.Z-Client:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.i686", "7Client-7.3.Z-Client:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Client-7.3.Z-Client:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Client-7.3.Z-Client:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Client-7.3.Z-Client:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390", "7Client-7.3.Z-Client:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Client-7.3.Z-Client:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Client-7.3.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Client-7.3.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Client-7.3.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Client-7.3.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Client-7.3.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.i686", "7Client-7.3.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Client-7.3.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Client-7.3.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Client-7.3.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390", "7Client-7.3.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Client-7.3.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Client-7.3.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Client-7.3.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Client-7.3.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Client-7.3.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Client-7.3.Z-Client:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Client-7.3.Z-Client:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Client-7.3.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Client-7.3.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Client-7.3.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Client-7.3.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.i686", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390x", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.s390x", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.i686", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390x", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.s390x", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.ppc", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.s390x", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Server-7.3.Z-Server:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.i686", "7Server-7.3.Z-Server:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Server-7.3.Z-Server:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Server-7.3.Z-Server:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Server-7.3.Z-Server:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390", "7Server-7.3.Z-Server:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Server-7.3.Z-Server:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Server-7.3.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Server-7.3.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Server-7.3.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Server-7.3.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Server-7.3.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.i686", "7Server-7.3.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Server-7.3.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Server-7.3.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Server-7.3.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390", "7Server-7.3.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Server-7.3.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Server-7.3.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Server-7.3.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Server-7.3.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Server-7.3.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Server-7.3.Z-Server:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Server-7.3.Z-Server:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Server-7.3.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Server-7.3.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Server-7.3.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Server-7.3.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.i686", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.i686", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2017-3272" }, { "category": "external", "summary": "RHBZ#1413554", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1413554" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2017-3272", "url": "https://www.cve.org/CVERecord?id=CVE-2017-3272" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-3272", "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-3272" } ], "release_date": "2017-01-17T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of IBM Java must be restarted for this update to take effect.", "product_ids": [ "6Client-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "7Client-7.3.Z-Client:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.i686", "7Client-7.3.Z-Client:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Client-7.3.Z-Client:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Client-7.3.Z-Client:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Client-7.3.Z-Client:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390", "7Client-7.3.Z-Client:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Client-7.3.Z-Client:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Client-7.3.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Client-7.3.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Client-7.3.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Client-7.3.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Client-7.3.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.i686", "7Client-7.3.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Client-7.3.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Client-7.3.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Client-7.3.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390", "7Client-7.3.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Client-7.3.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Client-7.3.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Client-7.3.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Client-7.3.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Client-7.3.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Client-7.3.Z-Client:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Client-7.3.Z-Client:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Client-7.3.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Client-7.3.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Client-7.3.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Client-7.3.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.i686", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390x", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.s390x", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.i686", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390x", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.s390x", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.ppc", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.s390x", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Server-7.3.Z-Server:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.i686", "7Server-7.3.Z-Server:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Server-7.3.Z-Server:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Server-7.3.Z-Server:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Server-7.3.Z-Server:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390", "7Server-7.3.Z-Server:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Server-7.3.Z-Server:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Server-7.3.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Server-7.3.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Server-7.3.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Server-7.3.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Server-7.3.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.i686", "7Server-7.3.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Server-7.3.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Server-7.3.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Server-7.3.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390", "7Server-7.3.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Server-7.3.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Server-7.3.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Server-7.3.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Server-7.3.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Server-7.3.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Server-7.3.Z-Server:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Server-7.3.Z-Server:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Server-7.3.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Server-7.3.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Server-7.3.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Server-7.3.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.i686", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.i686", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2017:0336" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0" }, "products": [ "6Client-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "7Client-7.3.Z-Client:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.i686", "7Client-7.3.Z-Client:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Client-7.3.Z-Client:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Client-7.3.Z-Client:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Client-7.3.Z-Client:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390", "7Client-7.3.Z-Client:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Client-7.3.Z-Client:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Client-7.3.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Client-7.3.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Client-7.3.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Client-7.3.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Client-7.3.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.i686", "7Client-7.3.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Client-7.3.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Client-7.3.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Client-7.3.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390", "7Client-7.3.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Client-7.3.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Client-7.3.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Client-7.3.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Client-7.3.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Client-7.3.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Client-7.3.Z-Client:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Client-7.3.Z-Client:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Client-7.3.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Client-7.3.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Client-7.3.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Client-7.3.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.i686", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390x", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.s390x", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.i686", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390x", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.s390x", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.ppc", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.s390x", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Server-7.3.Z-Server:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.i686", "7Server-7.3.Z-Server:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Server-7.3.Z-Server:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Server-7.3.Z-Server:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Server-7.3.Z-Server:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390", "7Server-7.3.Z-Server:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Server-7.3.Z-Server:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Server-7.3.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Server-7.3.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Server-7.3.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Server-7.3.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Server-7.3.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.i686", "7Server-7.3.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Server-7.3.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Server-7.3.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Server-7.3.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390", "7Server-7.3.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Server-7.3.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Server-7.3.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Server-7.3.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Server-7.3.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Server-7.3.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Server-7.3.Z-Server:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Server-7.3.Z-Server:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Server-7.3.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Server-7.3.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Server-7.3.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Server-7.3.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.i686", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.i686", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Critical" } ], "title": "OpenJDK: insufficient protected field access checks in atomic field updaters (Libraries, 8165344)" }, { "cve": "CVE-2017-3289", "discovery_date": "2017-01-15T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1413562" } ], "notes": [ { "category": "description", "text": "Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Hotspot). Supported versions that are affected are Java SE: 7u121 and 8u112; Java SE Embedded: 8u111. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Java SE, Java SE Embedded, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Java SE, Java SE Embedded. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS v3.0 Base Score 9.6 (Confidentiality, Integrity and Availability impacts).", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: insecure class construction (Hotspot, 8167104)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Client-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "7Client-7.3.Z-Client:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.i686", "7Client-7.3.Z-Client:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Client-7.3.Z-Client:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Client-7.3.Z-Client:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Client-7.3.Z-Client:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390", "7Client-7.3.Z-Client:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Client-7.3.Z-Client:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Client-7.3.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Client-7.3.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Client-7.3.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Client-7.3.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Client-7.3.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.i686", "7Client-7.3.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Client-7.3.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Client-7.3.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Client-7.3.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390", "7Client-7.3.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Client-7.3.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Client-7.3.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Client-7.3.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Client-7.3.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Client-7.3.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Client-7.3.Z-Client:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Client-7.3.Z-Client:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Client-7.3.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Client-7.3.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Client-7.3.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Client-7.3.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.i686", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390x", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.s390x", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.i686", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390x", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.s390x", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.ppc", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.s390x", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Server-7.3.Z-Server:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.i686", "7Server-7.3.Z-Server:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Server-7.3.Z-Server:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Server-7.3.Z-Server:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Server-7.3.Z-Server:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390", "7Server-7.3.Z-Server:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Server-7.3.Z-Server:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Server-7.3.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Server-7.3.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Server-7.3.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Server-7.3.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Server-7.3.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.i686", "7Server-7.3.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Server-7.3.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Server-7.3.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Server-7.3.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390", "7Server-7.3.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Server-7.3.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Server-7.3.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Server-7.3.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Server-7.3.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Server-7.3.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Server-7.3.Z-Server:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Server-7.3.Z-Server:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Server-7.3.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Server-7.3.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Server-7.3.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Server-7.3.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.i686", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.i686", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2017-3289" }, { "category": "external", "summary": "RHBZ#1413562", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1413562" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2017-3289", "url": "https://www.cve.org/CVERecord?id=CVE-2017-3289" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-3289", "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-3289" } ], "release_date": "2017-01-17T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of IBM Java must be restarted for this update to take effect.", "product_ids": [ "6Client-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "7Client-7.3.Z-Client:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.i686", "7Client-7.3.Z-Client:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Client-7.3.Z-Client:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Client-7.3.Z-Client:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Client-7.3.Z-Client:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390", "7Client-7.3.Z-Client:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Client-7.3.Z-Client:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Client-7.3.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Client-7.3.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Client-7.3.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Client-7.3.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Client-7.3.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.i686", "7Client-7.3.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Client-7.3.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Client-7.3.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Client-7.3.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390", "7Client-7.3.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Client-7.3.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Client-7.3.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Client-7.3.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Client-7.3.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Client-7.3.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Client-7.3.Z-Client:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Client-7.3.Z-Client:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Client-7.3.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Client-7.3.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Client-7.3.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Client-7.3.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.i686", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390x", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.s390x", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.i686", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390x", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.s390x", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.ppc", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.s390x", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Server-7.3.Z-Server:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.i686", "7Server-7.3.Z-Server:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Server-7.3.Z-Server:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Server-7.3.Z-Server:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Server-7.3.Z-Server:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390", "7Server-7.3.Z-Server:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Server-7.3.Z-Server:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Server-7.3.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Server-7.3.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Server-7.3.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Server-7.3.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Server-7.3.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.i686", "7Server-7.3.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Server-7.3.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Server-7.3.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Server-7.3.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390", "7Server-7.3.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Server-7.3.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Server-7.3.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Server-7.3.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Server-7.3.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Server-7.3.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Server-7.3.Z-Server:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Server-7.3.Z-Server:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Server-7.3.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Server-7.3.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Server-7.3.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Server-7.3.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.i686", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.i686", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2017:0336" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0" }, "products": [ "6Client-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Client-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6ComputeNode-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Server-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.i686", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.ppc64", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.s390x", "6Workstation-Supplementary-6.8.z:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.1.el6_8.x86_64", "7Client-7.3.Z-Client:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.i686", "7Client-7.3.Z-Client:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Client-7.3.Z-Client:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Client-7.3.Z-Client:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Client-7.3.Z-Client:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390", "7Client-7.3.Z-Client:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Client-7.3.Z-Client:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Client-7.3.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Client-7.3.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Client-7.3.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Client-7.3.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Client-7.3.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.i686", "7Client-7.3.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Client-7.3.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Client-7.3.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Client-7.3.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390", "7Client-7.3.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Client-7.3.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Client-7.3.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Client-7.3.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Client-7.3.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Client-7.3.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Client-7.3.Z-Client:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Client-7.3.Z-Client:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Client-7.3.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Client-7.3.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Client-7.3.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Client-7.3.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.i686", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390x", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.s390x", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.i686", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390x", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.s390x", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.ppc", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.s390x", "7ComputeNode-7.3.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Server-7.3.Z-Server:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.i686", "7Server-7.3.Z-Server:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Server-7.3.Z-Server:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Server-7.3.Z-Server:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Server-7.3.Z-Server:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390", "7Server-7.3.Z-Server:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Server-7.3.Z-Server:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Server-7.3.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Server-7.3.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Server-7.3.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Server-7.3.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Server-7.3.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.i686", "7Server-7.3.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Server-7.3.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Server-7.3.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Server-7.3.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390", "7Server-7.3.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Server-7.3.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Server-7.3.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Server-7.3.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Server-7.3.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Server-7.3.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Server-7.3.Z-Server:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Server-7.3.Z-Server:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Server-7.3.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Server-7.3.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Server-7.3.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Server-7.3.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.i686", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.i686", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.ppc", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-plugin-1:1.7.1.4.1-1jpp.2.el7.x86_64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.ppc64le", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.s390x", "7Workstation-7.3.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.1-1jpp.2.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Critical" } ], "title": "OpenJDK: insecure class construction (Hotspot, 8167104)" } ] }
rhba-2019_2581
Vulnerability from csaf_redhat
Notes
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Moderate" }, "category": "csaf_vex", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "Red Hat OpenShift Container Platform release 3.11.141 is now available with\nupdates to packages and images that fix several bugs and add enhancements.", "title": "Topic" }, { "category": "general", "text": "Red Hat OpenShift Container Platform is Red Hat\u0027s cloud computing\nKubernetes application platform solution designed for on-premise or private\ncloud deployments.\n\nThis advisory contains the container images for Red Hat OpenShift Container\nPlatform 3.11.z. See the following advisory for the RPM packages for\nthis release:\n\nhttps://access.redhat.com/errata/RHBA-2019:2580\n\nThis update contains the following images: \n\nopenshift3/ose-ansible:v3.11.141-2\nopenshift3/ose-descheduler:v3.11.141-2\nopenshift3/ose-node-problem-detector:v3.11.141-2\nopenshift3/ose-cluster-monitoring-operator:v3.11.141-2\nopenshift3/csi-attacher:v3.11.141-2\nopenshift3/csi-livenessprobe:v3.11.141-2\nopenshift3/ose-efs-provisioner:v3.11.141-2\nopenshift3/prometheus-alertmanager:v3.11.141-2\nopenshift3/prometheus:v3.11.141-2\nopenshift3/jenkins-agent-maven-35-rhel7:v3.11.141-3\nopenshift3/jenkins-slave-base-rhel7:v3.11.141-2\nopenshift3/jenkins-slave-nodejs-rhel7:v3.11.141-2\nopenshift3/ose-kube-state-metrics:v3.11.141-2\nopenshift3/ose-logging-elasticsearch5:v3.11.141-2\nopenshift3/logging-fluentd:v3.11.141-2\nopenshift3/metrics-cassandra:v3.11.141-3\nopenshift3/metrics-hawkular-openshift-agent:v3.11.141-2\nopenshift3/metrics-schema-installer:v3.11.141-2\nopenshift3/apb-tools:v3.11.141-2\nopenshift3/ose-docker-builder:v3.11.141-2\nopenshift3/ose-cluster-capacity:v3.11.141-2\nopenshift3/ose:v3.11.141-3\nopenshift3/ose-egress-dns-proxy:v3.11.141-2\nopenshift3/ose-haproxy-router:v3.11.141-2\nopenshift3/ose-hypershift:v3.11.141-2\nopenshift3/mariadb-apb:v3.11.141-2\nopenshift3/mediawiki:v3.11.141-3\nopenshift3/node:v3.11.141-3\nopenshift3/postgresql-apb:v3.11.141-2\nopenshift3/ose-docker-registry:v3.11.141-2\nopenshift3/ose-tests:v3.11.141-2\nopenshift3/local-storage-provisioner:v3.11.141-2\nopenshift3/ose-operator-lifecycle-manager:v3.11.141-2\nopenshift3/ose-egress-http-proxy:v3.11.141-2\nopenshift3/ose-prometheus-config-reloader:v3.11.141-2\nopenshift3/registry-console:v3.11.141-2\nopenshift3/snapshot-provisioner:v3.11.141-2\nopenshift3/ose-cluster-autoscaler:v3.11.141-2\nopenshift3/ose-metrics-server:v3.11.141-2\nopenshift3/automation-broker-apb:v3.11.141-2\nopenshift3/ose-configmap-reloader:v3.11.141-2\nopenshift3/csi-driver-registrar:v3.11.141-2\nopenshift3/csi-provisioner:v3.11.141-2\nopenshift3/oauth-proxy:v3.11.141-1\nopenshift3/prometheus-node-exporter:v3.11.141-2\nopenshift3/grafana:v3.11.141-2\nopenshift3/jenkins-agent-nodejs-8-rhel7:v3.11.141-2\nopenshift3/jenkins-slave-maven-rhel7:v3.11.141-2\nopenshift3/ose-kube-rbac-proxy:v3.11.141-2\nopenshift3/ose-logging-curator5:v3.11.141-2\nopenshift3/ose-logging-eventrouter:v3.11.141-2\nopenshift3/ose-logging-kibana5:v3.11.141-2\nopenshift3/metrics-hawkular-metrics:v3.11.141-3\nopenshift3/metrics-heapster:v3.11.141-2\nopenshift3/apb-base:v3.11.141-2\nopenshift3/ose-ansible-service-broker:v3.11.141-2\nopenshift3/ose-cli:v3.11.141-2\nopenshift3/ose-console:v3.11.141-2\nopenshift3/ose-deployer:v3.11.141-2\nopenshift3/ose-egress-router:v3.11.141-2\nopenshift3/ose-hyperkube:v3.11.141-2\nopenshift3/ose-keepalived-ipfailover:v3.11.141-2\nopenshift3/mediawiki-apb:v3.11.141-2\nopenshift3/mysql-apb:v3.11.141-2\nopenshift3/ose-pod:v3.11.141-2\nopenshift3/ose-recycler:v3.11.141-2\nopenshift3/ose-service-catalog:v3.11.141-2\nopenshift3/jenkins-2-rhel7:v3.11.141-3\nopenshift3/manila-provisioner:v3.11.141-2\nopenshift3/ose-web-console:v3.11.141-2\nopenshift3/ose-ovn-kubernetes:v3.11.141-2\nopenshift3/ose-prometheus-operator:v3.11.141-2\nopenshift3/snapshot-controller:v3.11.141-2\nopenshift3/ose-template-service-broker:v3.11.141-2\n\nAll OpenShift Container Platform 3.11 users are advised to upgrade to these\nupdated packages and images.", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat offerings.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHBA-2019:2581", "url": "https://access.redhat.com/errata/RHBA-2019:2581" }, { "category": "external", "summary": "1745410", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1745410" }, { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/data/csaf/v2/advisories/2019/rhba-2019_2581.json" } ], "title": "Red Hat Bug Fix Advisory: OpenShift Container Platform 3.11 images update", "tracking": { "current_release_date": "2024-09-13T11:31:42+00:00", "generator": { "date": "2024-09-13T11:31:42+00:00", "engine": { "name": "Red Hat SDEngine", "version": "3.33.3" } }, "id": "RHBA-2019:2581", "initial_release_date": "2019-09-03T17:12:22+00:00", "revision_history": [ { "date": "2019-09-03T17:12:22+00:00", "number": "1", "summary": "Initial version" }, { "date": "2019-09-03T17:12:22+00:00", "number": "2", "summary": "Last updated version" }, { "date": "2024-09-13T11:31:42+00:00", "number": "3", "summary": "Last generated version" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "Red Hat OpenShift Container Platform 3.11", "product": { "name": "Red Hat OpenShift Container Platform 3.11", "product_id": "7Server-RH7-RHOSE-3.11", "product_identification_helper": { "cpe": "cpe:/a:redhat:openshift:3.11::el7" } } } ], "category": "product_family", "name": "Red Hat OpenShift Enterprise" }, { "branches": [ { "category": "product_version", "name": "openshift3/ose-ansible@sha256:bce473a8fc6494318dd48ab9e490bae73b4fc7bf456ce87f2e42c0b32d565363_amd64", "product": { "name": "openshift3/ose-ansible@sha256:bce473a8fc6494318dd48ab9e490bae73b4fc7bf456ce87f2e42c0b32d565363_amd64", "product_id": "openshift3/ose-ansible@sha256:bce473a8fc6494318dd48ab9e490bae73b4fc7bf456ce87f2e42c0b32d565363_amd64", "product_identification_helper": { "purl": "pkg:oci/ose-ansible@sha256:bce473a8fc6494318dd48ab9e490bae73b4fc7bf456ce87f2e42c0b32d565363?arch=amd64\u0026repository_url=registry.redhat.io/openshift3/ose-ansible\u0026tag=v3.11.141-2" } } }, { "category": "product_version", "name": "openshift3/ose-cluster-autoscaler@sha256:67f3e573395b921b4da67f8f8699c9dd2642859393f9c3857794819d7f94d765_amd64", "product": { "name": "openshift3/ose-cluster-autoscaler@sha256:67f3e573395b921b4da67f8f8699c9dd2642859393f9c3857794819d7f94d765_amd64", "product_id": "openshift3/ose-cluster-autoscaler@sha256:67f3e573395b921b4da67f8f8699c9dd2642859393f9c3857794819d7f94d765_amd64", "product_identification_helper": { "purl": "pkg:oci/ose-cluster-autoscaler@sha256:67f3e573395b921b4da67f8f8699c9dd2642859393f9c3857794819d7f94d765?arch=amd64\u0026repository_url=registry.redhat.io/openshift3/ose-cluster-autoscaler\u0026tag=v3.11.141-2" } } }, { "category": "product_version", "name": "openshift3/ose-descheduler@sha256:a1ea654b6bb03712d27d76b0f643b39f2a59475ffbdecb9d4e02a02cf7e78835_amd64", "product": { "name": "openshift3/ose-descheduler@sha256:a1ea654b6bb03712d27d76b0f643b39f2a59475ffbdecb9d4e02a02cf7e78835_amd64", "product_id": "openshift3/ose-descheduler@sha256:a1ea654b6bb03712d27d76b0f643b39f2a59475ffbdecb9d4e02a02cf7e78835_amd64", "product_identification_helper": { "purl": "pkg:oci/ose-descheduler@sha256:a1ea654b6bb03712d27d76b0f643b39f2a59475ffbdecb9d4e02a02cf7e78835?arch=amd64\u0026repository_url=registry.redhat.io/openshift3/ose-descheduler\u0026tag=v3.11.141-2" } } }, { "category": "product_version", "name": "openshift3/ose-metrics-server@sha256:b188d6d36d913aa6d4d2b83ee2e6ab0c7ae394d9d078a9fb389958ac6ffd5254_amd64", "product": { "name": "openshift3/ose-metrics-server@sha256:b188d6d36d913aa6d4d2b83ee2e6ab0c7ae394d9d078a9fb389958ac6ffd5254_amd64", "product_id": "openshift3/ose-metrics-server@sha256:b188d6d36d913aa6d4d2b83ee2e6ab0c7ae394d9d078a9fb389958ac6ffd5254_amd64", "product_identification_helper": { "purl": "pkg:oci/ose-metrics-server@sha256:b188d6d36d913aa6d4d2b83ee2e6ab0c7ae394d9d078a9fb389958ac6ffd5254?arch=amd64\u0026repository_url=registry.redhat.io/openshift3/ose-metrics-server\u0026tag=v3.11.141-2" } } }, { "category": "product_version", "name": "openshift3/ose-node-problem-detector@sha256:41ef952a4ade68321dae2186cba7a0a3913b125f7aade46b26ffb56d17ddf4e0_amd64", "product": { "name": "openshift3/ose-node-problem-detector@sha256:41ef952a4ade68321dae2186cba7a0a3913b125f7aade46b26ffb56d17ddf4e0_amd64", "product_id": "openshift3/ose-node-problem-detector@sha256:41ef952a4ade68321dae2186cba7a0a3913b125f7aade46b26ffb56d17ddf4e0_amd64", "product_identification_helper": { "purl": "pkg:oci/ose-node-problem-detector@sha256:41ef952a4ade68321dae2186cba7a0a3913b125f7aade46b26ffb56d17ddf4e0?arch=amd64\u0026repository_url=registry.redhat.io/openshift3/ose-node-problem-detector\u0026tag=v3.11.141-2" } } }, { "category": "product_version", "name": "openshift3/automation-broker-apb@sha256:74927207b9b2e8096c25a0bdd4970eff6b74308d490080b6a02f65a744b52df8_amd64", "product": { "name": "openshift3/automation-broker-apb@sha256:74927207b9b2e8096c25a0bdd4970eff6b74308d490080b6a02f65a744b52df8_amd64", "product_id": "openshift3/automation-broker-apb@sha256:74927207b9b2e8096c25a0bdd4970eff6b74308d490080b6a02f65a744b52df8_amd64", "product_identification_helper": { "purl": "pkg:oci/automation-broker-apb@sha256:74927207b9b2e8096c25a0bdd4970eff6b74308d490080b6a02f65a744b52df8?arch=amd64\u0026repository_url=registry.redhat.io/openshift3/automation-broker-apb\u0026tag=v3.11.141-2" } } }, { "category": "product_version", "name": "openshift3/ose-cluster-monitoring-operator@sha256:886d8c9cfaaf1f29a721f97cd81f8444dac94a54fea5f5b70337be9203af378d_amd64", "product": { "name": "openshift3/ose-cluster-monitoring-operator@sha256:886d8c9cfaaf1f29a721f97cd81f8444dac94a54fea5f5b70337be9203af378d_amd64", "product_id": "openshift3/ose-cluster-monitoring-operator@sha256:886d8c9cfaaf1f29a721f97cd81f8444dac94a54fea5f5b70337be9203af378d_amd64", "product_identification_helper": { "purl": "pkg:oci/ose-cluster-monitoring-operator@sha256:886d8c9cfaaf1f29a721f97cd81f8444dac94a54fea5f5b70337be9203af378d?arch=amd64\u0026repository_url=registry.redhat.io/openshift3/ose-cluster-monitoring-operator\u0026tag=v3.11.141-2" } } }, { "category": "product_version", "name": "openshift3/ose-configmap-reloader@sha256:9452482e5deccc2e8f6720eb932866f5861753e61246f406d97c49658d2d05cc_amd64", "product": { "name": "openshift3/ose-configmap-reloader@sha256:9452482e5deccc2e8f6720eb932866f5861753e61246f406d97c49658d2d05cc_amd64", "product_id": "openshift3/ose-configmap-reloader@sha256:9452482e5deccc2e8f6720eb932866f5861753e61246f406d97c49658d2d05cc_amd64", "product_identification_helper": { "purl": "pkg:oci/ose-configmap-reloader@sha256:9452482e5deccc2e8f6720eb932866f5861753e61246f406d97c49658d2d05cc?arch=amd64\u0026repository_url=registry.redhat.io/openshift3/ose-configmap-reloader\u0026tag=v3.11.141-2" } } }, { "category": "product_version", "name": "openshift3/csi-attacher@sha256:854e60e8d6fc1ab8004bb6c0320df575a0e619ce0c57369817154d409019f7aa_amd64", "product": { "name": "openshift3/csi-attacher@sha256:854e60e8d6fc1ab8004bb6c0320df575a0e619ce0c57369817154d409019f7aa_amd64", "product_id": "openshift3/csi-attacher@sha256:854e60e8d6fc1ab8004bb6c0320df575a0e619ce0c57369817154d409019f7aa_amd64", "product_identification_helper": { "purl": "pkg:oci/csi-attacher@sha256:854e60e8d6fc1ab8004bb6c0320df575a0e619ce0c57369817154d409019f7aa?arch=amd64\u0026repository_url=registry.redhat.io/openshift3/csi-attacher\u0026tag=v3.11.141-2" } } }, { "category": "product_version", "name": "openshift3/csi-driver-registrar@sha256:7388276b383db3b45c1fbdb4ec3266e41a566a8c612af37c8bfc3b63ae1ac556_amd64", "product": { "name": "openshift3/csi-driver-registrar@sha256:7388276b383db3b45c1fbdb4ec3266e41a566a8c612af37c8bfc3b63ae1ac556_amd64", "product_id": "openshift3/csi-driver-registrar@sha256:7388276b383db3b45c1fbdb4ec3266e41a566a8c612af37c8bfc3b63ae1ac556_amd64", "product_identification_helper": { "purl": "pkg:oci/csi-driver-registrar@sha256:7388276b383db3b45c1fbdb4ec3266e41a566a8c612af37c8bfc3b63ae1ac556?arch=amd64\u0026repository_url=registry.redhat.io/openshift3/csi-driver-registrar\u0026tag=v3.11.141-2" } } }, { "category": "product_version", "name": "openshift3/csi-livenessprobe@sha256:800322bdfb2cf59aa0099a4ed4eac0e09b8b136ac4a12f1f07b0335fa69aa4d3_amd64", "product": { "name": "openshift3/csi-livenessprobe@sha256:800322bdfb2cf59aa0099a4ed4eac0e09b8b136ac4a12f1f07b0335fa69aa4d3_amd64", "product_id": "openshift3/csi-livenessprobe@sha256:800322bdfb2cf59aa0099a4ed4eac0e09b8b136ac4a12f1f07b0335fa69aa4d3_amd64", "product_identification_helper": { "purl": "pkg:oci/csi-livenessprobe@sha256:800322bdfb2cf59aa0099a4ed4eac0e09b8b136ac4a12f1f07b0335fa69aa4d3?arch=amd64\u0026repository_url=registry.redhat.io/openshift3/csi-livenessprobe\u0026tag=v3.11.141-2" } } }, { "category": "product_version", "name": "openshift3/csi-provisioner@sha256:dda66e90ccc82eb56702147799e16ee5f0cf4e2076521440af21dd4f681de260_amd64", "product": { "name": "openshift3/csi-provisioner@sha256:dda66e90ccc82eb56702147799e16ee5f0cf4e2076521440af21dd4f681de260_amd64", "product_id": "openshift3/csi-provisioner@sha256:dda66e90ccc82eb56702147799e16ee5f0cf4e2076521440af21dd4f681de260_amd64", "product_identification_helper": { "purl": "pkg:oci/csi-provisioner@sha256:dda66e90ccc82eb56702147799e16ee5f0cf4e2076521440af21dd4f681de260?arch=amd64\u0026repository_url=registry.redhat.io/openshift3/csi-provisioner\u0026tag=v3.11.141-2" } } }, { "category": "product_version", "name": "openshift3/ose-efs-provisioner@sha256:bd1bc0726a82a39db1adae3bd03b2dc40aee3f277db42a1f7cf135012e94348e_amd64", "product": { "name": "openshift3/ose-efs-provisioner@sha256:bd1bc0726a82a39db1adae3bd03b2dc40aee3f277db42a1f7cf135012e94348e_amd64", "product_id": "openshift3/ose-efs-provisioner@sha256:bd1bc0726a82a39db1adae3bd03b2dc40aee3f277db42a1f7cf135012e94348e_amd64", "product_identification_helper": { "purl": "pkg:oci/ose-efs-provisioner@sha256:bd1bc0726a82a39db1adae3bd03b2dc40aee3f277db42a1f7cf135012e94348e?arch=amd64\u0026repository_url=registry.redhat.io/openshift3/ose-efs-provisioner\u0026tag=v3.11.141-2" } } }, { "category": "product_version", "name": "openshift3/oauth-proxy@sha256:972b04574615061ac261a3e28f22812f775b7aa70226da7f05a10191e374a41a_amd64", "product": { "name": "openshift3/oauth-proxy@sha256:972b04574615061ac261a3e28f22812f775b7aa70226da7f05a10191e374a41a_amd64", "product_id": "openshift3/oauth-proxy@sha256:972b04574615061ac261a3e28f22812f775b7aa70226da7f05a10191e374a41a_amd64", "product_identification_helper": { "purl": "pkg:oci/oauth-proxy@sha256:972b04574615061ac261a3e28f22812f775b7aa70226da7f05a10191e374a41a?arch=amd64\u0026repository_url=registry.redhat.io/openshift3/oauth-proxy\u0026tag=v3.11.141-1" } } }, { "category": "product_version", "name": "openshift3/prometheus-alertmanager@sha256:9b3bc898c8cf14b2b20c8e2b2a7f8bbca673d2f124746da08393ce3da9c6be76_amd64", "product": { "name": "openshift3/prometheus-alertmanager@sha256:9b3bc898c8cf14b2b20c8e2b2a7f8bbca673d2f124746da08393ce3da9c6be76_amd64", "product_id": "openshift3/prometheus-alertmanager@sha256:9b3bc898c8cf14b2b20c8e2b2a7f8bbca673d2f124746da08393ce3da9c6be76_amd64", "product_identification_helper": { "purl": "pkg:oci/prometheus-alertmanager@sha256:9b3bc898c8cf14b2b20c8e2b2a7f8bbca673d2f124746da08393ce3da9c6be76?arch=amd64\u0026repository_url=registry.redhat.io/openshift3/prometheus-alertmanager\u0026tag=v3.11.141-2" } } }, { "category": "product_version", "name": "openshift3/prometheus-node-exporter@sha256:2333060c4a428c009a8cf3d56e27ea77ee95420ed5830d311ae3db86d26704f5_amd64", "product": { "name": "openshift3/prometheus-node-exporter@sha256:2333060c4a428c009a8cf3d56e27ea77ee95420ed5830d311ae3db86d26704f5_amd64", "product_id": "openshift3/prometheus-node-exporter@sha256:2333060c4a428c009a8cf3d56e27ea77ee95420ed5830d311ae3db86d26704f5_amd64", "product_identification_helper": { "purl": "pkg:oci/prometheus-node-exporter@sha256:2333060c4a428c009a8cf3d56e27ea77ee95420ed5830d311ae3db86d26704f5?arch=amd64\u0026repository_url=registry.redhat.io/openshift3/prometheus-node-exporter\u0026tag=v3.11.141-2" } } }, { "category": "product_version", "name": "openshift3/prometheus@sha256:e9a2b9f83efcb2393ae134e776dbac27bc71019270520a256bc33a43178e339d_amd64", "product": { "name": "openshift3/prometheus@sha256:e9a2b9f83efcb2393ae134e776dbac27bc71019270520a256bc33a43178e339d_amd64", "product_id": "openshift3/prometheus@sha256:e9a2b9f83efcb2393ae134e776dbac27bc71019270520a256bc33a43178e339d_amd64", "product_identification_helper": { "purl": "pkg:oci/prometheus@sha256:e9a2b9f83efcb2393ae134e776dbac27bc71019270520a256bc33a43178e339d?arch=amd64\u0026repository_url=registry.redhat.io/openshift3/prometheus\u0026tag=v3.11.141-2" } } }, { "category": "product_version", "name": "openshift3/grafana@sha256:502454641e5489c8552d1d8764f0533dc0accc1dc16a10a09347eb4f633fa51a_amd64", "product": { "name": "openshift3/grafana@sha256:502454641e5489c8552d1d8764f0533dc0accc1dc16a10a09347eb4f633fa51a_amd64", "product_id": "openshift3/grafana@sha256:502454641e5489c8552d1d8764f0533dc0accc1dc16a10a09347eb4f633fa51a_amd64", "product_identification_helper": { "purl": "pkg:oci/grafana@sha256:502454641e5489c8552d1d8764f0533dc0accc1dc16a10a09347eb4f633fa51a?arch=amd64\u0026repository_url=registry.redhat.io/openshift3/grafana\u0026tag=v3.11.141-2" } } }, { "category": "product_version", "name": "openshift3/jenkins-slave-base-rhel7@sha256:ffb1de34e6b5bdae5a144265f3de3617e7bff9ac1452189a6bbcc23adb987382_amd64", "product": { "name": "openshift3/jenkins-slave-base-rhel7@sha256:ffb1de34e6b5bdae5a144265f3de3617e7bff9ac1452189a6bbcc23adb987382_amd64", "product_id": "openshift3/jenkins-slave-base-rhel7@sha256:ffb1de34e6b5bdae5a144265f3de3617e7bff9ac1452189a6bbcc23adb987382_amd64", "product_identification_helper": { "purl": "pkg:oci/jenkins-slave-base-rhel7@sha256:ffb1de34e6b5bdae5a144265f3de3617e7bff9ac1452189a6bbcc23adb987382?arch=amd64\u0026repository_url=registry.redhat.io/openshift3/jenkins-slave-base-rhel7\u0026tag=v3.11.141-2" } } }, { "category": "product_version", "name": "openshift3/jenkins-slave-maven-rhel7@sha256:b98c1828d539b2309638d4cb0f3b08afbcf579af3d0dff6e5fc5abacd235b062_amd64", "product": { "name": "openshift3/jenkins-slave-maven-rhel7@sha256:b98c1828d539b2309638d4cb0f3b08afbcf579af3d0dff6e5fc5abacd235b062_amd64", "product_id": "openshift3/jenkins-slave-maven-rhel7@sha256:b98c1828d539b2309638d4cb0f3b08afbcf579af3d0dff6e5fc5abacd235b062_amd64", "product_identification_helper": { "purl": "pkg:oci/jenkins-slave-maven-rhel7@sha256:b98c1828d539b2309638d4cb0f3b08afbcf579af3d0dff6e5fc5abacd235b062?arch=amd64\u0026repository_url=registry.redhat.io/openshift3/jenkins-slave-maven-rhel7\u0026tag=v3.11.141-2" } } }, { "category": "product_version", "name": "openshift3/jenkins-slave-nodejs-rhel7@sha256:46b8a985339d1d1dda1d44aa9c5bc45a06582e705ddf8fb3191394b5e502c056_amd64", "product": { "name": "openshift3/jenkins-slave-nodejs-rhel7@sha256:46b8a985339d1d1dda1d44aa9c5bc45a06582e705ddf8fb3191394b5e502c056_amd64", "product_id": "openshift3/jenkins-slave-nodejs-rhel7@sha256:46b8a985339d1d1dda1d44aa9c5bc45a06582e705ddf8fb3191394b5e502c056_amd64", "product_identification_helper": { "purl": "pkg:oci/jenkins-slave-nodejs-rhel7@sha256:46b8a985339d1d1dda1d44aa9c5bc45a06582e705ddf8fb3191394b5e502c056?arch=amd64\u0026repository_url=registry.redhat.io/openshift3/jenkins-slave-nodejs-rhel7\u0026tag=v3.11.141-2" } } }, { "category": "product_version", "name": "openshift3/ose-kube-rbac-proxy@sha256:eb0da4670838a10ba377ba3df6c9aa6e1863d6633af5ebd75dc3cec9e9aa7897_amd64", "product": { "name": "openshift3/ose-kube-rbac-proxy@sha256:eb0da4670838a10ba377ba3df6c9aa6e1863d6633af5ebd75dc3cec9e9aa7897_amd64", "product_id": "openshift3/ose-kube-rbac-proxy@sha256:eb0da4670838a10ba377ba3df6c9aa6e1863d6633af5ebd75dc3cec9e9aa7897_amd64", "product_identification_helper": { "purl": "pkg:oci/ose-kube-rbac-proxy@sha256:eb0da4670838a10ba377ba3df6c9aa6e1863d6633af5ebd75dc3cec9e9aa7897?arch=amd64\u0026repository_url=registry.redhat.io/openshift3/ose-kube-rbac-proxy\u0026tag=v3.11.141-2" } } }, { "category": "product_version", "name": "openshift3/ose-kube-state-metrics@sha256:726effd02df8a87735f75deddc05880a07319565df45e4d8b5f4acb366f11048_amd64", "product": { "name": "openshift3/ose-kube-state-metrics@sha256:726effd02df8a87735f75deddc05880a07319565df45e4d8b5f4acb366f11048_amd64", "product_id": "openshift3/ose-kube-state-metrics@sha256:726effd02df8a87735f75deddc05880a07319565df45e4d8b5f4acb366f11048_amd64", "product_identification_helper": { "purl": "pkg:oci/ose-kube-state-metrics@sha256:726effd02df8a87735f75deddc05880a07319565df45e4d8b5f4acb366f11048?arch=amd64\u0026repository_url=registry.redhat.io/openshift3/ose-kube-state-metrics\u0026tag=v3.11.141-2" } } }, { "category": "product_version", "name": "openshift3/ose-logging-curator5@sha256:0e2491bb4968deca6d7fa62d8c2517d46a237bd1bd41ada1794a34592c65c1fe_amd64", "product": { "name": "openshift3/ose-logging-curator5@sha256:0e2491bb4968deca6d7fa62d8c2517d46a237bd1bd41ada1794a34592c65c1fe_amd64", "product_id": "openshift3/ose-logging-curator5@sha256:0e2491bb4968deca6d7fa62d8c2517d46a237bd1bd41ada1794a34592c65c1fe_amd64", "product_identification_helper": { "purl": "pkg:oci/ose-logging-curator5@sha256:0e2491bb4968deca6d7fa62d8c2517d46a237bd1bd41ada1794a34592c65c1fe?arch=amd64\u0026repository_url=registry.redhat.io/openshift3/ose-logging-curator5\u0026tag=v3.11.141-2" } } }, { "category": "product_version", "name": "openshift3/ose-logging-elasticsearch5@sha256:ca6684fc43c6f87df75c4460ca6e919a37c353cdc460efb4a3df78825b0967ee_amd64", "product": { "name": "openshift3/ose-logging-elasticsearch5@sha256:ca6684fc43c6f87df75c4460ca6e919a37c353cdc460efb4a3df78825b0967ee_amd64", "product_id": "openshift3/ose-logging-elasticsearch5@sha256:ca6684fc43c6f87df75c4460ca6e919a37c353cdc460efb4a3df78825b0967ee_amd64", "product_identification_helper": { "purl": "pkg:oci/ose-logging-elasticsearch5@sha256:ca6684fc43c6f87df75c4460ca6e919a37c353cdc460efb4a3df78825b0967ee?arch=amd64\u0026repository_url=registry.redhat.io/openshift3/ose-logging-elasticsearch5\u0026tag=v3.11.141-2" } } }, { "category": "product_version", "name": "openshift3/ose-logging-eventrouter@sha256:0cbc586af811550f5e674def7a52ee7178cd5b992eb4e87bd8ea766797ed7fdc_amd64", "product": { "name": "openshift3/ose-logging-eventrouter@sha256:0cbc586af811550f5e674def7a52ee7178cd5b992eb4e87bd8ea766797ed7fdc_amd64", "product_id": "openshift3/ose-logging-eventrouter@sha256:0cbc586af811550f5e674def7a52ee7178cd5b992eb4e87bd8ea766797ed7fdc_amd64", "product_identification_helper": { "purl": "pkg:oci/ose-logging-eventrouter@sha256:0cbc586af811550f5e674def7a52ee7178cd5b992eb4e87bd8ea766797ed7fdc?arch=amd64\u0026repository_url=registry.redhat.io/openshift3/ose-logging-eventrouter\u0026tag=v3.11.141-2" } } }, { "category": "product_version", "name": "openshift3/logging-fluentd@sha256:fe089baafe2523726dc129f6107f878fe0980df3c74ff6f275819045fda0f972_amd64", "product": { "name": "openshift3/logging-fluentd@sha256:fe089baafe2523726dc129f6107f878fe0980df3c74ff6f275819045fda0f972_amd64", "product_id": "openshift3/logging-fluentd@sha256:fe089baafe2523726dc129f6107f878fe0980df3c74ff6f275819045fda0f972_amd64", "product_identification_helper": { "purl": "pkg:oci/logging-fluentd@sha256:fe089baafe2523726dc129f6107f878fe0980df3c74ff6f275819045fda0f972?arch=amd64\u0026repository_url=registry.redhat.io/openshift3/logging-fluentd\u0026tag=v3.11.141-2" } } }, { "category": "product_version", "name": "openshift3/ose-logging-fluentd@sha256:fe089baafe2523726dc129f6107f878fe0980df3c74ff6f275819045fda0f972_amd64", "product": { "name": "openshift3/ose-logging-fluentd@sha256:fe089baafe2523726dc129f6107f878fe0980df3c74ff6f275819045fda0f972_amd64", "product_id": "openshift3/ose-logging-fluentd@sha256:fe089baafe2523726dc129f6107f878fe0980df3c74ff6f275819045fda0f972_amd64", "product_identification_helper": { "purl": "pkg:oci/ose-logging-fluentd@sha256:fe089baafe2523726dc129f6107f878fe0980df3c74ff6f275819045fda0f972?arch=amd64\u0026repository_url=registry.redhat.io/openshift3/ose-logging-fluentd\u0026tag=v3.11.141-2" } } }, { "category": "product_version", "name": "openshift3/ose-logging-kibana5@sha256:bc961ab7aa9b7c8e861f40887a23af44c8777c24eca3563708f5cb242dffc80e_amd64", "product": { "name": "openshift3/ose-logging-kibana5@sha256:bc961ab7aa9b7c8e861f40887a23af44c8777c24eca3563708f5cb242dffc80e_amd64", "product_id": "openshift3/ose-logging-kibana5@sha256:bc961ab7aa9b7c8e861f40887a23af44c8777c24eca3563708f5cb242dffc80e_amd64", "product_identification_helper": { "purl": "pkg:oci/ose-logging-kibana5@sha256:bc961ab7aa9b7c8e861f40887a23af44c8777c24eca3563708f5cb242dffc80e?arch=amd64\u0026repository_url=registry.redhat.io/openshift3/ose-logging-kibana5\u0026tag=v3.11.141-2" } } }, { "category": "product_version", "name": "openshift3/ose-metrics-cassandra@sha256:289f63cd6ff4f5bdf411979a2bb85365733915ba302679efe455b0dd85432af1_amd64", "product": { "name": "openshift3/ose-metrics-cassandra@sha256:289f63cd6ff4f5bdf411979a2bb85365733915ba302679efe455b0dd85432af1_amd64", "product_id": "openshift3/ose-metrics-cassandra@sha256:289f63cd6ff4f5bdf411979a2bb85365733915ba302679efe455b0dd85432af1_amd64", "product_identification_helper": { "purl": "pkg:oci/ose-metrics-cassandra@sha256:289f63cd6ff4f5bdf411979a2bb85365733915ba302679efe455b0dd85432af1?arch=amd64\u0026repository_url=registry.redhat.io/openshift3/ose-metrics-cassandra\u0026tag=v3.11.141-3" } } }, { "category": "product_version", "name": "openshift3/metrics-cassandra@sha256:289f63cd6ff4f5bdf411979a2bb85365733915ba302679efe455b0dd85432af1_amd64", "product": { "name": "openshift3/metrics-cassandra@sha256:289f63cd6ff4f5bdf411979a2bb85365733915ba302679efe455b0dd85432af1_amd64", "product_id": "openshift3/metrics-cassandra@sha256:289f63cd6ff4f5bdf411979a2bb85365733915ba302679efe455b0dd85432af1_amd64", "product_identification_helper": { "purl": "pkg:oci/metrics-cassandra@sha256:289f63cd6ff4f5bdf411979a2bb85365733915ba302679efe455b0dd85432af1?arch=amd64\u0026repository_url=registry.redhat.io/openshift3/metrics-cassandra\u0026tag=v3.11.141-3" } } }, { "category": "product_version", "name": "openshift3/ose-metrics-hawkular-metrics@sha256:751cab1ad1c0994cd4fde8127c6c95d1f00ced9814e66ffbc98d55f9766bee17_amd64", "product": { "name": "openshift3/ose-metrics-hawkular-metrics@sha256:751cab1ad1c0994cd4fde8127c6c95d1f00ced9814e66ffbc98d55f9766bee17_amd64", "product_id": "openshift3/ose-metrics-hawkular-metrics@sha256:751cab1ad1c0994cd4fde8127c6c95d1f00ced9814e66ffbc98d55f9766bee17_amd64", "product_identification_helper": { "purl": "pkg:oci/ose-metrics-hawkular-metrics@sha256:751cab1ad1c0994cd4fde8127c6c95d1f00ced9814e66ffbc98d55f9766bee17?arch=amd64\u0026repository_url=registry.redhat.io/openshift3/ose-metrics-hawkular-metrics\u0026tag=v3.11.141-3" } } }, { "category": "product_version", "name": "openshift3/metrics-hawkular-metrics@sha256:751cab1ad1c0994cd4fde8127c6c95d1f00ced9814e66ffbc98d55f9766bee17_amd64", "product": { "name": "openshift3/metrics-hawkular-metrics@sha256:751cab1ad1c0994cd4fde8127c6c95d1f00ced9814e66ffbc98d55f9766bee17_amd64", "product_id": "openshift3/metrics-hawkular-metrics@sha256:751cab1ad1c0994cd4fde8127c6c95d1f00ced9814e66ffbc98d55f9766bee17_amd64", "product_identification_helper": { "purl": "pkg:oci/metrics-hawkular-metrics@sha256:751cab1ad1c0994cd4fde8127c6c95d1f00ced9814e66ffbc98d55f9766bee17?arch=amd64\u0026repository_url=registry.redhat.io/openshift3/metrics-hawkular-metrics\u0026tag=v3.11.141-3" } } }, { "category": "product_version", "name": "openshift3/metrics-hawkular-openshift-agent@sha256:c8ed0f9ddd2b1090521f60b8031a985b9f2bc98e2ea43ff64d0d119acdfdd310_amd64", "product": { "name": "openshift3/metrics-hawkular-openshift-agent@sha256:c8ed0f9ddd2b1090521f60b8031a985b9f2bc98e2ea43ff64d0d119acdfdd310_amd64", "product_id": "openshift3/metrics-hawkular-openshift-agent@sha256:c8ed0f9ddd2b1090521f60b8031a985b9f2bc98e2ea43ff64d0d119acdfdd310_amd64", "product_identification_helper": { "purl": "pkg:oci/metrics-hawkular-openshift-agent@sha256:c8ed0f9ddd2b1090521f60b8031a985b9f2bc98e2ea43ff64d0d119acdfdd310?arch=amd64\u0026repository_url=registry.redhat.io/openshift3/metrics-hawkular-openshift-agent\u0026tag=v3.11.141-2" } } }, { "category": "product_version", "name": "openshift3/ose-metrics-hawkular-openshift-agent@sha256:c8ed0f9ddd2b1090521f60b8031a985b9f2bc98e2ea43ff64d0d119acdfdd310_amd64", "product": { "name": "openshift3/ose-metrics-hawkular-openshift-agent@sha256:c8ed0f9ddd2b1090521f60b8031a985b9f2bc98e2ea43ff64d0d119acdfdd310_amd64", "product_id": "openshift3/ose-metrics-hawkular-openshift-agent@sha256:c8ed0f9ddd2b1090521f60b8031a985b9f2bc98e2ea43ff64d0d119acdfdd310_amd64", "product_identification_helper": { "purl": "pkg:oci/ose-metrics-hawkular-openshift-agent@sha256:c8ed0f9ddd2b1090521f60b8031a985b9f2bc98e2ea43ff64d0d119acdfdd310?arch=amd64\u0026repository_url=registry.redhat.io/openshift3/ose-metrics-hawkular-openshift-agent\u0026tag=v3.11.141-2" } } }, { "category": "product_version", "name": "openshift3/metrics-heapster@sha256:de9e055776e08ef5759e9901051b2fa929459788881b0021ace3d2fbcc2a8dc0_amd64", "product": { "name": "openshift3/metrics-heapster@sha256:de9e055776e08ef5759e9901051b2fa929459788881b0021ace3d2fbcc2a8dc0_amd64", "product_id": "openshift3/metrics-heapster@sha256:de9e055776e08ef5759e9901051b2fa929459788881b0021ace3d2fbcc2a8dc0_amd64", "product_identification_helper": { "purl": "pkg:oci/metrics-heapster@sha256:de9e055776e08ef5759e9901051b2fa929459788881b0021ace3d2fbcc2a8dc0?arch=amd64\u0026repository_url=registry.redhat.io/openshift3/metrics-heapster\u0026tag=v3.11.141-2" } } }, { "category": "product_version", "name": "openshift3/ose-metrics-heapster@sha256:de9e055776e08ef5759e9901051b2fa929459788881b0021ace3d2fbcc2a8dc0_amd64", "product": { "name": "openshift3/ose-metrics-heapster@sha256:de9e055776e08ef5759e9901051b2fa929459788881b0021ace3d2fbcc2a8dc0_amd64", "product_id": "openshift3/ose-metrics-heapster@sha256:de9e055776e08ef5759e9901051b2fa929459788881b0021ace3d2fbcc2a8dc0_amd64", "product_identification_helper": { "purl": "pkg:oci/ose-metrics-heapster@sha256:de9e055776e08ef5759e9901051b2fa929459788881b0021ace3d2fbcc2a8dc0?arch=amd64\u0026repository_url=registry.redhat.io/openshift3/ose-metrics-heapster\u0026tag=v3.11.141-2" } } }, { "category": "product_version", "name": "openshift3/metrics-schema-installer@sha256:f567ef170d6ac571a0b502211dd1588c299c64a42f886b8501a5c4b13e965726_amd64", "product": { "name": "openshift3/metrics-schema-installer@sha256:f567ef170d6ac571a0b502211dd1588c299c64a42f886b8501a5c4b13e965726_amd64", "product_id": "openshift3/metrics-schema-installer@sha256:f567ef170d6ac571a0b502211dd1588c299c64a42f886b8501a5c4b13e965726_amd64", "product_identification_helper": { "purl": "pkg:oci/metrics-schema-installer@sha256:f567ef170d6ac571a0b502211dd1588c299c64a42f886b8501a5c4b13e965726?arch=amd64\u0026repository_url=registry.redhat.io/openshift3/metrics-schema-installer\u0026tag=v3.11.141-2" } } }, { "category": "product_version", "name": "openshift3/ose-metrics-schema-installer@sha256:f567ef170d6ac571a0b502211dd1588c299c64a42f886b8501a5c4b13e965726_amd64", "product": { "name": "openshift3/ose-metrics-schema-installer@sha256:f567ef170d6ac571a0b502211dd1588c299c64a42f886b8501a5c4b13e965726_amd64", "product_id": "openshift3/ose-metrics-schema-installer@sha256:f567ef170d6ac571a0b502211dd1588c299c64a42f886b8501a5c4b13e965726_amd64", "product_identification_helper": { "purl": "pkg:oci/ose-metrics-schema-installer@sha256:f567ef170d6ac571a0b502211dd1588c299c64a42f886b8501a5c4b13e965726?arch=amd64\u0026repository_url=registry.redhat.io/openshift3/ose-metrics-schema-installer\u0026tag=v3.11.141-2" } } }, { "category": "product_version", "name": "openshift3/apb-base@sha256:e552aab7947ceb3742f3edb0649222dab417fd94224926fcf6535efea3a49eab_amd64", "product": { "name": "openshift3/apb-base@sha256:e552aab7947ceb3742f3edb0649222dab417fd94224926fcf6535efea3a49eab_amd64", "product_id": "openshift3/apb-base@sha256:e552aab7947ceb3742f3edb0649222dab417fd94224926fcf6535efea3a49eab_amd64", "product_identification_helper": { "purl": "pkg:oci/apb-base@sha256:e552aab7947ceb3742f3edb0649222dab417fd94224926fcf6535efea3a49eab?arch=amd64\u0026repository_url=registry.redhat.io/openshift3/apb-base\u0026tag=v3.11.141-2" } } }, { "category": "product_version", "name": "openshift3/apb-tools@sha256:16b6f591ef4b12426de75783812a183539dbfa610da1797491d381aaa16d6c10_amd64", "product": { "name": "openshift3/apb-tools@sha256:16b6f591ef4b12426de75783812a183539dbfa610da1797491d381aaa16d6c10_amd64", "product_id": "openshift3/apb-tools@sha256:16b6f591ef4b12426de75783812a183539dbfa610da1797491d381aaa16d6c10_amd64", "product_identification_helper": { "purl": "pkg:oci/apb-tools@sha256:16b6f591ef4b12426de75783812a183539dbfa610da1797491d381aaa16d6c10?arch=amd64\u0026repository_url=registry.redhat.io/openshift3/apb-tools\u0026tag=v3.11.141-2" } } }, { "category": "product_version", "name": "openshift3/ose-ansible-service-broker@sha256:0b6b069a7d68d34d6056f7067ee0b1ebbcc138ca23fc131e91dec7f1ac593521_amd64", "product": { "name": "openshift3/ose-ansible-service-broker@sha256:0b6b069a7d68d34d6056f7067ee0b1ebbcc138ca23fc131e91dec7f1ac593521_amd64", "product_id": "openshift3/ose-ansible-service-broker@sha256:0b6b069a7d68d34d6056f7067ee0b1ebbcc138ca23fc131e91dec7f1ac593521_amd64", "product_identification_helper": { "purl": "pkg:oci/ose-ansible-service-broker@sha256:0b6b069a7d68d34d6056f7067ee0b1ebbcc138ca23fc131e91dec7f1ac593521?arch=amd64\u0026repository_url=registry.redhat.io/openshift3/ose-ansible-service-broker\u0026tag=v3.11.141-2" } } }, { "category": "product_version", "name": "openshift3/ose-docker-builder@sha256:e1dd0f7c3f95fa847214b569f1bfa17124e7469b0042d3868a0126a3523264bf_amd64", "product": { "name": "openshift3/ose-docker-builder@sha256:e1dd0f7c3f95fa847214b569f1bfa17124e7469b0042d3868a0126a3523264bf_amd64", "product_id": "openshift3/ose-docker-builder@sha256:e1dd0f7c3f95fa847214b569f1bfa17124e7469b0042d3868a0126a3523264bf_amd64", "product_identification_helper": { "purl": "pkg:oci/ose-docker-builder@sha256:e1dd0f7c3f95fa847214b569f1bfa17124e7469b0042d3868a0126a3523264bf?arch=amd64\u0026repository_url=registry.redhat.io/openshift3/ose-docker-builder\u0026tag=v3.11.141-2" } } }, { "category": "product_version", "name": "openshift3/ose-cli@sha256:12468fe418ea26ba21a342ef372b8856c963c65d2d6edb14fe49cebc4c8cc393_amd64", "product": { "name": "openshift3/ose-cli@sha256:12468fe418ea26ba21a342ef372b8856c963c65d2d6edb14fe49cebc4c8cc393_amd64", "product_id": "openshift3/ose-cli@sha256:12468fe418ea26ba21a342ef372b8856c963c65d2d6edb14fe49cebc4c8cc393_amd64", "product_identification_helper": { "purl": "pkg:oci/ose-cli@sha256:12468fe418ea26ba21a342ef372b8856c963c65d2d6edb14fe49cebc4c8cc393?arch=amd64\u0026repository_url=registry.redhat.io/openshift3/ose-cli\u0026tag=v3.11.141-2" } } }, { "category": "product_version", "name": "openshift3/ose-cluster-capacity@sha256:4e0334dbe8d59b2126320885c8c3ada29030d595edc06169d2e219d5c4c70015_amd64", "product": { "name": "openshift3/ose-cluster-capacity@sha256:4e0334dbe8d59b2126320885c8c3ada29030d595edc06169d2e219d5c4c70015_amd64", "product_id": "openshift3/ose-cluster-capacity@sha256:4e0334dbe8d59b2126320885c8c3ada29030d595edc06169d2e219d5c4c70015_amd64", "product_identification_helper": { "purl": "pkg:oci/ose-cluster-capacity@sha256:4e0334dbe8d59b2126320885c8c3ada29030d595edc06169d2e219d5c4c70015?arch=amd64\u0026repository_url=registry.redhat.io/openshift3/ose-cluster-capacity\u0026tag=v3.11.141-2" } } }, { "category": "product_version", "name": "openshift3/ose-console@sha256:3518fdd6ddd993ed1feb5ce4933c4fbaa2a00f52fdc033878a0424ea0767226c_amd64", "product": { "name": "openshift3/ose-console@sha256:3518fdd6ddd993ed1feb5ce4933c4fbaa2a00f52fdc033878a0424ea0767226c_amd64", "product_id": "openshift3/ose-console@sha256:3518fdd6ddd993ed1feb5ce4933c4fbaa2a00f52fdc033878a0424ea0767226c_amd64", "product_identification_helper": { "purl": "pkg:oci/ose-console@sha256:3518fdd6ddd993ed1feb5ce4933c4fbaa2a00f52fdc033878a0424ea0767226c?arch=amd64\u0026repository_url=registry.redhat.io/openshift3/ose-console\u0026tag=v3.11.141-2" } } }, { "category": "product_version", "name": "openshift3/ose@sha256:0ae205a9737bfeae3321aa7941bfbf9296d10cbd93c5a6ff62abd06683b96352_amd64", "product": { "name": "openshift3/ose@sha256:0ae205a9737bfeae3321aa7941bfbf9296d10cbd93c5a6ff62abd06683b96352_amd64", "product_id": "openshift3/ose@sha256:0ae205a9737bfeae3321aa7941bfbf9296d10cbd93c5a6ff62abd06683b96352_amd64", "product_identification_helper": { "purl": "pkg:oci/ose@sha256:0ae205a9737bfeae3321aa7941bfbf9296d10cbd93c5a6ff62abd06683b96352?arch=amd64\u0026repository_url=registry.redhat.io/openshift3/ose\u0026tag=v3.11.141-3" } } }, { "category": "product_version", "name": "openshift3/ose-control-plane@sha256:0ae205a9737bfeae3321aa7941bfbf9296d10cbd93c5a6ff62abd06683b96352_amd64", "product": { "name": "openshift3/ose-control-plane@sha256:0ae205a9737bfeae3321aa7941bfbf9296d10cbd93c5a6ff62abd06683b96352_amd64", "product_id": "openshift3/ose-control-plane@sha256:0ae205a9737bfeae3321aa7941bfbf9296d10cbd93c5a6ff62abd06683b96352_amd64", "product_identification_helper": { "purl": "pkg:oci/ose-control-plane@sha256:0ae205a9737bfeae3321aa7941bfbf9296d10cbd93c5a6ff62abd06683b96352?arch=amd64\u0026repository_url=registry.redhat.io/openshift3/ose-control-plane\u0026tag=v3.11.141-3" } } }, { "category": "product_version", "name": "openshift3/ose-deployer@sha256:0c44f99dee37e16aa31bf6fe8e6d5389229df84516f69fd32d64b06caf0a077e_amd64", "product": { "name": "openshift3/ose-deployer@sha256:0c44f99dee37e16aa31bf6fe8e6d5389229df84516f69fd32d64b06caf0a077e_amd64", "product_id": "openshift3/ose-deployer@sha256:0c44f99dee37e16aa31bf6fe8e6d5389229df84516f69fd32d64b06caf0a077e_amd64", "product_identification_helper": { "purl": "pkg:oci/ose-deployer@sha256:0c44f99dee37e16aa31bf6fe8e6d5389229df84516f69fd32d64b06caf0a077e?arch=amd64\u0026repository_url=registry.redhat.io/openshift3/ose-deployer\u0026tag=v3.11.141-2" } } }, { "category": "product_version", "name": "openshift3/ose-egress-dns-proxy@sha256:08f9a4ecde5ce726f43cd4de90d657e8a0ad4e3c150c0e8487e15fa4017f8f1f_amd64", "product": { "name": "openshift3/ose-egress-dns-proxy@sha256:08f9a4ecde5ce726f43cd4de90d657e8a0ad4e3c150c0e8487e15fa4017f8f1f_amd64", "product_id": "openshift3/ose-egress-dns-proxy@sha256:08f9a4ecde5ce726f43cd4de90d657e8a0ad4e3c150c0e8487e15fa4017f8f1f_amd64", "product_identification_helper": { "purl": "pkg:oci/ose-egress-dns-proxy@sha256:08f9a4ecde5ce726f43cd4de90d657e8a0ad4e3c150c0e8487e15fa4017f8f1f?arch=amd64\u0026repository_url=registry.redhat.io/openshift3/ose-egress-dns-proxy\u0026tag=v3.11.141-2" } } }, { "category": "product_version", "name": "openshift3/ose-egress-router@sha256:55625ed80e5a06c1d4c0ecfad9b02ec8786ae3664496b017b840f096187e96e1_amd64", "product": { "name": "openshift3/ose-egress-router@sha256:55625ed80e5a06c1d4c0ecfad9b02ec8786ae3664496b017b840f096187e96e1_amd64", "product_id": "openshift3/ose-egress-router@sha256:55625ed80e5a06c1d4c0ecfad9b02ec8786ae3664496b017b840f096187e96e1_amd64", "product_identification_helper": { "purl": "pkg:oci/ose-egress-router@sha256:55625ed80e5a06c1d4c0ecfad9b02ec8786ae3664496b017b840f096187e96e1?arch=amd64\u0026repository_url=registry.redhat.io/openshift3/ose-egress-router\u0026tag=v3.11.141-2" } } }, { "category": "product_version", "name": "openshift3/ose-haproxy-router@sha256:03ee8def90b9c2fd8c52183ee16ecc4143d252421142875f9b3ebfb79a35e765_amd64", "product": { "name": "openshift3/ose-haproxy-router@sha256:03ee8def90b9c2fd8c52183ee16ecc4143d252421142875f9b3ebfb79a35e765_amd64", "product_id": "openshift3/ose-haproxy-router@sha256:03ee8def90b9c2fd8c52183ee16ecc4143d252421142875f9b3ebfb79a35e765_amd64", "product_identification_helper": { "purl": "pkg:oci/ose-haproxy-router@sha256:03ee8def90b9c2fd8c52183ee16ecc4143d252421142875f9b3ebfb79a35e765?arch=amd64\u0026repository_url=registry.redhat.io/openshift3/ose-haproxy-router\u0026tag=v3.11.141-2" } } }, { "category": "product_version", "name": "openshift3/ose-hyperkube@sha256:0bd945d55e15a305fc1c69a446c9e0c0acc7bd7dd88a38a4531deae1da3d83ca_amd64", "product": { "name": "openshift3/ose-hyperkube@sha256:0bd945d55e15a305fc1c69a446c9e0c0acc7bd7dd88a38a4531deae1da3d83ca_amd64", "product_id": "openshift3/ose-hyperkube@sha256:0bd945d55e15a305fc1c69a446c9e0c0acc7bd7dd88a38a4531deae1da3d83ca_amd64", "product_identification_helper": { "purl": "pkg:oci/ose-hyperkube@sha256:0bd945d55e15a305fc1c69a446c9e0c0acc7bd7dd88a38a4531deae1da3d83ca?arch=amd64\u0026repository_url=registry.redhat.io/openshift3/ose-hyperkube\u0026tag=v3.11.141-2" } } }, { "category": "product_version", "name": "openshift3/ose-hypershift@sha256:95d4dc298a6749b53a6f9e3a1f4726910200e0ce551a47efdf8a316d6c7065f1_amd64", "product": { "name": "openshift3/ose-hypershift@sha256:95d4dc298a6749b53a6f9e3a1f4726910200e0ce551a47efdf8a316d6c7065f1_amd64", "product_id": "openshift3/ose-hypershift@sha256:95d4dc298a6749b53a6f9e3a1f4726910200e0ce551a47efdf8a316d6c7065f1_amd64", "product_identification_helper": { "purl": "pkg:oci/ose-hypershift@sha256:95d4dc298a6749b53a6f9e3a1f4726910200e0ce551a47efdf8a316d6c7065f1?arch=amd64\u0026repository_url=registry.redhat.io/openshift3/ose-hypershift\u0026tag=v3.11.141-2" } } }, { "category": "product_version", "name": "openshift3/ose-keepalived-ipfailover@sha256:e19093a73ed7cb370e3041928c50f9637fed9acaf9bc72f9ca91e49d60ff90d6_amd64", "product": { "name": "openshift3/ose-keepalived-ipfailover@sha256:e19093a73ed7cb370e3041928c50f9637fed9acaf9bc72f9ca91e49d60ff90d6_amd64", "product_id": "openshift3/ose-keepalived-ipfailover@sha256:e19093a73ed7cb370e3041928c50f9637fed9acaf9bc72f9ca91e49d60ff90d6_amd64", "product_identification_helper": { "purl": "pkg:oci/ose-keepalived-ipfailover@sha256:e19093a73ed7cb370e3041928c50f9637fed9acaf9bc72f9ca91e49d60ff90d6?arch=amd64\u0026repository_url=registry.redhat.io/openshift3/ose-keepalived-ipfailover\u0026tag=v3.11.141-2" } } }, { "category": "product_version", "name": "openshift3/mariadb-apb@sha256:0611c8cb9009c7de8f5c285f42b224109b7a54d5b674f61cb456890a912c9bc1_amd64", "product": { "name": "openshift3/mariadb-apb@sha256:0611c8cb9009c7de8f5c285f42b224109b7a54d5b674f61cb456890a912c9bc1_amd64", "product_id": "openshift3/mariadb-apb@sha256:0611c8cb9009c7de8f5c285f42b224109b7a54d5b674f61cb456890a912c9bc1_amd64", "product_identification_helper": { "purl": "pkg:oci/mariadb-apb@sha256:0611c8cb9009c7de8f5c285f42b224109b7a54d5b674f61cb456890a912c9bc1?arch=amd64\u0026repository_url=registry.redhat.io/openshift3/mariadb-apb\u0026tag=v3.11.141-2" } } }, { "category": "product_version", "name": "openshift3/mediawiki-apb@sha256:3434e58781a78e47a8695a23c3d21c50b3292a3451e680bd0608d434089f7777_amd64", "product": { "name": "openshift3/mediawiki-apb@sha256:3434e58781a78e47a8695a23c3d21c50b3292a3451e680bd0608d434089f7777_amd64", "product_id": "openshift3/mediawiki-apb@sha256:3434e58781a78e47a8695a23c3d21c50b3292a3451e680bd0608d434089f7777_amd64", "product_identification_helper": { "purl": "pkg:oci/mediawiki-apb@sha256:3434e58781a78e47a8695a23c3d21c50b3292a3451e680bd0608d434089f7777?arch=amd64\u0026repository_url=registry.redhat.io/openshift3/mediawiki-apb\u0026tag=v3.11.141-2" } } }, { "category": "product_version", "name": "openshift3/mediawiki@sha256:742bb2a876c5246d9a3355146b61a06171452e0b5d2854ce6b0cf4bd269ea59f_amd64", "product": { "name": "openshift3/mediawiki@sha256:742bb2a876c5246d9a3355146b61a06171452e0b5d2854ce6b0cf4bd269ea59f_amd64", "product_id": "openshift3/mediawiki@sha256:742bb2a876c5246d9a3355146b61a06171452e0b5d2854ce6b0cf4bd269ea59f_amd64", "product_identification_helper": { "purl": "pkg:oci/mediawiki@sha256:742bb2a876c5246d9a3355146b61a06171452e0b5d2854ce6b0cf4bd269ea59f?arch=amd64\u0026repository_url=registry.redhat.io/openshift3/mediawiki\u0026tag=v3.11.141-3" } } }, { "category": "product_version", "name": "openshift3/mysql-apb@sha256:fc373eec92b76ea9b54985ce3d74436f011d703b3dbbacbdbd4a721abd282f6f_amd64", "product": { "name": "openshift3/mysql-apb@sha256:fc373eec92b76ea9b54985ce3d74436f011d703b3dbbacbdbd4a721abd282f6f_amd64", "product_id": "openshift3/mysql-apb@sha256:fc373eec92b76ea9b54985ce3d74436f011d703b3dbbacbdbd4a721abd282f6f_amd64", "product_identification_helper": { "purl": "pkg:oci/mysql-apb@sha256:fc373eec92b76ea9b54985ce3d74436f011d703b3dbbacbdbd4a721abd282f6f?arch=amd64\u0026repository_url=registry.redhat.io/openshift3/mysql-apb\u0026tag=v3.11.141-2" } } }, { "category": "product_version", "name": "openshift3/ose-node@sha256:5a74daf7ce7c31278339743b4af5efa2f3f7c2aa73af7ea6c7cd0e51edaee82b_amd64", "product": { "name": "openshift3/ose-node@sha256:5a74daf7ce7c31278339743b4af5efa2f3f7c2aa73af7ea6c7cd0e51edaee82b_amd64", "product_id": "openshift3/ose-node@sha256:5a74daf7ce7c31278339743b4af5efa2f3f7c2aa73af7ea6c7cd0e51edaee82b_amd64", "product_identification_helper": { "purl": "pkg:oci/ose-node@sha256:5a74daf7ce7c31278339743b4af5efa2f3f7c2aa73af7ea6c7cd0e51edaee82b?arch=amd64\u0026repository_url=registry.redhat.io/openshift3/ose-node\u0026tag=v3.11.141-3" } } }, { "category": "product_version", "name": "openshift3/node@sha256:5a74daf7ce7c31278339743b4af5efa2f3f7c2aa73af7ea6c7cd0e51edaee82b_amd64", "product": { "name": "openshift3/node@sha256:5a74daf7ce7c31278339743b4af5efa2f3f7c2aa73af7ea6c7cd0e51edaee82b_amd64", "product_id": "openshift3/node@sha256:5a74daf7ce7c31278339743b4af5efa2f3f7c2aa73af7ea6c7cd0e51edaee82b_amd64", "product_identification_helper": { "purl": "pkg:oci/node@sha256:5a74daf7ce7c31278339743b4af5efa2f3f7c2aa73af7ea6c7cd0e51edaee82b?arch=amd64\u0026repository_url=registry.redhat.io/openshift3/node\u0026tag=v3.11.141-3" } } }, { "category": "product_version", "name": "openshift3/ose-pod@sha256:6d5839ea265076d96b622b6a1aac624a32980e5d2ff8e74d87bcf41b24f38af2_amd64", "product": { "name": "openshift3/ose-pod@sha256:6d5839ea265076d96b622b6a1aac624a32980e5d2ff8e74d87bcf41b24f38af2_amd64", "product_id": "openshift3/ose-pod@sha256:6d5839ea265076d96b622b6a1aac624a32980e5d2ff8e74d87bcf41b24f38af2_amd64", "product_identification_helper": { "purl": "pkg:oci/ose-pod@sha256:6d5839ea265076d96b622b6a1aac624a32980e5d2ff8e74d87bcf41b24f38af2?arch=amd64\u0026repository_url=registry.redhat.io/openshift3/ose-pod\u0026tag=v3.11.141-2" } } }, { "category": "product_version", "name": "openshift3/postgresql-apb@sha256:2e3443ed86e388d4c6630152a47cfbd0d312763fa245781f1245854b0d0178d3_amd64", "product": { "name": "openshift3/postgresql-apb@sha256:2e3443ed86e388d4c6630152a47cfbd0d312763fa245781f1245854b0d0178d3_amd64", "product_id": "openshift3/postgresql-apb@sha256:2e3443ed86e388d4c6630152a47cfbd0d312763fa245781f1245854b0d0178d3_amd64", "product_identification_helper": { "purl": "pkg:oci/postgresql-apb@sha256:2e3443ed86e388d4c6630152a47cfbd0d312763fa245781f1245854b0d0178d3?arch=amd64\u0026repository_url=registry.redhat.io/openshift3/postgresql-apb\u0026tag=v3.11.141-2" } } }, { "category": "product_version", "name": "openshift3/ose-recycler@sha256:f4987204ca67904b9fa3a0751d67afa8027a764ffd5b83529e421553c9b47303_amd64", "product": { "name": "openshift3/ose-recycler@sha256:f4987204ca67904b9fa3a0751d67afa8027a764ffd5b83529e421553c9b47303_amd64", "product_id": "openshift3/ose-recycler@sha256:f4987204ca67904b9fa3a0751d67afa8027a764ffd5b83529e421553c9b47303_amd64", "product_identification_helper": { "purl": "pkg:oci/ose-recycler@sha256:f4987204ca67904b9fa3a0751d67afa8027a764ffd5b83529e421553c9b47303?arch=amd64\u0026repository_url=registry.redhat.io/openshift3/ose-recycler\u0026tag=v3.11.141-2" } } }, { "category": "product_version", "name": "openshift3/ose-docker-registry@sha256:2b73446a35678141ea59989f867110f0d4c07ac296201dd0b68a02f677ae408a_amd64", "product": { "name": "openshift3/ose-docker-registry@sha256:2b73446a35678141ea59989f867110f0d4c07ac296201dd0b68a02f677ae408a_amd64", "product_id": "openshift3/ose-docker-registry@sha256:2b73446a35678141ea59989f867110f0d4c07ac296201dd0b68a02f677ae408a_amd64", "product_identification_helper": { "purl": "pkg:oci/ose-docker-registry@sha256:2b73446a35678141ea59989f867110f0d4c07ac296201dd0b68a02f677ae408a?arch=amd64\u0026repository_url=registry.redhat.io/openshift3/ose-docker-registry\u0026tag=v3.11.141-2" } } }, { "category": "product_version", "name": "openshift3/ose-service-catalog@sha256:ecacfd24f1d48a19a26f3c990ed6e9a4a4cd75c738738c462da40b513ef1517e_amd64", "product": { "name": "openshift3/ose-service-catalog@sha256:ecacfd24f1d48a19a26f3c990ed6e9a4a4cd75c738738c462da40b513ef1517e_amd64", "product_id": "openshift3/ose-service-catalog@sha256:ecacfd24f1d48a19a26f3c990ed6e9a4a4cd75c738738c462da40b513ef1517e_amd64", "product_identification_helper": { "purl": "pkg:oci/ose-service-catalog@sha256:ecacfd24f1d48a19a26f3c990ed6e9a4a4cd75c738738c462da40b513ef1517e?arch=amd64\u0026repository_url=registry.redhat.io/openshift3/ose-service-catalog\u0026tag=v3.11.141-2" } } }, { "category": "product_version", "name": "openshift3/ose-tests@sha256:377a3bdc5580733382f80af86a929f31fe80cb5dadbfaad04ac23334df10da87_amd64", "product": { "name": "openshift3/ose-tests@sha256:377a3bdc5580733382f80af86a929f31fe80cb5dadbfaad04ac23334df10da87_amd64", "product_id": "openshift3/ose-tests@sha256:377a3bdc5580733382f80af86a929f31fe80cb5dadbfaad04ac23334df10da87_amd64", "product_identification_helper": { "purl": "pkg:oci/ose-tests@sha256:377a3bdc5580733382f80af86a929f31fe80cb5dadbfaad04ac23334df10da87?arch=amd64\u0026repository_url=registry.redhat.io/openshift3/ose-tests\u0026tag=v3.11.141-2" } } }, { "category": "product_version", "name": "openshift3/local-storage-provisioner@sha256:887b76eb8a94af76e9c17d261881c48fd3eb3c48e000cab4c617e46b10d44e7a_amd64", "product": { "name": "openshift3/local-storage-provisioner@sha256:887b76eb8a94af76e9c17d261881c48fd3eb3c48e000cab4c617e46b10d44e7a_amd64", "product_id": "openshift3/local-storage-provisioner@sha256:887b76eb8a94af76e9c17d261881c48fd3eb3c48e000cab4c617e46b10d44e7a_amd64", "product_identification_helper": { "purl": "pkg:oci/local-storage-provisioner@sha256:887b76eb8a94af76e9c17d261881c48fd3eb3c48e000cab4c617e46b10d44e7a?arch=amd64\u0026repository_url=registry.redhat.io/openshift3/local-storage-provisioner\u0026tag=v3.11.141-2" } } }, { "category": "product_version", "name": "openshift3/manila-provisioner@sha256:45450e8d0d57dad13598a88b0f48d4c1ccb4314a0945729b22d3623cae85e954_amd64", "product": { "name": "openshift3/manila-provisioner@sha256:45450e8d0d57dad13598a88b0f48d4c1ccb4314a0945729b22d3623cae85e954_amd64", "product_id": "openshift3/manila-provisioner@sha256:45450e8d0d57dad13598a88b0f48d4c1ccb4314a0945729b22d3623cae85e954_amd64", "product_identification_helper": { "purl": "pkg:oci/manila-provisioner@sha256:45450e8d0d57dad13598a88b0f48d4c1ccb4314a0945729b22d3623cae85e954?arch=amd64\u0026repository_url=registry.redhat.io/openshift3/manila-provisioner\u0026tag=v3.11.141-2" } } }, { "category": "product_version", "name": "openshift3/ose-operator-lifecycle-manager@sha256:b1ec65e2f4428863b21c62f360d058d052f751d55cf9b47f350d71c485d0dbd1_amd64", "product": { "name": "openshift3/ose-operator-lifecycle-manager@sha256:b1ec65e2f4428863b21c62f360d058d052f751d55cf9b47f350d71c485d0dbd1_amd64", "product_id": "openshift3/ose-operator-lifecycle-manager@sha256:b1ec65e2f4428863b21c62f360d058d052f751d55cf9b47f350d71c485d0dbd1_amd64", "product_identification_helper": { "purl": "pkg:oci/ose-operator-lifecycle-manager@sha256:b1ec65e2f4428863b21c62f360d058d052f751d55cf9b47f350d71c485d0dbd1?arch=amd64\u0026repository_url=registry.redhat.io/openshift3/ose-operator-lifecycle-manager\u0026tag=v3.11.141-2" } } }, { "category": "product_version", "name": "openshift3/ose-web-console@sha256:be7ebb72ff3f7a9f619b2d3825b529e90bbce34577b3151a70ef55bc39bd7b19_amd64", "product": { "name": "openshift3/ose-web-console@sha256:be7ebb72ff3f7a9f619b2d3825b529e90bbce34577b3151a70ef55bc39bd7b19_amd64", "product_id": "openshift3/ose-web-console@sha256:be7ebb72ff3f7a9f619b2d3825b529e90bbce34577b3151a70ef55bc39bd7b19_amd64", "product_identification_helper": { "purl": "pkg:oci/ose-web-console@sha256:be7ebb72ff3f7a9f619b2d3825b529e90bbce34577b3151a70ef55bc39bd7b19?arch=amd64\u0026repository_url=registry.redhat.io/openshift3/ose-web-console\u0026tag=v3.11.141-2" } } }, { "category": "product_version", "name": "openshift3/ose-egress-http-proxy@sha256:1f5085a7c09a33dd3c000bb985af1ed6bbe36aecd108890ac3340a06ecce8799_amd64", "product": { "name": "openshift3/ose-egress-http-proxy@sha256:1f5085a7c09a33dd3c000bb985af1ed6bbe36aecd108890ac3340a06ecce8799_amd64", "product_id": "openshift3/ose-egress-http-proxy@sha256:1f5085a7c09a33dd3c000bb985af1ed6bbe36aecd108890ac3340a06ecce8799_amd64", "product_identification_helper": { "purl": "pkg:oci/ose-egress-http-proxy@sha256:1f5085a7c09a33dd3c000bb985af1ed6bbe36aecd108890ac3340a06ecce8799?arch=amd64\u0026repository_url=registry.redhat.io/openshift3/ose-egress-http-proxy\u0026tag=v3.11.141-2" } } }, { "category": "product_version", "name": "openshift3/ose-ovn-kubernetes@sha256:2affd84e4cdd152598cdf8566cf90ee8cbfc57ef932293e84c82f947537acf2e_amd64", "product": { "name": "openshift3/ose-ovn-kubernetes@sha256:2affd84e4cdd152598cdf8566cf90ee8cbfc57ef932293e84c82f947537acf2e_amd64", "product_id": "openshift3/ose-ovn-kubernetes@sha256:2affd84e4cdd152598cdf8566cf90ee8cbfc57ef932293e84c82f947537acf2e_amd64", "product_identification_helper": { "purl": "pkg:oci/ose-ovn-kubernetes@sha256:2affd84e4cdd152598cdf8566cf90ee8cbfc57ef932293e84c82f947537acf2e?arch=amd64\u0026repository_url=registry.redhat.io/openshift3/ose-ovn-kubernetes\u0026tag=v3.11.141-2" } } }, { "category": "product_version", "name": "openshift3/ose-prometheus-config-reloader@sha256:56941ffcd63421b2a9f4eefd0e92379615d5e0b17d57c1cd8e829683c8804de5_amd64", "product": { "name": "openshift3/ose-prometheus-config-reloader@sha256:56941ffcd63421b2a9f4eefd0e92379615d5e0b17d57c1cd8e829683c8804de5_amd64", "product_id": "openshift3/ose-prometheus-config-reloader@sha256:56941ffcd63421b2a9f4eefd0e92379615d5e0b17d57c1cd8e829683c8804de5_amd64", "product_identification_helper": { "purl": "pkg:oci/ose-prometheus-config-reloader@sha256:56941ffcd63421b2a9f4eefd0e92379615d5e0b17d57c1cd8e829683c8804de5?arch=amd64\u0026repository_url=registry.redhat.io/openshift3/ose-prometheus-config-reloader\u0026tag=v3.11.141-2" } } }, { "category": "product_version", "name": "openshift3/ose-prometheus-operator@sha256:bb09a6a7d46e3f450d7e5c79dc24ea1bb5ef6d439edeb5d67ad5aeeedef0d776_amd64", "product": { "name": "openshift3/ose-prometheus-operator@sha256:bb09a6a7d46e3f450d7e5c79dc24ea1bb5ef6d439edeb5d67ad5aeeedef0d776_amd64", "product_id": "openshift3/ose-prometheus-operator@sha256:bb09a6a7d46e3f450d7e5c79dc24ea1bb5ef6d439edeb5d67ad5aeeedef0d776_amd64", "product_identification_helper": { "purl": "pkg:oci/ose-prometheus-operator@sha256:bb09a6a7d46e3f450d7e5c79dc24ea1bb5ef6d439edeb5d67ad5aeeedef0d776?arch=amd64\u0026repository_url=registry.redhat.io/openshift3/ose-prometheus-operator\u0026tag=v3.11.141-2" } } }, { "category": "product_version", "name": "openshift3/registry-console@sha256:58d0a5b8750f58c905e4e403d1c785d324666c33bcbafb50dc1772326ce5c86f_amd64", "product": { "name": "openshift3/registry-console@sha256:58d0a5b8750f58c905e4e403d1c785d324666c33bcbafb50dc1772326ce5c86f_amd64", "product_id": "openshift3/registry-console@sha256:58d0a5b8750f58c905e4e403d1c785d324666c33bcbafb50dc1772326ce5c86f_amd64", "product_identification_helper": { "purl": "pkg:oci/registry-console@sha256:58d0a5b8750f58c905e4e403d1c785d324666c33bcbafb50dc1772326ce5c86f?arch=amd64\u0026repository_url=registry.redhat.io/openshift3/registry-console\u0026tag=v3.11.141-2" } } }, { "category": "product_version", "name": "openshift3/snapshot-controller@sha256:939234f2a3389d11a44741f7aa035d3e02a27cb638b8d3ddd0de95a9df3c7911_amd64", "product": { "name": "openshift3/snapshot-controller@sha256:939234f2a3389d11a44741f7aa035d3e02a27cb638b8d3ddd0de95a9df3c7911_amd64", "product_id": "openshift3/snapshot-controller@sha256:939234f2a3389d11a44741f7aa035d3e02a27cb638b8d3ddd0de95a9df3c7911_amd64", "product_identification_helper": { "purl": "pkg:oci/snapshot-controller@sha256:939234f2a3389d11a44741f7aa035d3e02a27cb638b8d3ddd0de95a9df3c7911?arch=amd64\u0026repository_url=registry.redhat.io/openshift3/snapshot-controller\u0026tag=v3.11.141-2" } } }, { "category": "product_version", "name": "openshift3/snapshot-provisioner@sha256:b47bf75f0d5b78dae236ff71faeef2f1fc43b260a901fa1ffff7742b7c4d32df_amd64", "product": { "name": "openshift3/snapshot-provisioner@sha256:b47bf75f0d5b78dae236ff71faeef2f1fc43b260a901fa1ffff7742b7c4d32df_amd64", "product_id": "openshift3/snapshot-provisioner@sha256:b47bf75f0d5b78dae236ff71faeef2f1fc43b260a901fa1ffff7742b7c4d32df_amd64", "product_identification_helper": { "purl": "pkg:oci/snapshot-provisioner@sha256:b47bf75f0d5b78dae236ff71faeef2f1fc43b260a901fa1ffff7742b7c4d32df?arch=amd64\u0026repository_url=registry.redhat.io/openshift3/snapshot-provisioner\u0026tag=v3.11.141-2" } } }, { "category": "product_version", "name": "openshift3/ose-template-service-broker@sha256:61c88ac8d3de1eb9d207fe23d9d8fea69a48679bffe17355d3b9cbb0583260ba_amd64", "product": { "name": "openshift3/ose-template-service-broker@sha256:61c88ac8d3de1eb9d207fe23d9d8fea69a48679bffe17355d3b9cbb0583260ba_amd64", "product_id": "openshift3/ose-template-service-broker@sha256:61c88ac8d3de1eb9d207fe23d9d8fea69a48679bffe17355d3b9cbb0583260ba_amd64", "product_identification_helper": { "purl": "pkg:oci/ose-template-service-broker@sha256:61c88ac8d3de1eb9d207fe23d9d8fea69a48679bffe17355d3b9cbb0583260ba?arch=amd64\u0026repository_url=registry.redhat.io/openshift3/ose-template-service-broker\u0026tag=v3.11.141-2" } } } ], "category": "architecture", "name": "amd64" }, { "branches": [ { "category": "product_version", "name": "openshift3/ose-ansible@sha256:d63c2ef42baf2517d2b0aa14568d0974ac931c325a24116f25eb506653ba8295_ppc64le", "product": { "name": "openshift3/ose-ansible@sha256:d63c2ef42baf2517d2b0aa14568d0974ac931c325a24116f25eb506653ba8295_ppc64le", "product_id": "openshift3/ose-ansible@sha256:d63c2ef42baf2517d2b0aa14568d0974ac931c325a24116f25eb506653ba8295_ppc64le", "product_identification_helper": { "purl": "pkg:oci/ose-ansible@sha256:d63c2ef42baf2517d2b0aa14568d0974ac931c325a24116f25eb506653ba8295?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift3/ose-ansible\u0026tag=v3.11.141-2" } } }, { "category": "product_version", "name": "openshift3/ose-cluster-autoscaler@sha256:6df85551a637d56d86d5dc1aa4607971c9aadd24f906c409d2f36c03ff3ff9f0_ppc64le", "product": { "name": "openshift3/ose-cluster-autoscaler@sha256:6df85551a637d56d86d5dc1aa4607971c9aadd24f906c409d2f36c03ff3ff9f0_ppc64le", "product_id": "openshift3/ose-cluster-autoscaler@sha256:6df85551a637d56d86d5dc1aa4607971c9aadd24f906c409d2f36c03ff3ff9f0_ppc64le", "product_identification_helper": { "purl": "pkg:oci/ose-cluster-autoscaler@sha256:6df85551a637d56d86d5dc1aa4607971c9aadd24f906c409d2f36c03ff3ff9f0?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift3/ose-cluster-autoscaler\u0026tag=v3.11.141-2" } } }, { "category": "product_version", "name": "openshift3/ose-descheduler@sha256:aad55bb702d699e02e93b103c67227ffadd394da82e32806b9a72643a071da47_ppc64le", "product": { "name": "openshift3/ose-descheduler@sha256:aad55bb702d699e02e93b103c67227ffadd394da82e32806b9a72643a071da47_ppc64le", "product_id": "openshift3/ose-descheduler@sha256:aad55bb702d699e02e93b103c67227ffadd394da82e32806b9a72643a071da47_ppc64le", "product_identification_helper": { "purl": "pkg:oci/ose-descheduler@sha256:aad55bb702d699e02e93b103c67227ffadd394da82e32806b9a72643a071da47?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift3/ose-descheduler\u0026tag=v3.11.141-2" } } }, { "category": "product_version", "name": "openshift3/ose-metrics-server@sha256:03cf90a75482a0e09f924840afc05208209aba9438dd8add3306bfc7e99ea041_ppc64le", "product": { "name": "openshift3/ose-metrics-server@sha256:03cf90a75482a0e09f924840afc05208209aba9438dd8add3306bfc7e99ea041_ppc64le", "product_id": "openshift3/ose-metrics-server@sha256:03cf90a75482a0e09f924840afc05208209aba9438dd8add3306bfc7e99ea041_ppc64le", "product_identification_helper": { "purl": "pkg:oci/ose-metrics-server@sha256:03cf90a75482a0e09f924840afc05208209aba9438dd8add3306bfc7e99ea041?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift3/ose-metrics-server\u0026tag=v3.11.141-2" } } }, { "category": "product_version", "name": "openshift3/ose-node-problem-detector@sha256:445c68516f4fc4583817e59a0977c8fcc8f3ebd60397a56b93ef800cd41e175f_ppc64le", "product": { "name": "openshift3/ose-node-problem-detector@sha256:445c68516f4fc4583817e59a0977c8fcc8f3ebd60397a56b93ef800cd41e175f_ppc64le", "product_id": "openshift3/ose-node-problem-detector@sha256:445c68516f4fc4583817e59a0977c8fcc8f3ebd60397a56b93ef800cd41e175f_ppc64le", "product_identification_helper": { "purl": "pkg:oci/ose-node-problem-detector@sha256:445c68516f4fc4583817e59a0977c8fcc8f3ebd60397a56b93ef800cd41e175f?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift3/ose-node-problem-detector\u0026tag=v3.11.141-2" } } }, { "category": "product_version", "name": "openshift3/automation-broker-apb@sha256:a4aad2f41791ab0223c36ce9f1b353d45fc33104930d9dcf5e711df977c1e641_ppc64le", "product": { "name": "openshift3/automation-broker-apb@sha256:a4aad2f41791ab0223c36ce9f1b353d45fc33104930d9dcf5e711df977c1e641_ppc64le", "product_id": "openshift3/automation-broker-apb@sha256:a4aad2f41791ab0223c36ce9f1b353d45fc33104930d9dcf5e711df977c1e641_ppc64le", "product_identification_helper": { "purl": "pkg:oci/automation-broker-apb@sha256:a4aad2f41791ab0223c36ce9f1b353d45fc33104930d9dcf5e711df977c1e641?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift3/automation-broker-apb\u0026tag=v3.11.141-2" } } }, { "category": "product_version", "name": "openshift3/ose-cluster-monitoring-operator@sha256:92b84639d9299e13f388b3b48dd27a4b58c004a1e7f0757603efbff94d4827f8_ppc64le", "product": { "name": "openshift3/ose-cluster-monitoring-operator@sha256:92b84639d9299e13f388b3b48dd27a4b58c004a1e7f0757603efbff94d4827f8_ppc64le", "product_id": "openshift3/ose-cluster-monitoring-operator@sha256:92b84639d9299e13f388b3b48dd27a4b58c004a1e7f0757603efbff94d4827f8_ppc64le", "product_identification_helper": { "purl": "pkg:oci/ose-cluster-monitoring-operator@sha256:92b84639d9299e13f388b3b48dd27a4b58c004a1e7f0757603efbff94d4827f8?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift3/ose-cluster-monitoring-operator\u0026tag=v3.11.141-2" } } }, { "category": "product_version", "name": "openshift3/ose-configmap-reloader@sha256:fd56cb2027a074f872c8ae801731f1fed9854cddd98874b4c9089969d910ccdf_ppc64le", "product": { "name": "openshift3/ose-configmap-reloader@sha256:fd56cb2027a074f872c8ae801731f1fed9854cddd98874b4c9089969d910ccdf_ppc64le", "product_id": "openshift3/ose-configmap-reloader@sha256:fd56cb2027a074f872c8ae801731f1fed9854cddd98874b4c9089969d910ccdf_ppc64le", "product_identification_helper": { "purl": "pkg:oci/ose-configmap-reloader@sha256:fd56cb2027a074f872c8ae801731f1fed9854cddd98874b4c9089969d910ccdf?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift3/ose-configmap-reloader\u0026tag=v3.11.141-2" } } }, { "category": "product_version", "name": "openshift3/csi-attacher@sha256:915953e86be37116879247233530e9f8d21db28c51f516bbc704bd5bd3d1bfd2_ppc64le", "product": { "name": "openshift3/csi-attacher@sha256:915953e86be37116879247233530e9f8d21db28c51f516bbc704bd5bd3d1bfd2_ppc64le", "product_id": "openshift3/csi-attacher@sha256:915953e86be37116879247233530e9f8d21db28c51f516bbc704bd5bd3d1bfd2_ppc64le", "product_identification_helper": { "purl": "pkg:oci/csi-attacher@sha256:915953e86be37116879247233530e9f8d21db28c51f516bbc704bd5bd3d1bfd2?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift3/csi-attacher\u0026tag=v3.11.141-2" } } }, { "category": "product_version", "name": "openshift3/csi-driver-registrar@sha256:f5ed23b537bd38c78a69cdc15fbfc8757dc1d93e4ec60c8e2e4b2c21177ed7e0_ppc64le", "product": { "name": "openshift3/csi-driver-registrar@sha256:f5ed23b537bd38c78a69cdc15fbfc8757dc1d93e4ec60c8e2e4b2c21177ed7e0_ppc64le", "product_id": "openshift3/csi-driver-registrar@sha256:f5ed23b537bd38c78a69cdc15fbfc8757dc1d93e4ec60c8e2e4b2c21177ed7e0_ppc64le", "product_identification_helper": { "purl": "pkg:oci/csi-driver-registrar@sha256:f5ed23b537bd38c78a69cdc15fbfc8757dc1d93e4ec60c8e2e4b2c21177ed7e0?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift3/csi-driver-registrar\u0026tag=v3.11.141-2" } } }, { "category": "product_version", "name": "openshift3/csi-livenessprobe@sha256:54724010d09ab5f14051e9f73f3d22bcd16cd2a0b4ddf79353f31fbe751e3192_ppc64le", "product": { "name": "openshift3/csi-livenessprobe@sha256:54724010d09ab5f14051e9f73f3d22bcd16cd2a0b4ddf79353f31fbe751e3192_ppc64le", "product_id": "openshift3/csi-livenessprobe@sha256:54724010d09ab5f14051e9f73f3d22bcd16cd2a0b4ddf79353f31fbe751e3192_ppc64le", "product_identification_helper": { "purl": "pkg:oci/csi-livenessprobe@sha256:54724010d09ab5f14051e9f73f3d22bcd16cd2a0b4ddf79353f31fbe751e3192?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift3/csi-livenessprobe\u0026tag=v3.11.141-2" } } }, { "category": "product_version", "name": "openshift3/csi-provisioner@sha256:ee3c5a4f3dd01f0d977ea1d7af3426484ae4e75a64c5ad07ad06580b47389a23_ppc64le", "product": { "name": "openshift3/csi-provisioner@sha256:ee3c5a4f3dd01f0d977ea1d7af3426484ae4e75a64c5ad07ad06580b47389a23_ppc64le", "product_id": "openshift3/csi-provisioner@sha256:ee3c5a4f3dd01f0d977ea1d7af3426484ae4e75a64c5ad07ad06580b47389a23_ppc64le", "product_identification_helper": { "purl": "pkg:oci/csi-provisioner@sha256:ee3c5a4f3dd01f0d977ea1d7af3426484ae4e75a64c5ad07ad06580b47389a23?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift3/csi-provisioner\u0026tag=v3.11.141-2" } } }, { "category": "product_version", "name": "openshift3/oauth-proxy@sha256:0a54aff40d134575d4bf39ca74b364bc34a6a3d1bfaebf63bbd70368cc422375_ppc64le", "product": { "name": "openshift3/oauth-proxy@sha256:0a54aff40d134575d4bf39ca74b364bc34a6a3d1bfaebf63bbd70368cc422375_ppc64le", "product_id": "openshift3/oauth-proxy@sha256:0a54aff40d134575d4bf39ca74b364bc34a6a3d1bfaebf63bbd70368cc422375_ppc64le", "product_identification_helper": { "purl": "pkg:oci/oauth-proxy@sha256:0a54aff40d134575d4bf39ca74b364bc34a6a3d1bfaebf63bbd70368cc422375?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift3/oauth-proxy\u0026tag=v3.11.141-1" } } }, { "category": "product_version", "name": "openshift3/prometheus-alertmanager@sha256:b7012f7c7f0c4efc17ef1a953d05b9281c84f80bc58ab0bbaaa9ac12f60de55b_ppc64le", "product": { "name": "openshift3/prometheus-alertmanager@sha256:b7012f7c7f0c4efc17ef1a953d05b9281c84f80bc58ab0bbaaa9ac12f60de55b_ppc64le", "product_id": "openshift3/prometheus-alertmanager@sha256:b7012f7c7f0c4efc17ef1a953d05b9281c84f80bc58ab0bbaaa9ac12f60de55b_ppc64le", "product_identification_helper": { "purl": "pkg:oci/prometheus-alertmanager@sha256:b7012f7c7f0c4efc17ef1a953d05b9281c84f80bc58ab0bbaaa9ac12f60de55b?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift3/prometheus-alertmanager\u0026tag=v3.11.141-2" } } }, { "category": "product_version", "name": "openshift3/prometheus-node-exporter@sha256:e75b6c6e818de085db24f56d4627b8452ce62efe36853ac54d06a1f4c59f822c_ppc64le", "product": { "name": "openshift3/prometheus-node-exporter@sha256:e75b6c6e818de085db24f56d4627b8452ce62efe36853ac54d06a1f4c59f822c_ppc64le", "product_id": "openshift3/prometheus-node-exporter@sha256:e75b6c6e818de085db24f56d4627b8452ce62efe36853ac54d06a1f4c59f822c_ppc64le", "product_identification_helper": { "purl": "pkg:oci/prometheus-node-exporter@sha256:e75b6c6e818de085db24f56d4627b8452ce62efe36853ac54d06a1f4c59f822c?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift3/prometheus-node-exporter\u0026tag=v3.11.141-2" } } }, { "category": "product_version", "name": "openshift3/prometheus@sha256:40c1decd5e406323773418594e57d079931af1940964d1ad696dd10d17cfb931_ppc64le", "product": { "name": "openshift3/prometheus@sha256:40c1decd5e406323773418594e57d079931af1940964d1ad696dd10d17cfb931_ppc64le", "product_id": "openshift3/prometheus@sha256:40c1decd5e406323773418594e57d079931af1940964d1ad696dd10d17cfb931_ppc64le", "product_identification_helper": { "purl": "pkg:oci/prometheus@sha256:40c1decd5e406323773418594e57d079931af1940964d1ad696dd10d17cfb931?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift3/prometheus\u0026tag=v3.11.141-2" } } }, { "category": "product_version", "name": "openshift3/grafana@sha256:7440599d2b5acd01667c7c00d7b8eaad3cf6877ba079a6215ab0b5e19dba76f7_ppc64le", "product": { "name": "openshift3/grafana@sha256:7440599d2b5acd01667c7c00d7b8eaad3cf6877ba079a6215ab0b5e19dba76f7_ppc64le", "product_id": "openshift3/grafana@sha256:7440599d2b5acd01667c7c00d7b8eaad3cf6877ba079a6215ab0b5e19dba76f7_ppc64le", "product_identification_helper": { "purl": "pkg:oci/grafana@sha256:7440599d2b5acd01667c7c00d7b8eaad3cf6877ba079a6215ab0b5e19dba76f7?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift3/grafana\u0026tag=v3.11.141-2" } } }, { "category": "product_version", "name": "openshift3/jenkins-slave-base-rhel7@sha256:0b0f03bbc5cdc30b870e53f4490ad445befb136fe86eae79386be6ebb2e3ac6e_ppc64le", "product": { "name": "openshift3/jenkins-slave-base-rhel7@sha256:0b0f03bbc5cdc30b870e53f4490ad445befb136fe86eae79386be6ebb2e3ac6e_ppc64le", "product_id": "openshift3/jenkins-slave-base-rhel7@sha256:0b0f03bbc5cdc30b870e53f4490ad445befb136fe86eae79386be6ebb2e3ac6e_ppc64le", "product_identification_helper": { "purl": "pkg:oci/jenkins-slave-base-rhel7@sha256:0b0f03bbc5cdc30b870e53f4490ad445befb136fe86eae79386be6ebb2e3ac6e?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift3/jenkins-slave-base-rhel7\u0026tag=v3.11.141-2" } } }, { "category": "product_version", "name": "openshift3/ose-kube-rbac-proxy@sha256:95b4736997e113b9392786284b4fb1e9e87b0175c2c4969b0a20f51d30e97a76_ppc64le", "product": { "name": "openshift3/ose-kube-rbac-proxy@sha256:95b4736997e113b9392786284b4fb1e9e87b0175c2c4969b0a20f51d30e97a76_ppc64le", "product_id": "openshift3/ose-kube-rbac-proxy@sha256:95b4736997e113b9392786284b4fb1e9e87b0175c2c4969b0a20f51d30e97a76_ppc64le", "product_identification_helper": { "purl": "pkg:oci/ose-kube-rbac-proxy@sha256:95b4736997e113b9392786284b4fb1e9e87b0175c2c4969b0a20f51d30e97a76?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift3/ose-kube-rbac-proxy\u0026tag=v3.11.141-2" } } }, { "category": "product_version", "name": "openshift3/ose-kube-state-metrics@sha256:155126d83e7c1bd9f9b55c239565ce5a38c26a7ee7c46e768c99db09c6d75439_ppc64le", "product": { "name": "openshift3/ose-kube-state-metrics@sha256:155126d83e7c1bd9f9b55c239565ce5a38c26a7ee7c46e768c99db09c6d75439_ppc64le", "product_id": "openshift3/ose-kube-state-metrics@sha256:155126d83e7c1bd9f9b55c239565ce5a38c26a7ee7c46e768c99db09c6d75439_ppc64le", "product_identification_helper": { "purl": "pkg:oci/ose-kube-state-metrics@sha256:155126d83e7c1bd9f9b55c239565ce5a38c26a7ee7c46e768c99db09c6d75439?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift3/ose-kube-state-metrics\u0026tag=v3.11.141-2" } } }, { "category": "product_version", "name": "openshift3/ose-logging-curator5@sha256:e8c7cc24ae8066ba8b8dd866fcb8772974b91372fbb04ad3ceb0915607113be1_ppc64le", "product": { "name": "openshift3/ose-logging-curator5@sha256:e8c7cc24ae8066ba8b8dd866fcb8772974b91372fbb04ad3ceb0915607113be1_ppc64le", "product_id": "openshift3/ose-logging-curator5@sha256:e8c7cc24ae8066ba8b8dd866fcb8772974b91372fbb04ad3ceb0915607113be1_ppc64le", "product_identification_helper": { "purl": "pkg:oci/ose-logging-curator5@sha256:e8c7cc24ae8066ba8b8dd866fcb8772974b91372fbb04ad3ceb0915607113be1?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift3/ose-logging-curator5\u0026tag=v3.11.141-2" } } }, { "category": "product_version", "name": "openshift3/ose-logging-elasticsearch5@sha256:53371e2242b9f237273ef8fab8a167335a4c652d96e1f0c18296d3a9f3933219_ppc64le", "product": { "name": "openshift3/ose-logging-elasticsearch5@sha256:53371e2242b9f237273ef8fab8a167335a4c652d96e1f0c18296d3a9f3933219_ppc64le", "product_id": "openshift3/ose-logging-elasticsearch5@sha256:53371e2242b9f237273ef8fab8a167335a4c652d96e1f0c18296d3a9f3933219_ppc64le", "product_identification_helper": { "purl": "pkg:oci/ose-logging-elasticsearch5@sha256:53371e2242b9f237273ef8fab8a167335a4c652d96e1f0c18296d3a9f3933219?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift3/ose-logging-elasticsearch5\u0026tag=v3.11.141-2" } } }, { "category": "product_version", "name": "openshift3/ose-logging-eventrouter@sha256:d999ecebf99a5d28c9b684137f1f04491e40b2a1537fc4406984c3febeb40135_ppc64le", "product": { "name": "openshift3/ose-logging-eventrouter@sha256:d999ecebf99a5d28c9b684137f1f04491e40b2a1537fc4406984c3febeb40135_ppc64le", "product_id": "openshift3/ose-logging-eventrouter@sha256:d999ecebf99a5d28c9b684137f1f04491e40b2a1537fc4406984c3febeb40135_ppc64le", "product_identification_helper": { "purl": "pkg:oci/ose-logging-eventrouter@sha256:d999ecebf99a5d28c9b684137f1f04491e40b2a1537fc4406984c3febeb40135?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift3/ose-logging-eventrouter\u0026tag=v3.11.141-2" } } }, { "category": "product_version", "name": "openshift3/logging-fluentd@sha256:7e84289264cb9208276fd21f6cc16cb685cfa45ca4681a7a17da43cb8e275359_ppc64le", "product": { "name": "openshift3/logging-fluentd@sha256:7e84289264cb9208276fd21f6cc16cb685cfa45ca4681a7a17da43cb8e275359_ppc64le", "product_id": "openshift3/logging-fluentd@sha256:7e84289264cb9208276fd21f6cc16cb685cfa45ca4681a7a17da43cb8e275359_ppc64le", "product_identification_helper": { "purl": "pkg:oci/logging-fluentd@sha256:7e84289264cb9208276fd21f6cc16cb685cfa45ca4681a7a17da43cb8e275359?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift3/logging-fluentd\u0026tag=v3.11.141-2" } } }, { "category": "product_version", "name": "openshift3/ose-logging-fluentd@sha256:7e84289264cb9208276fd21f6cc16cb685cfa45ca4681a7a17da43cb8e275359_ppc64le", "product": { "name": "openshift3/ose-logging-fluentd@sha256:7e84289264cb9208276fd21f6cc16cb685cfa45ca4681a7a17da43cb8e275359_ppc64le", "product_id": "openshift3/ose-logging-fluentd@sha256:7e84289264cb9208276fd21f6cc16cb685cfa45ca4681a7a17da43cb8e275359_ppc64le", "product_identification_helper": { "purl": "pkg:oci/ose-logging-fluentd@sha256:7e84289264cb9208276fd21f6cc16cb685cfa45ca4681a7a17da43cb8e275359?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift3/ose-logging-fluentd\u0026tag=v3.11.141-2" } } }, { "category": "product_version", "name": "openshift3/ose-logging-kibana5@sha256:d724440cbd2522847844a90c4cb9cf86ecf75253907369cf5328d947b03e6de8_ppc64le", "product": { "name": "openshift3/ose-logging-kibana5@sha256:d724440cbd2522847844a90c4cb9cf86ecf75253907369cf5328d947b03e6de8_ppc64le", "product_id": "openshift3/ose-logging-kibana5@sha256:d724440cbd2522847844a90c4cb9cf86ecf75253907369cf5328d947b03e6de8_ppc64le", "product_identification_helper": { "purl": "pkg:oci/ose-logging-kibana5@sha256:d724440cbd2522847844a90c4cb9cf86ecf75253907369cf5328d947b03e6de8?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift3/ose-logging-kibana5\u0026tag=v3.11.141-2" } } }, { "category": "product_version", "name": "openshift3/ose-metrics-cassandra@sha256:8433fe5ef0358969945c392fc13035b8fb9b22f2000f80e71bcbf8b80c50e671_ppc64le", "product": { "name": "openshift3/ose-metrics-cassandra@sha256:8433fe5ef0358969945c392fc13035b8fb9b22f2000f80e71bcbf8b80c50e671_ppc64le", "product_id": "openshift3/ose-metrics-cassandra@sha256:8433fe5ef0358969945c392fc13035b8fb9b22f2000f80e71bcbf8b80c50e671_ppc64le", "product_identification_helper": { "purl": "pkg:oci/ose-metrics-cassandra@sha256:8433fe5ef0358969945c392fc13035b8fb9b22f2000f80e71bcbf8b80c50e671?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift3/ose-metrics-cassandra\u0026tag=v3.11.141-3" } } }, { "category": "product_version", "name": "openshift3/metrics-cassandra@sha256:8433fe5ef0358969945c392fc13035b8fb9b22f2000f80e71bcbf8b80c50e671_ppc64le", "product": { "name": "openshift3/metrics-cassandra@sha256:8433fe5ef0358969945c392fc13035b8fb9b22f2000f80e71bcbf8b80c50e671_ppc64le", "product_id": "openshift3/metrics-cassandra@sha256:8433fe5ef0358969945c392fc13035b8fb9b22f2000f80e71bcbf8b80c50e671_ppc64le", "product_identification_helper": { "purl": "pkg:oci/metrics-cassandra@sha256:8433fe5ef0358969945c392fc13035b8fb9b22f2000f80e71bcbf8b80c50e671?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift3/metrics-cassandra\u0026tag=v3.11.141-3" } } }, { "category": "product_version", "name": "openshift3/metrics-hawkular-openshift-agent@sha256:241e0f9f0babaec3fff54e935a38b93cf4f80170bae1ba6b03086c0d188f07bc_ppc64le", "product": { "name": "openshift3/metrics-hawkular-openshift-agent@sha256:241e0f9f0babaec3fff54e935a38b93cf4f80170bae1ba6b03086c0d188f07bc_ppc64le", "product_id": "openshift3/metrics-hawkular-openshift-agent@sha256:241e0f9f0babaec3fff54e935a38b93cf4f80170bae1ba6b03086c0d188f07bc_ppc64le", "product_identification_helper": { "purl": "pkg:oci/metrics-hawkular-openshift-agent@sha256:241e0f9f0babaec3fff54e935a38b93cf4f80170bae1ba6b03086c0d188f07bc?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift3/metrics-hawkular-openshift-agent\u0026tag=v3.11.141-2" } } }, { "category": "product_version", "name": "openshift3/ose-metrics-hawkular-openshift-agent@sha256:241e0f9f0babaec3fff54e935a38b93cf4f80170bae1ba6b03086c0d188f07bc_ppc64le", "product": { "name": "openshift3/ose-metrics-hawkular-openshift-agent@sha256:241e0f9f0babaec3fff54e935a38b93cf4f80170bae1ba6b03086c0d188f07bc_ppc64le", "product_id": "openshift3/ose-metrics-hawkular-openshift-agent@sha256:241e0f9f0babaec3fff54e935a38b93cf4f80170bae1ba6b03086c0d188f07bc_ppc64le", "product_identification_helper": { "purl": "pkg:oci/ose-metrics-hawkular-openshift-agent@sha256:241e0f9f0babaec3fff54e935a38b93cf4f80170bae1ba6b03086c0d188f07bc?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift3/ose-metrics-hawkular-openshift-agent\u0026tag=v3.11.141-2" } } }, { "category": "product_version", "name": "openshift3/metrics-heapster@sha256:09e2fbd1292303108bc22513a35d9b4ef69a54f92a0ad482749e6e8d10b51ef3_ppc64le", "product": { "name": "openshift3/metrics-heapster@sha256:09e2fbd1292303108bc22513a35d9b4ef69a54f92a0ad482749e6e8d10b51ef3_ppc64le", "product_id": "openshift3/metrics-heapster@sha256:09e2fbd1292303108bc22513a35d9b4ef69a54f92a0ad482749e6e8d10b51ef3_ppc64le", "product_identification_helper": { "purl": "pkg:oci/metrics-heapster@sha256:09e2fbd1292303108bc22513a35d9b4ef69a54f92a0ad482749e6e8d10b51ef3?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift3/metrics-heapster\u0026tag=v3.11.141-2" } } }, { "category": "product_version", "name": "openshift3/ose-metrics-heapster@sha256:09e2fbd1292303108bc22513a35d9b4ef69a54f92a0ad482749e6e8d10b51ef3_ppc64le", "product": { "name": "openshift3/ose-metrics-heapster@sha256:09e2fbd1292303108bc22513a35d9b4ef69a54f92a0ad482749e6e8d10b51ef3_ppc64le", "product_id": "openshift3/ose-metrics-heapster@sha256:09e2fbd1292303108bc22513a35d9b4ef69a54f92a0ad482749e6e8d10b51ef3_ppc64le", "product_identification_helper": { "purl": "pkg:oci/ose-metrics-heapster@sha256:09e2fbd1292303108bc22513a35d9b4ef69a54f92a0ad482749e6e8d10b51ef3?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift3/ose-metrics-heapster\u0026tag=v3.11.141-2" } } }, { "category": "product_version", "name": "openshift3/metrics-schema-installer@sha256:22292281c5664ad742335a5f2eec938d44abd01abcce206ea8133d3e287a1fe7_ppc64le", "product": { "name": "openshift3/metrics-schema-installer@sha256:22292281c5664ad742335a5f2eec938d44abd01abcce206ea8133d3e287a1fe7_ppc64le", "product_id": "openshift3/metrics-schema-installer@sha256:22292281c5664ad742335a5f2eec938d44abd01abcce206ea8133d3e287a1fe7_ppc64le", "product_identification_helper": { "purl": "pkg:oci/metrics-schema-installer@sha256:22292281c5664ad742335a5f2eec938d44abd01abcce206ea8133d3e287a1fe7?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift3/metrics-schema-installer\u0026tag=v3.11.141-2" } } }, { "category": "product_version", "name": "openshift3/ose-metrics-schema-installer@sha256:22292281c5664ad742335a5f2eec938d44abd01abcce206ea8133d3e287a1fe7_ppc64le", "product": { "name": "openshift3/ose-metrics-schema-installer@sha256:22292281c5664ad742335a5f2eec938d44abd01abcce206ea8133d3e287a1fe7_ppc64le", "product_id": "openshift3/ose-metrics-schema-installer@sha256:22292281c5664ad742335a5f2eec938d44abd01abcce206ea8133d3e287a1fe7_ppc64le", "product_identification_helper": { "purl": "pkg:oci/ose-metrics-schema-installer@sha256:22292281c5664ad742335a5f2eec938d44abd01abcce206ea8133d3e287a1fe7?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift3/ose-metrics-schema-installer\u0026tag=v3.11.141-2" } } }, { "category": "product_version", "name": "openshift3/apb-base@sha256:763cc3daeb5d74f01fc4f0ae901f602a9e38204f3249386950ba1595b3f5db4a_ppc64le", "product": { "name": "openshift3/apb-base@sha256:763cc3daeb5d74f01fc4f0ae901f602a9e38204f3249386950ba1595b3f5db4a_ppc64le", "product_id": "openshift3/apb-base@sha256:763cc3daeb5d74f01fc4f0ae901f602a9e38204f3249386950ba1595b3f5db4a_ppc64le", "product_identification_helper": { "purl": "pkg:oci/apb-base@sha256:763cc3daeb5d74f01fc4f0ae901f602a9e38204f3249386950ba1595b3f5db4a?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift3/apb-base\u0026tag=v3.11.141-2" } } }, { "category": "product_version", "name": "openshift3/apb-tools@sha256:fed26de0a6f33af0a7475e0eabfebb47aae5deb9e8e174b8442bf993edc3b82a_ppc64le", "product": { "name": "openshift3/apb-tools@sha256:fed26de0a6f33af0a7475e0eabfebb47aae5deb9e8e174b8442bf993edc3b82a_ppc64le", "product_id": "openshift3/apb-tools@sha256:fed26de0a6f33af0a7475e0eabfebb47aae5deb9e8e174b8442bf993edc3b82a_ppc64le", "product_identification_helper": { "purl": "pkg:oci/apb-tools@sha256:fed26de0a6f33af0a7475e0eabfebb47aae5deb9e8e174b8442bf993edc3b82a?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift3/apb-tools\u0026tag=v3.11.141-2" } } }, { "category": "product_version", "name": "openshift3/ose-ansible-service-broker@sha256:46de44b99bf79215f94481dec58052784b460b816b3e03a4a52574b61ee03e8e_ppc64le", "product": { "name": "openshift3/ose-ansible-service-broker@sha256:46de44b99bf79215f94481dec58052784b460b816b3e03a4a52574b61ee03e8e_ppc64le", "product_id": "openshift3/ose-ansible-service-broker@sha256:46de44b99bf79215f94481dec58052784b460b816b3e03a4a52574b61ee03e8e_ppc64le", "product_identification_helper": { "purl": "pkg:oci/ose-ansible-service-broker@sha256:46de44b99bf79215f94481dec58052784b460b816b3e03a4a52574b61ee03e8e?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift3/ose-ansible-service-broker\u0026tag=v3.11.141-2" } } }, { "category": "product_version", "name": "openshift3/ose-docker-builder@sha256:b44135431a2eda1ca40da3acf80ef1093a753a189b4b8469060f902c3469a6f2_ppc64le", "product": { "name": "openshift3/ose-docker-builder@sha256:b44135431a2eda1ca40da3acf80ef1093a753a189b4b8469060f902c3469a6f2_ppc64le", "product_id": "openshift3/ose-docker-builder@sha256:b44135431a2eda1ca40da3acf80ef1093a753a189b4b8469060f902c3469a6f2_ppc64le", "product_identification_helper": { "purl": "pkg:oci/ose-docker-builder@sha256:b44135431a2eda1ca40da3acf80ef1093a753a189b4b8469060f902c3469a6f2?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift3/ose-docker-builder\u0026tag=v3.11.141-2" } } }, { "category": "product_version", "name": "openshift3/ose-cli@sha256:a51d8da60af7b955043cb55054e089de8f626d9168a3793f8d8c1ea7c319235e_ppc64le", "product": { "name": "openshift3/ose-cli@sha256:a51d8da60af7b955043cb55054e089de8f626d9168a3793f8d8c1ea7c319235e_ppc64le", "product_id": "openshift3/ose-cli@sha256:a51d8da60af7b955043cb55054e089de8f626d9168a3793f8d8c1ea7c319235e_ppc64le", "product_identification_helper": { "purl": "pkg:oci/ose-cli@sha256:a51d8da60af7b955043cb55054e089de8f626d9168a3793f8d8c1ea7c319235e?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift3/ose-cli\u0026tag=v3.11.141-2" } } }, { "category": "product_version", "name": "openshift3/ose-cluster-capacity@sha256:92ae1175d9c5bb766256f76ddc0dc7c6daba3f6cffd31d840deb82cb24f66286_ppc64le", "product": { "name": "openshift3/ose-cluster-capacity@sha256:92ae1175d9c5bb766256f76ddc0dc7c6daba3f6cffd31d840deb82cb24f66286_ppc64le", "product_id": "openshift3/ose-cluster-capacity@sha256:92ae1175d9c5bb766256f76ddc0dc7c6daba3f6cffd31d840deb82cb24f66286_ppc64le", "product_identification_helper": { "purl": "pkg:oci/ose-cluster-capacity@sha256:92ae1175d9c5bb766256f76ddc0dc7c6daba3f6cffd31d840deb82cb24f66286?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift3/ose-cluster-capacity\u0026tag=v3.11.141-2" } } }, { "category": "product_version", "name": "openshift3/ose-console@sha256:cbe2968f424dadcc457d0b073a85cac64a94b860484738fe8f5f43ffd3121564_ppc64le", "product": { "name": "openshift3/ose-console@sha256:cbe2968f424dadcc457d0b073a85cac64a94b860484738fe8f5f43ffd3121564_ppc64le", "product_id": "openshift3/ose-console@sha256:cbe2968f424dadcc457d0b073a85cac64a94b860484738fe8f5f43ffd3121564_ppc64le", "product_identification_helper": { "purl": "pkg:oci/ose-console@sha256:cbe2968f424dadcc457d0b073a85cac64a94b860484738fe8f5f43ffd3121564?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift3/ose-console\u0026tag=v3.11.141-2" } } }, { "category": "product_version", "name": "openshift3/ose@sha256:957c119cbf332f8a1fc9f46b1f94b79dfb4e87bec2677d17258354992e824215_ppc64le", "product": { "name": "openshift3/ose@sha256:957c119cbf332f8a1fc9f46b1f94b79dfb4e87bec2677d17258354992e824215_ppc64le", "product_id": "openshift3/ose@sha256:957c119cbf332f8a1fc9f46b1f94b79dfb4e87bec2677d17258354992e824215_ppc64le", "product_identification_helper": { "purl": "pkg:oci/ose@sha256:957c119cbf332f8a1fc9f46b1f94b79dfb4e87bec2677d17258354992e824215?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift3/ose\u0026tag=v3.11.141-3" } } }, { "category": "product_version", "name": "openshift3/ose-control-plane@sha256:957c119cbf332f8a1fc9f46b1f94b79dfb4e87bec2677d17258354992e824215_ppc64le", "product": { "name": "openshift3/ose-control-plane@sha256:957c119cbf332f8a1fc9f46b1f94b79dfb4e87bec2677d17258354992e824215_ppc64le", "product_id": "openshift3/ose-control-plane@sha256:957c119cbf332f8a1fc9f46b1f94b79dfb4e87bec2677d17258354992e824215_ppc64le", "product_identification_helper": { "purl": "pkg:oci/ose-control-plane@sha256:957c119cbf332f8a1fc9f46b1f94b79dfb4e87bec2677d17258354992e824215?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift3/ose-control-plane\u0026tag=v3.11.141-3" } } }, { "category": "product_version", "name": "openshift3/ose-deployer@sha256:2770c5ff63e4dce7ea91c2d6cc795b8236e482cc07ec61e3ed873daafff41413_ppc64le", "product": { "name": "openshift3/ose-deployer@sha256:2770c5ff63e4dce7ea91c2d6cc795b8236e482cc07ec61e3ed873daafff41413_ppc64le", "product_id": "openshift3/ose-deployer@sha256:2770c5ff63e4dce7ea91c2d6cc795b8236e482cc07ec61e3ed873daafff41413_ppc64le", "product_identification_helper": { "purl": "pkg:oci/ose-deployer@sha256:2770c5ff63e4dce7ea91c2d6cc795b8236e482cc07ec61e3ed873daafff41413?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift3/ose-deployer\u0026tag=v3.11.141-2" } } }, { "category": "product_version", "name": "openshift3/ose-egress-dns-proxy@sha256:0aa6d4341a93d6be4964c24b933041357f8e84ea89eea318917955faf5c2ef49_ppc64le", "product": { "name": "openshift3/ose-egress-dns-proxy@sha256:0aa6d4341a93d6be4964c24b933041357f8e84ea89eea318917955faf5c2ef49_ppc64le", "product_id": "openshift3/ose-egress-dns-proxy@sha256:0aa6d4341a93d6be4964c24b933041357f8e84ea89eea318917955faf5c2ef49_ppc64le", "product_identification_helper": { "purl": "pkg:oci/ose-egress-dns-proxy@sha256:0aa6d4341a93d6be4964c24b933041357f8e84ea89eea318917955faf5c2ef49?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift3/ose-egress-dns-proxy\u0026tag=v3.11.141-2" } } }, { "category": "product_version", "name": "openshift3/ose-egress-router@sha256:dc704c03ebff6c95a0473f400e75aad2f61f5c21c6e9118ced6ff4f504c3a33b_ppc64le", "product": { "name": "openshift3/ose-egress-router@sha256:dc704c03ebff6c95a0473f400e75aad2f61f5c21c6e9118ced6ff4f504c3a33b_ppc64le", "product_id": "openshift3/ose-egress-router@sha256:dc704c03ebff6c95a0473f400e75aad2f61f5c21c6e9118ced6ff4f504c3a33b_ppc64le", "product_identification_helper": { "purl": "pkg:oci/ose-egress-router@sha256:dc704c03ebff6c95a0473f400e75aad2f61f5c21c6e9118ced6ff4f504c3a33b?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift3/ose-egress-router\u0026tag=v3.11.141-2" } } }, { "category": "product_version", "name": "openshift3/ose-haproxy-router@sha256:07deef108cd4aee617a59656605d7c966dedf28eeee7ffe0843be56e5ce077c9_ppc64le", "product": { "name": "openshift3/ose-haproxy-router@sha256:07deef108cd4aee617a59656605d7c966dedf28eeee7ffe0843be56e5ce077c9_ppc64le", "product_id": "openshift3/ose-haproxy-router@sha256:07deef108cd4aee617a59656605d7c966dedf28eeee7ffe0843be56e5ce077c9_ppc64le", "product_identification_helper": { "purl": "pkg:oci/ose-haproxy-router@sha256:07deef108cd4aee617a59656605d7c966dedf28eeee7ffe0843be56e5ce077c9?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift3/ose-haproxy-router\u0026tag=v3.11.141-2" } } }, { "category": "product_version", "name": "openshift3/ose-hyperkube@sha256:75617155f039423e7ce8166cbf55405ac1b7349b24d628a443d92f2b0972bdad_ppc64le", "product": { "name": "openshift3/ose-hyperkube@sha256:75617155f039423e7ce8166cbf55405ac1b7349b24d628a443d92f2b0972bdad_ppc64le", "product_id": "openshift3/ose-hyperkube@sha256:75617155f039423e7ce8166cbf55405ac1b7349b24d628a443d92f2b0972bdad_ppc64le", "product_identification_helper": { "purl": "pkg:oci/ose-hyperkube@sha256:75617155f039423e7ce8166cbf55405ac1b7349b24d628a443d92f2b0972bdad?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift3/ose-hyperkube\u0026tag=v3.11.141-2" } } }, { "category": "product_version", "name": "openshift3/ose-hypershift@sha256:08ffc52ccea1e13602764c1119502bdf56c502d8613e44bfc0ec77689bda7c51_ppc64le", "product": { "name": "openshift3/ose-hypershift@sha256:08ffc52ccea1e13602764c1119502bdf56c502d8613e44bfc0ec77689bda7c51_ppc64le", "product_id": "openshift3/ose-hypershift@sha256:08ffc52ccea1e13602764c1119502bdf56c502d8613e44bfc0ec77689bda7c51_ppc64le", "product_identification_helper": { "purl": "pkg:oci/ose-hypershift@sha256:08ffc52ccea1e13602764c1119502bdf56c502d8613e44bfc0ec77689bda7c51?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift3/ose-hypershift\u0026tag=v3.11.141-2" } } }, { "category": "product_version", "name": "openshift3/ose-keepalived-ipfailover@sha256:f64aa6a87b545dde145ec19a6420545db605c4dfb014caeb710e85eb88e0233b_ppc64le", "product": { "name": "openshift3/ose-keepalived-ipfailover@sha256:f64aa6a87b545dde145ec19a6420545db605c4dfb014caeb710e85eb88e0233b_ppc64le", "product_id": "openshift3/ose-keepalived-ipfailover@sha256:f64aa6a87b545dde145ec19a6420545db605c4dfb014caeb710e85eb88e0233b_ppc64le", "product_identification_helper": { "purl": "pkg:oci/ose-keepalived-ipfailover@sha256:f64aa6a87b545dde145ec19a6420545db605c4dfb014caeb710e85eb88e0233b?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift3/ose-keepalived-ipfailover\u0026tag=v3.11.141-2" } } }, { "category": "product_version", "name": "openshift3/mariadb-apb@sha256:98fd26d9468f1532bea988ddd1be7cc924b1d2f30c8275947450cef7cb8a21ce_ppc64le", "product": { "name": "openshift3/mariadb-apb@sha256:98fd26d9468f1532bea988ddd1be7cc924b1d2f30c8275947450cef7cb8a21ce_ppc64le", "product_id": "openshift3/mariadb-apb@sha256:98fd26d9468f1532bea988ddd1be7cc924b1d2f30c8275947450cef7cb8a21ce_ppc64le", "product_identification_helper": { "purl": "pkg:oci/mariadb-apb@sha256:98fd26d9468f1532bea988ddd1be7cc924b1d2f30c8275947450cef7cb8a21ce?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift3/mariadb-apb\u0026tag=v3.11.141-2" } } }, { "category": "product_version", "name": "openshift3/mediawiki-apb@sha256:d369b64a003eb3195de1a1b6c98bc88b931139ad65ab882009b9190d3bd048f5_ppc64le", "product": { "name": "openshift3/mediawiki-apb@sha256:d369b64a003eb3195de1a1b6c98bc88b931139ad65ab882009b9190d3bd048f5_ppc64le", "product_id": "openshift3/mediawiki-apb@sha256:d369b64a003eb3195de1a1b6c98bc88b931139ad65ab882009b9190d3bd048f5_ppc64le", "product_identification_helper": { "purl": "pkg:oci/mediawiki-apb@sha256:d369b64a003eb3195de1a1b6c98bc88b931139ad65ab882009b9190d3bd048f5?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift3/mediawiki-apb\u0026tag=v3.11.141-2" } } }, { "category": "product_version", "name": "openshift3/mediawiki@sha256:cdf96ce8e717292735a6878adb38ef659538d0d236b0c8377eb75156383fc612_ppc64le", "product": { "name": "openshift3/mediawiki@sha256:cdf96ce8e717292735a6878adb38ef659538d0d236b0c8377eb75156383fc612_ppc64le", "product_id": "openshift3/mediawiki@sha256:cdf96ce8e717292735a6878adb38ef659538d0d236b0c8377eb75156383fc612_ppc64le", "product_identification_helper": { "purl": "pkg:oci/mediawiki@sha256:cdf96ce8e717292735a6878adb38ef659538d0d236b0c8377eb75156383fc612?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift3/mediawiki\u0026tag=v3.11.141-3" } } }, { "category": "product_version", "name": "openshift3/mysql-apb@sha256:299169d8878ea82187652e6039918684ad94b7c0df20f80095f50ca15c5fbdff_ppc64le", "product": { "name": "openshift3/mysql-apb@sha256:299169d8878ea82187652e6039918684ad94b7c0df20f80095f50ca15c5fbdff_ppc64le", "product_id": "openshift3/mysql-apb@sha256:299169d8878ea82187652e6039918684ad94b7c0df20f80095f50ca15c5fbdff_ppc64le", "product_identification_helper": { "purl": "pkg:oci/mysql-apb@sha256:299169d8878ea82187652e6039918684ad94b7c0df20f80095f50ca15c5fbdff?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift3/mysql-apb\u0026tag=v3.11.141-2" } } }, { "category": "product_version", "name": "openshift3/ose-node@sha256:848c5444d818200c952b9660c3384f773305bdd33ddaa57a98fb25b883cfca9d_ppc64le", "product": { "name": "openshift3/ose-node@sha256:848c5444d818200c952b9660c3384f773305bdd33ddaa57a98fb25b883cfca9d_ppc64le", "product_id": "openshift3/ose-node@sha256:848c5444d818200c952b9660c3384f773305bdd33ddaa57a98fb25b883cfca9d_ppc64le", "product_identification_helper": { "purl": "pkg:oci/ose-node@sha256:848c5444d818200c952b9660c3384f773305bdd33ddaa57a98fb25b883cfca9d?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift3/ose-node\u0026tag=v3.11.141-3" } } }, { "category": "product_version", "name": "openshift3/node@sha256:848c5444d818200c952b9660c3384f773305bdd33ddaa57a98fb25b883cfca9d_ppc64le", "product": { "name": "openshift3/node@sha256:848c5444d818200c952b9660c3384f773305bdd33ddaa57a98fb25b883cfca9d_ppc64le", "product_id": "openshift3/node@sha256:848c5444d818200c952b9660c3384f773305bdd33ddaa57a98fb25b883cfca9d_ppc64le", "product_identification_helper": { "purl": "pkg:oci/node@sha256:848c5444d818200c952b9660c3384f773305bdd33ddaa57a98fb25b883cfca9d?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift3/node\u0026tag=v3.11.141-3" } } }, { "category": "product_version", "name": "openshift3/ose-pod@sha256:eddd3f77fa3cacad66f41a154893d1e40c8d2b39864c344ac84a7479ff179b51_ppc64le", "product": { "name": "openshift3/ose-pod@sha256:eddd3f77fa3cacad66f41a154893d1e40c8d2b39864c344ac84a7479ff179b51_ppc64le", "product_id": "openshift3/ose-pod@sha256:eddd3f77fa3cacad66f41a154893d1e40c8d2b39864c344ac84a7479ff179b51_ppc64le", "product_identification_helper": { "purl": "pkg:oci/ose-pod@sha256:eddd3f77fa3cacad66f41a154893d1e40c8d2b39864c344ac84a7479ff179b51?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift3/ose-pod\u0026tag=v3.11.141-2" } } }, { "category": "product_version", "name": "openshift3/postgresql-apb@sha256:35e86667930dcb3082ef64b2496f92e597a703f120c221c2bdcc0911d7524e54_ppc64le", "product": { "name": "openshift3/postgresql-apb@sha256:35e86667930dcb3082ef64b2496f92e597a703f120c221c2bdcc0911d7524e54_ppc64le", "product_id": "openshift3/postgresql-apb@sha256:35e86667930dcb3082ef64b2496f92e597a703f120c221c2bdcc0911d7524e54_ppc64le", "product_identification_helper": { "purl": "pkg:oci/postgresql-apb@sha256:35e86667930dcb3082ef64b2496f92e597a703f120c221c2bdcc0911d7524e54?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift3/postgresql-apb\u0026tag=v3.11.141-2" } } }, { "category": "product_version", "name": "openshift3/ose-recycler@sha256:afe370d3e7bbf905aaa49b7ea70fc599b37b928a4f280c4fa1570364df80ac31_ppc64le", "product": { "name": "openshift3/ose-recycler@sha256:afe370d3e7bbf905aaa49b7ea70fc599b37b928a4f280c4fa1570364df80ac31_ppc64le", "product_id": "openshift3/ose-recycler@sha256:afe370d3e7bbf905aaa49b7ea70fc599b37b928a4f280c4fa1570364df80ac31_ppc64le", "product_identification_helper": { "purl": "pkg:oci/ose-recycler@sha256:afe370d3e7bbf905aaa49b7ea70fc599b37b928a4f280c4fa1570364df80ac31?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift3/ose-recycler\u0026tag=v3.11.141-2" } } }, { "category": "product_version", "name": "openshift3/ose-docker-registry@sha256:3c561e80747101dec581f8bcb0e979bfb10a432322bc8ffacaa0e5602250dd72_ppc64le", "product": { "name": "openshift3/ose-docker-registry@sha256:3c561e80747101dec581f8bcb0e979bfb10a432322bc8ffacaa0e5602250dd72_ppc64le", "product_id": "openshift3/ose-docker-registry@sha256:3c561e80747101dec581f8bcb0e979bfb10a432322bc8ffacaa0e5602250dd72_ppc64le", "product_identification_helper": { "purl": "pkg:oci/ose-docker-registry@sha256:3c561e80747101dec581f8bcb0e979bfb10a432322bc8ffacaa0e5602250dd72?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift3/ose-docker-registry\u0026tag=v3.11.141-2" } } }, { "category": "product_version", "name": "openshift3/ose-service-catalog@sha256:9a49c75bc750ae724f51696f4c0052325a3d379250d4973fca54e2f9562f1438_ppc64le", "product": { "name": "openshift3/ose-service-catalog@sha256:9a49c75bc750ae724f51696f4c0052325a3d379250d4973fca54e2f9562f1438_ppc64le", "product_id": "openshift3/ose-service-catalog@sha256:9a49c75bc750ae724f51696f4c0052325a3d379250d4973fca54e2f9562f1438_ppc64le", "product_identification_helper": { "purl": "pkg:oci/ose-service-catalog@sha256:9a49c75bc750ae724f51696f4c0052325a3d379250d4973fca54e2f9562f1438?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift3/ose-service-catalog\u0026tag=v3.11.141-2" } } }, { "category": "product_version", "name": "openshift3/ose-tests@sha256:1aba6f3a603f073e8176293140a3ffe111fc7699ef0ba45382857e39f289bb25_ppc64le", "product": { "name": "openshift3/ose-tests@sha256:1aba6f3a603f073e8176293140a3ffe111fc7699ef0ba45382857e39f289bb25_ppc64le", "product_id": "openshift3/ose-tests@sha256:1aba6f3a603f073e8176293140a3ffe111fc7699ef0ba45382857e39f289bb25_ppc64le", "product_identification_helper": { "purl": "pkg:oci/ose-tests@sha256:1aba6f3a603f073e8176293140a3ffe111fc7699ef0ba45382857e39f289bb25?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift3/ose-tests\u0026tag=v3.11.141-2" } } }, { "category": "product_version", "name": "openshift3/local-storage-provisioner@sha256:64567f985077b0e5ce3e12e9f43e5d4c434cbf3c93e02c3c9a2996c7b1121878_ppc64le", "product": { "name": "openshift3/local-storage-provisioner@sha256:64567f985077b0e5ce3e12e9f43e5d4c434cbf3c93e02c3c9a2996c7b1121878_ppc64le", "product_id": "openshift3/local-storage-provisioner@sha256:64567f985077b0e5ce3e12e9f43e5d4c434cbf3c93e02c3c9a2996c7b1121878_ppc64le", "product_identification_helper": { "purl": "pkg:oci/local-storage-provisioner@sha256:64567f985077b0e5ce3e12e9f43e5d4c434cbf3c93e02c3c9a2996c7b1121878?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift3/local-storage-provisioner\u0026tag=v3.11.141-2" } } }, { "category": "product_version", "name": "openshift3/manila-provisioner@sha256:e22b20f538e6f322998bf7436c60b0171d9fbada1d04c404b8b7252e2e1603cc_ppc64le", "product": { "name": "openshift3/manila-provisioner@sha256:e22b20f538e6f322998bf7436c60b0171d9fbada1d04c404b8b7252e2e1603cc_ppc64le", "product_id": "openshift3/manila-provisioner@sha256:e22b20f538e6f322998bf7436c60b0171d9fbada1d04c404b8b7252e2e1603cc_ppc64le", "product_identification_helper": { "purl": "pkg:oci/manila-provisioner@sha256:e22b20f538e6f322998bf7436c60b0171d9fbada1d04c404b8b7252e2e1603cc?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift3/manila-provisioner\u0026tag=v3.11.141-2" } } }, { "category": "product_version", "name": "openshift3/ose-operator-lifecycle-manager@sha256:6905b9589f982e35f7ff59da2453e0bbac3684727a927317e17db850d1f84374_ppc64le", "product": { "name": "openshift3/ose-operator-lifecycle-manager@sha256:6905b9589f982e35f7ff59da2453e0bbac3684727a927317e17db850d1f84374_ppc64le", "product_id": "openshift3/ose-operator-lifecycle-manager@sha256:6905b9589f982e35f7ff59da2453e0bbac3684727a927317e17db850d1f84374_ppc64le", "product_identification_helper": { "purl": "pkg:oci/ose-operator-lifecycle-manager@sha256:6905b9589f982e35f7ff59da2453e0bbac3684727a927317e17db850d1f84374?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift3/ose-operator-lifecycle-manager\u0026tag=v3.11.141-2" } } }, { "category": "product_version", "name": "openshift3/ose-web-console@sha256:de2e2745d5ca1152aa3ad88013e3cd5eddda1d771e97d105943bdeb42024d57a_ppc64le", "product": { "name": "openshift3/ose-web-console@sha256:de2e2745d5ca1152aa3ad88013e3cd5eddda1d771e97d105943bdeb42024d57a_ppc64le", "product_id": "openshift3/ose-web-console@sha256:de2e2745d5ca1152aa3ad88013e3cd5eddda1d771e97d105943bdeb42024d57a_ppc64le", "product_identification_helper": { "purl": "pkg:oci/ose-web-console@sha256:de2e2745d5ca1152aa3ad88013e3cd5eddda1d771e97d105943bdeb42024d57a?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift3/ose-web-console\u0026tag=v3.11.141-2" } } }, { "category": "product_version", "name": "openshift3/ose-egress-http-proxy@sha256:1c57b9e3567fe4cac8d37243c8b8c6a3ffea609e0c421c35bea1c594e4dc956b_ppc64le", "product": { "name": "openshift3/ose-egress-http-proxy@sha256:1c57b9e3567fe4cac8d37243c8b8c6a3ffea609e0c421c35bea1c594e4dc956b_ppc64le", "product_id": "openshift3/ose-egress-http-proxy@sha256:1c57b9e3567fe4cac8d37243c8b8c6a3ffea609e0c421c35bea1c594e4dc956b_ppc64le", "product_identification_helper": { "purl": "pkg:oci/ose-egress-http-proxy@sha256:1c57b9e3567fe4cac8d37243c8b8c6a3ffea609e0c421c35bea1c594e4dc956b?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift3/ose-egress-http-proxy\u0026tag=v3.11.141-2" } } }, { "category": "product_version", "name": "openshift3/ose-ovn-kubernetes@sha256:46d62a21532bb365bec6d182492e8b15681581df0059057a4fb72391c8022d2e_ppc64le", "product": { "name": "openshift3/ose-ovn-kubernetes@sha256:46d62a21532bb365bec6d182492e8b15681581df0059057a4fb72391c8022d2e_ppc64le", "product_id": "openshift3/ose-ovn-kubernetes@sha256:46d62a21532bb365bec6d182492e8b15681581df0059057a4fb72391c8022d2e_ppc64le", "product_identification_helper": { "purl": "pkg:oci/ose-ovn-kubernetes@sha256:46d62a21532bb365bec6d182492e8b15681581df0059057a4fb72391c8022d2e?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift3/ose-ovn-kubernetes\u0026tag=v3.11.141-2" } } }, { "category": "product_version", "name": "openshift3/ose-prometheus-config-reloader@sha256:dbe9b3eb376e3171c44e6edd4a3b9501460cf02ad1c7abf92188379f078177d4_ppc64le", "product": { "name": "openshift3/ose-prometheus-config-reloader@sha256:dbe9b3eb376e3171c44e6edd4a3b9501460cf02ad1c7abf92188379f078177d4_ppc64le", "product_id": "openshift3/ose-prometheus-config-reloader@sha256:dbe9b3eb376e3171c44e6edd4a3b9501460cf02ad1c7abf92188379f078177d4_ppc64le", "product_identification_helper": { "purl": "pkg:oci/ose-prometheus-config-reloader@sha256:dbe9b3eb376e3171c44e6edd4a3b9501460cf02ad1c7abf92188379f078177d4?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift3/ose-prometheus-config-reloader\u0026tag=v3.11.141-2" } } }, { "category": "product_version", "name": "openshift3/ose-prometheus-operator@sha256:a1c9890733a1c6e2ad09937ddb1fbaa93f22ef52eb5830203d49b9e295e279f0_ppc64le", "product": { "name": "openshift3/ose-prometheus-operator@sha256:a1c9890733a1c6e2ad09937ddb1fbaa93f22ef52eb5830203d49b9e295e279f0_ppc64le", "product_id": "openshift3/ose-prometheus-operator@sha256:a1c9890733a1c6e2ad09937ddb1fbaa93f22ef52eb5830203d49b9e295e279f0_ppc64le", "product_identification_helper": { "purl": "pkg:oci/ose-prometheus-operator@sha256:a1c9890733a1c6e2ad09937ddb1fbaa93f22ef52eb5830203d49b9e295e279f0?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift3/ose-prometheus-operator\u0026tag=v3.11.141-2" } } }, { "category": "product_version", "name": "openshift3/registry-console@sha256:d9cc22adbe09ba5162c9130b621fb5f2642f1ca6bf56e2224e926c002b81b06b_ppc64le", "product": { "name": "openshift3/registry-console@sha256:d9cc22adbe09ba5162c9130b621fb5f2642f1ca6bf56e2224e926c002b81b06b_ppc64le", "product_id": "openshift3/registry-console@sha256:d9cc22adbe09ba5162c9130b621fb5f2642f1ca6bf56e2224e926c002b81b06b_ppc64le", "product_identification_helper": { "purl": "pkg:oci/registry-console@sha256:d9cc22adbe09ba5162c9130b621fb5f2642f1ca6bf56e2224e926c002b81b06b?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift3/registry-console\u0026tag=v3.11.141-2" } } }, { "category": "product_version", "name": "openshift3/snapshot-controller@sha256:67db41ada9b1f97a8bda559bb034792c94eea351d7d4ad683984416d23899d25_ppc64le", "product": { "name": "openshift3/snapshot-controller@sha256:67db41ada9b1f97a8bda559bb034792c94eea351d7d4ad683984416d23899d25_ppc64le", "product_id": "openshift3/snapshot-controller@sha256:67db41ada9b1f97a8bda559bb034792c94eea351d7d4ad683984416d23899d25_ppc64le", "product_identification_helper": { "purl": "pkg:oci/snapshot-controller@sha256:67db41ada9b1f97a8bda559bb034792c94eea351d7d4ad683984416d23899d25?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift3/snapshot-controller\u0026tag=v3.11.141-2" } } }, { "category": "product_version", "name": "openshift3/snapshot-provisioner@sha256:81812db06e3240c9050f4ef2e7a43004fdf63cbbfd22b345d6969cc488f2e89b_ppc64le", "product": { "name": "openshift3/snapshot-provisioner@sha256:81812db06e3240c9050f4ef2e7a43004fdf63cbbfd22b345d6969cc488f2e89b_ppc64le", "product_id": "openshift3/snapshot-provisioner@sha256:81812db06e3240c9050f4ef2e7a43004fdf63cbbfd22b345d6969cc488f2e89b_ppc64le", "product_identification_helper": { "purl": "pkg:oci/snapshot-provisioner@sha256:81812db06e3240c9050f4ef2e7a43004fdf63cbbfd22b345d6969cc488f2e89b?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift3/snapshot-provisioner\u0026tag=v3.11.141-2" } } }, { "category": "product_version", "name": "openshift3/ose-template-service-broker@sha256:45c412b61b4f36bbb9741901a2fdd8799c736fb1d4d752ba5104cc19b625bd81_ppc64le", "product": { "name": "openshift3/ose-template-service-broker@sha256:45c412b61b4f36bbb9741901a2fdd8799c736fb1d4d752ba5104cc19b625bd81_ppc64le", "product_id": "openshift3/ose-template-service-broker@sha256:45c412b61b4f36bbb9741901a2fdd8799c736fb1d4d752ba5104cc19b625bd81_ppc64le", "product_identification_helper": { "purl": "pkg:oci/ose-template-service-broker@sha256:45c412b61b4f36bbb9741901a2fdd8799c736fb1d4d752ba5104cc19b625bd81?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift3/ose-template-service-broker\u0026tag=v3.11.141-2" } } } ], "category": "architecture", "name": "ppc64le" } ], "category": "vendor", "name": "Red Hat" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "openshift3/apb-base@sha256:763cc3daeb5d74f01fc4f0ae901f602a9e38204f3249386950ba1595b3f5db4a_ppc64le as a component of Red Hat OpenShift Container Platform 3.11", "product_id": "7Server-RH7-RHOSE-3.11:openshift3/apb-base@sha256:763cc3daeb5d74f01fc4f0ae901f602a9e38204f3249386950ba1595b3f5db4a_ppc64le" }, "product_reference": "openshift3/apb-base@sha256:763cc3daeb5d74f01fc4f0ae901f602a9e38204f3249386950ba1595b3f5db4a_ppc64le", "relates_to_product_reference": "7Server-RH7-RHOSE-3.11" }, { "category": "default_component_of", "full_product_name": { "name": "openshift3/apb-base@sha256:e552aab7947ceb3742f3edb0649222dab417fd94224926fcf6535efea3a49eab_amd64 as a component of Red Hat OpenShift Container Platform 3.11", "product_id": "7Server-RH7-RHOSE-3.11:openshift3/apb-base@sha256:e552aab7947ceb3742f3edb0649222dab417fd94224926fcf6535efea3a49eab_amd64" }, "product_reference": "openshift3/apb-base@sha256:e552aab7947ceb3742f3edb0649222dab417fd94224926fcf6535efea3a49eab_amd64", "relates_to_product_reference": "7Server-RH7-RHOSE-3.11" }, { "category": "default_component_of", "full_product_name": { "name": "openshift3/apb-tools@sha256:16b6f591ef4b12426de75783812a183539dbfa610da1797491d381aaa16d6c10_amd64 as a component of Red Hat OpenShift Container Platform 3.11", "product_id": "7Server-RH7-RHOSE-3.11:openshift3/apb-tools@sha256:16b6f591ef4b12426de75783812a183539dbfa610da1797491d381aaa16d6c10_amd64" }, "product_reference": "openshift3/apb-tools@sha256:16b6f591ef4b12426de75783812a183539dbfa610da1797491d381aaa16d6c10_amd64", "relates_to_product_reference": "7Server-RH7-RHOSE-3.11" }, { "category": "default_component_of", "full_product_name": { "name": "openshift3/apb-tools@sha256:fed26de0a6f33af0a7475e0eabfebb47aae5deb9e8e174b8442bf993edc3b82a_ppc64le as a component of Red Hat OpenShift Container Platform 3.11", "product_id": "7Server-RH7-RHOSE-3.11:openshift3/apb-tools@sha256:fed26de0a6f33af0a7475e0eabfebb47aae5deb9e8e174b8442bf993edc3b82a_ppc64le" }, "product_reference": "openshift3/apb-tools@sha256:fed26de0a6f33af0a7475e0eabfebb47aae5deb9e8e174b8442bf993edc3b82a_ppc64le", "relates_to_product_reference": "7Server-RH7-RHOSE-3.11" }, { "category": "default_component_of", "full_product_name": { "name": "openshift3/automation-broker-apb@sha256:74927207b9b2e8096c25a0bdd4970eff6b74308d490080b6a02f65a744b52df8_amd64 as a component of Red Hat OpenShift Container Platform 3.11", "product_id": "7Server-RH7-RHOSE-3.11:openshift3/automation-broker-apb@sha256:74927207b9b2e8096c25a0bdd4970eff6b74308d490080b6a02f65a744b52df8_amd64" }, "product_reference": "openshift3/automation-broker-apb@sha256:74927207b9b2e8096c25a0bdd4970eff6b74308d490080b6a02f65a744b52df8_amd64", "relates_to_product_reference": "7Server-RH7-RHOSE-3.11" }, { "category": "default_component_of", "full_product_name": { "name": "openshift3/automation-broker-apb@sha256:a4aad2f41791ab0223c36ce9f1b353d45fc33104930d9dcf5e711df977c1e641_ppc64le as a component of Red Hat OpenShift Container Platform 3.11", "product_id": "7Server-RH7-RHOSE-3.11:openshift3/automation-broker-apb@sha256:a4aad2f41791ab0223c36ce9f1b353d45fc33104930d9dcf5e711df977c1e641_ppc64le" }, "product_reference": "openshift3/automation-broker-apb@sha256:a4aad2f41791ab0223c36ce9f1b353d45fc33104930d9dcf5e711df977c1e641_ppc64le", "relates_to_product_reference": "7Server-RH7-RHOSE-3.11" }, { "category": "default_component_of", "full_product_name": { "name": "openshift3/csi-attacher@sha256:854e60e8d6fc1ab8004bb6c0320df575a0e619ce0c57369817154d409019f7aa_amd64 as a component of Red Hat OpenShift Container Platform 3.11", "product_id": "7Server-RH7-RHOSE-3.11:openshift3/csi-attacher@sha256:854e60e8d6fc1ab8004bb6c0320df575a0e619ce0c57369817154d409019f7aa_amd64" }, "product_reference": "openshift3/csi-attacher@sha256:854e60e8d6fc1ab8004bb6c0320df575a0e619ce0c57369817154d409019f7aa_amd64", "relates_to_product_reference": "7Server-RH7-RHOSE-3.11" }, { "category": "default_component_of", "full_product_name": { "name": "openshift3/csi-attacher@sha256:915953e86be37116879247233530e9f8d21db28c51f516bbc704bd5bd3d1bfd2_ppc64le as a component of Red Hat OpenShift Container Platform 3.11", "product_id": "7Server-RH7-RHOSE-3.11:openshift3/csi-attacher@sha256:915953e86be37116879247233530e9f8d21db28c51f516bbc704bd5bd3d1bfd2_ppc64le" }, "product_reference": "openshift3/csi-attacher@sha256:915953e86be37116879247233530e9f8d21db28c51f516bbc704bd5bd3d1bfd2_ppc64le", "relates_to_product_reference": "7Server-RH7-RHOSE-3.11" }, { "category": "default_component_of", "full_product_name": { "name": "openshift3/csi-driver-registrar@sha256:7388276b383db3b45c1fbdb4ec3266e41a566a8c612af37c8bfc3b63ae1ac556_amd64 as a component of Red Hat OpenShift Container Platform 3.11", "product_id": "7Server-RH7-RHOSE-3.11:openshift3/csi-driver-registrar@sha256:7388276b383db3b45c1fbdb4ec3266e41a566a8c612af37c8bfc3b63ae1ac556_amd64" }, "product_reference": "openshift3/csi-driver-registrar@sha256:7388276b383db3b45c1fbdb4ec3266e41a566a8c612af37c8bfc3b63ae1ac556_amd64", "relates_to_product_reference": "7Server-RH7-RHOSE-3.11" }, { "category": "default_component_of", "full_product_name": { "name": "openshift3/csi-driver-registrar@sha256:f5ed23b537bd38c78a69cdc15fbfc8757dc1d93e4ec60c8e2e4b2c21177ed7e0_ppc64le as a component of Red Hat OpenShift Container Platform 3.11", "product_id": "7Server-RH7-RHOSE-3.11:openshift3/csi-driver-registrar@sha256:f5ed23b537bd38c78a69cdc15fbfc8757dc1d93e4ec60c8e2e4b2c21177ed7e0_ppc64le" }, "product_reference": "openshift3/csi-driver-registrar@sha256:f5ed23b537bd38c78a69cdc15fbfc8757dc1d93e4ec60c8e2e4b2c21177ed7e0_ppc64le", "relates_to_product_reference": "7Server-RH7-RHOSE-3.11" }, { "category": "default_component_of", "full_product_name": { "name": "openshift3/csi-livenessprobe@sha256:54724010d09ab5f14051e9f73f3d22bcd16cd2a0b4ddf79353f31fbe751e3192_ppc64le as a component of Red Hat OpenShift Container Platform 3.11", "product_id": "7Server-RH7-RHOSE-3.11:openshift3/csi-livenessprobe@sha256:54724010d09ab5f14051e9f73f3d22bcd16cd2a0b4ddf79353f31fbe751e3192_ppc64le" }, "product_reference": "openshift3/csi-livenessprobe@sha256:54724010d09ab5f14051e9f73f3d22bcd16cd2a0b4ddf79353f31fbe751e3192_ppc64le", "relates_to_product_reference": "7Server-RH7-RHOSE-3.11" }, { "category": "default_component_of", "full_product_name": { "name": "openshift3/csi-livenessprobe@sha256:800322bdfb2cf59aa0099a4ed4eac0e09b8b136ac4a12f1f07b0335fa69aa4d3_amd64 as a component of Red Hat OpenShift Container Platform 3.11", "product_id": "7Server-RH7-RHOSE-3.11:openshift3/csi-livenessprobe@sha256:800322bdfb2cf59aa0099a4ed4eac0e09b8b136ac4a12f1f07b0335fa69aa4d3_amd64" }, "product_reference": "openshift3/csi-livenessprobe@sha256:800322bdfb2cf59aa0099a4ed4eac0e09b8b136ac4a12f1f07b0335fa69aa4d3_amd64", "relates_to_product_reference": "7Server-RH7-RHOSE-3.11" }, { "category": "default_component_of", "full_product_name": { "name": "openshift3/csi-provisioner@sha256:dda66e90ccc82eb56702147799e16ee5f0cf4e2076521440af21dd4f681de260_amd64 as a component of Red Hat OpenShift Container Platform 3.11", "product_id": "7Server-RH7-RHOSE-3.11:openshift3/csi-provisioner@sha256:dda66e90ccc82eb56702147799e16ee5f0cf4e2076521440af21dd4f681de260_amd64" }, "product_reference": "openshift3/csi-provisioner@sha256:dda66e90ccc82eb56702147799e16ee5f0cf4e2076521440af21dd4f681de260_amd64", "relates_to_product_reference": "7Server-RH7-RHOSE-3.11" }, { "category": "default_component_of", "full_product_name": { "name": "openshift3/csi-provisioner@sha256:ee3c5a4f3dd01f0d977ea1d7af3426484ae4e75a64c5ad07ad06580b47389a23_ppc64le as a component of Red Hat OpenShift Container Platform 3.11", "product_id": "7Server-RH7-RHOSE-3.11:openshift3/csi-provisioner@sha256:ee3c5a4f3dd01f0d977ea1d7af3426484ae4e75a64c5ad07ad06580b47389a23_ppc64le" }, "product_reference": "openshift3/csi-provisioner@sha256:ee3c5a4f3dd01f0d977ea1d7af3426484ae4e75a64c5ad07ad06580b47389a23_ppc64le", "relates_to_product_reference": "7Server-RH7-RHOSE-3.11" }, { "category": "default_component_of", "full_product_name": { "name": "openshift3/grafana@sha256:502454641e5489c8552d1d8764f0533dc0accc1dc16a10a09347eb4f633fa51a_amd64 as a component of Red Hat OpenShift Container Platform 3.11", "product_id": "7Server-RH7-RHOSE-3.11:openshift3/grafana@sha256:502454641e5489c8552d1d8764f0533dc0accc1dc16a10a09347eb4f633fa51a_amd64" }, "product_reference": "openshift3/grafana@sha256:502454641e5489c8552d1d8764f0533dc0accc1dc16a10a09347eb4f633fa51a_amd64", "relates_to_product_reference": "7Server-RH7-RHOSE-3.11" }, { "category": "default_component_of", "full_product_name": { "name": "openshift3/grafana@sha256:7440599d2b5acd01667c7c00d7b8eaad3cf6877ba079a6215ab0b5e19dba76f7_ppc64le as a component of Red Hat OpenShift Container Platform 3.11", "product_id": "7Server-RH7-RHOSE-3.11:openshift3/grafana@sha256:7440599d2b5acd01667c7c00d7b8eaad3cf6877ba079a6215ab0b5e19dba76f7_ppc64le" }, "product_reference": "openshift3/grafana@sha256:7440599d2b5acd01667c7c00d7b8eaad3cf6877ba079a6215ab0b5e19dba76f7_ppc64le", "relates_to_product_reference": "7Server-RH7-RHOSE-3.11" }, { "category": "default_component_of", "full_product_name": { "name": "openshift3/jenkins-slave-base-rhel7@sha256:0b0f03bbc5cdc30b870e53f4490ad445befb136fe86eae79386be6ebb2e3ac6e_ppc64le as a component of Red Hat OpenShift Container Platform 3.11", "product_id": "7Server-RH7-RHOSE-3.11:openshift3/jenkins-slave-base-rhel7@sha256:0b0f03bbc5cdc30b870e53f4490ad445befb136fe86eae79386be6ebb2e3ac6e_ppc64le" }, "product_reference": "openshift3/jenkins-slave-base-rhel7@sha256:0b0f03bbc5cdc30b870e53f4490ad445befb136fe86eae79386be6ebb2e3ac6e_ppc64le", "relates_to_product_reference": "7Server-RH7-RHOSE-3.11" }, { "category": "default_component_of", "full_product_name": { "name": "openshift3/jenkins-slave-base-rhel7@sha256:ffb1de34e6b5bdae5a144265f3de3617e7bff9ac1452189a6bbcc23adb987382_amd64 as a component of Red Hat OpenShift Container Platform 3.11", "product_id": "7Server-RH7-RHOSE-3.11:openshift3/jenkins-slave-base-rhel7@sha256:ffb1de34e6b5bdae5a144265f3de3617e7bff9ac1452189a6bbcc23adb987382_amd64" }, "product_reference": "openshift3/jenkins-slave-base-rhel7@sha256:ffb1de34e6b5bdae5a144265f3de3617e7bff9ac1452189a6bbcc23adb987382_amd64", "relates_to_product_reference": "7Server-RH7-RHOSE-3.11" }, { "category": "default_component_of", "full_product_name": { "name": "openshift3/jenkins-slave-maven-rhel7@sha256:b98c1828d539b2309638d4cb0f3b08afbcf579af3d0dff6e5fc5abacd235b062_amd64 as a component of Red Hat OpenShift Container Platform 3.11", "product_id": "7Server-RH7-RHOSE-3.11:openshift3/jenkins-slave-maven-rhel7@sha256:b98c1828d539b2309638d4cb0f3b08afbcf579af3d0dff6e5fc5abacd235b062_amd64" }, "product_reference": "openshift3/jenkins-slave-maven-rhel7@sha256:b98c1828d539b2309638d4cb0f3b08afbcf579af3d0dff6e5fc5abacd235b062_amd64", "relates_to_product_reference": "7Server-RH7-RHOSE-3.11" }, { "category": "default_component_of", "full_product_name": { "name": "openshift3/jenkins-slave-nodejs-rhel7@sha256:46b8a985339d1d1dda1d44aa9c5bc45a06582e705ddf8fb3191394b5e502c056_amd64 as a component of Red Hat OpenShift Container Platform 3.11", "product_id": "7Server-RH7-RHOSE-3.11:openshift3/jenkins-slave-nodejs-rhel7@sha256:46b8a985339d1d1dda1d44aa9c5bc45a06582e705ddf8fb3191394b5e502c056_amd64" }, "product_reference": "openshift3/jenkins-slave-nodejs-rhel7@sha256:46b8a985339d1d1dda1d44aa9c5bc45a06582e705ddf8fb3191394b5e502c056_amd64", "relates_to_product_reference": "7Server-RH7-RHOSE-3.11" }, { "category": "default_component_of", "full_product_name": { "name": "openshift3/local-storage-provisioner@sha256:64567f985077b0e5ce3e12e9f43e5d4c434cbf3c93e02c3c9a2996c7b1121878_ppc64le as a component of Red Hat OpenShift Container Platform 3.11", "product_id": "7Server-RH7-RHOSE-3.11:openshift3/local-storage-provisioner@sha256:64567f985077b0e5ce3e12e9f43e5d4c434cbf3c93e02c3c9a2996c7b1121878_ppc64le" }, "product_reference": "openshift3/local-storage-provisioner@sha256:64567f985077b0e5ce3e12e9f43e5d4c434cbf3c93e02c3c9a2996c7b1121878_ppc64le", "relates_to_product_reference": "7Server-RH7-RHOSE-3.11" }, { "category": "default_component_of", "full_product_name": { "name": "openshift3/local-storage-provisioner@sha256:887b76eb8a94af76e9c17d261881c48fd3eb3c48e000cab4c617e46b10d44e7a_amd64 as a component of Red Hat OpenShift Container Platform 3.11", "product_id": "7Server-RH7-RHOSE-3.11:openshift3/local-storage-provisioner@sha256:887b76eb8a94af76e9c17d261881c48fd3eb3c48e000cab4c617e46b10d44e7a_amd64" }, "product_reference": "openshift3/local-storage-provisioner@sha256:887b76eb8a94af76e9c17d261881c48fd3eb3c48e000cab4c617e46b10d44e7a_amd64", "relates_to_product_reference": "7Server-RH7-RHOSE-3.11" }, { "category": "default_component_of", "full_product_name": { "name": "openshift3/logging-fluentd@sha256:7e84289264cb9208276fd21f6cc16cb685cfa45ca4681a7a17da43cb8e275359_ppc64le as a component of Red Hat OpenShift Container Platform 3.11", "product_id": "7Server-RH7-RHOSE-3.11:openshift3/logging-fluentd@sha256:7e84289264cb9208276fd21f6cc16cb685cfa45ca4681a7a17da43cb8e275359_ppc64le" }, "product_reference": "openshift3/logging-fluentd@sha256:7e84289264cb9208276fd21f6cc16cb685cfa45ca4681a7a17da43cb8e275359_ppc64le", "relates_to_product_reference": "7Server-RH7-RHOSE-3.11" }, { "category": "default_component_of", "full_product_name": { "name": "openshift3/logging-fluentd@sha256:fe089baafe2523726dc129f6107f878fe0980df3c74ff6f275819045fda0f972_amd64 as a component of Red Hat OpenShift Container Platform 3.11", "product_id": "7Server-RH7-RHOSE-3.11:openshift3/logging-fluentd@sha256:fe089baafe2523726dc129f6107f878fe0980df3c74ff6f275819045fda0f972_amd64" }, "product_reference": "openshift3/logging-fluentd@sha256:fe089baafe2523726dc129f6107f878fe0980df3c74ff6f275819045fda0f972_amd64", "relates_to_product_reference": "7Server-RH7-RHOSE-3.11" }, { "category": "default_component_of", "full_product_name": { "name": "openshift3/manila-provisioner@sha256:45450e8d0d57dad13598a88b0f48d4c1ccb4314a0945729b22d3623cae85e954_amd64 as a component of Red Hat OpenShift Container Platform 3.11", "product_id": "7Server-RH7-RHOSE-3.11:openshift3/manila-provisioner@sha256:45450e8d0d57dad13598a88b0f48d4c1ccb4314a0945729b22d3623cae85e954_amd64" }, "product_reference": "openshift3/manila-provisioner@sha256:45450e8d0d57dad13598a88b0f48d4c1ccb4314a0945729b22d3623cae85e954_amd64", "relates_to_product_reference": "7Server-RH7-RHOSE-3.11" }, { "category": "default_component_of", "full_product_name": { "name": "openshift3/manila-provisioner@sha256:e22b20f538e6f322998bf7436c60b0171d9fbada1d04c404b8b7252e2e1603cc_ppc64le as a component of Red Hat OpenShift Container Platform 3.11", "product_id": "7Server-RH7-RHOSE-3.11:openshift3/manila-provisioner@sha256:e22b20f538e6f322998bf7436c60b0171d9fbada1d04c404b8b7252e2e1603cc_ppc64le" }, "product_reference": "openshift3/manila-provisioner@sha256:e22b20f538e6f322998bf7436c60b0171d9fbada1d04c404b8b7252e2e1603cc_ppc64le", "relates_to_product_reference": "7Server-RH7-RHOSE-3.11" }, { "category": "default_component_of", "full_product_name": { "name": "openshift3/mariadb-apb@sha256:0611c8cb9009c7de8f5c285f42b224109b7a54d5b674f61cb456890a912c9bc1_amd64 as a component of Red Hat OpenShift Container Platform 3.11", "product_id": "7Server-RH7-RHOSE-3.11:openshift3/mariadb-apb@sha256:0611c8cb9009c7de8f5c285f42b224109b7a54d5b674f61cb456890a912c9bc1_amd64" }, "product_reference": "openshift3/mariadb-apb@sha256:0611c8cb9009c7de8f5c285f42b224109b7a54d5b674f61cb456890a912c9bc1_amd64", "relates_to_product_reference": "7Server-RH7-RHOSE-3.11" }, { "category": "default_component_of", "full_product_name": { "name": "openshift3/mariadb-apb@sha256:98fd26d9468f1532bea988ddd1be7cc924b1d2f30c8275947450cef7cb8a21ce_ppc64le as a component of Red Hat OpenShift Container Platform 3.11", "product_id": "7Server-RH7-RHOSE-3.11:openshift3/mariadb-apb@sha256:98fd26d9468f1532bea988ddd1be7cc924b1d2f30c8275947450cef7cb8a21ce_ppc64le" }, "product_reference": "openshift3/mariadb-apb@sha256:98fd26d9468f1532bea988ddd1be7cc924b1d2f30c8275947450cef7cb8a21ce_ppc64le", "relates_to_product_reference": "7Server-RH7-RHOSE-3.11" }, { "category": "default_component_of", "full_product_name": { "name": "openshift3/mediawiki-apb@sha256:3434e58781a78e47a8695a23c3d21c50b3292a3451e680bd0608d434089f7777_amd64 as a component of Red Hat OpenShift Container Platform 3.11", "product_id": "7Server-RH7-RHOSE-3.11:openshift3/mediawiki-apb@sha256:3434e58781a78e47a8695a23c3d21c50b3292a3451e680bd0608d434089f7777_amd64" }, "product_reference": "openshift3/mediawiki-apb@sha256:3434e58781a78e47a8695a23c3d21c50b3292a3451e680bd0608d434089f7777_amd64", "relates_to_product_reference": "7Server-RH7-RHOSE-3.11" }, { "category": "default_component_of", "full_product_name": { "name": "openshift3/mediawiki-apb@sha256:d369b64a003eb3195de1a1b6c98bc88b931139ad65ab882009b9190d3bd048f5_ppc64le as a component of Red Hat OpenShift Container Platform 3.11", "product_id": "7Server-RH7-RHOSE-3.11:openshift3/mediawiki-apb@sha256:d369b64a003eb3195de1a1b6c98bc88b931139ad65ab882009b9190d3bd048f5_ppc64le" }, "product_reference": "openshift3/mediawiki-apb@sha256:d369b64a003eb3195de1a1b6c98bc88b931139ad65ab882009b9190d3bd048f5_ppc64le", "relates_to_product_reference": "7Server-RH7-RHOSE-3.11" }, { "category": "default_component_of", "full_product_name": { "name": "openshift3/mediawiki@sha256:742bb2a876c5246d9a3355146b61a06171452e0b5d2854ce6b0cf4bd269ea59f_amd64 as a component of Red Hat OpenShift Container Platform 3.11", "product_id": "7Server-RH7-RHOSE-3.11:openshift3/mediawiki@sha256:742bb2a876c5246d9a3355146b61a06171452e0b5d2854ce6b0cf4bd269ea59f_amd64" }, "product_reference": "openshift3/mediawiki@sha256:742bb2a876c5246d9a3355146b61a06171452e0b5d2854ce6b0cf4bd269ea59f_amd64", "relates_to_product_reference": "7Server-RH7-RHOSE-3.11" }, { "category": "default_component_of", "full_product_name": { "name": "openshift3/mediawiki@sha256:cdf96ce8e717292735a6878adb38ef659538d0d236b0c8377eb75156383fc612_ppc64le as a component of Red Hat OpenShift Container Platform 3.11", "product_id": "7Server-RH7-RHOSE-3.11:openshift3/mediawiki@sha256:cdf96ce8e717292735a6878adb38ef659538d0d236b0c8377eb75156383fc612_ppc64le" }, "product_reference": "openshift3/mediawiki@sha256:cdf96ce8e717292735a6878adb38ef659538d0d236b0c8377eb75156383fc612_ppc64le", "relates_to_product_reference": "7Server-RH7-RHOSE-3.11" }, { "category": "default_component_of", "full_product_name": { "name": "openshift3/metrics-cassandra@sha256:289f63cd6ff4f5bdf411979a2bb85365733915ba302679efe455b0dd85432af1_amd64 as a component of Red Hat OpenShift Container Platform 3.11", "product_id": "7Server-RH7-RHOSE-3.11:openshift3/metrics-cassandra@sha256:289f63cd6ff4f5bdf411979a2bb85365733915ba302679efe455b0dd85432af1_amd64" }, "product_reference": "openshift3/metrics-cassandra@sha256:289f63cd6ff4f5bdf411979a2bb85365733915ba302679efe455b0dd85432af1_amd64", "relates_to_product_reference": "7Server-RH7-RHOSE-3.11" }, { "category": "default_component_of", "full_product_name": { "name": "openshift3/metrics-cassandra@sha256:8433fe5ef0358969945c392fc13035b8fb9b22f2000f80e71bcbf8b80c50e671_ppc64le as a component of Red Hat OpenShift Container Platform 3.11", "product_id": "7Server-RH7-RHOSE-3.11:openshift3/metrics-cassandra@sha256:8433fe5ef0358969945c392fc13035b8fb9b22f2000f80e71bcbf8b80c50e671_ppc64le" }, "product_reference": "openshift3/metrics-cassandra@sha256:8433fe5ef0358969945c392fc13035b8fb9b22f2000f80e71bcbf8b80c50e671_ppc64le", "relates_to_product_reference": "7Server-RH7-RHOSE-3.11" }, { "category": "default_component_of", "full_product_name": { "name": "openshift3/metrics-hawkular-metrics@sha256:751cab1ad1c0994cd4fde8127c6c95d1f00ced9814e66ffbc98d55f9766bee17_amd64 as a component of Red Hat OpenShift Container Platform 3.11", "product_id": "7Server-RH7-RHOSE-3.11:openshift3/metrics-hawkular-metrics@sha256:751cab1ad1c0994cd4fde8127c6c95d1f00ced9814e66ffbc98d55f9766bee17_amd64" }, "product_reference": "openshift3/metrics-hawkular-metrics@sha256:751cab1ad1c0994cd4fde8127c6c95d1f00ced9814e66ffbc98d55f9766bee17_amd64", "relates_to_product_reference": "7Server-RH7-RHOSE-3.11" }, { "category": "default_component_of", "full_product_name": { "name": "openshift3/metrics-hawkular-openshift-agent@sha256:241e0f9f0babaec3fff54e935a38b93cf4f80170bae1ba6b03086c0d188f07bc_ppc64le as a component of Red Hat OpenShift Container Platform 3.11", "product_id": "7Server-RH7-RHOSE-3.11:openshift3/metrics-hawkular-openshift-agent@sha256:241e0f9f0babaec3fff54e935a38b93cf4f80170bae1ba6b03086c0d188f07bc_ppc64le" }, "product_reference": "openshift3/metrics-hawkular-openshift-agent@sha256:241e0f9f0babaec3fff54e935a38b93cf4f80170bae1ba6b03086c0d188f07bc_ppc64le", "relates_to_product_reference": "7Server-RH7-RHOSE-3.11" }, { "category": "default_component_of", "full_product_name": { "name": "openshift3/metrics-hawkular-openshift-agent@sha256:c8ed0f9ddd2b1090521f60b8031a985b9f2bc98e2ea43ff64d0d119acdfdd310_amd64 as a component of Red Hat OpenShift Container Platform 3.11", "product_id": "7Server-RH7-RHOSE-3.11:openshift3/metrics-hawkular-openshift-agent@sha256:c8ed0f9ddd2b1090521f60b8031a985b9f2bc98e2ea43ff64d0d119acdfdd310_amd64" }, "product_reference": "openshift3/metrics-hawkular-openshift-agent@sha256:c8ed0f9ddd2b1090521f60b8031a985b9f2bc98e2ea43ff64d0d119acdfdd310_amd64", "relates_to_product_reference": "7Server-RH7-RHOSE-3.11" }, { "category": "default_component_of", "full_product_name": { "name": "openshift3/metrics-heapster@sha256:09e2fbd1292303108bc22513a35d9b4ef69a54f92a0ad482749e6e8d10b51ef3_ppc64le as a component of Red Hat OpenShift Container Platform 3.11", "product_id": "7Server-RH7-RHOSE-3.11:openshift3/metrics-heapster@sha256:09e2fbd1292303108bc22513a35d9b4ef69a54f92a0ad482749e6e8d10b51ef3_ppc64le" }, "product_reference": "openshift3/metrics-heapster@sha256:09e2fbd1292303108bc22513a35d9b4ef69a54f92a0ad482749e6e8d10b51ef3_ppc64le", "relates_to_product_reference": "7Server-RH7-RHOSE-3.11" }, { "category": "default_component_of", "full_product_name": { "name": "openshift3/metrics-heapster@sha256:de9e055776e08ef5759e9901051b2fa929459788881b0021ace3d2fbcc2a8dc0_amd64 as a component of Red Hat OpenShift Container Platform 3.11", "product_id": "7Server-RH7-RHOSE-3.11:openshift3/metrics-heapster@sha256:de9e055776e08ef5759e9901051b2fa929459788881b0021ace3d2fbcc2a8dc0_amd64" }, "product_reference": "openshift3/metrics-heapster@sha256:de9e055776e08ef5759e9901051b2fa929459788881b0021ace3d2fbcc2a8dc0_amd64", "relates_to_product_reference": "7Server-RH7-RHOSE-3.11" }, { "category": "default_component_of", "full_product_name": { "name": "openshift3/metrics-schema-installer@sha256:22292281c5664ad742335a5f2eec938d44abd01abcce206ea8133d3e287a1fe7_ppc64le as a component of Red Hat OpenShift Container Platform 3.11", "product_id": "7Server-RH7-RHOSE-3.11:openshift3/metrics-schema-installer@sha256:22292281c5664ad742335a5f2eec938d44abd01abcce206ea8133d3e287a1fe7_ppc64le" }, "product_reference": "openshift3/metrics-schema-installer@sha256:22292281c5664ad742335a5f2eec938d44abd01abcce206ea8133d3e287a1fe7_ppc64le", "relates_to_product_reference": "7Server-RH7-RHOSE-3.11" }, { "category": "default_component_of", "full_product_name": { "name": "openshift3/metrics-schema-installer@sha256:f567ef170d6ac571a0b502211dd1588c299c64a42f886b8501a5c4b13e965726_amd64 as a component of Red Hat OpenShift Container Platform 3.11", "product_id": "7Server-RH7-RHOSE-3.11:openshift3/metrics-schema-installer@sha256:f567ef170d6ac571a0b502211dd1588c299c64a42f886b8501a5c4b13e965726_amd64" }, "product_reference": "openshift3/metrics-schema-installer@sha256:f567ef170d6ac571a0b502211dd1588c299c64a42f886b8501a5c4b13e965726_amd64", "relates_to_product_reference": "7Server-RH7-RHOSE-3.11" }, { "category": "default_component_of", "full_product_name": { "name": "openshift3/mysql-apb@sha256:299169d8878ea82187652e6039918684ad94b7c0df20f80095f50ca15c5fbdff_ppc64le as a component of Red Hat OpenShift Container Platform 3.11", "product_id": "7Server-RH7-RHOSE-3.11:openshift3/mysql-apb@sha256:299169d8878ea82187652e6039918684ad94b7c0df20f80095f50ca15c5fbdff_ppc64le" }, "product_reference": "openshift3/mysql-apb@sha256:299169d8878ea82187652e6039918684ad94b7c0df20f80095f50ca15c5fbdff_ppc64le", "relates_to_product_reference": "7Server-RH7-RHOSE-3.11" }, { "category": "default_component_of", "full_product_name": { "name": "openshift3/mysql-apb@sha256:fc373eec92b76ea9b54985ce3d74436f011d703b3dbbacbdbd4a721abd282f6f_amd64 as a component of Red Hat OpenShift Container Platform 3.11", "product_id": "7Server-RH7-RHOSE-3.11:openshift3/mysql-apb@sha256:fc373eec92b76ea9b54985ce3d74436f011d703b3dbbacbdbd4a721abd282f6f_amd64" }, "product_reference": "openshift3/mysql-apb@sha256:fc373eec92b76ea9b54985ce3d74436f011d703b3dbbacbdbd4a721abd282f6f_amd64", "relates_to_product_reference": "7Server-RH7-RHOSE-3.11" }, { "category": "default_component_of", "full_product_name": { "name": "openshift3/node@sha256:5a74daf7ce7c31278339743b4af5efa2f3f7c2aa73af7ea6c7cd0e51edaee82b_amd64 as a component of Red Hat OpenShift Container Platform 3.11", "product_id": "7Server-RH7-RHOSE-3.11:openshift3/node@sha256:5a74daf7ce7c31278339743b4af5efa2f3f7c2aa73af7ea6c7cd0e51edaee82b_amd64" }, "product_reference": "openshift3/node@sha256:5a74daf7ce7c31278339743b4af5efa2f3f7c2aa73af7ea6c7cd0e51edaee82b_amd64", "relates_to_product_reference": "7Server-RH7-RHOSE-3.11" }, { "category": "default_component_of", "full_product_name": { "name": "openshift3/node@sha256:848c5444d818200c952b9660c3384f773305bdd33ddaa57a98fb25b883cfca9d_ppc64le as a component of Red Hat OpenShift Container Platform 3.11", "product_id": "7Server-RH7-RHOSE-3.11:openshift3/node@sha256:848c5444d818200c952b9660c3384f773305bdd33ddaa57a98fb25b883cfca9d_ppc64le" }, "product_reference": "openshift3/node@sha256:848c5444d818200c952b9660c3384f773305bdd33ddaa57a98fb25b883cfca9d_ppc64le", "relates_to_product_reference": "7Server-RH7-RHOSE-3.11" }, { "category": "default_component_of", "full_product_name": { "name": "openshift3/oauth-proxy@sha256:0a54aff40d134575d4bf39ca74b364bc34a6a3d1bfaebf63bbd70368cc422375_ppc64le as a component of Red Hat OpenShift Container Platform 3.11", "product_id": "7Server-RH7-RHOSE-3.11:openshift3/oauth-proxy@sha256:0a54aff40d134575d4bf39ca74b364bc34a6a3d1bfaebf63bbd70368cc422375_ppc64le" }, "product_reference": "openshift3/oauth-proxy@sha256:0a54aff40d134575d4bf39ca74b364bc34a6a3d1bfaebf63bbd70368cc422375_ppc64le", "relates_to_product_reference": "7Server-RH7-RHOSE-3.11" }, { "category": "default_component_of", "full_product_name": { "name": "openshift3/oauth-proxy@sha256:972b04574615061ac261a3e28f22812f775b7aa70226da7f05a10191e374a41a_amd64 as a component of Red Hat OpenShift Container Platform 3.11", "product_id": "7Server-RH7-RHOSE-3.11:openshift3/oauth-proxy@sha256:972b04574615061ac261a3e28f22812f775b7aa70226da7f05a10191e374a41a_amd64" }, "product_reference": "openshift3/oauth-proxy@sha256:972b04574615061ac261a3e28f22812f775b7aa70226da7f05a10191e374a41a_amd64", "relates_to_product_reference": "7Server-RH7-RHOSE-3.11" }, { "category": "default_component_of", "full_product_name": { "name": "openshift3/ose-ansible-service-broker@sha256:0b6b069a7d68d34d6056f7067ee0b1ebbcc138ca23fc131e91dec7f1ac593521_amd64 as a component of Red Hat OpenShift Container Platform 3.11", "product_id": "7Server-RH7-RHOSE-3.11:openshift3/ose-ansible-service-broker@sha256:0b6b069a7d68d34d6056f7067ee0b1ebbcc138ca23fc131e91dec7f1ac593521_amd64" }, "product_reference": "openshift3/ose-ansible-service-broker@sha256:0b6b069a7d68d34d6056f7067ee0b1ebbcc138ca23fc131e91dec7f1ac593521_amd64", "relates_to_product_reference": "7Server-RH7-RHOSE-3.11" }, { "category": "default_component_of", "full_product_name": { "name": "openshift3/ose-ansible-service-broker@sha256:46de44b99bf79215f94481dec58052784b460b816b3e03a4a52574b61ee03e8e_ppc64le as a component of Red Hat OpenShift Container Platform 3.11", "product_id": "7Server-RH7-RHOSE-3.11:openshift3/ose-ansible-service-broker@sha256:46de44b99bf79215f94481dec58052784b460b816b3e03a4a52574b61ee03e8e_ppc64le" }, "product_reference": "openshift3/ose-ansible-service-broker@sha256:46de44b99bf79215f94481dec58052784b460b816b3e03a4a52574b61ee03e8e_ppc64le", "relates_to_product_reference": "7Server-RH7-RHOSE-3.11" }, { "category": "default_component_of", "full_product_name": { "name": "openshift3/ose-ansible@sha256:bce473a8fc6494318dd48ab9e490bae73b4fc7bf456ce87f2e42c0b32d565363_amd64 as a component of Red Hat OpenShift Container Platform 3.11", "product_id": "7Server-RH7-RHOSE-3.11:openshift3/ose-ansible@sha256:bce473a8fc6494318dd48ab9e490bae73b4fc7bf456ce87f2e42c0b32d565363_amd64" }, "product_reference": "openshift3/ose-ansible@sha256:bce473a8fc6494318dd48ab9e490bae73b4fc7bf456ce87f2e42c0b32d565363_amd64", "relates_to_product_reference": "7Server-RH7-RHOSE-3.11" }, { "category": "default_component_of", "full_product_name": { "name": "openshift3/ose-ansible@sha256:d63c2ef42baf2517d2b0aa14568d0974ac931c325a24116f25eb506653ba8295_ppc64le as a component of Red Hat OpenShift Container Platform 3.11", "product_id": "7Server-RH7-RHOSE-3.11:openshift3/ose-ansible@sha256:d63c2ef42baf2517d2b0aa14568d0974ac931c325a24116f25eb506653ba8295_ppc64le" }, "product_reference": "openshift3/ose-ansible@sha256:d63c2ef42baf2517d2b0aa14568d0974ac931c325a24116f25eb506653ba8295_ppc64le", "relates_to_product_reference": "7Server-RH7-RHOSE-3.11" }, { "category": "default_component_of", "full_product_name": { "name": "openshift3/ose-cli@sha256:12468fe418ea26ba21a342ef372b8856c963c65d2d6edb14fe49cebc4c8cc393_amd64 as a component of Red Hat OpenShift Container Platform 3.11", "product_id": "7Server-RH7-RHOSE-3.11:openshift3/ose-cli@sha256:12468fe418ea26ba21a342ef372b8856c963c65d2d6edb14fe49cebc4c8cc393_amd64" }, "product_reference": "openshift3/ose-cli@sha256:12468fe418ea26ba21a342ef372b8856c963c65d2d6edb14fe49cebc4c8cc393_amd64", "relates_to_product_reference": "7Server-RH7-RHOSE-3.11" }, { "category": "default_component_of", "full_product_name": { "name": "openshift3/ose-cli@sha256:a51d8da60af7b955043cb55054e089de8f626d9168a3793f8d8c1ea7c319235e_ppc64le as a component of Red Hat OpenShift Container Platform 3.11", "product_id": "7Server-RH7-RHOSE-3.11:openshift3/ose-cli@sha256:a51d8da60af7b955043cb55054e089de8f626d9168a3793f8d8c1ea7c319235e_ppc64le" }, "product_reference": "openshift3/ose-cli@sha256:a51d8da60af7b955043cb55054e089de8f626d9168a3793f8d8c1ea7c319235e_ppc64le", "relates_to_product_reference": "7Server-RH7-RHOSE-3.11" }, { "category": "default_component_of", "full_product_name": { "name": "openshift3/ose-cluster-autoscaler@sha256:67f3e573395b921b4da67f8f8699c9dd2642859393f9c3857794819d7f94d765_amd64 as a component of Red Hat OpenShift Container Platform 3.11", "product_id": "7Server-RH7-RHOSE-3.11:openshift3/ose-cluster-autoscaler@sha256:67f3e573395b921b4da67f8f8699c9dd2642859393f9c3857794819d7f94d765_amd64" }, "product_reference": "openshift3/ose-cluster-autoscaler@sha256:67f3e573395b921b4da67f8f8699c9dd2642859393f9c3857794819d7f94d765_amd64", "relates_to_product_reference": "7Server-RH7-RHOSE-3.11" }, { "category": "default_component_of", "full_product_name": { "name": "openshift3/ose-cluster-autoscaler@sha256:6df85551a637d56d86d5dc1aa4607971c9aadd24f906c409d2f36c03ff3ff9f0_ppc64le as a component of Red Hat OpenShift Container Platform 3.11", "product_id": "7Server-RH7-RHOSE-3.11:openshift3/ose-cluster-autoscaler@sha256:6df85551a637d56d86d5dc1aa4607971c9aadd24f906c409d2f36c03ff3ff9f0_ppc64le" }, "product_reference": "openshift3/ose-cluster-autoscaler@sha256:6df85551a637d56d86d5dc1aa4607971c9aadd24f906c409d2f36c03ff3ff9f0_ppc64le", "relates_to_product_reference": "7Server-RH7-RHOSE-3.11" }, { "category": "default_component_of", "full_product_name": { "name": "openshift3/ose-cluster-capacity@sha256:4e0334dbe8d59b2126320885c8c3ada29030d595edc06169d2e219d5c4c70015_amd64 as a component of Red Hat OpenShift Container Platform 3.11", "product_id": "7Server-RH7-RHOSE-3.11:openshift3/ose-cluster-capacity@sha256:4e0334dbe8d59b2126320885c8c3ada29030d595edc06169d2e219d5c4c70015_amd64" }, "product_reference": "openshift3/ose-cluster-capacity@sha256:4e0334dbe8d59b2126320885c8c3ada29030d595edc06169d2e219d5c4c70015_amd64", "relates_to_product_reference": "7Server-RH7-RHOSE-3.11" }, { "category": "default_component_of", "full_product_name": { "name": "openshift3/ose-cluster-capacity@sha256:92ae1175d9c5bb766256f76ddc0dc7c6daba3f6cffd31d840deb82cb24f66286_ppc64le as a component of Red Hat OpenShift Container Platform 3.11", "product_id": "7Server-RH7-RHOSE-3.11:openshift3/ose-cluster-capacity@sha256:92ae1175d9c5bb766256f76ddc0dc7c6daba3f6cffd31d840deb82cb24f66286_ppc64le" }, "product_reference": "openshift3/ose-cluster-capacity@sha256:92ae1175d9c5bb766256f76ddc0dc7c6daba3f6cffd31d840deb82cb24f66286_ppc64le", "relates_to_product_reference": "7Server-RH7-RHOSE-3.11" }, { "category": "default_component_of", "full_product_name": { "name": "openshift3/ose-cluster-monitoring-operator@sha256:886d8c9cfaaf1f29a721f97cd81f8444dac94a54fea5f5b70337be9203af378d_amd64 as a component of Red Hat OpenShift Container Platform 3.11", "product_id": "7Server-RH7-RHOSE-3.11:openshift3/ose-cluster-monitoring-operator@sha256:886d8c9cfaaf1f29a721f97cd81f8444dac94a54fea5f5b70337be9203af378d_amd64" }, "product_reference": "openshift3/ose-cluster-monitoring-operator@sha256:886d8c9cfaaf1f29a721f97cd81f8444dac94a54fea5f5b70337be9203af378d_amd64", "relates_to_product_reference": "7Server-RH7-RHOSE-3.11" }, { "category": "default_component_of", "full_product_name": { "name": "openshift3/ose-cluster-monitoring-operator@sha256:92b84639d9299e13f388b3b48dd27a4b58c004a1e7f0757603efbff94d4827f8_ppc64le as a component of Red Hat OpenShift Container Platform 3.11", "product_id": "7Server-RH7-RHOSE-3.11:openshift3/ose-cluster-monitoring-operator@sha256:92b84639d9299e13f388b3b48dd27a4b58c004a1e7f0757603efbff94d4827f8_ppc64le" }, "product_reference": "openshift3/ose-cluster-monitoring-operator@sha256:92b84639d9299e13f388b3b48dd27a4b58c004a1e7f0757603efbff94d4827f8_ppc64le", "relates_to_product_reference": "7Server-RH7-RHOSE-3.11" }, { "category": "default_component_of", "full_product_name": { "name": "openshift3/ose-configmap-reloader@sha256:9452482e5deccc2e8f6720eb932866f5861753e61246f406d97c49658d2d05cc_amd64 as a component of Red Hat OpenShift Container Platform 3.11", "product_id": "7Server-RH7-RHOSE-3.11:openshift3/ose-configmap-reloader@sha256:9452482e5deccc2e8f6720eb932866f5861753e61246f406d97c49658d2d05cc_amd64" }, "product_reference": "openshift3/ose-configmap-reloader@sha256:9452482e5deccc2e8f6720eb932866f5861753e61246f406d97c49658d2d05cc_amd64", "relates_to_product_reference": "7Server-RH7-RHOSE-3.11" }, { "category": "default_component_of", "full_product_name": { "name": "openshift3/ose-configmap-reloader@sha256:fd56cb2027a074f872c8ae801731f1fed9854cddd98874b4c9089969d910ccdf_ppc64le as a component of Red Hat OpenShift Container Platform 3.11", "product_id": "7Server-RH7-RHOSE-3.11:openshift3/ose-configmap-reloader@sha256:fd56cb2027a074f872c8ae801731f1fed9854cddd98874b4c9089969d910ccdf_ppc64le" }, "product_reference": "openshift3/ose-configmap-reloader@sha256:fd56cb2027a074f872c8ae801731f1fed9854cddd98874b4c9089969d910ccdf_ppc64le", "relates_to_product_reference": "7Server-RH7-RHOSE-3.11" }, { "category": "default_component_of", "full_product_name": { "name": "openshift3/ose-console@sha256:3518fdd6ddd993ed1feb5ce4933c4fbaa2a00f52fdc033878a0424ea0767226c_amd64 as a component of Red Hat OpenShift Container Platform 3.11", "product_id": "7Server-RH7-RHOSE-3.11:openshift3/ose-console@sha256:3518fdd6ddd993ed1feb5ce4933c4fbaa2a00f52fdc033878a0424ea0767226c_amd64" }, "product_reference": "openshift3/ose-console@sha256:3518fdd6ddd993ed1feb5ce4933c4fbaa2a00f52fdc033878a0424ea0767226c_amd64", "relates_to_product_reference": "7Server-RH7-RHOSE-3.11" }, { "category": "default_component_of", "full_product_name": { "name": "openshift3/ose-console@sha256:cbe2968f424dadcc457d0b073a85cac64a94b860484738fe8f5f43ffd3121564_ppc64le as a component of Red Hat OpenShift Container Platform 3.11", "product_id": "7Server-RH7-RHOSE-3.11:openshift3/ose-console@sha256:cbe2968f424dadcc457d0b073a85cac64a94b860484738fe8f5f43ffd3121564_ppc64le" }, "product_reference": "openshift3/ose-console@sha256:cbe2968f424dadcc457d0b073a85cac64a94b860484738fe8f5f43ffd3121564_ppc64le", "relates_to_product_reference": "7Server-RH7-RHOSE-3.11" }, { "category": "default_component_of", "full_product_name": { "name": "openshift3/ose-control-plane@sha256:0ae205a9737bfeae3321aa7941bfbf9296d10cbd93c5a6ff62abd06683b96352_amd64 as a component of Red Hat OpenShift Container Platform 3.11", "product_id": "7Server-RH7-RHOSE-3.11:openshift3/ose-control-plane@sha256:0ae205a9737bfeae3321aa7941bfbf9296d10cbd93c5a6ff62abd06683b96352_amd64" }, "product_reference": "openshift3/ose-control-plane@sha256:0ae205a9737bfeae3321aa7941bfbf9296d10cbd93c5a6ff62abd06683b96352_amd64", "relates_to_product_reference": "7Server-RH7-RHOSE-3.11" }, { "category": "default_component_of", "full_product_name": { "name": "openshift3/ose-control-plane@sha256:957c119cbf332f8a1fc9f46b1f94b79dfb4e87bec2677d17258354992e824215_ppc64le as a component of Red Hat OpenShift Container Platform 3.11", "product_id": "7Server-RH7-RHOSE-3.11:openshift3/ose-control-plane@sha256:957c119cbf332f8a1fc9f46b1f94b79dfb4e87bec2677d17258354992e824215_ppc64le" }, "product_reference": "openshift3/ose-control-plane@sha256:957c119cbf332f8a1fc9f46b1f94b79dfb4e87bec2677d17258354992e824215_ppc64le", "relates_to_product_reference": "7Server-RH7-RHOSE-3.11" }, { "category": "default_component_of", "full_product_name": { "name": "openshift3/ose-deployer@sha256:0c44f99dee37e16aa31bf6fe8e6d5389229df84516f69fd32d64b06caf0a077e_amd64 as a component of Red Hat OpenShift Container Platform 3.11", "product_id": "7Server-RH7-RHOSE-3.11:openshift3/ose-deployer@sha256:0c44f99dee37e16aa31bf6fe8e6d5389229df84516f69fd32d64b06caf0a077e_amd64" }, "product_reference": "openshift3/ose-deployer@sha256:0c44f99dee37e16aa31bf6fe8e6d5389229df84516f69fd32d64b06caf0a077e_amd64", "relates_to_product_reference": "7Server-RH7-RHOSE-3.11" }, { "category": "default_component_of", "full_product_name": { "name": "openshift3/ose-deployer@sha256:2770c5ff63e4dce7ea91c2d6cc795b8236e482cc07ec61e3ed873daafff41413_ppc64le as a component of Red Hat OpenShift Container Platform 3.11", "product_id": "7Server-RH7-RHOSE-3.11:openshift3/ose-deployer@sha256:2770c5ff63e4dce7ea91c2d6cc795b8236e482cc07ec61e3ed873daafff41413_ppc64le" }, "product_reference": "openshift3/ose-deployer@sha256:2770c5ff63e4dce7ea91c2d6cc795b8236e482cc07ec61e3ed873daafff41413_ppc64le", "relates_to_product_reference": "7Server-RH7-RHOSE-3.11" }, { "category": "default_component_of", "full_product_name": { "name": "openshift3/ose-descheduler@sha256:a1ea654b6bb03712d27d76b0f643b39f2a59475ffbdecb9d4e02a02cf7e78835_amd64 as a component of Red Hat OpenShift Container Platform 3.11", "product_id": "7Server-RH7-RHOSE-3.11:openshift3/ose-descheduler@sha256:a1ea654b6bb03712d27d76b0f643b39f2a59475ffbdecb9d4e02a02cf7e78835_amd64" }, "product_reference": "openshift3/ose-descheduler@sha256:a1ea654b6bb03712d27d76b0f643b39f2a59475ffbdecb9d4e02a02cf7e78835_amd64", "relates_to_product_reference": "7Server-RH7-RHOSE-3.11" }, { "category": "default_component_of", "full_product_name": { "name": "openshift3/ose-descheduler@sha256:aad55bb702d699e02e93b103c67227ffadd394da82e32806b9a72643a071da47_ppc64le as a component of Red Hat OpenShift Container Platform 3.11", "product_id": "7Server-RH7-RHOSE-3.11:openshift3/ose-descheduler@sha256:aad55bb702d699e02e93b103c67227ffadd394da82e32806b9a72643a071da47_ppc64le" }, "product_reference": "openshift3/ose-descheduler@sha256:aad55bb702d699e02e93b103c67227ffadd394da82e32806b9a72643a071da47_ppc64le", "relates_to_product_reference": "7Server-RH7-RHOSE-3.11" }, { "category": "default_component_of", "full_product_name": { "name": "openshift3/ose-docker-builder@sha256:b44135431a2eda1ca40da3acf80ef1093a753a189b4b8469060f902c3469a6f2_ppc64le as a component of Red Hat OpenShift Container Platform 3.11", "product_id": "7Server-RH7-RHOSE-3.11:openshift3/ose-docker-builder@sha256:b44135431a2eda1ca40da3acf80ef1093a753a189b4b8469060f902c3469a6f2_ppc64le" }, "product_reference": "openshift3/ose-docker-builder@sha256:b44135431a2eda1ca40da3acf80ef1093a753a189b4b8469060f902c3469a6f2_ppc64le", "relates_to_product_reference": "7Server-RH7-RHOSE-3.11" }, { "category": "default_component_of", "full_product_name": { "name": "openshift3/ose-docker-builder@sha256:e1dd0f7c3f95fa847214b569f1bfa17124e7469b0042d3868a0126a3523264bf_amd64 as a component of Red Hat OpenShift Container Platform 3.11", "product_id": "7Server-RH7-RHOSE-3.11:openshift3/ose-docker-builder@sha256:e1dd0f7c3f95fa847214b569f1bfa17124e7469b0042d3868a0126a3523264bf_amd64" }, "product_reference": "openshift3/ose-docker-builder@sha256:e1dd0f7c3f95fa847214b569f1bfa17124e7469b0042d3868a0126a3523264bf_amd64", "relates_to_product_reference": "7Server-RH7-RHOSE-3.11" }, { "category": "default_component_of", "full_product_name": { "name": "openshift3/ose-docker-registry@sha256:2b73446a35678141ea59989f867110f0d4c07ac296201dd0b68a02f677ae408a_amd64 as a component of Red Hat OpenShift Container Platform 3.11", "product_id": "7Server-RH7-RHOSE-3.11:openshift3/ose-docker-registry@sha256:2b73446a35678141ea59989f867110f0d4c07ac296201dd0b68a02f677ae408a_amd64" }, "product_reference": "openshift3/ose-docker-registry@sha256:2b73446a35678141ea59989f867110f0d4c07ac296201dd0b68a02f677ae408a_amd64", "relates_to_product_reference": "7Server-RH7-RHOSE-3.11" }, { "category": "default_component_of", "full_product_name": { "name": "openshift3/ose-docker-registry@sha256:3c561e80747101dec581f8bcb0e979bfb10a432322bc8ffacaa0e5602250dd72_ppc64le as a component of Red Hat OpenShift Container Platform 3.11", "product_id": "7Server-RH7-RHOSE-3.11:openshift3/ose-docker-registry@sha256:3c561e80747101dec581f8bcb0e979bfb10a432322bc8ffacaa0e5602250dd72_ppc64le" }, "product_reference": "openshift3/ose-docker-registry@sha256:3c561e80747101dec581f8bcb0e979bfb10a432322bc8ffacaa0e5602250dd72_ppc64le", "relates_to_product_reference": "7Server-RH7-RHOSE-3.11" }, { "category": "default_component_of", "full_product_name": { "name": "openshift3/ose-efs-provisioner@sha256:bd1bc0726a82a39db1adae3bd03b2dc40aee3f277db42a1f7cf135012e94348e_amd64 as a component of Red Hat OpenShift Container Platform 3.11", "product_id": "7Server-RH7-RHOSE-3.11:openshift3/ose-efs-provisioner@sha256:bd1bc0726a82a39db1adae3bd03b2dc40aee3f277db42a1f7cf135012e94348e_amd64" }, "product_reference": "openshift3/ose-efs-provisioner@sha256:bd1bc0726a82a39db1adae3bd03b2dc40aee3f277db42a1f7cf135012e94348e_amd64", "relates_to_product_reference": "7Server-RH7-RHOSE-3.11" }, { "category": "default_component_of", "full_product_name": { "name": "openshift3/ose-egress-dns-proxy@sha256:08f9a4ecde5ce726f43cd4de90d657e8a0ad4e3c150c0e8487e15fa4017f8f1f_amd64 as a component of Red Hat OpenShift Container Platform 3.11", "product_id": "7Server-RH7-RHOSE-3.11:openshift3/ose-egress-dns-proxy@sha256:08f9a4ecde5ce726f43cd4de90d657e8a0ad4e3c150c0e8487e15fa4017f8f1f_amd64" }, "product_reference": "openshift3/ose-egress-dns-proxy@sha256:08f9a4ecde5ce726f43cd4de90d657e8a0ad4e3c150c0e8487e15fa4017f8f1f_amd64", "relates_to_product_reference": "7Server-RH7-RHOSE-3.11" }, { "category": "default_component_of", "full_product_name": { "name": "openshift3/ose-egress-dns-proxy@sha256:0aa6d4341a93d6be4964c24b933041357f8e84ea89eea318917955faf5c2ef49_ppc64le as a component of Red Hat OpenShift Container Platform 3.11", "product_id": "7Server-RH7-RHOSE-3.11:openshift3/ose-egress-dns-proxy@sha256:0aa6d4341a93d6be4964c24b933041357f8e84ea89eea318917955faf5c2ef49_ppc64le" }, "product_reference": "openshift3/ose-egress-dns-proxy@sha256:0aa6d4341a93d6be4964c24b933041357f8e84ea89eea318917955faf5c2ef49_ppc64le", "relates_to_product_reference": "7Server-RH7-RHOSE-3.11" }, { "category": "default_component_of", "full_product_name": { "name": "openshift3/ose-egress-http-proxy@sha256:1c57b9e3567fe4cac8d37243c8b8c6a3ffea609e0c421c35bea1c594e4dc956b_ppc64le as a component of Red Hat OpenShift Container Platform 3.11", "product_id": "7Server-RH7-RHOSE-3.11:openshift3/ose-egress-http-proxy@sha256:1c57b9e3567fe4cac8d37243c8b8c6a3ffea609e0c421c35bea1c594e4dc956b_ppc64le" }, "product_reference": "openshift3/ose-egress-http-proxy@sha256:1c57b9e3567fe4cac8d37243c8b8c6a3ffea609e0c421c35bea1c594e4dc956b_ppc64le", "relates_to_product_reference": "7Server-RH7-RHOSE-3.11" }, { "category": "default_component_of", "full_product_name": { "name": "openshift3/ose-egress-http-proxy@sha256:1f5085a7c09a33dd3c000bb985af1ed6bbe36aecd108890ac3340a06ecce8799_amd64 as a component of Red Hat OpenShift Container Platform 3.11", "product_id": "7Server-RH7-RHOSE-3.11:openshift3/ose-egress-http-proxy@sha256:1f5085a7c09a33dd3c000bb985af1ed6bbe36aecd108890ac3340a06ecce8799_amd64" }, "product_reference": "openshift3/ose-egress-http-proxy@sha256:1f5085a7c09a33dd3c000bb985af1ed6bbe36aecd108890ac3340a06ecce8799_amd64", "relates_to_product_reference": "7Server-RH7-RHOSE-3.11" }, { "category": "default_component_of", "full_product_name": { "name": "openshift3/ose-egress-router@sha256:55625ed80e5a06c1d4c0ecfad9b02ec8786ae3664496b017b840f096187e96e1_amd64 as a component of Red Hat OpenShift Container Platform 3.11", "product_id": "7Server-RH7-RHOSE-3.11:openshift3/ose-egress-router@sha256:55625ed80e5a06c1d4c0ecfad9b02ec8786ae3664496b017b840f096187e96e1_amd64" }, "product_reference": "openshift3/ose-egress-router@sha256:55625ed80e5a06c1d4c0ecfad9b02ec8786ae3664496b017b840f096187e96e1_amd64", "relates_to_product_reference": "7Server-RH7-RHOSE-3.11" }, { "category": "default_component_of", "full_product_name": { "name": "openshift3/ose-egress-router@sha256:dc704c03ebff6c95a0473f400e75aad2f61f5c21c6e9118ced6ff4f504c3a33b_ppc64le as a component of Red Hat OpenShift Container Platform 3.11", "product_id": "7Server-RH7-RHOSE-3.11:openshift3/ose-egress-router@sha256:dc704c03ebff6c95a0473f400e75aad2f61f5c21c6e9118ced6ff4f504c3a33b_ppc64le" }, "product_reference": "openshift3/ose-egress-router@sha256:dc704c03ebff6c95a0473f400e75aad2f61f5c21c6e9118ced6ff4f504c3a33b_ppc64le", "relates_to_product_reference": "7Server-RH7-RHOSE-3.11" }, { "category": "default_component_of", "full_product_name": { "name": "openshift3/ose-haproxy-router@sha256:03ee8def90b9c2fd8c52183ee16ecc4143d252421142875f9b3ebfb79a35e765_amd64 as a component of Red Hat OpenShift Container Platform 3.11", "product_id": "7Server-RH7-RHOSE-3.11:openshift3/ose-haproxy-router@sha256:03ee8def90b9c2fd8c52183ee16ecc4143d252421142875f9b3ebfb79a35e765_amd64" }, "product_reference": "openshift3/ose-haproxy-router@sha256:03ee8def90b9c2fd8c52183ee16ecc4143d252421142875f9b3ebfb79a35e765_amd64", "relates_to_product_reference": "7Server-RH7-RHOSE-3.11" }, { "category": "default_component_of", "full_product_name": { "name": "openshift3/ose-haproxy-router@sha256:07deef108cd4aee617a59656605d7c966dedf28eeee7ffe0843be56e5ce077c9_ppc64le as a component of Red Hat OpenShift Container Platform 3.11", "product_id": "7Server-RH7-RHOSE-3.11:openshift3/ose-haproxy-router@sha256:07deef108cd4aee617a59656605d7c966dedf28eeee7ffe0843be56e5ce077c9_ppc64le" }, "product_reference": "openshift3/ose-haproxy-router@sha256:07deef108cd4aee617a59656605d7c966dedf28eeee7ffe0843be56e5ce077c9_ppc64le", "relates_to_product_reference": "7Server-RH7-RHOSE-3.11" }, { "category": "default_component_of", "full_product_name": { "name": "openshift3/ose-hyperkube@sha256:0bd945d55e15a305fc1c69a446c9e0c0acc7bd7dd88a38a4531deae1da3d83ca_amd64 as a component of Red Hat OpenShift Container Platform 3.11", "product_id": "7Server-RH7-RHOSE-3.11:openshift3/ose-hyperkube@sha256:0bd945d55e15a305fc1c69a446c9e0c0acc7bd7dd88a38a4531deae1da3d83ca_amd64" }, "product_reference": "openshift3/ose-hyperkube@sha256:0bd945d55e15a305fc1c69a446c9e0c0acc7bd7dd88a38a4531deae1da3d83ca_amd64", "relates_to_product_reference": "7Server-RH7-RHOSE-3.11" }, { "category": "default_component_of", "full_product_name": { "name": "openshift3/ose-hyperkube@sha256:75617155f039423e7ce8166cbf55405ac1b7349b24d628a443d92f2b0972bdad_ppc64le as a component of Red Hat OpenShift Container Platform 3.11", "product_id": "7Server-RH7-RHOSE-3.11:openshift3/ose-hyperkube@sha256:75617155f039423e7ce8166cbf55405ac1b7349b24d628a443d92f2b0972bdad_ppc64le" }, "product_reference": "openshift3/ose-hyperkube@sha256:75617155f039423e7ce8166cbf55405ac1b7349b24d628a443d92f2b0972bdad_ppc64le", "relates_to_product_reference": "7Server-RH7-RHOSE-3.11" }, { "category": "default_component_of", "full_product_name": { "name": "openshift3/ose-hypershift@sha256:08ffc52ccea1e13602764c1119502bdf56c502d8613e44bfc0ec77689bda7c51_ppc64le as a component of Red Hat OpenShift Container Platform 3.11", "product_id": "7Server-RH7-RHOSE-3.11:openshift3/ose-hypershift@sha256:08ffc52ccea1e13602764c1119502bdf56c502d8613e44bfc0ec77689bda7c51_ppc64le" }, "product_reference": "openshift3/ose-hypershift@sha256:08ffc52ccea1e13602764c1119502bdf56c502d8613e44bfc0ec77689bda7c51_ppc64le", "relates_to_product_reference": "7Server-RH7-RHOSE-3.11" }, { "category": "default_component_of", "full_product_name": { "name": "openshift3/ose-hypershift@sha256:95d4dc298a6749b53a6f9e3a1f4726910200e0ce551a47efdf8a316d6c7065f1_amd64 as a component of Red Hat OpenShift Container Platform 3.11", "product_id": "7Server-RH7-RHOSE-3.11:openshift3/ose-hypershift@sha256:95d4dc298a6749b53a6f9e3a1f4726910200e0ce551a47efdf8a316d6c7065f1_amd64" }, "product_reference": "openshift3/ose-hypershift@sha256:95d4dc298a6749b53a6f9e3a1f4726910200e0ce551a47efdf8a316d6c7065f1_amd64", "relates_to_product_reference": "7Server-RH7-RHOSE-3.11" }, { "category": "default_component_of", "full_product_name": { "name": "openshift3/ose-keepalived-ipfailover@sha256:e19093a73ed7cb370e3041928c50f9637fed9acaf9bc72f9ca91e49d60ff90d6_amd64 as a component of Red Hat OpenShift Container Platform 3.11", "product_id": "7Server-RH7-RHOSE-3.11:openshift3/ose-keepalived-ipfailover@sha256:e19093a73ed7cb370e3041928c50f9637fed9acaf9bc72f9ca91e49d60ff90d6_amd64" }, "product_reference": "openshift3/ose-keepalived-ipfailover@sha256:e19093a73ed7cb370e3041928c50f9637fed9acaf9bc72f9ca91e49d60ff90d6_amd64", "relates_to_product_reference": "7Server-RH7-RHOSE-3.11" }, { "category": "default_component_of", "full_product_name": { "name": "openshift3/ose-keepalived-ipfailover@sha256:f64aa6a87b545dde145ec19a6420545db605c4dfb014caeb710e85eb88e0233b_ppc64le as a component of Red Hat OpenShift Container Platform 3.11", "product_id": "7Server-RH7-RHOSE-3.11:openshift3/ose-keepalived-ipfailover@sha256:f64aa6a87b545dde145ec19a6420545db605c4dfb014caeb710e85eb88e0233b_ppc64le" }, "product_reference": "openshift3/ose-keepalived-ipfailover@sha256:f64aa6a87b545dde145ec19a6420545db605c4dfb014caeb710e85eb88e0233b_ppc64le", "relates_to_product_reference": "7Server-RH7-RHOSE-3.11" }, { "category": "default_component_of", "full_product_name": { "name": "openshift3/ose-kube-rbac-proxy@sha256:95b4736997e113b9392786284b4fb1e9e87b0175c2c4969b0a20f51d30e97a76_ppc64le as a component of Red Hat OpenShift Container Platform 3.11", "product_id": "7Server-RH7-RHOSE-3.11:openshift3/ose-kube-rbac-proxy@sha256:95b4736997e113b9392786284b4fb1e9e87b0175c2c4969b0a20f51d30e97a76_ppc64le" }, "product_reference": "openshift3/ose-kube-rbac-proxy@sha256:95b4736997e113b9392786284b4fb1e9e87b0175c2c4969b0a20f51d30e97a76_ppc64le", "relates_to_product_reference": "7Server-RH7-RHOSE-3.11" }, { "category": "default_component_of", "full_product_name": { "name": "openshift3/ose-kube-rbac-proxy@sha256:eb0da4670838a10ba377ba3df6c9aa6e1863d6633af5ebd75dc3cec9e9aa7897_amd64 as a component of Red Hat OpenShift Container Platform 3.11", "product_id": "7Server-RH7-RHOSE-3.11:openshift3/ose-kube-rbac-proxy@sha256:eb0da4670838a10ba377ba3df6c9aa6e1863d6633af5ebd75dc3cec9e9aa7897_amd64" }, "product_reference": "openshift3/ose-kube-rbac-proxy@sha256:eb0da4670838a10ba377ba3df6c9aa6e1863d6633af5ebd75dc3cec9e9aa7897_amd64", "relates_to_product_reference": "7Server-RH7-RHOSE-3.11" }, { "category": "default_component_of", "full_product_name": { "name": "openshift3/ose-kube-state-metrics@sha256:155126d83e7c1bd9f9b55c239565ce5a38c26a7ee7c46e768c99db09c6d75439_ppc64le as a component of Red Hat OpenShift Container Platform 3.11", "product_id": "7Server-RH7-RHOSE-3.11:openshift3/ose-kube-state-metrics@sha256:155126d83e7c1bd9f9b55c239565ce5a38c26a7ee7c46e768c99db09c6d75439_ppc64le" }, "product_reference": "openshift3/ose-kube-state-metrics@sha256:155126d83e7c1bd9f9b55c239565ce5a38c26a7ee7c46e768c99db09c6d75439_ppc64le", "relates_to_product_reference": "7Server-RH7-RHOSE-3.11" }, { "category": "default_component_of", "full_product_name": { "name": "openshift3/ose-kube-state-metrics@sha256:726effd02df8a87735f75deddc05880a07319565df45e4d8b5f4acb366f11048_amd64 as a component of Red Hat OpenShift Container Platform 3.11", "product_id": "7Server-RH7-RHOSE-3.11:openshift3/ose-kube-state-metrics@sha256:726effd02df8a87735f75deddc05880a07319565df45e4d8b5f4acb366f11048_amd64" }, "product_reference": "openshift3/ose-kube-state-metrics@sha256:726effd02df8a87735f75deddc05880a07319565df45e4d8b5f4acb366f11048_amd64", "relates_to_product_reference": "7Server-RH7-RHOSE-3.11" }, { "category": "default_component_of", "full_product_name": { "name": "openshift3/ose-logging-curator5@sha256:0e2491bb4968deca6d7fa62d8c2517d46a237bd1bd41ada1794a34592c65c1fe_amd64 as a component of Red Hat OpenShift Container Platform 3.11", "product_id": "7Server-RH7-RHOSE-3.11:openshift3/ose-logging-curator5@sha256:0e2491bb4968deca6d7fa62d8c2517d46a237bd1bd41ada1794a34592c65c1fe_amd64" }, "product_reference": "openshift3/ose-logging-curator5@sha256:0e2491bb4968deca6d7fa62d8c2517d46a237bd1bd41ada1794a34592c65c1fe_amd64", "relates_to_product_reference": "7Server-RH7-RHOSE-3.11" }, { "category": "default_component_of", "full_product_name": { "name": "openshift3/ose-logging-curator5@sha256:e8c7cc24ae8066ba8b8dd866fcb8772974b91372fbb04ad3ceb0915607113be1_ppc64le as a component of Red Hat OpenShift Container Platform 3.11", "product_id": "7Server-RH7-RHOSE-3.11:openshift3/ose-logging-curator5@sha256:e8c7cc24ae8066ba8b8dd866fcb8772974b91372fbb04ad3ceb0915607113be1_ppc64le" }, "product_reference": "openshift3/ose-logging-curator5@sha256:e8c7cc24ae8066ba8b8dd866fcb8772974b91372fbb04ad3ceb0915607113be1_ppc64le", "relates_to_product_reference": "7Server-RH7-RHOSE-3.11" }, { "category": "default_component_of", "full_product_name": { "name": "openshift3/ose-logging-elasticsearch5@sha256:53371e2242b9f237273ef8fab8a167335a4c652d96e1f0c18296d3a9f3933219_ppc64le as a component of Red Hat OpenShift Container Platform 3.11", "product_id": "7Server-RH7-RHOSE-3.11:openshift3/ose-logging-elasticsearch5@sha256:53371e2242b9f237273ef8fab8a167335a4c652d96e1f0c18296d3a9f3933219_ppc64le" }, "product_reference": "openshift3/ose-logging-elasticsearch5@sha256:53371e2242b9f237273ef8fab8a167335a4c652d96e1f0c18296d3a9f3933219_ppc64le", "relates_to_product_reference": "7Server-RH7-RHOSE-3.11" }, { "category": "default_component_of", "full_product_name": { "name": "openshift3/ose-logging-elasticsearch5@sha256:ca6684fc43c6f87df75c4460ca6e919a37c353cdc460efb4a3df78825b0967ee_amd64 as a component of Red Hat OpenShift Container Platform 3.11", "product_id": "7Server-RH7-RHOSE-3.11:openshift3/ose-logging-elasticsearch5@sha256:ca6684fc43c6f87df75c4460ca6e919a37c353cdc460efb4a3df78825b0967ee_amd64" }, "product_reference": "openshift3/ose-logging-elasticsearch5@sha256:ca6684fc43c6f87df75c4460ca6e919a37c353cdc460efb4a3df78825b0967ee_amd64", "relates_to_product_reference": "7Server-RH7-RHOSE-3.11" }, { "category": "default_component_of", "full_product_name": { "name": "openshift3/ose-logging-eventrouter@sha256:0cbc586af811550f5e674def7a52ee7178cd5b992eb4e87bd8ea766797ed7fdc_amd64 as a component of Red Hat OpenShift Container Platform 3.11", "product_id": "7Server-RH7-RHOSE-3.11:openshift3/ose-logging-eventrouter@sha256:0cbc586af811550f5e674def7a52ee7178cd5b992eb4e87bd8ea766797ed7fdc_amd64" }, "product_reference": "openshift3/ose-logging-eventrouter@sha256:0cbc586af811550f5e674def7a52ee7178cd5b992eb4e87bd8ea766797ed7fdc_amd64", "relates_to_product_reference": "7Server-RH7-RHOSE-3.11" }, { "category": "default_component_of", "full_product_name": { "name": "openshift3/ose-logging-eventrouter@sha256:d999ecebf99a5d28c9b684137f1f04491e40b2a1537fc4406984c3febeb40135_ppc64le as a component of Red Hat OpenShift Container Platform 3.11", "product_id": "7Server-RH7-RHOSE-3.11:openshift3/ose-logging-eventrouter@sha256:d999ecebf99a5d28c9b684137f1f04491e40b2a1537fc4406984c3febeb40135_ppc64le" }, "product_reference": "openshift3/ose-logging-eventrouter@sha256:d999ecebf99a5d28c9b684137f1f04491e40b2a1537fc4406984c3febeb40135_ppc64le", "relates_to_product_reference": "7Server-RH7-RHOSE-3.11" }, { "category": "default_component_of", "full_product_name": { "name": "openshift3/ose-logging-fluentd@sha256:7e84289264cb9208276fd21f6cc16cb685cfa45ca4681a7a17da43cb8e275359_ppc64le as a component of Red Hat OpenShift Container Platform 3.11", "product_id": "7Server-RH7-RHOSE-3.11:openshift3/ose-logging-fluentd@sha256:7e84289264cb9208276fd21f6cc16cb685cfa45ca4681a7a17da43cb8e275359_ppc64le" }, "product_reference": "openshift3/ose-logging-fluentd@sha256:7e84289264cb9208276fd21f6cc16cb685cfa45ca4681a7a17da43cb8e275359_ppc64le", "relates_to_product_reference": "7Server-RH7-RHOSE-3.11" }, { "category": "default_component_of", "full_product_name": { "name": "openshift3/ose-logging-fluentd@sha256:fe089baafe2523726dc129f6107f878fe0980df3c74ff6f275819045fda0f972_amd64 as a component of Red Hat OpenShift Container Platform 3.11", "product_id": "7Server-RH7-RHOSE-3.11:openshift3/ose-logging-fluentd@sha256:fe089baafe2523726dc129f6107f878fe0980df3c74ff6f275819045fda0f972_amd64" }, "product_reference": "openshift3/ose-logging-fluentd@sha256:fe089baafe2523726dc129f6107f878fe0980df3c74ff6f275819045fda0f972_amd64", "relates_to_product_reference": "7Server-RH7-RHOSE-3.11" }, { "category": "default_component_of", "full_product_name": { "name": "openshift3/ose-logging-kibana5@sha256:bc961ab7aa9b7c8e861f40887a23af44c8777c24eca3563708f5cb242dffc80e_amd64 as a component of Red Hat OpenShift Container Platform 3.11", "product_id": "7Server-RH7-RHOSE-3.11:openshift3/ose-logging-kibana5@sha256:bc961ab7aa9b7c8e861f40887a23af44c8777c24eca3563708f5cb242dffc80e_amd64" }, "product_reference": "openshift3/ose-logging-kibana5@sha256:bc961ab7aa9b7c8e861f40887a23af44c8777c24eca3563708f5cb242dffc80e_amd64", "relates_to_product_reference": "7Server-RH7-RHOSE-3.11" }, { "category": "default_component_of", "full_product_name": { "name": "openshift3/ose-logging-kibana5@sha256:d724440cbd2522847844a90c4cb9cf86ecf75253907369cf5328d947b03e6de8_ppc64le as a component of Red Hat OpenShift Container Platform 3.11", "product_id": "7Server-RH7-RHOSE-3.11:openshift3/ose-logging-kibana5@sha256:d724440cbd2522847844a90c4cb9cf86ecf75253907369cf5328d947b03e6de8_ppc64le" }, "product_reference": "openshift3/ose-logging-kibana5@sha256:d724440cbd2522847844a90c4cb9cf86ecf75253907369cf5328d947b03e6de8_ppc64le", "relates_to_product_reference": "7Server-RH7-RHOSE-3.11" }, { "category": "default_component_of", "full_product_name": { "name": "openshift3/ose-metrics-cassandra@sha256:289f63cd6ff4f5bdf411979a2bb85365733915ba302679efe455b0dd85432af1_amd64 as a component of Red Hat OpenShift Container Platform 3.11", "product_id": "7Server-RH7-RHOSE-3.11:openshift3/ose-metrics-cassandra@sha256:289f63cd6ff4f5bdf411979a2bb85365733915ba302679efe455b0dd85432af1_amd64" }, "product_reference": "openshift3/ose-metrics-cassandra@sha256:289f63cd6ff4f5bdf411979a2bb85365733915ba302679efe455b0dd85432af1_amd64", "relates_to_product_reference": "7Server-RH7-RHOSE-3.11" }, { "category": "default_component_of", "full_product_name": { "name": "openshift3/ose-metrics-cassandra@sha256:8433fe5ef0358969945c392fc13035b8fb9b22f2000f80e71bcbf8b80c50e671_ppc64le as a component of Red Hat OpenShift Container Platform 3.11", "product_id": "7Server-RH7-RHOSE-3.11:openshift3/ose-metrics-cassandra@sha256:8433fe5ef0358969945c392fc13035b8fb9b22f2000f80e71bcbf8b80c50e671_ppc64le" }, "product_reference": "openshift3/ose-metrics-cassandra@sha256:8433fe5ef0358969945c392fc13035b8fb9b22f2000f80e71bcbf8b80c50e671_ppc64le", "relates_to_product_reference": "7Server-RH7-RHOSE-3.11" }, { "category": "default_component_of", "full_product_name": { "name": "openshift3/ose-metrics-hawkular-metrics@sha256:751cab1ad1c0994cd4fde8127c6c95d1f00ced9814e66ffbc98d55f9766bee17_amd64 as a component of Red Hat OpenShift Container Platform 3.11", "product_id": "7Server-RH7-RHOSE-3.11:openshift3/ose-metrics-hawkular-metrics@sha256:751cab1ad1c0994cd4fde8127c6c95d1f00ced9814e66ffbc98d55f9766bee17_amd64" }, "product_reference": "openshift3/ose-metrics-hawkular-metrics@sha256:751cab1ad1c0994cd4fde8127c6c95d1f00ced9814e66ffbc98d55f9766bee17_amd64", "relates_to_product_reference": "7Server-RH7-RHOSE-3.11" }, { "category": "default_component_of", "full_product_name": { "name": "openshift3/ose-metrics-hawkular-openshift-agent@sha256:241e0f9f0babaec3fff54e935a38b93cf4f80170bae1ba6b03086c0d188f07bc_ppc64le as a component of Red Hat OpenShift Container Platform 3.11", "product_id": "7Server-RH7-RHOSE-3.11:openshift3/ose-metrics-hawkular-openshift-agent@sha256:241e0f9f0babaec3fff54e935a38b93cf4f80170bae1ba6b03086c0d188f07bc_ppc64le" }, "product_reference": "openshift3/ose-metrics-hawkular-openshift-agent@sha256:241e0f9f0babaec3fff54e935a38b93cf4f80170bae1ba6b03086c0d188f07bc_ppc64le", "relates_to_product_reference": "7Server-RH7-RHOSE-3.11" }, { "category": "default_component_of", "full_product_name": { "name": "openshift3/ose-metrics-hawkular-openshift-agent@sha256:c8ed0f9ddd2b1090521f60b8031a985b9f2bc98e2ea43ff64d0d119acdfdd310_amd64 as a component of Red Hat OpenShift Container Platform 3.11", "product_id": "7Server-RH7-RHOSE-3.11:openshift3/ose-metrics-hawkular-openshift-agent@sha256:c8ed0f9ddd2b1090521f60b8031a985b9f2bc98e2ea43ff64d0d119acdfdd310_amd64" }, "product_reference": "openshift3/ose-metrics-hawkular-openshift-agent@sha256:c8ed0f9ddd2b1090521f60b8031a985b9f2bc98e2ea43ff64d0d119acdfdd310_amd64", "relates_to_product_reference": "7Server-RH7-RHOSE-3.11" }, { "category": "default_component_of", "full_product_name": { "name": "openshift3/ose-metrics-heapster@sha256:09e2fbd1292303108bc22513a35d9b4ef69a54f92a0ad482749e6e8d10b51ef3_ppc64le as a component of Red Hat OpenShift Container Platform 3.11", "product_id": "7Server-RH7-RHOSE-3.11:openshift3/ose-metrics-heapster@sha256:09e2fbd1292303108bc22513a35d9b4ef69a54f92a0ad482749e6e8d10b51ef3_ppc64le" }, "product_reference": "openshift3/ose-metrics-heapster@sha256:09e2fbd1292303108bc22513a35d9b4ef69a54f92a0ad482749e6e8d10b51ef3_ppc64le", "relates_to_product_reference": "7Server-RH7-RHOSE-3.11" }, { "category": "default_component_of", "full_product_name": { "name": "openshift3/ose-metrics-heapster@sha256:de9e055776e08ef5759e9901051b2fa929459788881b0021ace3d2fbcc2a8dc0_amd64 as a component of Red Hat OpenShift Container Platform 3.11", "product_id": "7Server-RH7-RHOSE-3.11:openshift3/ose-metrics-heapster@sha256:de9e055776e08ef5759e9901051b2fa929459788881b0021ace3d2fbcc2a8dc0_amd64" }, "product_reference": "openshift3/ose-metrics-heapster@sha256:de9e055776e08ef5759e9901051b2fa929459788881b0021ace3d2fbcc2a8dc0_amd64", "relates_to_product_reference": "7Server-RH7-RHOSE-3.11" }, { "category": "default_component_of", "full_product_name": { "name": "openshift3/ose-metrics-schema-installer@sha256:22292281c5664ad742335a5f2eec938d44abd01abcce206ea8133d3e287a1fe7_ppc64le as a component of Red Hat OpenShift Container Platform 3.11", "product_id": "7Server-RH7-RHOSE-3.11:openshift3/ose-metrics-schema-installer@sha256:22292281c5664ad742335a5f2eec938d44abd01abcce206ea8133d3e287a1fe7_ppc64le" }, "product_reference": "openshift3/ose-metrics-schema-installer@sha256:22292281c5664ad742335a5f2eec938d44abd01abcce206ea8133d3e287a1fe7_ppc64le", "relates_to_product_reference": "7Server-RH7-RHOSE-3.11" }, { "category": "default_component_of", "full_product_name": { "name": "openshift3/ose-metrics-schema-installer@sha256:f567ef170d6ac571a0b502211dd1588c299c64a42f886b8501a5c4b13e965726_amd64 as a component of Red Hat OpenShift Container Platform 3.11", "product_id": "7Server-RH7-RHOSE-3.11:openshift3/ose-metrics-schema-installer@sha256:f567ef170d6ac571a0b502211dd1588c299c64a42f886b8501a5c4b13e965726_amd64" }, "product_reference": "openshift3/ose-metrics-schema-installer@sha256:f567ef170d6ac571a0b502211dd1588c299c64a42f886b8501a5c4b13e965726_amd64", "relates_to_product_reference": "7Server-RH7-RHOSE-3.11" }, { "category": "default_component_of", "full_product_name": { "name": "openshift3/ose-metrics-server@sha256:03cf90a75482a0e09f924840afc05208209aba9438dd8add3306bfc7e99ea041_ppc64le as a component of Red Hat OpenShift Container Platform 3.11", "product_id": "7Server-RH7-RHOSE-3.11:openshift3/ose-metrics-server@sha256:03cf90a75482a0e09f924840afc05208209aba9438dd8add3306bfc7e99ea041_ppc64le" }, "product_reference": "openshift3/ose-metrics-server@sha256:03cf90a75482a0e09f924840afc05208209aba9438dd8add3306bfc7e99ea041_ppc64le", "relates_to_product_reference": "7Server-RH7-RHOSE-3.11" }, { "category": "default_component_of", "full_product_name": { "name": "openshift3/ose-metrics-server@sha256:b188d6d36d913aa6d4d2b83ee2e6ab0c7ae394d9d078a9fb389958ac6ffd5254_amd64 as a component of Red Hat OpenShift Container Platform 3.11", "product_id": "7Server-RH7-RHOSE-3.11:openshift3/ose-metrics-server@sha256:b188d6d36d913aa6d4d2b83ee2e6ab0c7ae394d9d078a9fb389958ac6ffd5254_amd64" }, "product_reference": "openshift3/ose-metrics-server@sha256:b188d6d36d913aa6d4d2b83ee2e6ab0c7ae394d9d078a9fb389958ac6ffd5254_amd64", "relates_to_product_reference": "7Server-RH7-RHOSE-3.11" }, { "category": "default_component_of", "full_product_name": { "name": "openshift3/ose-node-problem-detector@sha256:41ef952a4ade68321dae2186cba7a0a3913b125f7aade46b26ffb56d17ddf4e0_amd64 as a component of Red Hat OpenShift Container Platform 3.11", "product_id": "7Server-RH7-RHOSE-3.11:openshift3/ose-node-problem-detector@sha256:41ef952a4ade68321dae2186cba7a0a3913b125f7aade46b26ffb56d17ddf4e0_amd64" }, "product_reference": "openshift3/ose-node-problem-detector@sha256:41ef952a4ade68321dae2186cba7a0a3913b125f7aade46b26ffb56d17ddf4e0_amd64", "relates_to_product_reference": "7Server-RH7-RHOSE-3.11" }, { "category": "default_component_of", "full_product_name": { "name": "openshift3/ose-node-problem-detector@sha256:445c68516f4fc4583817e59a0977c8fcc8f3ebd60397a56b93ef800cd41e175f_ppc64le as a component of Red Hat OpenShift Container Platform 3.11", "product_id": "7Server-RH7-RHOSE-3.11:openshift3/ose-node-problem-detector@sha256:445c68516f4fc4583817e59a0977c8fcc8f3ebd60397a56b93ef800cd41e175f_ppc64le" }, "product_reference": "openshift3/ose-node-problem-detector@sha256:445c68516f4fc4583817e59a0977c8fcc8f3ebd60397a56b93ef800cd41e175f_ppc64le", "relates_to_product_reference": "7Server-RH7-RHOSE-3.11" }, { "category": "default_component_of", "full_product_name": { "name": "openshift3/ose-node@sha256:5a74daf7ce7c31278339743b4af5efa2f3f7c2aa73af7ea6c7cd0e51edaee82b_amd64 as a component of Red Hat OpenShift Container Platform 3.11", "product_id": "7Server-RH7-RHOSE-3.11:openshift3/ose-node@sha256:5a74daf7ce7c31278339743b4af5efa2f3f7c2aa73af7ea6c7cd0e51edaee82b_amd64" }, "product_reference": "openshift3/ose-node@sha256:5a74daf7ce7c31278339743b4af5efa2f3f7c2aa73af7ea6c7cd0e51edaee82b_amd64", "relates_to_product_reference": "7Server-RH7-RHOSE-3.11" }, { "category": "default_component_of", "full_product_name": { "name": "openshift3/ose-node@sha256:848c5444d818200c952b9660c3384f773305bdd33ddaa57a98fb25b883cfca9d_ppc64le as a component of Red Hat OpenShift Container Platform 3.11", "product_id": "7Server-RH7-RHOSE-3.11:openshift3/ose-node@sha256:848c5444d818200c952b9660c3384f773305bdd33ddaa57a98fb25b883cfca9d_ppc64le" }, "product_reference": "openshift3/ose-node@sha256:848c5444d818200c952b9660c3384f773305bdd33ddaa57a98fb25b883cfca9d_ppc64le", "relates_to_product_reference": "7Server-RH7-RHOSE-3.11" }, { "category": "default_component_of", "full_product_name": { "name": "openshift3/ose-operator-lifecycle-manager@sha256:6905b9589f982e35f7ff59da2453e0bbac3684727a927317e17db850d1f84374_ppc64le as a component of Red Hat OpenShift Container Platform 3.11", "product_id": "7Server-RH7-RHOSE-3.11:openshift3/ose-operator-lifecycle-manager@sha256:6905b9589f982e35f7ff59da2453e0bbac3684727a927317e17db850d1f84374_ppc64le" }, "product_reference": "openshift3/ose-operator-lifecycle-manager@sha256:6905b9589f982e35f7ff59da2453e0bbac3684727a927317e17db850d1f84374_ppc64le", "relates_to_product_reference": "7Server-RH7-RHOSE-3.11" }, { "category": "default_component_of", "full_product_name": { "name": "openshift3/ose-operator-lifecycle-manager@sha256:b1ec65e2f4428863b21c62f360d058d052f751d55cf9b47f350d71c485d0dbd1_amd64 as a component of Red Hat OpenShift Container Platform 3.11", "product_id": "7Server-RH7-RHOSE-3.11:openshift3/ose-operator-lifecycle-manager@sha256:b1ec65e2f4428863b21c62f360d058d052f751d55cf9b47f350d71c485d0dbd1_amd64" }, "product_reference": "openshift3/ose-operator-lifecycle-manager@sha256:b1ec65e2f4428863b21c62f360d058d052f751d55cf9b47f350d71c485d0dbd1_amd64", "relates_to_product_reference": "7Server-RH7-RHOSE-3.11" }, { "category": "default_component_of", "full_product_name": { "name": "openshift3/ose-ovn-kubernetes@sha256:2affd84e4cdd152598cdf8566cf90ee8cbfc57ef932293e84c82f947537acf2e_amd64 as a component of Red Hat OpenShift Container Platform 3.11", "product_id": "7Server-RH7-RHOSE-3.11:openshift3/ose-ovn-kubernetes@sha256:2affd84e4cdd152598cdf8566cf90ee8cbfc57ef932293e84c82f947537acf2e_amd64" }, "product_reference": "openshift3/ose-ovn-kubernetes@sha256:2affd84e4cdd152598cdf8566cf90ee8cbfc57ef932293e84c82f947537acf2e_amd64", "relates_to_product_reference": "7Server-RH7-RHOSE-3.11" }, { "category": "default_component_of", "full_product_name": { "name": "openshift3/ose-ovn-kubernetes@sha256:46d62a21532bb365bec6d182492e8b15681581df0059057a4fb72391c8022d2e_ppc64le as a component of Red Hat OpenShift Container Platform 3.11", "product_id": "7Server-RH7-RHOSE-3.11:openshift3/ose-ovn-kubernetes@sha256:46d62a21532bb365bec6d182492e8b15681581df0059057a4fb72391c8022d2e_ppc64le" }, "product_reference": "openshift3/ose-ovn-kubernetes@sha256:46d62a21532bb365bec6d182492e8b15681581df0059057a4fb72391c8022d2e_ppc64le", "relates_to_product_reference": "7Server-RH7-RHOSE-3.11" }, { "category": "default_component_of", "full_product_name": { "name": "openshift3/ose-pod@sha256:6d5839ea265076d96b622b6a1aac624a32980e5d2ff8e74d87bcf41b24f38af2_amd64 as a component of Red Hat OpenShift Container Platform 3.11", "product_id": "7Server-RH7-RHOSE-3.11:openshift3/ose-pod@sha256:6d5839ea265076d96b622b6a1aac624a32980e5d2ff8e74d87bcf41b24f38af2_amd64" }, "product_reference": "openshift3/ose-pod@sha256:6d5839ea265076d96b622b6a1aac624a32980e5d2ff8e74d87bcf41b24f38af2_amd64", "relates_to_product_reference": "7Server-RH7-RHOSE-3.11" }, { "category": "default_component_of", "full_product_name": { "name": "openshift3/ose-pod@sha256:eddd3f77fa3cacad66f41a154893d1e40c8d2b39864c344ac84a7479ff179b51_ppc64le as a component of Red Hat OpenShift Container Platform 3.11", "product_id": "7Server-RH7-RHOSE-3.11:openshift3/ose-pod@sha256:eddd3f77fa3cacad66f41a154893d1e40c8d2b39864c344ac84a7479ff179b51_ppc64le" }, "product_reference": "openshift3/ose-pod@sha256:eddd3f77fa3cacad66f41a154893d1e40c8d2b39864c344ac84a7479ff179b51_ppc64le", "relates_to_product_reference": "7Server-RH7-RHOSE-3.11" }, { "category": "default_component_of", "full_product_name": { "name": "openshift3/ose-prometheus-config-reloader@sha256:56941ffcd63421b2a9f4eefd0e92379615d5e0b17d57c1cd8e829683c8804de5_amd64 as a component of Red Hat OpenShift Container Platform 3.11", "product_id": "7Server-RH7-RHOSE-3.11:openshift3/ose-prometheus-config-reloader@sha256:56941ffcd63421b2a9f4eefd0e92379615d5e0b17d57c1cd8e829683c8804de5_amd64" }, "product_reference": "openshift3/ose-prometheus-config-reloader@sha256:56941ffcd63421b2a9f4eefd0e92379615d5e0b17d57c1cd8e829683c8804de5_amd64", "relates_to_product_reference": "7Server-RH7-RHOSE-3.11" }, { "category": "default_component_of", "full_product_name": { "name": "openshift3/ose-prometheus-config-reloader@sha256:dbe9b3eb376e3171c44e6edd4a3b9501460cf02ad1c7abf92188379f078177d4_ppc64le as a component of Red Hat OpenShift Container Platform 3.11", "product_id": "7Server-RH7-RHOSE-3.11:openshift3/ose-prometheus-config-reloader@sha256:dbe9b3eb376e3171c44e6edd4a3b9501460cf02ad1c7abf92188379f078177d4_ppc64le" }, "product_reference": "openshift3/ose-prometheus-config-reloader@sha256:dbe9b3eb376e3171c44e6edd4a3b9501460cf02ad1c7abf92188379f078177d4_ppc64le", "relates_to_product_reference": "7Server-RH7-RHOSE-3.11" }, { "category": "default_component_of", "full_product_name": { "name": "openshift3/ose-prometheus-operator@sha256:a1c9890733a1c6e2ad09937ddb1fbaa93f22ef52eb5830203d49b9e295e279f0_ppc64le as a component of Red Hat OpenShift Container Platform 3.11", "product_id": "7Server-RH7-RHOSE-3.11:openshift3/ose-prometheus-operator@sha256:a1c9890733a1c6e2ad09937ddb1fbaa93f22ef52eb5830203d49b9e295e279f0_ppc64le" }, "product_reference": "openshift3/ose-prometheus-operator@sha256:a1c9890733a1c6e2ad09937ddb1fbaa93f22ef52eb5830203d49b9e295e279f0_ppc64le", "relates_to_product_reference": "7Server-RH7-RHOSE-3.11" }, { "category": "default_component_of", "full_product_name": { "name": "openshift3/ose-prometheus-operator@sha256:bb09a6a7d46e3f450d7e5c79dc24ea1bb5ef6d439edeb5d67ad5aeeedef0d776_amd64 as a component of Red Hat OpenShift Container Platform 3.11", "product_id": "7Server-RH7-RHOSE-3.11:openshift3/ose-prometheus-operator@sha256:bb09a6a7d46e3f450d7e5c79dc24ea1bb5ef6d439edeb5d67ad5aeeedef0d776_amd64" }, "product_reference": "openshift3/ose-prometheus-operator@sha256:bb09a6a7d46e3f450d7e5c79dc24ea1bb5ef6d439edeb5d67ad5aeeedef0d776_amd64", "relates_to_product_reference": "7Server-RH7-RHOSE-3.11" }, { "category": "default_component_of", "full_product_name": { "name": "openshift3/ose-recycler@sha256:afe370d3e7bbf905aaa49b7ea70fc599b37b928a4f280c4fa1570364df80ac31_ppc64le as a component of Red Hat OpenShift Container Platform 3.11", "product_id": "7Server-RH7-RHOSE-3.11:openshift3/ose-recycler@sha256:afe370d3e7bbf905aaa49b7ea70fc599b37b928a4f280c4fa1570364df80ac31_ppc64le" }, "product_reference": "openshift3/ose-recycler@sha256:afe370d3e7bbf905aaa49b7ea70fc599b37b928a4f280c4fa1570364df80ac31_ppc64le", "relates_to_product_reference": "7Server-RH7-RHOSE-3.11" }, { "category": "default_component_of", "full_product_name": { "name": "openshift3/ose-recycler@sha256:f4987204ca67904b9fa3a0751d67afa8027a764ffd5b83529e421553c9b47303_amd64 as a component of Red Hat OpenShift Container Platform 3.11", "product_id": "7Server-RH7-RHOSE-3.11:openshift3/ose-recycler@sha256:f4987204ca67904b9fa3a0751d67afa8027a764ffd5b83529e421553c9b47303_amd64" }, "product_reference": "openshift3/ose-recycler@sha256:f4987204ca67904b9fa3a0751d67afa8027a764ffd5b83529e421553c9b47303_amd64", "relates_to_product_reference": "7Server-RH7-RHOSE-3.11" }, { "category": "default_component_of", "full_product_name": { "name": "openshift3/ose-service-catalog@sha256:9a49c75bc750ae724f51696f4c0052325a3d379250d4973fca54e2f9562f1438_ppc64le as a component of Red Hat OpenShift Container Platform 3.11", "product_id": "7Server-RH7-RHOSE-3.11:openshift3/ose-service-catalog@sha256:9a49c75bc750ae724f51696f4c0052325a3d379250d4973fca54e2f9562f1438_ppc64le" }, "product_reference": "openshift3/ose-service-catalog@sha256:9a49c75bc750ae724f51696f4c0052325a3d379250d4973fca54e2f9562f1438_ppc64le", "relates_to_product_reference": "7Server-RH7-RHOSE-3.11" }, { "category": "default_component_of", "full_product_name": { "name": "openshift3/ose-service-catalog@sha256:ecacfd24f1d48a19a26f3c990ed6e9a4a4cd75c738738c462da40b513ef1517e_amd64 as a component of Red Hat OpenShift Container Platform 3.11", "product_id": "7Server-RH7-RHOSE-3.11:openshift3/ose-service-catalog@sha256:ecacfd24f1d48a19a26f3c990ed6e9a4a4cd75c738738c462da40b513ef1517e_amd64" }, "product_reference": "openshift3/ose-service-catalog@sha256:ecacfd24f1d48a19a26f3c990ed6e9a4a4cd75c738738c462da40b513ef1517e_amd64", "relates_to_product_reference": "7Server-RH7-RHOSE-3.11" }, { "category": "default_component_of", "full_product_name": { "name": "openshift3/ose-template-service-broker@sha256:45c412b61b4f36bbb9741901a2fdd8799c736fb1d4d752ba5104cc19b625bd81_ppc64le as a component of Red Hat OpenShift Container Platform 3.11", "product_id": "7Server-RH7-RHOSE-3.11:openshift3/ose-template-service-broker@sha256:45c412b61b4f36bbb9741901a2fdd8799c736fb1d4d752ba5104cc19b625bd81_ppc64le" }, "product_reference": "openshift3/ose-template-service-broker@sha256:45c412b61b4f36bbb9741901a2fdd8799c736fb1d4d752ba5104cc19b625bd81_ppc64le", "relates_to_product_reference": "7Server-RH7-RHOSE-3.11" }, { "category": "default_component_of", "full_product_name": { "name": "openshift3/ose-template-service-broker@sha256:61c88ac8d3de1eb9d207fe23d9d8fea69a48679bffe17355d3b9cbb0583260ba_amd64 as a component of Red Hat OpenShift Container Platform 3.11", "product_id": "7Server-RH7-RHOSE-3.11:openshift3/ose-template-service-broker@sha256:61c88ac8d3de1eb9d207fe23d9d8fea69a48679bffe17355d3b9cbb0583260ba_amd64" }, "product_reference": "openshift3/ose-template-service-broker@sha256:61c88ac8d3de1eb9d207fe23d9d8fea69a48679bffe17355d3b9cbb0583260ba_amd64", "relates_to_product_reference": "7Server-RH7-RHOSE-3.11" }, { "category": "default_component_of", "full_product_name": { "name": "openshift3/ose-tests@sha256:1aba6f3a603f073e8176293140a3ffe111fc7699ef0ba45382857e39f289bb25_ppc64le as a component of Red Hat OpenShift Container Platform 3.11", "product_id": "7Server-RH7-RHOSE-3.11:openshift3/ose-tests@sha256:1aba6f3a603f073e8176293140a3ffe111fc7699ef0ba45382857e39f289bb25_ppc64le" }, "product_reference": "openshift3/ose-tests@sha256:1aba6f3a603f073e8176293140a3ffe111fc7699ef0ba45382857e39f289bb25_ppc64le", "relates_to_product_reference": "7Server-RH7-RHOSE-3.11" }, { "category": "default_component_of", "full_product_name": { "name": "openshift3/ose-tests@sha256:377a3bdc5580733382f80af86a929f31fe80cb5dadbfaad04ac23334df10da87_amd64 as a component of Red Hat OpenShift Container Platform 3.11", "product_id": "7Server-RH7-RHOSE-3.11:openshift3/ose-tests@sha256:377a3bdc5580733382f80af86a929f31fe80cb5dadbfaad04ac23334df10da87_amd64" }, "product_reference": "openshift3/ose-tests@sha256:377a3bdc5580733382f80af86a929f31fe80cb5dadbfaad04ac23334df10da87_amd64", "relates_to_product_reference": "7Server-RH7-RHOSE-3.11" }, { "category": "default_component_of", "full_product_name": { "name": "openshift3/ose-web-console@sha256:be7ebb72ff3f7a9f619b2d3825b529e90bbce34577b3151a70ef55bc39bd7b19_amd64 as a component of Red Hat OpenShift Container Platform 3.11", "product_id": "7Server-RH7-RHOSE-3.11:openshift3/ose-web-console@sha256:be7ebb72ff3f7a9f619b2d3825b529e90bbce34577b3151a70ef55bc39bd7b19_amd64" }, "product_reference": "openshift3/ose-web-console@sha256:be7ebb72ff3f7a9f619b2d3825b529e90bbce34577b3151a70ef55bc39bd7b19_amd64", "relates_to_product_reference": "7Server-RH7-RHOSE-3.11" }, { "category": "default_component_of", "full_product_name": { "name": "openshift3/ose-web-console@sha256:de2e2745d5ca1152aa3ad88013e3cd5eddda1d771e97d105943bdeb42024d57a_ppc64le as a component of Red Hat OpenShift Container Platform 3.11", "product_id": "7Server-RH7-RHOSE-3.11:openshift3/ose-web-console@sha256:de2e2745d5ca1152aa3ad88013e3cd5eddda1d771e97d105943bdeb42024d57a_ppc64le" }, "product_reference": "openshift3/ose-web-console@sha256:de2e2745d5ca1152aa3ad88013e3cd5eddda1d771e97d105943bdeb42024d57a_ppc64le", "relates_to_product_reference": "7Server-RH7-RHOSE-3.11" }, { "category": "default_component_of", "full_product_name": { "name": "openshift3/ose@sha256:0ae205a9737bfeae3321aa7941bfbf9296d10cbd93c5a6ff62abd06683b96352_amd64 as a component of Red Hat OpenShift Container Platform 3.11", "product_id": "7Server-RH7-RHOSE-3.11:openshift3/ose@sha256:0ae205a9737bfeae3321aa7941bfbf9296d10cbd93c5a6ff62abd06683b96352_amd64" }, "product_reference": "openshift3/ose@sha256:0ae205a9737bfeae3321aa7941bfbf9296d10cbd93c5a6ff62abd06683b96352_amd64", "relates_to_product_reference": "7Server-RH7-RHOSE-3.11" }, { "category": "default_component_of", "full_product_name": { "name": "openshift3/ose@sha256:957c119cbf332f8a1fc9f46b1f94b79dfb4e87bec2677d17258354992e824215_ppc64le as a component of Red Hat OpenShift Container Platform 3.11", "product_id": "7Server-RH7-RHOSE-3.11:openshift3/ose@sha256:957c119cbf332f8a1fc9f46b1f94b79dfb4e87bec2677d17258354992e824215_ppc64le" }, "product_reference": "openshift3/ose@sha256:957c119cbf332f8a1fc9f46b1f94b79dfb4e87bec2677d17258354992e824215_ppc64le", "relates_to_product_reference": "7Server-RH7-RHOSE-3.11" }, { "category": "default_component_of", "full_product_name": { "name": "openshift3/postgresql-apb@sha256:2e3443ed86e388d4c6630152a47cfbd0d312763fa245781f1245854b0d0178d3_amd64 as a component of Red Hat OpenShift Container Platform 3.11", "product_id": "7Server-RH7-RHOSE-3.11:openshift3/postgresql-apb@sha256:2e3443ed86e388d4c6630152a47cfbd0d312763fa245781f1245854b0d0178d3_amd64" }, "product_reference": "openshift3/postgresql-apb@sha256:2e3443ed86e388d4c6630152a47cfbd0d312763fa245781f1245854b0d0178d3_amd64", "relates_to_product_reference": "7Server-RH7-RHOSE-3.11" }, { "category": "default_component_of", "full_product_name": { "name": "openshift3/postgresql-apb@sha256:35e86667930dcb3082ef64b2496f92e597a703f120c221c2bdcc0911d7524e54_ppc64le as a component of Red Hat OpenShift Container Platform 3.11", "product_id": "7Server-RH7-RHOSE-3.11:openshift3/postgresql-apb@sha256:35e86667930dcb3082ef64b2496f92e597a703f120c221c2bdcc0911d7524e54_ppc64le" }, "product_reference": "openshift3/postgresql-apb@sha256:35e86667930dcb3082ef64b2496f92e597a703f120c221c2bdcc0911d7524e54_ppc64le", "relates_to_product_reference": "7Server-RH7-RHOSE-3.11" }, { "category": "default_component_of", "full_product_name": { "name": "openshift3/prometheus-alertmanager@sha256:9b3bc898c8cf14b2b20c8e2b2a7f8bbca673d2f124746da08393ce3da9c6be76_amd64 as a component of Red Hat OpenShift Container Platform 3.11", "product_id": "7Server-RH7-RHOSE-3.11:openshift3/prometheus-alertmanager@sha256:9b3bc898c8cf14b2b20c8e2b2a7f8bbca673d2f124746da08393ce3da9c6be76_amd64" }, "product_reference": "openshift3/prometheus-alertmanager@sha256:9b3bc898c8cf14b2b20c8e2b2a7f8bbca673d2f124746da08393ce3da9c6be76_amd64", "relates_to_product_reference": "7Server-RH7-RHOSE-3.11" }, { "category": "default_component_of", "full_product_name": { "name": "openshift3/prometheus-alertmanager@sha256:b7012f7c7f0c4efc17ef1a953d05b9281c84f80bc58ab0bbaaa9ac12f60de55b_ppc64le as a component of Red Hat OpenShift Container Platform 3.11", "product_id": "7Server-RH7-RHOSE-3.11:openshift3/prometheus-alertmanager@sha256:b7012f7c7f0c4efc17ef1a953d05b9281c84f80bc58ab0bbaaa9ac12f60de55b_ppc64le" }, "product_reference": "openshift3/prometheus-alertmanager@sha256:b7012f7c7f0c4efc17ef1a953d05b9281c84f80bc58ab0bbaaa9ac12f60de55b_ppc64le", "relates_to_product_reference": "7Server-RH7-RHOSE-3.11" }, { "category": "default_component_of", "full_product_name": { "name": "openshift3/prometheus-node-exporter@sha256:2333060c4a428c009a8cf3d56e27ea77ee95420ed5830d311ae3db86d26704f5_amd64 as a component of Red Hat OpenShift Container Platform 3.11", "product_id": "7Server-RH7-RHOSE-3.11:openshift3/prometheus-node-exporter@sha256:2333060c4a428c009a8cf3d56e27ea77ee95420ed5830d311ae3db86d26704f5_amd64" }, "product_reference": "openshift3/prometheus-node-exporter@sha256:2333060c4a428c009a8cf3d56e27ea77ee95420ed5830d311ae3db86d26704f5_amd64", "relates_to_product_reference": "7Server-RH7-RHOSE-3.11" }, { "category": "default_component_of", "full_product_name": { "name": "openshift3/prometheus-node-exporter@sha256:e75b6c6e818de085db24f56d4627b8452ce62efe36853ac54d06a1f4c59f822c_ppc64le as a component of Red Hat OpenShift Container Platform 3.11", "product_id": "7Server-RH7-RHOSE-3.11:openshift3/prometheus-node-exporter@sha256:e75b6c6e818de085db24f56d4627b8452ce62efe36853ac54d06a1f4c59f822c_ppc64le" }, "product_reference": "openshift3/prometheus-node-exporter@sha256:e75b6c6e818de085db24f56d4627b8452ce62efe36853ac54d06a1f4c59f822c_ppc64le", "relates_to_product_reference": "7Server-RH7-RHOSE-3.11" }, { "category": "default_component_of", "full_product_name": { "name": "openshift3/prometheus@sha256:40c1decd5e406323773418594e57d079931af1940964d1ad696dd10d17cfb931_ppc64le as a component of Red Hat OpenShift Container Platform 3.11", "product_id": "7Server-RH7-RHOSE-3.11:openshift3/prometheus@sha256:40c1decd5e406323773418594e57d079931af1940964d1ad696dd10d17cfb931_ppc64le" }, "product_reference": "openshift3/prometheus@sha256:40c1decd5e406323773418594e57d079931af1940964d1ad696dd10d17cfb931_ppc64le", "relates_to_product_reference": "7Server-RH7-RHOSE-3.11" }, { "category": "default_component_of", "full_product_name": { "name": "openshift3/prometheus@sha256:e9a2b9f83efcb2393ae134e776dbac27bc71019270520a256bc33a43178e339d_amd64 as a component of Red Hat OpenShift Container Platform 3.11", "product_id": "7Server-RH7-RHOSE-3.11:openshift3/prometheus@sha256:e9a2b9f83efcb2393ae134e776dbac27bc71019270520a256bc33a43178e339d_amd64" }, "product_reference": "openshift3/prometheus@sha256:e9a2b9f83efcb2393ae134e776dbac27bc71019270520a256bc33a43178e339d_amd64", "relates_to_product_reference": "7Server-RH7-RHOSE-3.11" }, { "category": "default_component_of", "full_product_name": { "name": "openshift3/registry-console@sha256:58d0a5b8750f58c905e4e403d1c785d324666c33bcbafb50dc1772326ce5c86f_amd64 as a component of Red Hat OpenShift Container Platform 3.11", "product_id": "7Server-RH7-RHOSE-3.11:openshift3/registry-console@sha256:58d0a5b8750f58c905e4e403d1c785d324666c33bcbafb50dc1772326ce5c86f_amd64" }, "product_reference": "openshift3/registry-console@sha256:58d0a5b8750f58c905e4e403d1c785d324666c33bcbafb50dc1772326ce5c86f_amd64", "relates_to_product_reference": "7Server-RH7-RHOSE-3.11" }, { "category": "default_component_of", "full_product_name": { "name": "openshift3/registry-console@sha256:d9cc22adbe09ba5162c9130b621fb5f2642f1ca6bf56e2224e926c002b81b06b_ppc64le as a component of Red Hat OpenShift Container Platform 3.11", "product_id": "7Server-RH7-RHOSE-3.11:openshift3/registry-console@sha256:d9cc22adbe09ba5162c9130b621fb5f2642f1ca6bf56e2224e926c002b81b06b_ppc64le" }, "product_reference": "openshift3/registry-console@sha256:d9cc22adbe09ba5162c9130b621fb5f2642f1ca6bf56e2224e926c002b81b06b_ppc64le", "relates_to_product_reference": "7Server-RH7-RHOSE-3.11" }, { "category": "default_component_of", "full_product_name": { "name": "openshift3/snapshot-controller@sha256:67db41ada9b1f97a8bda559bb034792c94eea351d7d4ad683984416d23899d25_ppc64le as a component of Red Hat OpenShift Container Platform 3.11", "product_id": "7Server-RH7-RHOSE-3.11:openshift3/snapshot-controller@sha256:67db41ada9b1f97a8bda559bb034792c94eea351d7d4ad683984416d23899d25_ppc64le" }, "product_reference": "openshift3/snapshot-controller@sha256:67db41ada9b1f97a8bda559bb034792c94eea351d7d4ad683984416d23899d25_ppc64le", "relates_to_product_reference": "7Server-RH7-RHOSE-3.11" }, { "category": "default_component_of", "full_product_name": { "name": "openshift3/snapshot-controller@sha256:939234f2a3389d11a44741f7aa035d3e02a27cb638b8d3ddd0de95a9df3c7911_amd64 as a component of Red Hat OpenShift Container Platform 3.11", "product_id": "7Server-RH7-RHOSE-3.11:openshift3/snapshot-controller@sha256:939234f2a3389d11a44741f7aa035d3e02a27cb638b8d3ddd0de95a9df3c7911_amd64" }, "product_reference": "openshift3/snapshot-controller@sha256:939234f2a3389d11a44741f7aa035d3e02a27cb638b8d3ddd0de95a9df3c7911_amd64", "relates_to_product_reference": "7Server-RH7-RHOSE-3.11" }, { "category": "default_component_of", "full_product_name": { "name": "openshift3/snapshot-provisioner@sha256:81812db06e3240c9050f4ef2e7a43004fdf63cbbfd22b345d6969cc488f2e89b_ppc64le as a component of Red Hat OpenShift Container Platform 3.11", "product_id": "7Server-RH7-RHOSE-3.11:openshift3/snapshot-provisioner@sha256:81812db06e3240c9050f4ef2e7a43004fdf63cbbfd22b345d6969cc488f2e89b_ppc64le" }, "product_reference": "openshift3/snapshot-provisioner@sha256:81812db06e3240c9050f4ef2e7a43004fdf63cbbfd22b345d6969cc488f2e89b_ppc64le", "relates_to_product_reference": "7Server-RH7-RHOSE-3.11" }, { "category": "default_component_of", "full_product_name": { "name": "openshift3/snapshot-provisioner@sha256:b47bf75f0d5b78dae236ff71faeef2f1fc43b260a901fa1ffff7742b7c4d32df_amd64 as a component of Red Hat OpenShift Container Platform 3.11", "product_id": "7Server-RH7-RHOSE-3.11:openshift3/snapshot-provisioner@sha256:b47bf75f0d5b78dae236ff71faeef2f1fc43b260a901fa1ffff7742b7c4d32df_amd64" }, "product_reference": "openshift3/snapshot-provisioner@sha256:b47bf75f0d5b78dae236ff71faeef2f1fc43b260a901fa1ffff7742b7c4d32df_amd64", "relates_to_product_reference": "7Server-RH7-RHOSE-3.11" } ] }, "vulnerabilities": [ { "acknowledgments": [ { "names": [ "OpenVPN" ] }, { "names": [ "Karthikeyan Bhargavan", "Ga\u00ebtan Leurent" ], "organization": "Inria", "summary": "Acknowledged by upstream." } ], "cve": "CVE-2016-2183", "cwe": { "id": "CWE-327", "name": "Use of a Broken or Risky Cryptographic Algorithm" }, "discovery_date": "2016-08-18T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1369383" } ], "notes": [ { "category": "description", "text": "A flaw was found in the way the DES/3DES cipher was used as part of the TLS/SSL protocol. A man-in-the-middle attacker could use this flaw to recover some plaintext data by capturing large amounts of encrypted traffic between TLS/SSL server and client if the communication used a DES/3DES based ciphersuite.", "title": "Vulnerability description" }, { "category": "summary", "text": "SSL/TLS: Birthday attack against 64-bit block ciphers (SWEET32)", "title": "Vulnerability summary" }, { "category": "other", "text": "OpenSSL security update RHSA-2016:1940 mitigates this issue by lowering priority of DES cipher suites so they are not preferred over cipher suites using AES. For compatibility reasons, DES cipher suites remain enabled by default and included in the set of cipher suites identified by the HIGH cipher string. Future updates may move them to MEDIUM or not enable them by default.\n\nNSS addressed this issue by implementing limits on the amount of plain text which can be encrypted by using the same key. Once the limit is reached, the keys will need to be re-negotiated manually. This change will be available in nss-3.27.\n\nGnuTLS is not affected by this issue, since it prioritizes AES before 3DES in the cipher list.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-RH7-RHOSE-3.11:openshift3/apb-base@sha256:763cc3daeb5d74f01fc4f0ae901f602a9e38204f3249386950ba1595b3f5db4a_ppc64le", "7Server-RH7-RHOSE-3.11:openshift3/apb-base@sha256:e552aab7947ceb3742f3edb0649222dab417fd94224926fcf6535efea3a49eab_amd64", "7Server-RH7-RHOSE-3.11:openshift3/apb-tools@sha256:16b6f591ef4b12426de75783812a183539dbfa610da1797491d381aaa16d6c10_amd64", "7Server-RH7-RHOSE-3.11:openshift3/apb-tools@sha256:fed26de0a6f33af0a7475e0eabfebb47aae5deb9e8e174b8442bf993edc3b82a_ppc64le", "7Server-RH7-RHOSE-3.11:openshift3/automation-broker-apb@sha256:74927207b9b2e8096c25a0bdd4970eff6b74308d490080b6a02f65a744b52df8_amd64", "7Server-RH7-RHOSE-3.11:openshift3/automation-broker-apb@sha256:a4aad2f41791ab0223c36ce9f1b353d45fc33104930d9dcf5e711df977c1e641_ppc64le", "7Server-RH7-RHOSE-3.11:openshift3/csi-attacher@sha256:854e60e8d6fc1ab8004bb6c0320df575a0e619ce0c57369817154d409019f7aa_amd64", "7Server-RH7-RHOSE-3.11:openshift3/csi-attacher@sha256:915953e86be37116879247233530e9f8d21db28c51f516bbc704bd5bd3d1bfd2_ppc64le", "7Server-RH7-RHOSE-3.11:openshift3/csi-driver-registrar@sha256:7388276b383db3b45c1fbdb4ec3266e41a566a8c612af37c8bfc3b63ae1ac556_amd64", "7Server-RH7-RHOSE-3.11:openshift3/csi-driver-registrar@sha256:f5ed23b537bd38c78a69cdc15fbfc8757dc1d93e4ec60c8e2e4b2c21177ed7e0_ppc64le", "7Server-RH7-RHOSE-3.11:openshift3/csi-livenessprobe@sha256:54724010d09ab5f14051e9f73f3d22bcd16cd2a0b4ddf79353f31fbe751e3192_ppc64le", "7Server-RH7-RHOSE-3.11:openshift3/csi-livenessprobe@sha256:800322bdfb2cf59aa0099a4ed4eac0e09b8b136ac4a12f1f07b0335fa69aa4d3_amd64", "7Server-RH7-RHOSE-3.11:openshift3/csi-provisioner@sha256:dda66e90ccc82eb56702147799e16ee5f0cf4e2076521440af21dd4f681de260_amd64", "7Server-RH7-RHOSE-3.11:openshift3/csi-provisioner@sha256:ee3c5a4f3dd01f0d977ea1d7af3426484ae4e75a64c5ad07ad06580b47389a23_ppc64le", "7Server-RH7-RHOSE-3.11:openshift3/grafana@sha256:502454641e5489c8552d1d8764f0533dc0accc1dc16a10a09347eb4f633fa51a_amd64", "7Server-RH7-RHOSE-3.11:openshift3/grafana@sha256:7440599d2b5acd01667c7c00d7b8eaad3cf6877ba079a6215ab0b5e19dba76f7_ppc64le", "7Server-RH7-RHOSE-3.11:openshift3/jenkins-slave-base-rhel7@sha256:0b0f03bbc5cdc30b870e53f4490ad445befb136fe86eae79386be6ebb2e3ac6e_ppc64le", "7Server-RH7-RHOSE-3.11:openshift3/jenkins-slave-base-rhel7@sha256:ffb1de34e6b5bdae5a144265f3de3617e7bff9ac1452189a6bbcc23adb987382_amd64", "7Server-RH7-RHOSE-3.11:openshift3/jenkins-slave-maven-rhel7@sha256:b98c1828d539b2309638d4cb0f3b08afbcf579af3d0dff6e5fc5abacd235b062_amd64", "7Server-RH7-RHOSE-3.11:openshift3/jenkins-slave-nodejs-rhel7@sha256:46b8a985339d1d1dda1d44aa9c5bc45a06582e705ddf8fb3191394b5e502c056_amd64", "7Server-RH7-RHOSE-3.11:openshift3/local-storage-provisioner@sha256:64567f985077b0e5ce3e12e9f43e5d4c434cbf3c93e02c3c9a2996c7b1121878_ppc64le", "7Server-RH7-RHOSE-3.11:openshift3/local-storage-provisioner@sha256:887b76eb8a94af76e9c17d261881c48fd3eb3c48e000cab4c617e46b10d44e7a_amd64", "7Server-RH7-RHOSE-3.11:openshift3/logging-fluentd@sha256:7e84289264cb9208276fd21f6cc16cb685cfa45ca4681a7a17da43cb8e275359_ppc64le", "7Server-RH7-RHOSE-3.11:openshift3/logging-fluentd@sha256:fe089baafe2523726dc129f6107f878fe0980df3c74ff6f275819045fda0f972_amd64", "7Server-RH7-RHOSE-3.11:openshift3/manila-provisioner@sha256:45450e8d0d57dad13598a88b0f48d4c1ccb4314a0945729b22d3623cae85e954_amd64", "7Server-RH7-RHOSE-3.11:openshift3/manila-provisioner@sha256:e22b20f538e6f322998bf7436c60b0171d9fbada1d04c404b8b7252e2e1603cc_ppc64le", "7Server-RH7-RHOSE-3.11:openshift3/mariadb-apb@sha256:0611c8cb9009c7de8f5c285f42b224109b7a54d5b674f61cb456890a912c9bc1_amd64", "7Server-RH7-RHOSE-3.11:openshift3/mariadb-apb@sha256:98fd26d9468f1532bea988ddd1be7cc924b1d2f30c8275947450cef7cb8a21ce_ppc64le", "7Server-RH7-RHOSE-3.11:openshift3/mediawiki-apb@sha256:3434e58781a78e47a8695a23c3d21c50b3292a3451e680bd0608d434089f7777_amd64", "7Server-RH7-RHOSE-3.11:openshift3/mediawiki-apb@sha256:d369b64a003eb3195de1a1b6c98bc88b931139ad65ab882009b9190d3bd048f5_ppc64le", "7Server-RH7-RHOSE-3.11:openshift3/mediawiki@sha256:742bb2a876c5246d9a3355146b61a06171452e0b5d2854ce6b0cf4bd269ea59f_amd64", "7Server-RH7-RHOSE-3.11:openshift3/mediawiki@sha256:cdf96ce8e717292735a6878adb38ef659538d0d236b0c8377eb75156383fc612_ppc64le", "7Server-RH7-RHOSE-3.11:openshift3/metrics-cassandra@sha256:289f63cd6ff4f5bdf411979a2bb85365733915ba302679efe455b0dd85432af1_amd64", "7Server-RH7-RHOSE-3.11:openshift3/metrics-cassandra@sha256:8433fe5ef0358969945c392fc13035b8fb9b22f2000f80e71bcbf8b80c50e671_ppc64le", "7Server-RH7-RHOSE-3.11:openshift3/metrics-hawkular-metrics@sha256:751cab1ad1c0994cd4fde8127c6c95d1f00ced9814e66ffbc98d55f9766bee17_amd64", "7Server-RH7-RHOSE-3.11:openshift3/metrics-hawkular-openshift-agent@sha256:241e0f9f0babaec3fff54e935a38b93cf4f80170bae1ba6b03086c0d188f07bc_ppc64le", "7Server-RH7-RHOSE-3.11:openshift3/metrics-hawkular-openshift-agent@sha256:c8ed0f9ddd2b1090521f60b8031a985b9f2bc98e2ea43ff64d0d119acdfdd310_amd64", "7Server-RH7-RHOSE-3.11:openshift3/metrics-heapster@sha256:09e2fbd1292303108bc22513a35d9b4ef69a54f92a0ad482749e6e8d10b51ef3_ppc64le", "7Server-RH7-RHOSE-3.11:openshift3/metrics-heapster@sha256:de9e055776e08ef5759e9901051b2fa929459788881b0021ace3d2fbcc2a8dc0_amd64", "7Server-RH7-RHOSE-3.11:openshift3/metrics-schema-installer@sha256:22292281c5664ad742335a5f2eec938d44abd01abcce206ea8133d3e287a1fe7_ppc64le", "7Server-RH7-RHOSE-3.11:openshift3/metrics-schema-installer@sha256:f567ef170d6ac571a0b502211dd1588c299c64a42f886b8501a5c4b13e965726_amd64", "7Server-RH7-RHOSE-3.11:openshift3/mysql-apb@sha256:299169d8878ea82187652e6039918684ad94b7c0df20f80095f50ca15c5fbdff_ppc64le", "7Server-RH7-RHOSE-3.11:openshift3/mysql-apb@sha256:fc373eec92b76ea9b54985ce3d74436f011d703b3dbbacbdbd4a721abd282f6f_amd64", "7Server-RH7-RHOSE-3.11:openshift3/node@sha256:5a74daf7ce7c31278339743b4af5efa2f3f7c2aa73af7ea6c7cd0e51edaee82b_amd64", "7Server-RH7-RHOSE-3.11:openshift3/node@sha256:848c5444d818200c952b9660c3384f773305bdd33ddaa57a98fb25b883cfca9d_ppc64le", "7Server-RH7-RHOSE-3.11:openshift3/oauth-proxy@sha256:0a54aff40d134575d4bf39ca74b364bc34a6a3d1bfaebf63bbd70368cc422375_ppc64le", "7Server-RH7-RHOSE-3.11:openshift3/oauth-proxy@sha256:972b04574615061ac261a3e28f22812f775b7aa70226da7f05a10191e374a41a_amd64", "7Server-RH7-RHOSE-3.11:openshift3/ose-ansible-service-broker@sha256:0b6b069a7d68d34d6056f7067ee0b1ebbcc138ca23fc131e91dec7f1ac593521_amd64", "7Server-RH7-RHOSE-3.11:openshift3/ose-ansible-service-broker@sha256:46de44b99bf79215f94481dec58052784b460b816b3e03a4a52574b61ee03e8e_ppc64le", "7Server-RH7-RHOSE-3.11:openshift3/ose-ansible@sha256:bce473a8fc6494318dd48ab9e490bae73b4fc7bf456ce87f2e42c0b32d565363_amd64", "7Server-RH7-RHOSE-3.11:openshift3/ose-ansible@sha256:d63c2ef42baf2517d2b0aa14568d0974ac931c325a24116f25eb506653ba8295_ppc64le", "7Server-RH7-RHOSE-3.11:openshift3/ose-cli@sha256:12468fe418ea26ba21a342ef372b8856c963c65d2d6edb14fe49cebc4c8cc393_amd64", "7Server-RH7-RHOSE-3.11:openshift3/ose-cli@sha256:a51d8da60af7b955043cb55054e089de8f626d9168a3793f8d8c1ea7c319235e_ppc64le", "7Server-RH7-RHOSE-3.11:openshift3/ose-cluster-autoscaler@sha256:67f3e573395b921b4da67f8f8699c9dd2642859393f9c3857794819d7f94d765_amd64", "7Server-RH7-RHOSE-3.11:openshift3/ose-cluster-autoscaler@sha256:6df85551a637d56d86d5dc1aa4607971c9aadd24f906c409d2f36c03ff3ff9f0_ppc64le", "7Server-RH7-RHOSE-3.11:openshift3/ose-cluster-capacity@sha256:4e0334dbe8d59b2126320885c8c3ada29030d595edc06169d2e219d5c4c70015_amd64", "7Server-RH7-RHOSE-3.11:openshift3/ose-cluster-capacity@sha256:92ae1175d9c5bb766256f76ddc0dc7c6daba3f6cffd31d840deb82cb24f66286_ppc64le", "7Server-RH7-RHOSE-3.11:openshift3/ose-cluster-monitoring-operator@sha256:886d8c9cfaaf1f29a721f97cd81f8444dac94a54fea5f5b70337be9203af378d_amd64", "7Server-RH7-RHOSE-3.11:openshift3/ose-cluster-monitoring-operator@sha256:92b84639d9299e13f388b3b48dd27a4b58c004a1e7f0757603efbff94d4827f8_ppc64le", "7Server-RH7-RHOSE-3.11:openshift3/ose-configmap-reloader@sha256:9452482e5deccc2e8f6720eb932866f5861753e61246f406d97c49658d2d05cc_amd64", "7Server-RH7-RHOSE-3.11:openshift3/ose-configmap-reloader@sha256:fd56cb2027a074f872c8ae801731f1fed9854cddd98874b4c9089969d910ccdf_ppc64le", "7Server-RH7-RHOSE-3.11:openshift3/ose-console@sha256:3518fdd6ddd993ed1feb5ce4933c4fbaa2a00f52fdc033878a0424ea0767226c_amd64", "7Server-RH7-RHOSE-3.11:openshift3/ose-console@sha256:cbe2968f424dadcc457d0b073a85cac64a94b860484738fe8f5f43ffd3121564_ppc64le", "7Server-RH7-RHOSE-3.11:openshift3/ose-control-plane@sha256:0ae205a9737bfeae3321aa7941bfbf9296d10cbd93c5a6ff62abd06683b96352_amd64", "7Server-RH7-RHOSE-3.11:openshift3/ose-control-plane@sha256:957c119cbf332f8a1fc9f46b1f94b79dfb4e87bec2677d17258354992e824215_ppc64le", "7Server-RH7-RHOSE-3.11:openshift3/ose-deployer@sha256:0c44f99dee37e16aa31bf6fe8e6d5389229df84516f69fd32d64b06caf0a077e_amd64", "7Server-RH7-RHOSE-3.11:openshift3/ose-deployer@sha256:2770c5ff63e4dce7ea91c2d6cc795b8236e482cc07ec61e3ed873daafff41413_ppc64le", "7Server-RH7-RHOSE-3.11:openshift3/ose-descheduler@sha256:a1ea654b6bb03712d27d76b0f643b39f2a59475ffbdecb9d4e02a02cf7e78835_amd64", "7Server-RH7-RHOSE-3.11:openshift3/ose-descheduler@sha256:aad55bb702d699e02e93b103c67227ffadd394da82e32806b9a72643a071da47_ppc64le", "7Server-RH7-RHOSE-3.11:openshift3/ose-docker-builder@sha256:b44135431a2eda1ca40da3acf80ef1093a753a189b4b8469060f902c3469a6f2_ppc64le", "7Server-RH7-RHOSE-3.11:openshift3/ose-docker-builder@sha256:e1dd0f7c3f95fa847214b569f1bfa17124e7469b0042d3868a0126a3523264bf_amd64", "7Server-RH7-RHOSE-3.11:openshift3/ose-docker-registry@sha256:2b73446a35678141ea59989f867110f0d4c07ac296201dd0b68a02f677ae408a_amd64", "7Server-RH7-RHOSE-3.11:openshift3/ose-docker-registry@sha256:3c561e80747101dec581f8bcb0e979bfb10a432322bc8ffacaa0e5602250dd72_ppc64le", "7Server-RH7-RHOSE-3.11:openshift3/ose-efs-provisioner@sha256:bd1bc0726a82a39db1adae3bd03b2dc40aee3f277db42a1f7cf135012e94348e_amd64", "7Server-RH7-RHOSE-3.11:openshift3/ose-egress-dns-proxy@sha256:08f9a4ecde5ce726f43cd4de90d657e8a0ad4e3c150c0e8487e15fa4017f8f1f_amd64", "7Server-RH7-RHOSE-3.11:openshift3/ose-egress-dns-proxy@sha256:0aa6d4341a93d6be4964c24b933041357f8e84ea89eea318917955faf5c2ef49_ppc64le", "7Server-RH7-RHOSE-3.11:openshift3/ose-egress-http-proxy@sha256:1c57b9e3567fe4cac8d37243c8b8c6a3ffea609e0c421c35bea1c594e4dc956b_ppc64le", "7Server-RH7-RHOSE-3.11:openshift3/ose-egress-http-proxy@sha256:1f5085a7c09a33dd3c000bb985af1ed6bbe36aecd108890ac3340a06ecce8799_amd64", "7Server-RH7-RHOSE-3.11:openshift3/ose-egress-router@sha256:55625ed80e5a06c1d4c0ecfad9b02ec8786ae3664496b017b840f096187e96e1_amd64", "7Server-RH7-RHOSE-3.11:openshift3/ose-egress-router@sha256:dc704c03ebff6c95a0473f400e75aad2f61f5c21c6e9118ced6ff4f504c3a33b_ppc64le", "7Server-RH7-RHOSE-3.11:openshift3/ose-haproxy-router@sha256:03ee8def90b9c2fd8c52183ee16ecc4143d252421142875f9b3ebfb79a35e765_amd64", "7Server-RH7-RHOSE-3.11:openshift3/ose-haproxy-router@sha256:07deef108cd4aee617a59656605d7c966dedf28eeee7ffe0843be56e5ce077c9_ppc64le", "7Server-RH7-RHOSE-3.11:openshift3/ose-hyperkube@sha256:0bd945d55e15a305fc1c69a446c9e0c0acc7bd7dd88a38a4531deae1da3d83ca_amd64", "7Server-RH7-RHOSE-3.11:openshift3/ose-hyperkube@sha256:75617155f039423e7ce8166cbf55405ac1b7349b24d628a443d92f2b0972bdad_ppc64le", "7Server-RH7-RHOSE-3.11:openshift3/ose-hypershift@sha256:08ffc52ccea1e13602764c1119502bdf56c502d8613e44bfc0ec77689bda7c51_ppc64le", "7Server-RH7-RHOSE-3.11:openshift3/ose-hypershift@sha256:95d4dc298a6749b53a6f9e3a1f4726910200e0ce551a47efdf8a316d6c7065f1_amd64", "7Server-RH7-RHOSE-3.11:openshift3/ose-keepalived-ipfailover@sha256:e19093a73ed7cb370e3041928c50f9637fed9acaf9bc72f9ca91e49d60ff90d6_amd64", "7Server-RH7-RHOSE-3.11:openshift3/ose-keepalived-ipfailover@sha256:f64aa6a87b545dde145ec19a6420545db605c4dfb014caeb710e85eb88e0233b_ppc64le", "7Server-RH7-RHOSE-3.11:openshift3/ose-kube-rbac-proxy@sha256:95b4736997e113b9392786284b4fb1e9e87b0175c2c4969b0a20f51d30e97a76_ppc64le", "7Server-RH7-RHOSE-3.11:openshift3/ose-kube-rbac-proxy@sha256:eb0da4670838a10ba377ba3df6c9aa6e1863d6633af5ebd75dc3cec9e9aa7897_amd64", "7Server-RH7-RHOSE-3.11:openshift3/ose-kube-state-metrics@sha256:155126d83e7c1bd9f9b55c239565ce5a38c26a7ee7c46e768c99db09c6d75439_ppc64le", "7Server-RH7-RHOSE-3.11:openshift3/ose-kube-state-metrics@sha256:726effd02df8a87735f75deddc05880a07319565df45e4d8b5f4acb366f11048_amd64", "7Server-RH7-RHOSE-3.11:openshift3/ose-logging-curator5@sha256:0e2491bb4968deca6d7fa62d8c2517d46a237bd1bd41ada1794a34592c65c1fe_amd64", "7Server-RH7-RHOSE-3.11:openshift3/ose-logging-curator5@sha256:e8c7cc24ae8066ba8b8dd866fcb8772974b91372fbb04ad3ceb0915607113be1_ppc64le", "7Server-RH7-RHOSE-3.11:openshift3/ose-logging-elasticsearch5@sha256:53371e2242b9f237273ef8fab8a167335a4c652d96e1f0c18296d3a9f3933219_ppc64le", "7Server-RH7-RHOSE-3.11:openshift3/ose-logging-elasticsearch5@sha256:ca6684fc43c6f87df75c4460ca6e919a37c353cdc460efb4a3df78825b0967ee_amd64", "7Server-RH7-RHOSE-3.11:openshift3/ose-logging-eventrouter@sha256:0cbc586af811550f5e674def7a52ee7178cd5b992eb4e87bd8ea766797ed7fdc_amd64", "7Server-RH7-RHOSE-3.11:openshift3/ose-logging-eventrouter@sha256:d999ecebf99a5d28c9b684137f1f04491e40b2a1537fc4406984c3febeb40135_ppc64le", "7Server-RH7-RHOSE-3.11:openshift3/ose-logging-fluentd@sha256:7e84289264cb9208276fd21f6cc16cb685cfa45ca4681a7a17da43cb8e275359_ppc64le", "7Server-RH7-RHOSE-3.11:openshift3/ose-logging-fluentd@sha256:fe089baafe2523726dc129f6107f878fe0980df3c74ff6f275819045fda0f972_amd64", "7Server-RH7-RHOSE-3.11:openshift3/ose-logging-kibana5@sha256:bc961ab7aa9b7c8e861f40887a23af44c8777c24eca3563708f5cb242dffc80e_amd64", "7Server-RH7-RHOSE-3.11:openshift3/ose-logging-kibana5@sha256:d724440cbd2522847844a90c4cb9cf86ecf75253907369cf5328d947b03e6de8_ppc64le", "7Server-RH7-RHOSE-3.11:openshift3/ose-metrics-cassandra@sha256:289f63cd6ff4f5bdf411979a2bb85365733915ba302679efe455b0dd85432af1_amd64", "7Server-RH7-RHOSE-3.11:openshift3/ose-metrics-cassandra@sha256:8433fe5ef0358969945c392fc13035b8fb9b22f2000f80e71bcbf8b80c50e671_ppc64le", "7Server-RH7-RHOSE-3.11:openshift3/ose-metrics-hawkular-metrics@sha256:751cab1ad1c0994cd4fde8127c6c95d1f00ced9814e66ffbc98d55f9766bee17_amd64", "7Server-RH7-RHOSE-3.11:openshift3/ose-metrics-hawkular-openshift-agent@sha256:241e0f9f0babaec3fff54e935a38b93cf4f80170bae1ba6b03086c0d188f07bc_ppc64le", "7Server-RH7-RHOSE-3.11:openshift3/ose-metrics-hawkular-openshift-agent@sha256:c8ed0f9ddd2b1090521f60b8031a985b9f2bc98e2ea43ff64d0d119acdfdd310_amd64", "7Server-RH7-RHOSE-3.11:openshift3/ose-metrics-heapster@sha256:09e2fbd1292303108bc22513a35d9b4ef69a54f92a0ad482749e6e8d10b51ef3_ppc64le", "7Server-RH7-RHOSE-3.11:openshift3/ose-metrics-heapster@sha256:de9e055776e08ef5759e9901051b2fa929459788881b0021ace3d2fbcc2a8dc0_amd64", "7Server-RH7-RHOSE-3.11:openshift3/ose-metrics-schema-installer@sha256:22292281c5664ad742335a5f2eec938d44abd01abcce206ea8133d3e287a1fe7_ppc64le", "7Server-RH7-RHOSE-3.11:openshift3/ose-metrics-schema-installer@sha256:f567ef170d6ac571a0b502211dd1588c299c64a42f886b8501a5c4b13e965726_amd64", "7Server-RH7-RHOSE-3.11:openshift3/ose-metrics-server@sha256:03cf90a75482a0e09f924840afc05208209aba9438dd8add3306bfc7e99ea041_ppc64le", "7Server-RH7-RHOSE-3.11:openshift3/ose-metrics-server@sha256:b188d6d36d913aa6d4d2b83ee2e6ab0c7ae394d9d078a9fb389958ac6ffd5254_amd64", "7Server-RH7-RHOSE-3.11:openshift3/ose-node-problem-detector@sha256:41ef952a4ade68321dae2186cba7a0a3913b125f7aade46b26ffb56d17ddf4e0_amd64", "7Server-RH7-RHOSE-3.11:openshift3/ose-node-problem-detector@sha256:445c68516f4fc4583817e59a0977c8fcc8f3ebd60397a56b93ef800cd41e175f_ppc64le", "7Server-RH7-RHOSE-3.11:openshift3/ose-node@sha256:5a74daf7ce7c31278339743b4af5efa2f3f7c2aa73af7ea6c7cd0e51edaee82b_amd64", "7Server-RH7-RHOSE-3.11:openshift3/ose-node@sha256:848c5444d818200c952b9660c3384f773305bdd33ddaa57a98fb25b883cfca9d_ppc64le", "7Server-RH7-RHOSE-3.11:openshift3/ose-operator-lifecycle-manager@sha256:6905b9589f982e35f7ff59da2453e0bbac3684727a927317e17db850d1f84374_ppc64le", "7Server-RH7-RHOSE-3.11:openshift3/ose-operator-lifecycle-manager@sha256:b1ec65e2f4428863b21c62f360d058d052f751d55cf9b47f350d71c485d0dbd1_amd64", "7Server-RH7-RHOSE-3.11:openshift3/ose-ovn-kubernetes@sha256:2affd84e4cdd152598cdf8566cf90ee8cbfc57ef932293e84c82f947537acf2e_amd64", "7Server-RH7-RHOSE-3.11:openshift3/ose-ovn-kubernetes@sha256:46d62a21532bb365bec6d182492e8b15681581df0059057a4fb72391c8022d2e_ppc64le", "7Server-RH7-RHOSE-3.11:openshift3/ose-pod@sha256:6d5839ea265076d96b622b6a1aac624a32980e5d2ff8e74d87bcf41b24f38af2_amd64", "7Server-RH7-RHOSE-3.11:openshift3/ose-pod@sha256:eddd3f77fa3cacad66f41a154893d1e40c8d2b39864c344ac84a7479ff179b51_ppc64le", "7Server-RH7-RHOSE-3.11:openshift3/ose-prometheus-config-reloader@sha256:56941ffcd63421b2a9f4eefd0e92379615d5e0b17d57c1cd8e829683c8804de5_amd64", "7Server-RH7-RHOSE-3.11:openshift3/ose-prometheus-config-reloader@sha256:dbe9b3eb376e3171c44e6edd4a3b9501460cf02ad1c7abf92188379f078177d4_ppc64le", "7Server-RH7-RHOSE-3.11:openshift3/ose-prometheus-operator@sha256:a1c9890733a1c6e2ad09937ddb1fbaa93f22ef52eb5830203d49b9e295e279f0_ppc64le", "7Server-RH7-RHOSE-3.11:openshift3/ose-prometheus-operator@sha256:bb09a6a7d46e3f450d7e5c79dc24ea1bb5ef6d439edeb5d67ad5aeeedef0d776_amd64", "7Server-RH7-RHOSE-3.11:openshift3/ose-recycler@sha256:afe370d3e7bbf905aaa49b7ea70fc599b37b928a4f280c4fa1570364df80ac31_ppc64le", "7Server-RH7-RHOSE-3.11:openshift3/ose-recycler@sha256:f4987204ca67904b9fa3a0751d67afa8027a764ffd5b83529e421553c9b47303_amd64", "7Server-RH7-RHOSE-3.11:openshift3/ose-service-catalog@sha256:9a49c75bc750ae724f51696f4c0052325a3d379250d4973fca54e2f9562f1438_ppc64le", "7Server-RH7-RHOSE-3.11:openshift3/ose-service-catalog@sha256:ecacfd24f1d48a19a26f3c990ed6e9a4a4cd75c738738c462da40b513ef1517e_amd64", "7Server-RH7-RHOSE-3.11:openshift3/ose-template-service-broker@sha256:45c412b61b4f36bbb9741901a2fdd8799c736fb1d4d752ba5104cc19b625bd81_ppc64le", "7Server-RH7-RHOSE-3.11:openshift3/ose-template-service-broker@sha256:61c88ac8d3de1eb9d207fe23d9d8fea69a48679bffe17355d3b9cbb0583260ba_amd64", "7Server-RH7-RHOSE-3.11:openshift3/ose-tests@sha256:1aba6f3a603f073e8176293140a3ffe111fc7699ef0ba45382857e39f289bb25_ppc64le", "7Server-RH7-RHOSE-3.11:openshift3/ose-tests@sha256:377a3bdc5580733382f80af86a929f31fe80cb5dadbfaad04ac23334df10da87_amd64", "7Server-RH7-RHOSE-3.11:openshift3/ose-web-console@sha256:be7ebb72ff3f7a9f619b2d3825b529e90bbce34577b3151a70ef55bc39bd7b19_amd64", "7Server-RH7-RHOSE-3.11:openshift3/ose-web-console@sha256:de2e2745d5ca1152aa3ad88013e3cd5eddda1d771e97d105943bdeb42024d57a_ppc64le", "7Server-RH7-RHOSE-3.11:openshift3/ose@sha256:0ae205a9737bfeae3321aa7941bfbf9296d10cbd93c5a6ff62abd06683b96352_amd64", "7Server-RH7-RHOSE-3.11:openshift3/ose@sha256:957c119cbf332f8a1fc9f46b1f94b79dfb4e87bec2677d17258354992e824215_ppc64le", "7Server-RH7-RHOSE-3.11:openshift3/postgresql-apb@sha256:2e3443ed86e388d4c6630152a47cfbd0d312763fa245781f1245854b0d0178d3_amd64", "7Server-RH7-RHOSE-3.11:openshift3/postgresql-apb@sha256:35e86667930dcb3082ef64b2496f92e597a703f120c221c2bdcc0911d7524e54_ppc64le", "7Server-RH7-RHOSE-3.11:openshift3/prometheus-alertmanager@sha256:9b3bc898c8cf14b2b20c8e2b2a7f8bbca673d2f124746da08393ce3da9c6be76_amd64", "7Server-RH7-RHOSE-3.11:openshift3/prometheus-alertmanager@sha256:b7012f7c7f0c4efc17ef1a953d05b9281c84f80bc58ab0bbaaa9ac12f60de55b_ppc64le", "7Server-RH7-RHOSE-3.11:openshift3/prometheus-node-exporter@sha256:2333060c4a428c009a8cf3d56e27ea77ee95420ed5830d311ae3db86d26704f5_amd64", "7Server-RH7-RHOSE-3.11:openshift3/prometheus-node-exporter@sha256:e75b6c6e818de085db24f56d4627b8452ce62efe36853ac54d06a1f4c59f822c_ppc64le", "7Server-RH7-RHOSE-3.11:openshift3/prometheus@sha256:40c1decd5e406323773418594e57d079931af1940964d1ad696dd10d17cfb931_ppc64le", "7Server-RH7-RHOSE-3.11:openshift3/prometheus@sha256:e9a2b9f83efcb2393ae134e776dbac27bc71019270520a256bc33a43178e339d_amd64", "7Server-RH7-RHOSE-3.11:openshift3/registry-console@sha256:58d0a5b8750f58c905e4e403d1c785d324666c33bcbafb50dc1772326ce5c86f_amd64", "7Server-RH7-RHOSE-3.11:openshift3/registry-console@sha256:d9cc22adbe09ba5162c9130b621fb5f2642f1ca6bf56e2224e926c002b81b06b_ppc64le", "7Server-RH7-RHOSE-3.11:openshift3/snapshot-controller@sha256:67db41ada9b1f97a8bda559bb034792c94eea351d7d4ad683984416d23899d25_ppc64le", "7Server-RH7-RHOSE-3.11:openshift3/snapshot-controller@sha256:939234f2a3389d11a44741f7aa035d3e02a27cb638b8d3ddd0de95a9df3c7911_amd64", "7Server-RH7-RHOSE-3.11:openshift3/snapshot-provisioner@sha256:81812db06e3240c9050f4ef2e7a43004fdf63cbbfd22b345d6969cc488f2e89b_ppc64le", "7Server-RH7-RHOSE-3.11:openshift3/snapshot-provisioner@sha256:b47bf75f0d5b78dae236ff71faeef2f1fc43b260a901fa1ffff7742b7c4d32df_amd64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2016-2183" }, { "category": "external", "summary": "RHBZ#1369383", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1369383" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2016-2183", "url": "https://www.cve.org/CVERecord?id=CVE-2016-2183" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-2183", "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-2183" }, { "category": "external", "summary": "https://access.redhat.com/articles/2548661", "url": "https://access.redhat.com/articles/2548661" }, { "category": "external", "summary": "https://access.redhat.com/errata/RHSA-2016:1940", "url": "https://access.redhat.com/errata/RHSA-2016:1940" }, { "category": "external", "summary": "https://sweet32.info/", "url": "https://sweet32.info/" } ], "release_date": "2016-08-24T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "details": "Before applying this update, ensure all previously released errata\nrelevant to your system have been applied.\n\nFor OpenShift Container Platform 3.11 see the following documentation,\nwhich will be updated shortly for release 3.11.141, for important\ninstructions on how to upgrade your cluster and fully apply this\nasynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/3.11/release_notes/ocp_3_11_release_notes.html\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/articles/11258.", "product_ids": [ "7Server-RH7-RHOSE-3.11:openshift3/apb-base@sha256:763cc3daeb5d74f01fc4f0ae901f602a9e38204f3249386950ba1595b3f5db4a_ppc64le", "7Server-RH7-RHOSE-3.11:openshift3/apb-base@sha256:e552aab7947ceb3742f3edb0649222dab417fd94224926fcf6535efea3a49eab_amd64", "7Server-RH7-RHOSE-3.11:openshift3/apb-tools@sha256:16b6f591ef4b12426de75783812a183539dbfa610da1797491d381aaa16d6c10_amd64", "7Server-RH7-RHOSE-3.11:openshift3/apb-tools@sha256:fed26de0a6f33af0a7475e0eabfebb47aae5deb9e8e174b8442bf993edc3b82a_ppc64le", "7Server-RH7-RHOSE-3.11:openshift3/automation-broker-apb@sha256:74927207b9b2e8096c25a0bdd4970eff6b74308d490080b6a02f65a744b52df8_amd64", "7Server-RH7-RHOSE-3.11:openshift3/automation-broker-apb@sha256:a4aad2f41791ab0223c36ce9f1b353d45fc33104930d9dcf5e711df977c1e641_ppc64le", "7Server-RH7-RHOSE-3.11:openshift3/csi-attacher@sha256:854e60e8d6fc1ab8004bb6c0320df575a0e619ce0c57369817154d409019f7aa_amd64", "7Server-RH7-RHOSE-3.11:openshift3/csi-attacher@sha256:915953e86be37116879247233530e9f8d21db28c51f516bbc704bd5bd3d1bfd2_ppc64le", "7Server-RH7-RHOSE-3.11:openshift3/csi-driver-registrar@sha256:7388276b383db3b45c1fbdb4ec3266e41a566a8c612af37c8bfc3b63ae1ac556_amd64", "7Server-RH7-RHOSE-3.11:openshift3/csi-driver-registrar@sha256:f5ed23b537bd38c78a69cdc15fbfc8757dc1d93e4ec60c8e2e4b2c21177ed7e0_ppc64le", "7Server-RH7-RHOSE-3.11:openshift3/csi-livenessprobe@sha256:54724010d09ab5f14051e9f73f3d22bcd16cd2a0b4ddf79353f31fbe751e3192_ppc64le", "7Server-RH7-RHOSE-3.11:openshift3/csi-livenessprobe@sha256:800322bdfb2cf59aa0099a4ed4eac0e09b8b136ac4a12f1f07b0335fa69aa4d3_amd64", "7Server-RH7-RHOSE-3.11:openshift3/csi-provisioner@sha256:dda66e90ccc82eb56702147799e16ee5f0cf4e2076521440af21dd4f681de260_amd64", "7Server-RH7-RHOSE-3.11:openshift3/csi-provisioner@sha256:ee3c5a4f3dd01f0d977ea1d7af3426484ae4e75a64c5ad07ad06580b47389a23_ppc64le", "7Server-RH7-RHOSE-3.11:openshift3/grafana@sha256:502454641e5489c8552d1d8764f0533dc0accc1dc16a10a09347eb4f633fa51a_amd64", "7Server-RH7-RHOSE-3.11:openshift3/grafana@sha256:7440599d2b5acd01667c7c00d7b8eaad3cf6877ba079a6215ab0b5e19dba76f7_ppc64le", "7Server-RH7-RHOSE-3.11:openshift3/jenkins-slave-base-rhel7@sha256:0b0f03bbc5cdc30b870e53f4490ad445befb136fe86eae79386be6ebb2e3ac6e_ppc64le", "7Server-RH7-RHOSE-3.11:openshift3/jenkins-slave-base-rhel7@sha256:ffb1de34e6b5bdae5a144265f3de3617e7bff9ac1452189a6bbcc23adb987382_amd64", "7Server-RH7-RHOSE-3.11:openshift3/jenkins-slave-maven-rhel7@sha256:b98c1828d539b2309638d4cb0f3b08afbcf579af3d0dff6e5fc5abacd235b062_amd64", "7Server-RH7-RHOSE-3.11:openshift3/jenkins-slave-nodejs-rhel7@sha256:46b8a985339d1d1dda1d44aa9c5bc45a06582e705ddf8fb3191394b5e502c056_amd64", "7Server-RH7-RHOSE-3.11:openshift3/local-storage-provisioner@sha256:64567f985077b0e5ce3e12e9f43e5d4c434cbf3c93e02c3c9a2996c7b1121878_ppc64le", "7Server-RH7-RHOSE-3.11:openshift3/local-storage-provisioner@sha256:887b76eb8a94af76e9c17d261881c48fd3eb3c48e000cab4c617e46b10d44e7a_amd64", "7Server-RH7-RHOSE-3.11:openshift3/logging-fluentd@sha256:7e84289264cb9208276fd21f6cc16cb685cfa45ca4681a7a17da43cb8e275359_ppc64le", "7Server-RH7-RHOSE-3.11:openshift3/logging-fluentd@sha256:fe089baafe2523726dc129f6107f878fe0980df3c74ff6f275819045fda0f972_amd64", "7Server-RH7-RHOSE-3.11:openshift3/manila-provisioner@sha256:45450e8d0d57dad13598a88b0f48d4c1ccb4314a0945729b22d3623cae85e954_amd64", "7Server-RH7-RHOSE-3.11:openshift3/manila-provisioner@sha256:e22b20f538e6f322998bf7436c60b0171d9fbada1d04c404b8b7252e2e1603cc_ppc64le", "7Server-RH7-RHOSE-3.11:openshift3/mariadb-apb@sha256:0611c8cb9009c7de8f5c285f42b224109b7a54d5b674f61cb456890a912c9bc1_amd64", "7Server-RH7-RHOSE-3.11:openshift3/mariadb-apb@sha256:98fd26d9468f1532bea988ddd1be7cc924b1d2f30c8275947450cef7cb8a21ce_ppc64le", "7Server-RH7-RHOSE-3.11:openshift3/mediawiki-apb@sha256:3434e58781a78e47a8695a23c3d21c50b3292a3451e680bd0608d434089f7777_amd64", "7Server-RH7-RHOSE-3.11:openshift3/mediawiki-apb@sha256:d369b64a003eb3195de1a1b6c98bc88b931139ad65ab882009b9190d3bd048f5_ppc64le", "7Server-RH7-RHOSE-3.11:openshift3/mediawiki@sha256:742bb2a876c5246d9a3355146b61a06171452e0b5d2854ce6b0cf4bd269ea59f_amd64", "7Server-RH7-RHOSE-3.11:openshift3/mediawiki@sha256:cdf96ce8e717292735a6878adb38ef659538d0d236b0c8377eb75156383fc612_ppc64le", "7Server-RH7-RHOSE-3.11:openshift3/metrics-cassandra@sha256:289f63cd6ff4f5bdf411979a2bb85365733915ba302679efe455b0dd85432af1_amd64", "7Server-RH7-RHOSE-3.11:openshift3/metrics-cassandra@sha256:8433fe5ef0358969945c392fc13035b8fb9b22f2000f80e71bcbf8b80c50e671_ppc64le", "7Server-RH7-RHOSE-3.11:openshift3/metrics-hawkular-metrics@sha256:751cab1ad1c0994cd4fde8127c6c95d1f00ced9814e66ffbc98d55f9766bee17_amd64", "7Server-RH7-RHOSE-3.11:openshift3/metrics-hawkular-openshift-agent@sha256:241e0f9f0babaec3fff54e935a38b93cf4f80170bae1ba6b03086c0d188f07bc_ppc64le", "7Server-RH7-RHOSE-3.11:openshift3/metrics-hawkular-openshift-agent@sha256:c8ed0f9ddd2b1090521f60b8031a985b9f2bc98e2ea43ff64d0d119acdfdd310_amd64", "7Server-RH7-RHOSE-3.11:openshift3/metrics-heapster@sha256:09e2fbd1292303108bc22513a35d9b4ef69a54f92a0ad482749e6e8d10b51ef3_ppc64le", "7Server-RH7-RHOSE-3.11:openshift3/metrics-heapster@sha256:de9e055776e08ef5759e9901051b2fa929459788881b0021ace3d2fbcc2a8dc0_amd64", "7Server-RH7-RHOSE-3.11:openshift3/metrics-schema-installer@sha256:22292281c5664ad742335a5f2eec938d44abd01abcce206ea8133d3e287a1fe7_ppc64le", "7Server-RH7-RHOSE-3.11:openshift3/metrics-schema-installer@sha256:f567ef170d6ac571a0b502211dd1588c299c64a42f886b8501a5c4b13e965726_amd64", "7Server-RH7-RHOSE-3.11:openshift3/mysql-apb@sha256:299169d8878ea82187652e6039918684ad94b7c0df20f80095f50ca15c5fbdff_ppc64le", "7Server-RH7-RHOSE-3.11:openshift3/mysql-apb@sha256:fc373eec92b76ea9b54985ce3d74436f011d703b3dbbacbdbd4a721abd282f6f_amd64", "7Server-RH7-RHOSE-3.11:openshift3/node@sha256:5a74daf7ce7c31278339743b4af5efa2f3f7c2aa73af7ea6c7cd0e51edaee82b_amd64", "7Server-RH7-RHOSE-3.11:openshift3/node@sha256:848c5444d818200c952b9660c3384f773305bdd33ddaa57a98fb25b883cfca9d_ppc64le", "7Server-RH7-RHOSE-3.11:openshift3/oauth-proxy@sha256:0a54aff40d134575d4bf39ca74b364bc34a6a3d1bfaebf63bbd70368cc422375_ppc64le", "7Server-RH7-RHOSE-3.11:openshift3/oauth-proxy@sha256:972b04574615061ac261a3e28f22812f775b7aa70226da7f05a10191e374a41a_amd64", "7Server-RH7-RHOSE-3.11:openshift3/ose-ansible-service-broker@sha256:0b6b069a7d68d34d6056f7067ee0b1ebbcc138ca23fc131e91dec7f1ac593521_amd64", "7Server-RH7-RHOSE-3.11:openshift3/ose-ansible-service-broker@sha256:46de44b99bf79215f94481dec58052784b460b816b3e03a4a52574b61ee03e8e_ppc64le", "7Server-RH7-RHOSE-3.11:openshift3/ose-ansible@sha256:bce473a8fc6494318dd48ab9e490bae73b4fc7bf456ce87f2e42c0b32d565363_amd64", "7Server-RH7-RHOSE-3.11:openshift3/ose-ansible@sha256:d63c2ef42baf2517d2b0aa14568d0974ac931c325a24116f25eb506653ba8295_ppc64le", "7Server-RH7-RHOSE-3.11:openshift3/ose-cli@sha256:12468fe418ea26ba21a342ef372b8856c963c65d2d6edb14fe49cebc4c8cc393_amd64", "7Server-RH7-RHOSE-3.11:openshift3/ose-cli@sha256:a51d8da60af7b955043cb55054e089de8f626d9168a3793f8d8c1ea7c319235e_ppc64le", "7Server-RH7-RHOSE-3.11:openshift3/ose-cluster-autoscaler@sha256:67f3e573395b921b4da67f8f8699c9dd2642859393f9c3857794819d7f94d765_amd64", "7Server-RH7-RHOSE-3.11:openshift3/ose-cluster-autoscaler@sha256:6df85551a637d56d86d5dc1aa4607971c9aadd24f906c409d2f36c03ff3ff9f0_ppc64le", "7Server-RH7-RHOSE-3.11:openshift3/ose-cluster-capacity@sha256:4e0334dbe8d59b2126320885c8c3ada29030d595edc06169d2e219d5c4c70015_amd64", "7Server-RH7-RHOSE-3.11:openshift3/ose-cluster-capacity@sha256:92ae1175d9c5bb766256f76ddc0dc7c6daba3f6cffd31d840deb82cb24f66286_ppc64le", "7Server-RH7-RHOSE-3.11:openshift3/ose-cluster-monitoring-operator@sha256:886d8c9cfaaf1f29a721f97cd81f8444dac94a54fea5f5b70337be9203af378d_amd64", "7Server-RH7-RHOSE-3.11:openshift3/ose-cluster-monitoring-operator@sha256:92b84639d9299e13f388b3b48dd27a4b58c004a1e7f0757603efbff94d4827f8_ppc64le", "7Server-RH7-RHOSE-3.11:openshift3/ose-configmap-reloader@sha256:9452482e5deccc2e8f6720eb932866f5861753e61246f406d97c49658d2d05cc_amd64", "7Server-RH7-RHOSE-3.11:openshift3/ose-configmap-reloader@sha256:fd56cb2027a074f872c8ae801731f1fed9854cddd98874b4c9089969d910ccdf_ppc64le", "7Server-RH7-RHOSE-3.11:openshift3/ose-console@sha256:3518fdd6ddd993ed1feb5ce4933c4fbaa2a00f52fdc033878a0424ea0767226c_amd64", "7Server-RH7-RHOSE-3.11:openshift3/ose-console@sha256:cbe2968f424dadcc457d0b073a85cac64a94b860484738fe8f5f43ffd3121564_ppc64le", "7Server-RH7-RHOSE-3.11:openshift3/ose-control-plane@sha256:0ae205a9737bfeae3321aa7941bfbf9296d10cbd93c5a6ff62abd06683b96352_amd64", "7Server-RH7-RHOSE-3.11:openshift3/ose-control-plane@sha256:957c119cbf332f8a1fc9f46b1f94b79dfb4e87bec2677d17258354992e824215_ppc64le", "7Server-RH7-RHOSE-3.11:openshift3/ose-deployer@sha256:0c44f99dee37e16aa31bf6fe8e6d5389229df84516f69fd32d64b06caf0a077e_amd64", "7Server-RH7-RHOSE-3.11:openshift3/ose-deployer@sha256:2770c5ff63e4dce7ea91c2d6cc795b8236e482cc07ec61e3ed873daafff41413_ppc64le", "7Server-RH7-RHOSE-3.11:openshift3/ose-descheduler@sha256:a1ea654b6bb03712d27d76b0f643b39f2a59475ffbdecb9d4e02a02cf7e78835_amd64", "7Server-RH7-RHOSE-3.11:openshift3/ose-descheduler@sha256:aad55bb702d699e02e93b103c67227ffadd394da82e32806b9a72643a071da47_ppc64le", "7Server-RH7-RHOSE-3.11:openshift3/ose-docker-builder@sha256:b44135431a2eda1ca40da3acf80ef1093a753a189b4b8469060f902c3469a6f2_ppc64le", "7Server-RH7-RHOSE-3.11:openshift3/ose-docker-builder@sha256:e1dd0f7c3f95fa847214b569f1bfa17124e7469b0042d3868a0126a3523264bf_amd64", "7Server-RH7-RHOSE-3.11:openshift3/ose-docker-registry@sha256:2b73446a35678141ea59989f867110f0d4c07ac296201dd0b68a02f677ae408a_amd64", "7Server-RH7-RHOSE-3.11:openshift3/ose-docker-registry@sha256:3c561e80747101dec581f8bcb0e979bfb10a432322bc8ffacaa0e5602250dd72_ppc64le", "7Server-RH7-RHOSE-3.11:openshift3/ose-efs-provisioner@sha256:bd1bc0726a82a39db1adae3bd03b2dc40aee3f277db42a1f7cf135012e94348e_amd64", "7Server-RH7-RHOSE-3.11:openshift3/ose-egress-dns-proxy@sha256:08f9a4ecde5ce726f43cd4de90d657e8a0ad4e3c150c0e8487e15fa4017f8f1f_amd64", "7Server-RH7-RHOSE-3.11:openshift3/ose-egress-dns-proxy@sha256:0aa6d4341a93d6be4964c24b933041357f8e84ea89eea318917955faf5c2ef49_ppc64le", "7Server-RH7-RHOSE-3.11:openshift3/ose-egress-http-proxy@sha256:1c57b9e3567fe4cac8d37243c8b8c6a3ffea609e0c421c35bea1c594e4dc956b_ppc64le", "7Server-RH7-RHOSE-3.11:openshift3/ose-egress-http-proxy@sha256:1f5085a7c09a33dd3c000bb985af1ed6bbe36aecd108890ac3340a06ecce8799_amd64", "7Server-RH7-RHOSE-3.11:openshift3/ose-egress-router@sha256:55625ed80e5a06c1d4c0ecfad9b02ec8786ae3664496b017b840f096187e96e1_amd64", "7Server-RH7-RHOSE-3.11:openshift3/ose-egress-router@sha256:dc704c03ebff6c95a0473f400e75aad2f61f5c21c6e9118ced6ff4f504c3a33b_ppc64le", "7Server-RH7-RHOSE-3.11:openshift3/ose-haproxy-router@sha256:03ee8def90b9c2fd8c52183ee16ecc4143d252421142875f9b3ebfb79a35e765_amd64", "7Server-RH7-RHOSE-3.11:openshift3/ose-haproxy-router@sha256:07deef108cd4aee617a59656605d7c966dedf28eeee7ffe0843be56e5ce077c9_ppc64le", "7Server-RH7-RHOSE-3.11:openshift3/ose-hyperkube@sha256:0bd945d55e15a305fc1c69a446c9e0c0acc7bd7dd88a38a4531deae1da3d83ca_amd64", "7Server-RH7-RHOSE-3.11:openshift3/ose-hyperkube@sha256:75617155f039423e7ce8166cbf55405ac1b7349b24d628a443d92f2b0972bdad_ppc64le", "7Server-RH7-RHOSE-3.11:openshift3/ose-hypershift@sha256:08ffc52ccea1e13602764c1119502bdf56c502d8613e44bfc0ec77689bda7c51_ppc64le", "7Server-RH7-RHOSE-3.11:openshift3/ose-hypershift@sha256:95d4dc298a6749b53a6f9e3a1f4726910200e0ce551a47efdf8a316d6c7065f1_amd64", "7Server-RH7-RHOSE-3.11:openshift3/ose-keepalived-ipfailover@sha256:e19093a73ed7cb370e3041928c50f9637fed9acaf9bc72f9ca91e49d60ff90d6_amd64", "7Server-RH7-RHOSE-3.11:openshift3/ose-keepalived-ipfailover@sha256:f64aa6a87b545dde145ec19a6420545db605c4dfb014caeb710e85eb88e0233b_ppc64le", "7Server-RH7-RHOSE-3.11:openshift3/ose-kube-rbac-proxy@sha256:95b4736997e113b9392786284b4fb1e9e87b0175c2c4969b0a20f51d30e97a76_ppc64le", "7Server-RH7-RHOSE-3.11:openshift3/ose-kube-rbac-proxy@sha256:eb0da4670838a10ba377ba3df6c9aa6e1863d6633af5ebd75dc3cec9e9aa7897_amd64", "7Server-RH7-RHOSE-3.11:openshift3/ose-kube-state-metrics@sha256:155126d83e7c1bd9f9b55c239565ce5a38c26a7ee7c46e768c99db09c6d75439_ppc64le", "7Server-RH7-RHOSE-3.11:openshift3/ose-kube-state-metrics@sha256:726effd02df8a87735f75deddc05880a07319565df45e4d8b5f4acb366f11048_amd64", "7Server-RH7-RHOSE-3.11:openshift3/ose-logging-curator5@sha256:0e2491bb4968deca6d7fa62d8c2517d46a237bd1bd41ada1794a34592c65c1fe_amd64", "7Server-RH7-RHOSE-3.11:openshift3/ose-logging-curator5@sha256:e8c7cc24ae8066ba8b8dd866fcb8772974b91372fbb04ad3ceb0915607113be1_ppc64le", "7Server-RH7-RHOSE-3.11:openshift3/ose-logging-elasticsearch5@sha256:53371e2242b9f237273ef8fab8a167335a4c652d96e1f0c18296d3a9f3933219_ppc64le", "7Server-RH7-RHOSE-3.11:openshift3/ose-logging-elasticsearch5@sha256:ca6684fc43c6f87df75c4460ca6e919a37c353cdc460efb4a3df78825b0967ee_amd64", "7Server-RH7-RHOSE-3.11:openshift3/ose-logging-eventrouter@sha256:0cbc586af811550f5e674def7a52ee7178cd5b992eb4e87bd8ea766797ed7fdc_amd64", "7Server-RH7-RHOSE-3.11:openshift3/ose-logging-eventrouter@sha256:d999ecebf99a5d28c9b684137f1f04491e40b2a1537fc4406984c3febeb40135_ppc64le", "7Server-RH7-RHOSE-3.11:openshift3/ose-logging-fluentd@sha256:7e84289264cb9208276fd21f6cc16cb685cfa45ca4681a7a17da43cb8e275359_ppc64le", "7Server-RH7-RHOSE-3.11:openshift3/ose-logging-fluentd@sha256:fe089baafe2523726dc129f6107f878fe0980df3c74ff6f275819045fda0f972_amd64", "7Server-RH7-RHOSE-3.11:openshift3/ose-logging-kibana5@sha256:bc961ab7aa9b7c8e861f40887a23af44c8777c24eca3563708f5cb242dffc80e_amd64", "7Server-RH7-RHOSE-3.11:openshift3/ose-logging-kibana5@sha256:d724440cbd2522847844a90c4cb9cf86ecf75253907369cf5328d947b03e6de8_ppc64le", "7Server-RH7-RHOSE-3.11:openshift3/ose-metrics-cassandra@sha256:289f63cd6ff4f5bdf411979a2bb85365733915ba302679efe455b0dd85432af1_amd64", "7Server-RH7-RHOSE-3.11:openshift3/ose-metrics-cassandra@sha256:8433fe5ef0358969945c392fc13035b8fb9b22f2000f80e71bcbf8b80c50e671_ppc64le", "7Server-RH7-RHOSE-3.11:openshift3/ose-metrics-hawkular-metrics@sha256:751cab1ad1c0994cd4fde8127c6c95d1f00ced9814e66ffbc98d55f9766bee17_amd64", "7Server-RH7-RHOSE-3.11:openshift3/ose-metrics-hawkular-openshift-agent@sha256:241e0f9f0babaec3fff54e935a38b93cf4f80170bae1ba6b03086c0d188f07bc_ppc64le", "7Server-RH7-RHOSE-3.11:openshift3/ose-metrics-hawkular-openshift-agent@sha256:c8ed0f9ddd2b1090521f60b8031a985b9f2bc98e2ea43ff64d0d119acdfdd310_amd64", "7Server-RH7-RHOSE-3.11:openshift3/ose-metrics-heapster@sha256:09e2fbd1292303108bc22513a35d9b4ef69a54f92a0ad482749e6e8d10b51ef3_ppc64le", "7Server-RH7-RHOSE-3.11:openshift3/ose-metrics-heapster@sha256:de9e055776e08ef5759e9901051b2fa929459788881b0021ace3d2fbcc2a8dc0_amd64", "7Server-RH7-RHOSE-3.11:openshift3/ose-metrics-schema-installer@sha256:22292281c5664ad742335a5f2eec938d44abd01abcce206ea8133d3e287a1fe7_ppc64le", "7Server-RH7-RHOSE-3.11:openshift3/ose-metrics-schema-installer@sha256:f567ef170d6ac571a0b502211dd1588c299c64a42f886b8501a5c4b13e965726_amd64", "7Server-RH7-RHOSE-3.11:openshift3/ose-metrics-server@sha256:03cf90a75482a0e09f924840afc05208209aba9438dd8add3306bfc7e99ea041_ppc64le", "7Server-RH7-RHOSE-3.11:openshift3/ose-metrics-server@sha256:b188d6d36d913aa6d4d2b83ee2e6ab0c7ae394d9d078a9fb389958ac6ffd5254_amd64", "7Server-RH7-RHOSE-3.11:openshift3/ose-node-problem-detector@sha256:41ef952a4ade68321dae2186cba7a0a3913b125f7aade46b26ffb56d17ddf4e0_amd64", "7Server-RH7-RHOSE-3.11:openshift3/ose-node-problem-detector@sha256:445c68516f4fc4583817e59a0977c8fcc8f3ebd60397a56b93ef800cd41e175f_ppc64le", "7Server-RH7-RHOSE-3.11:openshift3/ose-node@sha256:5a74daf7ce7c31278339743b4af5efa2f3f7c2aa73af7ea6c7cd0e51edaee82b_amd64", "7Server-RH7-RHOSE-3.11:openshift3/ose-node@sha256:848c5444d818200c952b9660c3384f773305bdd33ddaa57a98fb25b883cfca9d_ppc64le", "7Server-RH7-RHOSE-3.11:openshift3/ose-operator-lifecycle-manager@sha256:6905b9589f982e35f7ff59da2453e0bbac3684727a927317e17db850d1f84374_ppc64le", "7Server-RH7-RHOSE-3.11:openshift3/ose-operator-lifecycle-manager@sha256:b1ec65e2f4428863b21c62f360d058d052f751d55cf9b47f350d71c485d0dbd1_amd64", "7Server-RH7-RHOSE-3.11:openshift3/ose-ovn-kubernetes@sha256:2affd84e4cdd152598cdf8566cf90ee8cbfc57ef932293e84c82f947537acf2e_amd64", "7Server-RH7-RHOSE-3.11:openshift3/ose-ovn-kubernetes@sha256:46d62a21532bb365bec6d182492e8b15681581df0059057a4fb72391c8022d2e_ppc64le", "7Server-RH7-RHOSE-3.11:openshift3/ose-pod@sha256:6d5839ea265076d96b622b6a1aac624a32980e5d2ff8e74d87bcf41b24f38af2_amd64", "7Server-RH7-RHOSE-3.11:openshift3/ose-pod@sha256:eddd3f77fa3cacad66f41a154893d1e40c8d2b39864c344ac84a7479ff179b51_ppc64le", "7Server-RH7-RHOSE-3.11:openshift3/ose-prometheus-config-reloader@sha256:56941ffcd63421b2a9f4eefd0e92379615d5e0b17d57c1cd8e829683c8804de5_amd64", "7Server-RH7-RHOSE-3.11:openshift3/ose-prometheus-config-reloader@sha256:dbe9b3eb376e3171c44e6edd4a3b9501460cf02ad1c7abf92188379f078177d4_ppc64le", "7Server-RH7-RHOSE-3.11:openshift3/ose-prometheus-operator@sha256:a1c9890733a1c6e2ad09937ddb1fbaa93f22ef52eb5830203d49b9e295e279f0_ppc64le", "7Server-RH7-RHOSE-3.11:openshift3/ose-prometheus-operator@sha256:bb09a6a7d46e3f450d7e5c79dc24ea1bb5ef6d439edeb5d67ad5aeeedef0d776_amd64", "7Server-RH7-RHOSE-3.11:openshift3/ose-recycler@sha256:afe370d3e7bbf905aaa49b7ea70fc599b37b928a4f280c4fa1570364df80ac31_ppc64le", "7Server-RH7-RHOSE-3.11:openshift3/ose-recycler@sha256:f4987204ca67904b9fa3a0751d67afa8027a764ffd5b83529e421553c9b47303_amd64", "7Server-RH7-RHOSE-3.11:openshift3/ose-service-catalog@sha256:9a49c75bc750ae724f51696f4c0052325a3d379250d4973fca54e2f9562f1438_ppc64le", "7Server-RH7-RHOSE-3.11:openshift3/ose-service-catalog@sha256:ecacfd24f1d48a19a26f3c990ed6e9a4a4cd75c738738c462da40b513ef1517e_amd64", "7Server-RH7-RHOSE-3.11:openshift3/ose-template-service-broker@sha256:45c412b61b4f36bbb9741901a2fdd8799c736fb1d4d752ba5104cc19b625bd81_ppc64le", "7Server-RH7-RHOSE-3.11:openshift3/ose-template-service-broker@sha256:61c88ac8d3de1eb9d207fe23d9d8fea69a48679bffe17355d3b9cbb0583260ba_amd64", "7Server-RH7-RHOSE-3.11:openshift3/ose-tests@sha256:1aba6f3a603f073e8176293140a3ffe111fc7699ef0ba45382857e39f289bb25_ppc64le", "7Server-RH7-RHOSE-3.11:openshift3/ose-tests@sha256:377a3bdc5580733382f80af86a929f31fe80cb5dadbfaad04ac23334df10da87_amd64", "7Server-RH7-RHOSE-3.11:openshift3/ose-web-console@sha256:be7ebb72ff3f7a9f619b2d3825b529e90bbce34577b3151a70ef55bc39bd7b19_amd64", "7Server-RH7-RHOSE-3.11:openshift3/ose-web-console@sha256:de2e2745d5ca1152aa3ad88013e3cd5eddda1d771e97d105943bdeb42024d57a_ppc64le", "7Server-RH7-RHOSE-3.11:openshift3/ose@sha256:0ae205a9737bfeae3321aa7941bfbf9296d10cbd93c5a6ff62abd06683b96352_amd64", "7Server-RH7-RHOSE-3.11:openshift3/ose@sha256:957c119cbf332f8a1fc9f46b1f94b79dfb4e87bec2677d17258354992e824215_ppc64le", "7Server-RH7-RHOSE-3.11:openshift3/postgresql-apb@sha256:2e3443ed86e388d4c6630152a47cfbd0d312763fa245781f1245854b0d0178d3_amd64", "7Server-RH7-RHOSE-3.11:openshift3/postgresql-apb@sha256:35e86667930dcb3082ef64b2496f92e597a703f120c221c2bdcc0911d7524e54_ppc64le", "7Server-RH7-RHOSE-3.11:openshift3/prometheus-alertmanager@sha256:9b3bc898c8cf14b2b20c8e2b2a7f8bbca673d2f124746da08393ce3da9c6be76_amd64", "7Server-RH7-RHOSE-3.11:openshift3/prometheus-alertmanager@sha256:b7012f7c7f0c4efc17ef1a953d05b9281c84f80bc58ab0bbaaa9ac12f60de55b_ppc64le", "7Server-RH7-RHOSE-3.11:openshift3/prometheus-node-exporter@sha256:2333060c4a428c009a8cf3d56e27ea77ee95420ed5830d311ae3db86d26704f5_amd64", "7Server-RH7-RHOSE-3.11:openshift3/prometheus-node-exporter@sha256:e75b6c6e818de085db24f56d4627b8452ce62efe36853ac54d06a1f4c59f822c_ppc64le", "7Server-RH7-RHOSE-3.11:openshift3/prometheus@sha256:40c1decd5e406323773418594e57d079931af1940964d1ad696dd10d17cfb931_ppc64le", "7Server-RH7-RHOSE-3.11:openshift3/prometheus@sha256:e9a2b9f83efcb2393ae134e776dbac27bc71019270520a256bc33a43178e339d_amd64", "7Server-RH7-RHOSE-3.11:openshift3/registry-console@sha256:58d0a5b8750f58c905e4e403d1c785d324666c33bcbafb50dc1772326ce5c86f_amd64", "7Server-RH7-RHOSE-3.11:openshift3/registry-console@sha256:d9cc22adbe09ba5162c9130b621fb5f2642f1ca6bf56e2224e926c002b81b06b_ppc64le", "7Server-RH7-RHOSE-3.11:openshift3/snapshot-controller@sha256:67db41ada9b1f97a8bda559bb034792c94eea351d7d4ad683984416d23899d25_ppc64le", "7Server-RH7-RHOSE-3.11:openshift3/snapshot-controller@sha256:939234f2a3389d11a44741f7aa035d3e02a27cb638b8d3ddd0de95a9df3c7911_amd64", "7Server-RH7-RHOSE-3.11:openshift3/snapshot-provisioner@sha256:81812db06e3240c9050f4ef2e7a43004fdf63cbbfd22b345d6969cc488f2e89b_ppc64le", "7Server-RH7-RHOSE-3.11:openshift3/snapshot-provisioner@sha256:b47bf75f0d5b78dae236ff71faeef2f1fc43b260a901fa1ffff7742b7c4d32df_amd64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHBA-2019:2581" }, { "category": "workaround", "details": "1.SSL/TLS configurations should prefer AES over DES. Versions of OpenSSL shipped with Red Hat Enterprise Linux 6 and 7 already do so. In the version of OpenSSL shipped with Red Hat Enterprise Linux 5, 3DES is listed below the AES-256 cipher and above the AES-128 cipher, therefore AES-256 based ciphersuite should not be disabled on the server.\n2. Servers using OpenSSL, should not disable AES-128 and AES-256 ciphersuites. Versions of Apache shipped with Red Hat Enterprise Linux use the default cipher string, in which AES is preferred over DES/3DES based ciphersuites.\n\nFor JBoss Middleware, and Java mitigations, please review this knowledge base article:\n\nhttps://access.redhat.com/articles/2598471\n\nThis can be mitigated on OpenShift Container Platform (OCP) by disabling the vulnerable TLS cipher suite in the applicable component. TLS configuration options for OCP are described here:\n\nhttps://access.redhat.com/articles/5348961", "product_ids": [ "7Server-RH7-RHOSE-3.11:openshift3/apb-base@sha256:763cc3daeb5d74f01fc4f0ae901f602a9e38204f3249386950ba1595b3f5db4a_ppc64le", "7Server-RH7-RHOSE-3.11:openshift3/apb-base@sha256:e552aab7947ceb3742f3edb0649222dab417fd94224926fcf6535efea3a49eab_amd64", "7Server-RH7-RHOSE-3.11:openshift3/apb-tools@sha256:16b6f591ef4b12426de75783812a183539dbfa610da1797491d381aaa16d6c10_amd64", "7Server-RH7-RHOSE-3.11:openshift3/apb-tools@sha256:fed26de0a6f33af0a7475e0eabfebb47aae5deb9e8e174b8442bf993edc3b82a_ppc64le", "7Server-RH7-RHOSE-3.11:openshift3/automation-broker-apb@sha256:74927207b9b2e8096c25a0bdd4970eff6b74308d490080b6a02f65a744b52df8_amd64", "7Server-RH7-RHOSE-3.11:openshift3/automation-broker-apb@sha256:a4aad2f41791ab0223c36ce9f1b353d45fc33104930d9dcf5e711df977c1e641_ppc64le", "7Server-RH7-RHOSE-3.11:openshift3/csi-attacher@sha256:854e60e8d6fc1ab8004bb6c0320df575a0e619ce0c57369817154d409019f7aa_amd64", "7Server-RH7-RHOSE-3.11:openshift3/csi-attacher@sha256:915953e86be37116879247233530e9f8d21db28c51f516bbc704bd5bd3d1bfd2_ppc64le", "7Server-RH7-RHOSE-3.11:openshift3/csi-driver-registrar@sha256:7388276b383db3b45c1fbdb4ec3266e41a566a8c612af37c8bfc3b63ae1ac556_amd64", "7Server-RH7-RHOSE-3.11:openshift3/csi-driver-registrar@sha256:f5ed23b537bd38c78a69cdc15fbfc8757dc1d93e4ec60c8e2e4b2c21177ed7e0_ppc64le", "7Server-RH7-RHOSE-3.11:openshift3/csi-livenessprobe@sha256:54724010d09ab5f14051e9f73f3d22bcd16cd2a0b4ddf79353f31fbe751e3192_ppc64le", "7Server-RH7-RHOSE-3.11:openshift3/csi-livenessprobe@sha256:800322bdfb2cf59aa0099a4ed4eac0e09b8b136ac4a12f1f07b0335fa69aa4d3_amd64", "7Server-RH7-RHOSE-3.11:openshift3/csi-provisioner@sha256:dda66e90ccc82eb56702147799e16ee5f0cf4e2076521440af21dd4f681de260_amd64", "7Server-RH7-RHOSE-3.11:openshift3/csi-provisioner@sha256:ee3c5a4f3dd01f0d977ea1d7af3426484ae4e75a64c5ad07ad06580b47389a23_ppc64le", "7Server-RH7-RHOSE-3.11:openshift3/grafana@sha256:502454641e5489c8552d1d8764f0533dc0accc1dc16a10a09347eb4f633fa51a_amd64", "7Server-RH7-RHOSE-3.11:openshift3/grafana@sha256:7440599d2b5acd01667c7c00d7b8eaad3cf6877ba079a6215ab0b5e19dba76f7_ppc64le", "7Server-RH7-RHOSE-3.11:openshift3/jenkins-slave-base-rhel7@sha256:0b0f03bbc5cdc30b870e53f4490ad445befb136fe86eae79386be6ebb2e3ac6e_ppc64le", "7Server-RH7-RHOSE-3.11:openshift3/jenkins-slave-base-rhel7@sha256:ffb1de34e6b5bdae5a144265f3de3617e7bff9ac1452189a6bbcc23adb987382_amd64", "7Server-RH7-RHOSE-3.11:openshift3/jenkins-slave-maven-rhel7@sha256:b98c1828d539b2309638d4cb0f3b08afbcf579af3d0dff6e5fc5abacd235b062_amd64", "7Server-RH7-RHOSE-3.11:openshift3/jenkins-slave-nodejs-rhel7@sha256:46b8a985339d1d1dda1d44aa9c5bc45a06582e705ddf8fb3191394b5e502c056_amd64", "7Server-RH7-RHOSE-3.11:openshift3/local-storage-provisioner@sha256:64567f985077b0e5ce3e12e9f43e5d4c434cbf3c93e02c3c9a2996c7b1121878_ppc64le", "7Server-RH7-RHOSE-3.11:openshift3/local-storage-provisioner@sha256:887b76eb8a94af76e9c17d261881c48fd3eb3c48e000cab4c617e46b10d44e7a_amd64", "7Server-RH7-RHOSE-3.11:openshift3/logging-fluentd@sha256:7e84289264cb9208276fd21f6cc16cb685cfa45ca4681a7a17da43cb8e275359_ppc64le", "7Server-RH7-RHOSE-3.11:openshift3/logging-fluentd@sha256:fe089baafe2523726dc129f6107f878fe0980df3c74ff6f275819045fda0f972_amd64", "7Server-RH7-RHOSE-3.11:openshift3/manila-provisioner@sha256:45450e8d0d57dad13598a88b0f48d4c1ccb4314a0945729b22d3623cae85e954_amd64", "7Server-RH7-RHOSE-3.11:openshift3/manila-provisioner@sha256:e22b20f538e6f322998bf7436c60b0171d9fbada1d04c404b8b7252e2e1603cc_ppc64le", "7Server-RH7-RHOSE-3.11:openshift3/mariadb-apb@sha256:0611c8cb9009c7de8f5c285f42b224109b7a54d5b674f61cb456890a912c9bc1_amd64", "7Server-RH7-RHOSE-3.11:openshift3/mariadb-apb@sha256:98fd26d9468f1532bea988ddd1be7cc924b1d2f30c8275947450cef7cb8a21ce_ppc64le", "7Server-RH7-RHOSE-3.11:openshift3/mediawiki-apb@sha256:3434e58781a78e47a8695a23c3d21c50b3292a3451e680bd0608d434089f7777_amd64", "7Server-RH7-RHOSE-3.11:openshift3/mediawiki-apb@sha256:d369b64a003eb3195de1a1b6c98bc88b931139ad65ab882009b9190d3bd048f5_ppc64le", "7Server-RH7-RHOSE-3.11:openshift3/mediawiki@sha256:742bb2a876c5246d9a3355146b61a06171452e0b5d2854ce6b0cf4bd269ea59f_amd64", "7Server-RH7-RHOSE-3.11:openshift3/mediawiki@sha256:cdf96ce8e717292735a6878adb38ef659538d0d236b0c8377eb75156383fc612_ppc64le", "7Server-RH7-RHOSE-3.11:openshift3/metrics-cassandra@sha256:289f63cd6ff4f5bdf411979a2bb85365733915ba302679efe455b0dd85432af1_amd64", "7Server-RH7-RHOSE-3.11:openshift3/metrics-cassandra@sha256:8433fe5ef0358969945c392fc13035b8fb9b22f2000f80e71bcbf8b80c50e671_ppc64le", "7Server-RH7-RHOSE-3.11:openshift3/metrics-hawkular-metrics@sha256:751cab1ad1c0994cd4fde8127c6c95d1f00ced9814e66ffbc98d55f9766bee17_amd64", "7Server-RH7-RHOSE-3.11:openshift3/metrics-hawkular-openshift-agent@sha256:241e0f9f0babaec3fff54e935a38b93cf4f80170bae1ba6b03086c0d188f07bc_ppc64le", "7Server-RH7-RHOSE-3.11:openshift3/metrics-hawkular-openshift-agent@sha256:c8ed0f9ddd2b1090521f60b8031a985b9f2bc98e2ea43ff64d0d119acdfdd310_amd64", "7Server-RH7-RHOSE-3.11:openshift3/metrics-heapster@sha256:09e2fbd1292303108bc22513a35d9b4ef69a54f92a0ad482749e6e8d10b51ef3_ppc64le", "7Server-RH7-RHOSE-3.11:openshift3/metrics-heapster@sha256:de9e055776e08ef5759e9901051b2fa929459788881b0021ace3d2fbcc2a8dc0_amd64", "7Server-RH7-RHOSE-3.11:openshift3/metrics-schema-installer@sha256:22292281c5664ad742335a5f2eec938d44abd01abcce206ea8133d3e287a1fe7_ppc64le", "7Server-RH7-RHOSE-3.11:openshift3/metrics-schema-installer@sha256:f567ef170d6ac571a0b502211dd1588c299c64a42f886b8501a5c4b13e965726_amd64", "7Server-RH7-RHOSE-3.11:openshift3/mysql-apb@sha256:299169d8878ea82187652e6039918684ad94b7c0df20f80095f50ca15c5fbdff_ppc64le", "7Server-RH7-RHOSE-3.11:openshift3/mysql-apb@sha256:fc373eec92b76ea9b54985ce3d74436f011d703b3dbbacbdbd4a721abd282f6f_amd64", "7Server-RH7-RHOSE-3.11:openshift3/node@sha256:5a74daf7ce7c31278339743b4af5efa2f3f7c2aa73af7ea6c7cd0e51edaee82b_amd64", "7Server-RH7-RHOSE-3.11:openshift3/node@sha256:848c5444d818200c952b9660c3384f773305bdd33ddaa57a98fb25b883cfca9d_ppc64le", "7Server-RH7-RHOSE-3.11:openshift3/oauth-proxy@sha256:0a54aff40d134575d4bf39ca74b364bc34a6a3d1bfaebf63bbd70368cc422375_ppc64le", "7Server-RH7-RHOSE-3.11:openshift3/oauth-proxy@sha256:972b04574615061ac261a3e28f22812f775b7aa70226da7f05a10191e374a41a_amd64", "7Server-RH7-RHOSE-3.11:openshift3/ose-ansible-service-broker@sha256:0b6b069a7d68d34d6056f7067ee0b1ebbcc138ca23fc131e91dec7f1ac593521_amd64", "7Server-RH7-RHOSE-3.11:openshift3/ose-ansible-service-broker@sha256:46de44b99bf79215f94481dec58052784b460b816b3e03a4a52574b61ee03e8e_ppc64le", "7Server-RH7-RHOSE-3.11:openshift3/ose-ansible@sha256:bce473a8fc6494318dd48ab9e490bae73b4fc7bf456ce87f2e42c0b32d565363_amd64", "7Server-RH7-RHOSE-3.11:openshift3/ose-ansible@sha256:d63c2ef42baf2517d2b0aa14568d0974ac931c325a24116f25eb506653ba8295_ppc64le", "7Server-RH7-RHOSE-3.11:openshift3/ose-cli@sha256:12468fe418ea26ba21a342ef372b8856c963c65d2d6edb14fe49cebc4c8cc393_amd64", "7Server-RH7-RHOSE-3.11:openshift3/ose-cli@sha256:a51d8da60af7b955043cb55054e089de8f626d9168a3793f8d8c1ea7c319235e_ppc64le", "7Server-RH7-RHOSE-3.11:openshift3/ose-cluster-autoscaler@sha256:67f3e573395b921b4da67f8f8699c9dd2642859393f9c3857794819d7f94d765_amd64", "7Server-RH7-RHOSE-3.11:openshift3/ose-cluster-autoscaler@sha256:6df85551a637d56d86d5dc1aa4607971c9aadd24f906c409d2f36c03ff3ff9f0_ppc64le", "7Server-RH7-RHOSE-3.11:openshift3/ose-cluster-capacity@sha256:4e0334dbe8d59b2126320885c8c3ada29030d595edc06169d2e219d5c4c70015_amd64", "7Server-RH7-RHOSE-3.11:openshift3/ose-cluster-capacity@sha256:92ae1175d9c5bb766256f76ddc0dc7c6daba3f6cffd31d840deb82cb24f66286_ppc64le", "7Server-RH7-RHOSE-3.11:openshift3/ose-cluster-monitoring-operator@sha256:886d8c9cfaaf1f29a721f97cd81f8444dac94a54fea5f5b70337be9203af378d_amd64", "7Server-RH7-RHOSE-3.11:openshift3/ose-cluster-monitoring-operator@sha256:92b84639d9299e13f388b3b48dd27a4b58c004a1e7f0757603efbff94d4827f8_ppc64le", "7Server-RH7-RHOSE-3.11:openshift3/ose-configmap-reloader@sha256:9452482e5deccc2e8f6720eb932866f5861753e61246f406d97c49658d2d05cc_amd64", "7Server-RH7-RHOSE-3.11:openshift3/ose-configmap-reloader@sha256:fd56cb2027a074f872c8ae801731f1fed9854cddd98874b4c9089969d910ccdf_ppc64le", "7Server-RH7-RHOSE-3.11:openshift3/ose-console@sha256:3518fdd6ddd993ed1feb5ce4933c4fbaa2a00f52fdc033878a0424ea0767226c_amd64", "7Server-RH7-RHOSE-3.11:openshift3/ose-console@sha256:cbe2968f424dadcc457d0b073a85cac64a94b860484738fe8f5f43ffd3121564_ppc64le", "7Server-RH7-RHOSE-3.11:openshift3/ose-control-plane@sha256:0ae205a9737bfeae3321aa7941bfbf9296d10cbd93c5a6ff62abd06683b96352_amd64", "7Server-RH7-RHOSE-3.11:openshift3/ose-control-plane@sha256:957c119cbf332f8a1fc9f46b1f94b79dfb4e87bec2677d17258354992e824215_ppc64le", "7Server-RH7-RHOSE-3.11:openshift3/ose-deployer@sha256:0c44f99dee37e16aa31bf6fe8e6d5389229df84516f69fd32d64b06caf0a077e_amd64", "7Server-RH7-RHOSE-3.11:openshift3/ose-deployer@sha256:2770c5ff63e4dce7ea91c2d6cc795b8236e482cc07ec61e3ed873daafff41413_ppc64le", "7Server-RH7-RHOSE-3.11:openshift3/ose-descheduler@sha256:a1ea654b6bb03712d27d76b0f643b39f2a59475ffbdecb9d4e02a02cf7e78835_amd64", "7Server-RH7-RHOSE-3.11:openshift3/ose-descheduler@sha256:aad55bb702d699e02e93b103c67227ffadd394da82e32806b9a72643a071da47_ppc64le", "7Server-RH7-RHOSE-3.11:openshift3/ose-docker-builder@sha256:b44135431a2eda1ca40da3acf80ef1093a753a189b4b8469060f902c3469a6f2_ppc64le", "7Server-RH7-RHOSE-3.11:openshift3/ose-docker-builder@sha256:e1dd0f7c3f95fa847214b569f1bfa17124e7469b0042d3868a0126a3523264bf_amd64", "7Server-RH7-RHOSE-3.11:openshift3/ose-docker-registry@sha256:2b73446a35678141ea59989f867110f0d4c07ac296201dd0b68a02f677ae408a_amd64", "7Server-RH7-RHOSE-3.11:openshift3/ose-docker-registry@sha256:3c561e80747101dec581f8bcb0e979bfb10a432322bc8ffacaa0e5602250dd72_ppc64le", "7Server-RH7-RHOSE-3.11:openshift3/ose-efs-provisioner@sha256:bd1bc0726a82a39db1adae3bd03b2dc40aee3f277db42a1f7cf135012e94348e_amd64", "7Server-RH7-RHOSE-3.11:openshift3/ose-egress-dns-proxy@sha256:08f9a4ecde5ce726f43cd4de90d657e8a0ad4e3c150c0e8487e15fa4017f8f1f_amd64", "7Server-RH7-RHOSE-3.11:openshift3/ose-egress-dns-proxy@sha256:0aa6d4341a93d6be4964c24b933041357f8e84ea89eea318917955faf5c2ef49_ppc64le", "7Server-RH7-RHOSE-3.11:openshift3/ose-egress-http-proxy@sha256:1c57b9e3567fe4cac8d37243c8b8c6a3ffea609e0c421c35bea1c594e4dc956b_ppc64le", "7Server-RH7-RHOSE-3.11:openshift3/ose-egress-http-proxy@sha256:1f5085a7c09a33dd3c000bb985af1ed6bbe36aecd108890ac3340a06ecce8799_amd64", "7Server-RH7-RHOSE-3.11:openshift3/ose-egress-router@sha256:55625ed80e5a06c1d4c0ecfad9b02ec8786ae3664496b017b840f096187e96e1_amd64", "7Server-RH7-RHOSE-3.11:openshift3/ose-egress-router@sha256:dc704c03ebff6c95a0473f400e75aad2f61f5c21c6e9118ced6ff4f504c3a33b_ppc64le", "7Server-RH7-RHOSE-3.11:openshift3/ose-haproxy-router@sha256:03ee8def90b9c2fd8c52183ee16ecc4143d252421142875f9b3ebfb79a35e765_amd64", "7Server-RH7-RHOSE-3.11:openshift3/ose-haproxy-router@sha256:07deef108cd4aee617a59656605d7c966dedf28eeee7ffe0843be56e5ce077c9_ppc64le", "7Server-RH7-RHOSE-3.11:openshift3/ose-hyperkube@sha256:0bd945d55e15a305fc1c69a446c9e0c0acc7bd7dd88a38a4531deae1da3d83ca_amd64", "7Server-RH7-RHOSE-3.11:openshift3/ose-hyperkube@sha256:75617155f039423e7ce8166cbf55405ac1b7349b24d628a443d92f2b0972bdad_ppc64le", "7Server-RH7-RHOSE-3.11:openshift3/ose-hypershift@sha256:08ffc52ccea1e13602764c1119502bdf56c502d8613e44bfc0ec77689bda7c51_ppc64le", "7Server-RH7-RHOSE-3.11:openshift3/ose-hypershift@sha256:95d4dc298a6749b53a6f9e3a1f4726910200e0ce551a47efdf8a316d6c7065f1_amd64", "7Server-RH7-RHOSE-3.11:openshift3/ose-keepalived-ipfailover@sha256:e19093a73ed7cb370e3041928c50f9637fed9acaf9bc72f9ca91e49d60ff90d6_amd64", "7Server-RH7-RHOSE-3.11:openshift3/ose-keepalived-ipfailover@sha256:f64aa6a87b545dde145ec19a6420545db605c4dfb014caeb710e85eb88e0233b_ppc64le", "7Server-RH7-RHOSE-3.11:openshift3/ose-kube-rbac-proxy@sha256:95b4736997e113b9392786284b4fb1e9e87b0175c2c4969b0a20f51d30e97a76_ppc64le", "7Server-RH7-RHOSE-3.11:openshift3/ose-kube-rbac-proxy@sha256:eb0da4670838a10ba377ba3df6c9aa6e1863d6633af5ebd75dc3cec9e9aa7897_amd64", "7Server-RH7-RHOSE-3.11:openshift3/ose-kube-state-metrics@sha256:155126d83e7c1bd9f9b55c239565ce5a38c26a7ee7c46e768c99db09c6d75439_ppc64le", "7Server-RH7-RHOSE-3.11:openshift3/ose-kube-state-metrics@sha256:726effd02df8a87735f75deddc05880a07319565df45e4d8b5f4acb366f11048_amd64", "7Server-RH7-RHOSE-3.11:openshift3/ose-logging-curator5@sha256:0e2491bb4968deca6d7fa62d8c2517d46a237bd1bd41ada1794a34592c65c1fe_amd64", "7Server-RH7-RHOSE-3.11:openshift3/ose-logging-curator5@sha256:e8c7cc24ae8066ba8b8dd866fcb8772974b91372fbb04ad3ceb0915607113be1_ppc64le", "7Server-RH7-RHOSE-3.11:openshift3/ose-logging-elasticsearch5@sha256:53371e2242b9f237273ef8fab8a167335a4c652d96e1f0c18296d3a9f3933219_ppc64le", "7Server-RH7-RHOSE-3.11:openshift3/ose-logging-elasticsearch5@sha256:ca6684fc43c6f87df75c4460ca6e919a37c353cdc460efb4a3df78825b0967ee_amd64", "7Server-RH7-RHOSE-3.11:openshift3/ose-logging-eventrouter@sha256:0cbc586af811550f5e674def7a52ee7178cd5b992eb4e87bd8ea766797ed7fdc_amd64", "7Server-RH7-RHOSE-3.11:openshift3/ose-logging-eventrouter@sha256:d999ecebf99a5d28c9b684137f1f04491e40b2a1537fc4406984c3febeb40135_ppc64le", "7Server-RH7-RHOSE-3.11:openshift3/ose-logging-fluentd@sha256:7e84289264cb9208276fd21f6cc16cb685cfa45ca4681a7a17da43cb8e275359_ppc64le", "7Server-RH7-RHOSE-3.11:openshift3/ose-logging-fluentd@sha256:fe089baafe2523726dc129f6107f878fe0980df3c74ff6f275819045fda0f972_amd64", "7Server-RH7-RHOSE-3.11:openshift3/ose-logging-kibana5@sha256:bc961ab7aa9b7c8e861f40887a23af44c8777c24eca3563708f5cb242dffc80e_amd64", "7Server-RH7-RHOSE-3.11:openshift3/ose-logging-kibana5@sha256:d724440cbd2522847844a90c4cb9cf86ecf75253907369cf5328d947b03e6de8_ppc64le", "7Server-RH7-RHOSE-3.11:openshift3/ose-metrics-cassandra@sha256:289f63cd6ff4f5bdf411979a2bb85365733915ba302679efe455b0dd85432af1_amd64", "7Server-RH7-RHOSE-3.11:openshift3/ose-metrics-cassandra@sha256:8433fe5ef0358969945c392fc13035b8fb9b22f2000f80e71bcbf8b80c50e671_ppc64le", "7Server-RH7-RHOSE-3.11:openshift3/ose-metrics-hawkular-metrics@sha256:751cab1ad1c0994cd4fde8127c6c95d1f00ced9814e66ffbc98d55f9766bee17_amd64", "7Server-RH7-RHOSE-3.11:openshift3/ose-metrics-hawkular-openshift-agent@sha256:241e0f9f0babaec3fff54e935a38b93cf4f80170bae1ba6b03086c0d188f07bc_ppc64le", "7Server-RH7-RHOSE-3.11:openshift3/ose-metrics-hawkular-openshift-agent@sha256:c8ed0f9ddd2b1090521f60b8031a985b9f2bc98e2ea43ff64d0d119acdfdd310_amd64", "7Server-RH7-RHOSE-3.11:openshift3/ose-metrics-heapster@sha256:09e2fbd1292303108bc22513a35d9b4ef69a54f92a0ad482749e6e8d10b51ef3_ppc64le", "7Server-RH7-RHOSE-3.11:openshift3/ose-metrics-heapster@sha256:de9e055776e08ef5759e9901051b2fa929459788881b0021ace3d2fbcc2a8dc0_amd64", "7Server-RH7-RHOSE-3.11:openshift3/ose-metrics-schema-installer@sha256:22292281c5664ad742335a5f2eec938d44abd01abcce206ea8133d3e287a1fe7_ppc64le", "7Server-RH7-RHOSE-3.11:openshift3/ose-metrics-schema-installer@sha256:f567ef170d6ac571a0b502211dd1588c299c64a42f886b8501a5c4b13e965726_amd64", "7Server-RH7-RHOSE-3.11:openshift3/ose-metrics-server@sha256:03cf90a75482a0e09f924840afc05208209aba9438dd8add3306bfc7e99ea041_ppc64le", "7Server-RH7-RHOSE-3.11:openshift3/ose-metrics-server@sha256:b188d6d36d913aa6d4d2b83ee2e6ab0c7ae394d9d078a9fb389958ac6ffd5254_amd64", "7Server-RH7-RHOSE-3.11:openshift3/ose-node-problem-detector@sha256:41ef952a4ade68321dae2186cba7a0a3913b125f7aade46b26ffb56d17ddf4e0_amd64", "7Server-RH7-RHOSE-3.11:openshift3/ose-node-problem-detector@sha256:445c68516f4fc4583817e59a0977c8fcc8f3ebd60397a56b93ef800cd41e175f_ppc64le", "7Server-RH7-RHOSE-3.11:openshift3/ose-node@sha256:5a74daf7ce7c31278339743b4af5efa2f3f7c2aa73af7ea6c7cd0e51edaee82b_amd64", "7Server-RH7-RHOSE-3.11:openshift3/ose-node@sha256:848c5444d818200c952b9660c3384f773305bdd33ddaa57a98fb25b883cfca9d_ppc64le", "7Server-RH7-RHOSE-3.11:openshift3/ose-operator-lifecycle-manager@sha256:6905b9589f982e35f7ff59da2453e0bbac3684727a927317e17db850d1f84374_ppc64le", "7Server-RH7-RHOSE-3.11:openshift3/ose-operator-lifecycle-manager@sha256:b1ec65e2f4428863b21c62f360d058d052f751d55cf9b47f350d71c485d0dbd1_amd64", "7Server-RH7-RHOSE-3.11:openshift3/ose-ovn-kubernetes@sha256:2affd84e4cdd152598cdf8566cf90ee8cbfc57ef932293e84c82f947537acf2e_amd64", "7Server-RH7-RHOSE-3.11:openshift3/ose-ovn-kubernetes@sha256:46d62a21532bb365bec6d182492e8b15681581df0059057a4fb72391c8022d2e_ppc64le", "7Server-RH7-RHOSE-3.11:openshift3/ose-pod@sha256:6d5839ea265076d96b622b6a1aac624a32980e5d2ff8e74d87bcf41b24f38af2_amd64", "7Server-RH7-RHOSE-3.11:openshift3/ose-pod@sha256:eddd3f77fa3cacad66f41a154893d1e40c8d2b39864c344ac84a7479ff179b51_ppc64le", "7Server-RH7-RHOSE-3.11:openshift3/ose-prometheus-config-reloader@sha256:56941ffcd63421b2a9f4eefd0e92379615d5e0b17d57c1cd8e829683c8804de5_amd64", "7Server-RH7-RHOSE-3.11:openshift3/ose-prometheus-config-reloader@sha256:dbe9b3eb376e3171c44e6edd4a3b9501460cf02ad1c7abf92188379f078177d4_ppc64le", "7Server-RH7-RHOSE-3.11:openshift3/ose-prometheus-operator@sha256:a1c9890733a1c6e2ad09937ddb1fbaa93f22ef52eb5830203d49b9e295e279f0_ppc64le", "7Server-RH7-RHOSE-3.11:openshift3/ose-prometheus-operator@sha256:bb09a6a7d46e3f450d7e5c79dc24ea1bb5ef6d439edeb5d67ad5aeeedef0d776_amd64", "7Server-RH7-RHOSE-3.11:openshift3/ose-recycler@sha256:afe370d3e7bbf905aaa49b7ea70fc599b37b928a4f280c4fa1570364df80ac31_ppc64le", "7Server-RH7-RHOSE-3.11:openshift3/ose-recycler@sha256:f4987204ca67904b9fa3a0751d67afa8027a764ffd5b83529e421553c9b47303_amd64", "7Server-RH7-RHOSE-3.11:openshift3/ose-service-catalog@sha256:9a49c75bc750ae724f51696f4c0052325a3d379250d4973fca54e2f9562f1438_ppc64le", "7Server-RH7-RHOSE-3.11:openshift3/ose-service-catalog@sha256:ecacfd24f1d48a19a26f3c990ed6e9a4a4cd75c738738c462da40b513ef1517e_amd64", "7Server-RH7-RHOSE-3.11:openshift3/ose-template-service-broker@sha256:45c412b61b4f36bbb9741901a2fdd8799c736fb1d4d752ba5104cc19b625bd81_ppc64le", "7Server-RH7-RHOSE-3.11:openshift3/ose-template-service-broker@sha256:61c88ac8d3de1eb9d207fe23d9d8fea69a48679bffe17355d3b9cbb0583260ba_amd64", "7Server-RH7-RHOSE-3.11:openshift3/ose-tests@sha256:1aba6f3a603f073e8176293140a3ffe111fc7699ef0ba45382857e39f289bb25_ppc64le", "7Server-RH7-RHOSE-3.11:openshift3/ose-tests@sha256:377a3bdc5580733382f80af86a929f31fe80cb5dadbfaad04ac23334df10da87_amd64", "7Server-RH7-RHOSE-3.11:openshift3/ose-web-console@sha256:be7ebb72ff3f7a9f619b2d3825b529e90bbce34577b3151a70ef55bc39bd7b19_amd64", "7Server-RH7-RHOSE-3.11:openshift3/ose-web-console@sha256:de2e2745d5ca1152aa3ad88013e3cd5eddda1d771e97d105943bdeb42024d57a_ppc64le", "7Server-RH7-RHOSE-3.11:openshift3/ose@sha256:0ae205a9737bfeae3321aa7941bfbf9296d10cbd93c5a6ff62abd06683b96352_amd64", "7Server-RH7-RHOSE-3.11:openshift3/ose@sha256:957c119cbf332f8a1fc9f46b1f94b79dfb4e87bec2677d17258354992e824215_ppc64le", "7Server-RH7-RHOSE-3.11:openshift3/postgresql-apb@sha256:2e3443ed86e388d4c6630152a47cfbd0d312763fa245781f1245854b0d0178d3_amd64", "7Server-RH7-RHOSE-3.11:openshift3/postgresql-apb@sha256:35e86667930dcb3082ef64b2496f92e597a703f120c221c2bdcc0911d7524e54_ppc64le", "7Server-RH7-RHOSE-3.11:openshift3/prometheus-alertmanager@sha256:9b3bc898c8cf14b2b20c8e2b2a7f8bbca673d2f124746da08393ce3da9c6be76_amd64", "7Server-RH7-RHOSE-3.11:openshift3/prometheus-alertmanager@sha256:b7012f7c7f0c4efc17ef1a953d05b9281c84f80bc58ab0bbaaa9ac12f60de55b_ppc64le", "7Server-RH7-RHOSE-3.11:openshift3/prometheus-node-exporter@sha256:2333060c4a428c009a8cf3d56e27ea77ee95420ed5830d311ae3db86d26704f5_amd64", "7Server-RH7-RHOSE-3.11:openshift3/prometheus-node-exporter@sha256:e75b6c6e818de085db24f56d4627b8452ce62efe36853ac54d06a1f4c59f822c_ppc64le", "7Server-RH7-RHOSE-3.11:openshift3/prometheus@sha256:40c1decd5e406323773418594e57d079931af1940964d1ad696dd10d17cfb931_ppc64le", "7Server-RH7-RHOSE-3.11:openshift3/prometheus@sha256:e9a2b9f83efcb2393ae134e776dbac27bc71019270520a256bc33a43178e339d_amd64", "7Server-RH7-RHOSE-3.11:openshift3/registry-console@sha256:58d0a5b8750f58c905e4e403d1c785d324666c33bcbafb50dc1772326ce5c86f_amd64", "7Server-RH7-RHOSE-3.11:openshift3/registry-console@sha256:d9cc22adbe09ba5162c9130b621fb5f2642f1ca6bf56e2224e926c002b81b06b_ppc64le", "7Server-RH7-RHOSE-3.11:openshift3/snapshot-controller@sha256:67db41ada9b1f97a8bda559bb034792c94eea351d7d4ad683984416d23899d25_ppc64le", "7Server-RH7-RHOSE-3.11:openshift3/snapshot-controller@sha256:939234f2a3389d11a44741f7aa035d3e02a27cb638b8d3ddd0de95a9df3c7911_amd64", "7Server-RH7-RHOSE-3.11:openshift3/snapshot-provisioner@sha256:81812db06e3240c9050f4ef2e7a43004fdf63cbbfd22b345d6969cc488f2e89b_ppc64le", "7Server-RH7-RHOSE-3.11:openshift3/snapshot-provisioner@sha256:b47bf75f0d5b78dae236ff71faeef2f1fc43b260a901fa1ffff7742b7c4d32df_amd64" ] } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0" }, "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.0" }, "products": [ "7Server-RH7-RHOSE-3.11:openshift3/apb-base@sha256:763cc3daeb5d74f01fc4f0ae901f602a9e38204f3249386950ba1595b3f5db4a_ppc64le", "7Server-RH7-RHOSE-3.11:openshift3/apb-base@sha256:e552aab7947ceb3742f3edb0649222dab417fd94224926fcf6535efea3a49eab_amd64", "7Server-RH7-RHOSE-3.11:openshift3/apb-tools@sha256:16b6f591ef4b12426de75783812a183539dbfa610da1797491d381aaa16d6c10_amd64", "7Server-RH7-RHOSE-3.11:openshift3/apb-tools@sha256:fed26de0a6f33af0a7475e0eabfebb47aae5deb9e8e174b8442bf993edc3b82a_ppc64le", "7Server-RH7-RHOSE-3.11:openshift3/automation-broker-apb@sha256:74927207b9b2e8096c25a0bdd4970eff6b74308d490080b6a02f65a744b52df8_amd64", "7Server-RH7-RHOSE-3.11:openshift3/automation-broker-apb@sha256:a4aad2f41791ab0223c36ce9f1b353d45fc33104930d9dcf5e711df977c1e641_ppc64le", "7Server-RH7-RHOSE-3.11:openshift3/csi-attacher@sha256:854e60e8d6fc1ab8004bb6c0320df575a0e619ce0c57369817154d409019f7aa_amd64", "7Server-RH7-RHOSE-3.11:openshift3/csi-attacher@sha256:915953e86be37116879247233530e9f8d21db28c51f516bbc704bd5bd3d1bfd2_ppc64le", "7Server-RH7-RHOSE-3.11:openshift3/csi-driver-registrar@sha256:7388276b383db3b45c1fbdb4ec3266e41a566a8c612af37c8bfc3b63ae1ac556_amd64", "7Server-RH7-RHOSE-3.11:openshift3/csi-driver-registrar@sha256:f5ed23b537bd38c78a69cdc15fbfc8757dc1d93e4ec60c8e2e4b2c21177ed7e0_ppc64le", "7Server-RH7-RHOSE-3.11:openshift3/csi-livenessprobe@sha256:54724010d09ab5f14051e9f73f3d22bcd16cd2a0b4ddf79353f31fbe751e3192_ppc64le", "7Server-RH7-RHOSE-3.11:openshift3/csi-livenessprobe@sha256:800322bdfb2cf59aa0099a4ed4eac0e09b8b136ac4a12f1f07b0335fa69aa4d3_amd64", "7Server-RH7-RHOSE-3.11:openshift3/csi-provisioner@sha256:dda66e90ccc82eb56702147799e16ee5f0cf4e2076521440af21dd4f681de260_amd64", "7Server-RH7-RHOSE-3.11:openshift3/csi-provisioner@sha256:ee3c5a4f3dd01f0d977ea1d7af3426484ae4e75a64c5ad07ad06580b47389a23_ppc64le", "7Server-RH7-RHOSE-3.11:openshift3/grafana@sha256:502454641e5489c8552d1d8764f0533dc0accc1dc16a10a09347eb4f633fa51a_amd64", "7Server-RH7-RHOSE-3.11:openshift3/grafana@sha256:7440599d2b5acd01667c7c00d7b8eaad3cf6877ba079a6215ab0b5e19dba76f7_ppc64le", "7Server-RH7-RHOSE-3.11:openshift3/jenkins-slave-base-rhel7@sha256:0b0f03bbc5cdc30b870e53f4490ad445befb136fe86eae79386be6ebb2e3ac6e_ppc64le", "7Server-RH7-RHOSE-3.11:openshift3/jenkins-slave-base-rhel7@sha256:ffb1de34e6b5bdae5a144265f3de3617e7bff9ac1452189a6bbcc23adb987382_amd64", "7Server-RH7-RHOSE-3.11:openshift3/jenkins-slave-maven-rhel7@sha256:b98c1828d539b2309638d4cb0f3b08afbcf579af3d0dff6e5fc5abacd235b062_amd64", "7Server-RH7-RHOSE-3.11:openshift3/jenkins-slave-nodejs-rhel7@sha256:46b8a985339d1d1dda1d44aa9c5bc45a06582e705ddf8fb3191394b5e502c056_amd64", "7Server-RH7-RHOSE-3.11:openshift3/local-storage-provisioner@sha256:64567f985077b0e5ce3e12e9f43e5d4c434cbf3c93e02c3c9a2996c7b1121878_ppc64le", "7Server-RH7-RHOSE-3.11:openshift3/local-storage-provisioner@sha256:887b76eb8a94af76e9c17d261881c48fd3eb3c48e000cab4c617e46b10d44e7a_amd64", "7Server-RH7-RHOSE-3.11:openshift3/logging-fluentd@sha256:7e84289264cb9208276fd21f6cc16cb685cfa45ca4681a7a17da43cb8e275359_ppc64le", "7Server-RH7-RHOSE-3.11:openshift3/logging-fluentd@sha256:fe089baafe2523726dc129f6107f878fe0980df3c74ff6f275819045fda0f972_amd64", "7Server-RH7-RHOSE-3.11:openshift3/manila-provisioner@sha256:45450e8d0d57dad13598a88b0f48d4c1ccb4314a0945729b22d3623cae85e954_amd64", "7Server-RH7-RHOSE-3.11:openshift3/manila-provisioner@sha256:e22b20f538e6f322998bf7436c60b0171d9fbada1d04c404b8b7252e2e1603cc_ppc64le", "7Server-RH7-RHOSE-3.11:openshift3/mariadb-apb@sha256:0611c8cb9009c7de8f5c285f42b224109b7a54d5b674f61cb456890a912c9bc1_amd64", "7Server-RH7-RHOSE-3.11:openshift3/mariadb-apb@sha256:98fd26d9468f1532bea988ddd1be7cc924b1d2f30c8275947450cef7cb8a21ce_ppc64le", "7Server-RH7-RHOSE-3.11:openshift3/mediawiki-apb@sha256:3434e58781a78e47a8695a23c3d21c50b3292a3451e680bd0608d434089f7777_amd64", "7Server-RH7-RHOSE-3.11:openshift3/mediawiki-apb@sha256:d369b64a003eb3195de1a1b6c98bc88b931139ad65ab882009b9190d3bd048f5_ppc64le", "7Server-RH7-RHOSE-3.11:openshift3/mediawiki@sha256:742bb2a876c5246d9a3355146b61a06171452e0b5d2854ce6b0cf4bd269ea59f_amd64", "7Server-RH7-RHOSE-3.11:openshift3/mediawiki@sha256:cdf96ce8e717292735a6878adb38ef659538d0d236b0c8377eb75156383fc612_ppc64le", "7Server-RH7-RHOSE-3.11:openshift3/metrics-cassandra@sha256:289f63cd6ff4f5bdf411979a2bb85365733915ba302679efe455b0dd85432af1_amd64", "7Server-RH7-RHOSE-3.11:openshift3/metrics-cassandra@sha256:8433fe5ef0358969945c392fc13035b8fb9b22f2000f80e71bcbf8b80c50e671_ppc64le", "7Server-RH7-RHOSE-3.11:openshift3/metrics-hawkular-metrics@sha256:751cab1ad1c0994cd4fde8127c6c95d1f00ced9814e66ffbc98d55f9766bee17_amd64", "7Server-RH7-RHOSE-3.11:openshift3/metrics-hawkular-openshift-agent@sha256:241e0f9f0babaec3fff54e935a38b93cf4f80170bae1ba6b03086c0d188f07bc_ppc64le", "7Server-RH7-RHOSE-3.11:openshift3/metrics-hawkular-openshift-agent@sha256:c8ed0f9ddd2b1090521f60b8031a985b9f2bc98e2ea43ff64d0d119acdfdd310_amd64", "7Server-RH7-RHOSE-3.11:openshift3/metrics-heapster@sha256:09e2fbd1292303108bc22513a35d9b4ef69a54f92a0ad482749e6e8d10b51ef3_ppc64le", "7Server-RH7-RHOSE-3.11:openshift3/metrics-heapster@sha256:de9e055776e08ef5759e9901051b2fa929459788881b0021ace3d2fbcc2a8dc0_amd64", "7Server-RH7-RHOSE-3.11:openshift3/metrics-schema-installer@sha256:22292281c5664ad742335a5f2eec938d44abd01abcce206ea8133d3e287a1fe7_ppc64le", "7Server-RH7-RHOSE-3.11:openshift3/metrics-schema-installer@sha256:f567ef170d6ac571a0b502211dd1588c299c64a42f886b8501a5c4b13e965726_amd64", "7Server-RH7-RHOSE-3.11:openshift3/mysql-apb@sha256:299169d8878ea82187652e6039918684ad94b7c0df20f80095f50ca15c5fbdff_ppc64le", "7Server-RH7-RHOSE-3.11:openshift3/mysql-apb@sha256:fc373eec92b76ea9b54985ce3d74436f011d703b3dbbacbdbd4a721abd282f6f_amd64", "7Server-RH7-RHOSE-3.11:openshift3/node@sha256:5a74daf7ce7c31278339743b4af5efa2f3f7c2aa73af7ea6c7cd0e51edaee82b_amd64", "7Server-RH7-RHOSE-3.11:openshift3/node@sha256:848c5444d818200c952b9660c3384f773305bdd33ddaa57a98fb25b883cfca9d_ppc64le", "7Server-RH7-RHOSE-3.11:openshift3/oauth-proxy@sha256:0a54aff40d134575d4bf39ca74b364bc34a6a3d1bfaebf63bbd70368cc422375_ppc64le", "7Server-RH7-RHOSE-3.11:openshift3/oauth-proxy@sha256:972b04574615061ac261a3e28f22812f775b7aa70226da7f05a10191e374a41a_amd64", "7Server-RH7-RHOSE-3.11:openshift3/ose-ansible-service-broker@sha256:0b6b069a7d68d34d6056f7067ee0b1ebbcc138ca23fc131e91dec7f1ac593521_amd64", "7Server-RH7-RHOSE-3.11:openshift3/ose-ansible-service-broker@sha256:46de44b99bf79215f94481dec58052784b460b816b3e03a4a52574b61ee03e8e_ppc64le", "7Server-RH7-RHOSE-3.11:openshift3/ose-ansible@sha256:bce473a8fc6494318dd48ab9e490bae73b4fc7bf456ce87f2e42c0b32d565363_amd64", "7Server-RH7-RHOSE-3.11:openshift3/ose-ansible@sha256:d63c2ef42baf2517d2b0aa14568d0974ac931c325a24116f25eb506653ba8295_ppc64le", "7Server-RH7-RHOSE-3.11:openshift3/ose-cli@sha256:12468fe418ea26ba21a342ef372b8856c963c65d2d6edb14fe49cebc4c8cc393_amd64", "7Server-RH7-RHOSE-3.11:openshift3/ose-cli@sha256:a51d8da60af7b955043cb55054e089de8f626d9168a3793f8d8c1ea7c319235e_ppc64le", "7Server-RH7-RHOSE-3.11:openshift3/ose-cluster-autoscaler@sha256:67f3e573395b921b4da67f8f8699c9dd2642859393f9c3857794819d7f94d765_amd64", "7Server-RH7-RHOSE-3.11:openshift3/ose-cluster-autoscaler@sha256:6df85551a637d56d86d5dc1aa4607971c9aadd24f906c409d2f36c03ff3ff9f0_ppc64le", "7Server-RH7-RHOSE-3.11:openshift3/ose-cluster-capacity@sha256:4e0334dbe8d59b2126320885c8c3ada29030d595edc06169d2e219d5c4c70015_amd64", "7Server-RH7-RHOSE-3.11:openshift3/ose-cluster-capacity@sha256:92ae1175d9c5bb766256f76ddc0dc7c6daba3f6cffd31d840deb82cb24f66286_ppc64le", "7Server-RH7-RHOSE-3.11:openshift3/ose-cluster-monitoring-operator@sha256:886d8c9cfaaf1f29a721f97cd81f8444dac94a54fea5f5b70337be9203af378d_amd64", "7Server-RH7-RHOSE-3.11:openshift3/ose-cluster-monitoring-operator@sha256:92b84639d9299e13f388b3b48dd27a4b58c004a1e7f0757603efbff94d4827f8_ppc64le", "7Server-RH7-RHOSE-3.11:openshift3/ose-configmap-reloader@sha256:9452482e5deccc2e8f6720eb932866f5861753e61246f406d97c49658d2d05cc_amd64", "7Server-RH7-RHOSE-3.11:openshift3/ose-configmap-reloader@sha256:fd56cb2027a074f872c8ae801731f1fed9854cddd98874b4c9089969d910ccdf_ppc64le", "7Server-RH7-RHOSE-3.11:openshift3/ose-console@sha256:3518fdd6ddd993ed1feb5ce4933c4fbaa2a00f52fdc033878a0424ea0767226c_amd64", "7Server-RH7-RHOSE-3.11:openshift3/ose-console@sha256:cbe2968f424dadcc457d0b073a85cac64a94b860484738fe8f5f43ffd3121564_ppc64le", "7Server-RH7-RHOSE-3.11:openshift3/ose-control-plane@sha256:0ae205a9737bfeae3321aa7941bfbf9296d10cbd93c5a6ff62abd06683b96352_amd64", "7Server-RH7-RHOSE-3.11:openshift3/ose-control-plane@sha256:957c119cbf332f8a1fc9f46b1f94b79dfb4e87bec2677d17258354992e824215_ppc64le", "7Server-RH7-RHOSE-3.11:openshift3/ose-deployer@sha256:0c44f99dee37e16aa31bf6fe8e6d5389229df84516f69fd32d64b06caf0a077e_amd64", "7Server-RH7-RHOSE-3.11:openshift3/ose-deployer@sha256:2770c5ff63e4dce7ea91c2d6cc795b8236e482cc07ec61e3ed873daafff41413_ppc64le", "7Server-RH7-RHOSE-3.11:openshift3/ose-descheduler@sha256:a1ea654b6bb03712d27d76b0f643b39f2a59475ffbdecb9d4e02a02cf7e78835_amd64", "7Server-RH7-RHOSE-3.11:openshift3/ose-descheduler@sha256:aad55bb702d699e02e93b103c67227ffadd394da82e32806b9a72643a071da47_ppc64le", "7Server-RH7-RHOSE-3.11:openshift3/ose-docker-builder@sha256:b44135431a2eda1ca40da3acf80ef1093a753a189b4b8469060f902c3469a6f2_ppc64le", "7Server-RH7-RHOSE-3.11:openshift3/ose-docker-builder@sha256:e1dd0f7c3f95fa847214b569f1bfa17124e7469b0042d3868a0126a3523264bf_amd64", "7Server-RH7-RHOSE-3.11:openshift3/ose-docker-registry@sha256:2b73446a35678141ea59989f867110f0d4c07ac296201dd0b68a02f677ae408a_amd64", "7Server-RH7-RHOSE-3.11:openshift3/ose-docker-registry@sha256:3c561e80747101dec581f8bcb0e979bfb10a432322bc8ffacaa0e5602250dd72_ppc64le", "7Server-RH7-RHOSE-3.11:openshift3/ose-efs-provisioner@sha256:bd1bc0726a82a39db1adae3bd03b2dc40aee3f277db42a1f7cf135012e94348e_amd64", "7Server-RH7-RHOSE-3.11:openshift3/ose-egress-dns-proxy@sha256:08f9a4ecde5ce726f43cd4de90d657e8a0ad4e3c150c0e8487e15fa4017f8f1f_amd64", "7Server-RH7-RHOSE-3.11:openshift3/ose-egress-dns-proxy@sha256:0aa6d4341a93d6be4964c24b933041357f8e84ea89eea318917955faf5c2ef49_ppc64le", "7Server-RH7-RHOSE-3.11:openshift3/ose-egress-http-proxy@sha256:1c57b9e3567fe4cac8d37243c8b8c6a3ffea609e0c421c35bea1c594e4dc956b_ppc64le", "7Server-RH7-RHOSE-3.11:openshift3/ose-egress-http-proxy@sha256:1f5085a7c09a33dd3c000bb985af1ed6bbe36aecd108890ac3340a06ecce8799_amd64", "7Server-RH7-RHOSE-3.11:openshift3/ose-egress-router@sha256:55625ed80e5a06c1d4c0ecfad9b02ec8786ae3664496b017b840f096187e96e1_amd64", "7Server-RH7-RHOSE-3.11:openshift3/ose-egress-router@sha256:dc704c03ebff6c95a0473f400e75aad2f61f5c21c6e9118ced6ff4f504c3a33b_ppc64le", "7Server-RH7-RHOSE-3.11:openshift3/ose-haproxy-router@sha256:03ee8def90b9c2fd8c52183ee16ecc4143d252421142875f9b3ebfb79a35e765_amd64", "7Server-RH7-RHOSE-3.11:openshift3/ose-haproxy-router@sha256:07deef108cd4aee617a59656605d7c966dedf28eeee7ffe0843be56e5ce077c9_ppc64le", "7Server-RH7-RHOSE-3.11:openshift3/ose-hyperkube@sha256:0bd945d55e15a305fc1c69a446c9e0c0acc7bd7dd88a38a4531deae1da3d83ca_amd64", "7Server-RH7-RHOSE-3.11:openshift3/ose-hyperkube@sha256:75617155f039423e7ce8166cbf55405ac1b7349b24d628a443d92f2b0972bdad_ppc64le", "7Server-RH7-RHOSE-3.11:openshift3/ose-hypershift@sha256:08ffc52ccea1e13602764c1119502bdf56c502d8613e44bfc0ec77689bda7c51_ppc64le", "7Server-RH7-RHOSE-3.11:openshift3/ose-hypershift@sha256:95d4dc298a6749b53a6f9e3a1f4726910200e0ce551a47efdf8a316d6c7065f1_amd64", "7Server-RH7-RHOSE-3.11:openshift3/ose-keepalived-ipfailover@sha256:e19093a73ed7cb370e3041928c50f9637fed9acaf9bc72f9ca91e49d60ff90d6_amd64", "7Server-RH7-RHOSE-3.11:openshift3/ose-keepalived-ipfailover@sha256:f64aa6a87b545dde145ec19a6420545db605c4dfb014caeb710e85eb88e0233b_ppc64le", "7Server-RH7-RHOSE-3.11:openshift3/ose-kube-rbac-proxy@sha256:95b4736997e113b9392786284b4fb1e9e87b0175c2c4969b0a20f51d30e97a76_ppc64le", "7Server-RH7-RHOSE-3.11:openshift3/ose-kube-rbac-proxy@sha256:eb0da4670838a10ba377ba3df6c9aa6e1863d6633af5ebd75dc3cec9e9aa7897_amd64", "7Server-RH7-RHOSE-3.11:openshift3/ose-kube-state-metrics@sha256:155126d83e7c1bd9f9b55c239565ce5a38c26a7ee7c46e768c99db09c6d75439_ppc64le", "7Server-RH7-RHOSE-3.11:openshift3/ose-kube-state-metrics@sha256:726effd02df8a87735f75deddc05880a07319565df45e4d8b5f4acb366f11048_amd64", "7Server-RH7-RHOSE-3.11:openshift3/ose-logging-curator5@sha256:0e2491bb4968deca6d7fa62d8c2517d46a237bd1bd41ada1794a34592c65c1fe_amd64", "7Server-RH7-RHOSE-3.11:openshift3/ose-logging-curator5@sha256:e8c7cc24ae8066ba8b8dd866fcb8772974b91372fbb04ad3ceb0915607113be1_ppc64le", "7Server-RH7-RHOSE-3.11:openshift3/ose-logging-elasticsearch5@sha256:53371e2242b9f237273ef8fab8a167335a4c652d96e1f0c18296d3a9f3933219_ppc64le", "7Server-RH7-RHOSE-3.11:openshift3/ose-logging-elasticsearch5@sha256:ca6684fc43c6f87df75c4460ca6e919a37c353cdc460efb4a3df78825b0967ee_amd64", "7Server-RH7-RHOSE-3.11:openshift3/ose-logging-eventrouter@sha256:0cbc586af811550f5e674def7a52ee7178cd5b992eb4e87bd8ea766797ed7fdc_amd64", "7Server-RH7-RHOSE-3.11:openshift3/ose-logging-eventrouter@sha256:d999ecebf99a5d28c9b684137f1f04491e40b2a1537fc4406984c3febeb40135_ppc64le", "7Server-RH7-RHOSE-3.11:openshift3/ose-logging-fluentd@sha256:7e84289264cb9208276fd21f6cc16cb685cfa45ca4681a7a17da43cb8e275359_ppc64le", "7Server-RH7-RHOSE-3.11:openshift3/ose-logging-fluentd@sha256:fe089baafe2523726dc129f6107f878fe0980df3c74ff6f275819045fda0f972_amd64", "7Server-RH7-RHOSE-3.11:openshift3/ose-logging-kibana5@sha256:bc961ab7aa9b7c8e861f40887a23af44c8777c24eca3563708f5cb242dffc80e_amd64", "7Server-RH7-RHOSE-3.11:openshift3/ose-logging-kibana5@sha256:d724440cbd2522847844a90c4cb9cf86ecf75253907369cf5328d947b03e6de8_ppc64le", "7Server-RH7-RHOSE-3.11:openshift3/ose-metrics-cassandra@sha256:289f63cd6ff4f5bdf411979a2bb85365733915ba302679efe455b0dd85432af1_amd64", "7Server-RH7-RHOSE-3.11:openshift3/ose-metrics-cassandra@sha256:8433fe5ef0358969945c392fc13035b8fb9b22f2000f80e71bcbf8b80c50e671_ppc64le", "7Server-RH7-RHOSE-3.11:openshift3/ose-metrics-hawkular-metrics@sha256:751cab1ad1c0994cd4fde8127c6c95d1f00ced9814e66ffbc98d55f9766bee17_amd64", "7Server-RH7-RHOSE-3.11:openshift3/ose-metrics-hawkular-openshift-agent@sha256:241e0f9f0babaec3fff54e935a38b93cf4f80170bae1ba6b03086c0d188f07bc_ppc64le", "7Server-RH7-RHOSE-3.11:openshift3/ose-metrics-hawkular-openshift-agent@sha256:c8ed0f9ddd2b1090521f60b8031a985b9f2bc98e2ea43ff64d0d119acdfdd310_amd64", "7Server-RH7-RHOSE-3.11:openshift3/ose-metrics-heapster@sha256:09e2fbd1292303108bc22513a35d9b4ef69a54f92a0ad482749e6e8d10b51ef3_ppc64le", "7Server-RH7-RHOSE-3.11:openshift3/ose-metrics-heapster@sha256:de9e055776e08ef5759e9901051b2fa929459788881b0021ace3d2fbcc2a8dc0_amd64", "7Server-RH7-RHOSE-3.11:openshift3/ose-metrics-schema-installer@sha256:22292281c5664ad742335a5f2eec938d44abd01abcce206ea8133d3e287a1fe7_ppc64le", "7Server-RH7-RHOSE-3.11:openshift3/ose-metrics-schema-installer@sha256:f567ef170d6ac571a0b502211dd1588c299c64a42f886b8501a5c4b13e965726_amd64", "7Server-RH7-RHOSE-3.11:openshift3/ose-metrics-server@sha256:03cf90a75482a0e09f924840afc05208209aba9438dd8add3306bfc7e99ea041_ppc64le", "7Server-RH7-RHOSE-3.11:openshift3/ose-metrics-server@sha256:b188d6d36d913aa6d4d2b83ee2e6ab0c7ae394d9d078a9fb389958ac6ffd5254_amd64", "7Server-RH7-RHOSE-3.11:openshift3/ose-node-problem-detector@sha256:41ef952a4ade68321dae2186cba7a0a3913b125f7aade46b26ffb56d17ddf4e0_amd64", "7Server-RH7-RHOSE-3.11:openshift3/ose-node-problem-detector@sha256:445c68516f4fc4583817e59a0977c8fcc8f3ebd60397a56b93ef800cd41e175f_ppc64le", "7Server-RH7-RHOSE-3.11:openshift3/ose-node@sha256:5a74daf7ce7c31278339743b4af5efa2f3f7c2aa73af7ea6c7cd0e51edaee82b_amd64", "7Server-RH7-RHOSE-3.11:openshift3/ose-node@sha256:848c5444d818200c952b9660c3384f773305bdd33ddaa57a98fb25b883cfca9d_ppc64le", "7Server-RH7-RHOSE-3.11:openshift3/ose-operator-lifecycle-manager@sha256:6905b9589f982e35f7ff59da2453e0bbac3684727a927317e17db850d1f84374_ppc64le", "7Server-RH7-RHOSE-3.11:openshift3/ose-operator-lifecycle-manager@sha256:b1ec65e2f4428863b21c62f360d058d052f751d55cf9b47f350d71c485d0dbd1_amd64", "7Server-RH7-RHOSE-3.11:openshift3/ose-ovn-kubernetes@sha256:2affd84e4cdd152598cdf8566cf90ee8cbfc57ef932293e84c82f947537acf2e_amd64", "7Server-RH7-RHOSE-3.11:openshift3/ose-ovn-kubernetes@sha256:46d62a21532bb365bec6d182492e8b15681581df0059057a4fb72391c8022d2e_ppc64le", "7Server-RH7-RHOSE-3.11:openshift3/ose-pod@sha256:6d5839ea265076d96b622b6a1aac624a32980e5d2ff8e74d87bcf41b24f38af2_amd64", "7Server-RH7-RHOSE-3.11:openshift3/ose-pod@sha256:eddd3f77fa3cacad66f41a154893d1e40c8d2b39864c344ac84a7479ff179b51_ppc64le", "7Server-RH7-RHOSE-3.11:openshift3/ose-prometheus-config-reloader@sha256:56941ffcd63421b2a9f4eefd0e92379615d5e0b17d57c1cd8e829683c8804de5_amd64", "7Server-RH7-RHOSE-3.11:openshift3/ose-prometheus-config-reloader@sha256:dbe9b3eb376e3171c44e6edd4a3b9501460cf02ad1c7abf92188379f078177d4_ppc64le", "7Server-RH7-RHOSE-3.11:openshift3/ose-prometheus-operator@sha256:a1c9890733a1c6e2ad09937ddb1fbaa93f22ef52eb5830203d49b9e295e279f0_ppc64le", "7Server-RH7-RHOSE-3.11:openshift3/ose-prometheus-operator@sha256:bb09a6a7d46e3f450d7e5c79dc24ea1bb5ef6d439edeb5d67ad5aeeedef0d776_amd64", "7Server-RH7-RHOSE-3.11:openshift3/ose-recycler@sha256:afe370d3e7bbf905aaa49b7ea70fc599b37b928a4f280c4fa1570364df80ac31_ppc64le", "7Server-RH7-RHOSE-3.11:openshift3/ose-recycler@sha256:f4987204ca67904b9fa3a0751d67afa8027a764ffd5b83529e421553c9b47303_amd64", "7Server-RH7-RHOSE-3.11:openshift3/ose-service-catalog@sha256:9a49c75bc750ae724f51696f4c0052325a3d379250d4973fca54e2f9562f1438_ppc64le", "7Server-RH7-RHOSE-3.11:openshift3/ose-service-catalog@sha256:ecacfd24f1d48a19a26f3c990ed6e9a4a4cd75c738738c462da40b513ef1517e_amd64", "7Server-RH7-RHOSE-3.11:openshift3/ose-template-service-broker@sha256:45c412b61b4f36bbb9741901a2fdd8799c736fb1d4d752ba5104cc19b625bd81_ppc64le", "7Server-RH7-RHOSE-3.11:openshift3/ose-template-service-broker@sha256:61c88ac8d3de1eb9d207fe23d9d8fea69a48679bffe17355d3b9cbb0583260ba_amd64", "7Server-RH7-RHOSE-3.11:openshift3/ose-tests@sha256:1aba6f3a603f073e8176293140a3ffe111fc7699ef0ba45382857e39f289bb25_ppc64le", "7Server-RH7-RHOSE-3.11:openshift3/ose-tests@sha256:377a3bdc5580733382f80af86a929f31fe80cb5dadbfaad04ac23334df10da87_amd64", "7Server-RH7-RHOSE-3.11:openshift3/ose-web-console@sha256:be7ebb72ff3f7a9f619b2d3825b529e90bbce34577b3151a70ef55bc39bd7b19_amd64", "7Server-RH7-RHOSE-3.11:openshift3/ose-web-console@sha256:de2e2745d5ca1152aa3ad88013e3cd5eddda1d771e97d105943bdeb42024d57a_ppc64le", "7Server-RH7-RHOSE-3.11:openshift3/ose@sha256:0ae205a9737bfeae3321aa7941bfbf9296d10cbd93c5a6ff62abd06683b96352_amd64", "7Server-RH7-RHOSE-3.11:openshift3/ose@sha256:957c119cbf332f8a1fc9f46b1f94b79dfb4e87bec2677d17258354992e824215_ppc64le", "7Server-RH7-RHOSE-3.11:openshift3/postgresql-apb@sha256:2e3443ed86e388d4c6630152a47cfbd0d312763fa245781f1245854b0d0178d3_amd64", "7Server-RH7-RHOSE-3.11:openshift3/postgresql-apb@sha256:35e86667930dcb3082ef64b2496f92e597a703f120c221c2bdcc0911d7524e54_ppc64le", "7Server-RH7-RHOSE-3.11:openshift3/prometheus-alertmanager@sha256:9b3bc898c8cf14b2b20c8e2b2a7f8bbca673d2f124746da08393ce3da9c6be76_amd64", "7Server-RH7-RHOSE-3.11:openshift3/prometheus-alertmanager@sha256:b7012f7c7f0c4efc17ef1a953d05b9281c84f80bc58ab0bbaaa9ac12f60de55b_ppc64le", "7Server-RH7-RHOSE-3.11:openshift3/prometheus-node-exporter@sha256:2333060c4a428c009a8cf3d56e27ea77ee95420ed5830d311ae3db86d26704f5_amd64", "7Server-RH7-RHOSE-3.11:openshift3/prometheus-node-exporter@sha256:e75b6c6e818de085db24f56d4627b8452ce62efe36853ac54d06a1f4c59f822c_ppc64le", "7Server-RH7-RHOSE-3.11:openshift3/prometheus@sha256:40c1decd5e406323773418594e57d079931af1940964d1ad696dd10d17cfb931_ppc64le", "7Server-RH7-RHOSE-3.11:openshift3/prometheus@sha256:e9a2b9f83efcb2393ae134e776dbac27bc71019270520a256bc33a43178e339d_amd64", "7Server-RH7-RHOSE-3.11:openshift3/registry-console@sha256:58d0a5b8750f58c905e4e403d1c785d324666c33bcbafb50dc1772326ce5c86f_amd64", "7Server-RH7-RHOSE-3.11:openshift3/registry-console@sha256:d9cc22adbe09ba5162c9130b621fb5f2642f1ca6bf56e2224e926c002b81b06b_ppc64le", "7Server-RH7-RHOSE-3.11:openshift3/snapshot-controller@sha256:67db41ada9b1f97a8bda559bb034792c94eea351d7d4ad683984416d23899d25_ppc64le", "7Server-RH7-RHOSE-3.11:openshift3/snapshot-controller@sha256:939234f2a3389d11a44741f7aa035d3e02a27cb638b8d3ddd0de95a9df3c7911_amd64", "7Server-RH7-RHOSE-3.11:openshift3/snapshot-provisioner@sha256:81812db06e3240c9050f4ef2e7a43004fdf63cbbfd22b345d6969cc488f2e89b_ppc64le", "7Server-RH7-RHOSE-3.11:openshift3/snapshot-provisioner@sha256:b47bf75f0d5b78dae236ff71faeef2f1fc43b260a901fa1ffff7742b7c4d32df_amd64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "SSL/TLS: Birthday attack against 64-bit block ciphers (SWEET32)" } ] }
rhsa-2017_2710
Vulnerability from csaf_redhat
Notes
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Important" }, "category": "csaf_vex", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "An update is now available for JBoss Core Services on Red Hat Enterprise Linux 6.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", "title": "Topic" }, { "category": "general", "text": "Red Hat JBoss Core Services is a set of supplementary software for Red Hat JBoss middleware products. This software, such as Apache HTTP Server, is common to multiple JBoss middleware products, and is packaged under Red Hat JBoss Core Services to allow for faster distribution of updates, and for a more consistent update experience.\n\nThis release of Red Hat JBoss Core Services Apache HTTP Server 2.4.23 Service Pack 2 serves as an update for Red Hat JBoss Core Services Apache HTTP Server 2.4.23 Service Pack 1, and includes bug fixes, which are documented in the Release Notes document linked to in the References.\n\nSecurity Fix(es):\n\n* It was discovered that the httpd\u0027s mod_auth_digest module did not properly initialize memory before using it when processing certain headers related to digest authentication. A remote attacker could possibly use this flaw to disclose potentially sensitive information or cause httpd child process to crash by sending specially crafted requests to a server. (CVE-2017-9788)\n\n* It was discovered that in httpd 2.4, the internal API function ap_some_auth_required() could incorrectly indicate that a request was authenticated even when no authentication was used. An httpd module using this API function could consequently allow access that should have been denied. (CVE-2015-3185)\n\n* A flaw was found in the way the DES/3DES cipher was used as part of the TLS/SSL protocol. A man-in-the-middle attacker could use this flaw to recover some plaintext data by capturing large amounts of encrypted traffic between TLS/SSL server and client if the communication used a DES/3DES based ciphersuite. (CVE-2016-2183)\n\nRed Hat would like to thank OpenVPN for reporting CVE-2016-2183. Upstream acknowledges Karthikeyan Bhargavan (Inria) and Ga\u00ebtan Leurent (Inria) as the original reporters of CVE-2016-2183.", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat offerings.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHSA-2017:2710", "url": "https://access.redhat.com/errata/RHSA-2017:2710" }, { "category": "external", "summary": "https://access.redhat.com/security/updates/classification/#important", "url": "https://access.redhat.com/security/updates/classification/#important" }, { "category": "external", "summary": "https://access.redhat.com/documentation/en/red-hat-jboss-core-services/", "url": "https://access.redhat.com/documentation/en/red-hat-jboss-core-services/" }, { "category": "external", "summary": "1243888", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1243888" }, { "category": "external", "summary": "1369383", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1369383" }, { "category": "external", "summary": "1470748", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1470748" }, { "category": "external", "summary": "JBCS-329", "url": "https://issues.redhat.com/browse/JBCS-329" }, { "category": "external", "summary": "JBCS-337", "url": "https://issues.redhat.com/browse/JBCS-337" }, { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/data/csaf/v2/advisories/2017/rhsa-2017_2710.json" } ], "title": "Red Hat Security Advisory: Red Hat JBoss Core Services security update", "tracking": { "current_release_date": "2024-09-13T16:48:58+00:00", "generator": { "date": "2024-09-13T16:48:58+00:00", "engine": { "name": "Red Hat SDEngine", "version": "3.33.3" } }, "id": "RHSA-2017:2710", "initial_release_date": "2017-09-13T16:49:04+00:00", "revision_history": [ { "date": "2017-09-13T16:49:04+00:00", "number": "1", "summary": "Initial version" }, { "date": "2017-09-13T16:49:04+00:00", "number": "2", "summary": "Last updated version" }, { "date": "2024-09-13T16:48:58+00:00", "number": "3", "summary": "Last generated version" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "Red Hat JBoss Core Services on RHEL 6 Server", "product": { "name": "Red Hat JBoss Core Services on RHEL 6 Server", "product_id": "6Server-JBCS", "product_identification_helper": { "cpe": "cpe:/a:redhat:jboss_core_services:1::el6" } } } ], "category": "product_family", "name": "Red Hat JBoss Core Services" }, { "branches": [ { "category": "product_version", "name": "jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el6.x86_64", "product": { "name": "jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el6.x86_64", "product_id": "jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el6.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-openssl-static@1.0.2h-14.jbcs.el6?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el6.x86_64", "product": { "name": "jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el6.x86_64", "product_id": "jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el6.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-openssl-libs@1.0.2h-14.jbcs.el6?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el6.x86_64", "product": { "name": "jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el6.x86_64", "product_id": "jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el6.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-openssl-perl@1.0.2h-14.jbcs.el6?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.x86_64", "product": { "name": "jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.x86_64", "product_id": "jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-openssl@1.0.2h-14.jbcs.el6?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el6.x86_64", "product": { "name": "jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el6.x86_64", "product_id": "jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el6.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-openssl-debuginfo@1.0.2h-14.jbcs.el6?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el6.x86_64", "product": { "name": "jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el6.x86_64", "product_id": "jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el6.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-openssl-devel@1.0.2h-14.jbcs.el6?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "jbcs-httpd24-httpd-debuginfo-0:2.4.23-122.jbcs.el6.x86_64", "product": { "name": "jbcs-httpd24-httpd-debuginfo-0:2.4.23-122.jbcs.el6.x86_64", "product_id": "jbcs-httpd24-httpd-debuginfo-0:2.4.23-122.jbcs.el6.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-httpd-debuginfo@2.4.23-122.jbcs.el6?arch=x86_64" } } }, { "category": "product_version", "name": "jbcs-httpd24-mod_session-0:2.4.23-122.jbcs.el6.x86_64", "product": { "name": "jbcs-httpd24-mod_session-0:2.4.23-122.jbcs.el6.x86_64", "product_id": "jbcs-httpd24-mod_session-0:2.4.23-122.jbcs.el6.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-mod_session@2.4.23-122.jbcs.el6?arch=x86_64" } } }, { "category": "product_version", "name": "jbcs-httpd24-mod_ldap-0:2.4.23-122.jbcs.el6.x86_64", "product": { "name": "jbcs-httpd24-mod_ldap-0:2.4.23-122.jbcs.el6.x86_64", "product_id": "jbcs-httpd24-mod_ldap-0:2.4.23-122.jbcs.el6.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-mod_ldap@2.4.23-122.jbcs.el6?arch=x86_64" } } }, { "category": "product_version", "name": "jbcs-httpd24-mod_ssl-1:2.4.23-122.jbcs.el6.x86_64", "product": { "name": "jbcs-httpd24-mod_ssl-1:2.4.23-122.jbcs.el6.x86_64", "product_id": "jbcs-httpd24-mod_ssl-1:2.4.23-122.jbcs.el6.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-mod_ssl@2.4.23-122.jbcs.el6?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "jbcs-httpd24-httpd-libs-0:2.4.23-122.jbcs.el6.x86_64", "product": { "name": "jbcs-httpd24-httpd-libs-0:2.4.23-122.jbcs.el6.x86_64", "product_id": "jbcs-httpd24-httpd-libs-0:2.4.23-122.jbcs.el6.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-httpd-libs@2.4.23-122.jbcs.el6?arch=x86_64" } } }, { "category": "product_version", "name": "jbcs-httpd24-httpd-tools-0:2.4.23-122.jbcs.el6.x86_64", "product": { "name": "jbcs-httpd24-httpd-tools-0:2.4.23-122.jbcs.el6.x86_64", "product_id": "jbcs-httpd24-httpd-tools-0:2.4.23-122.jbcs.el6.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-httpd-tools@2.4.23-122.jbcs.el6?arch=x86_64" } } }, { "category": "product_version", "name": "jbcs-httpd24-mod_proxy_html-1:2.4.23-122.jbcs.el6.x86_64", "product": { "name": "jbcs-httpd24-mod_proxy_html-1:2.4.23-122.jbcs.el6.x86_64", "product_id": "jbcs-httpd24-mod_proxy_html-1:2.4.23-122.jbcs.el6.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-mod_proxy_html@2.4.23-122.jbcs.el6?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "jbcs-httpd24-httpd-selinux-0:2.4.23-122.jbcs.el6.x86_64", "product": { "name": "jbcs-httpd24-httpd-selinux-0:2.4.23-122.jbcs.el6.x86_64", "product_id": "jbcs-httpd24-httpd-selinux-0:2.4.23-122.jbcs.el6.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-httpd-selinux@2.4.23-122.jbcs.el6?arch=x86_64" } } }, { "category": "product_version", "name": "jbcs-httpd24-httpd-0:2.4.23-122.jbcs.el6.x86_64", "product": { "name": "jbcs-httpd24-httpd-0:2.4.23-122.jbcs.el6.x86_64", "product_id": "jbcs-httpd24-httpd-0:2.4.23-122.jbcs.el6.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-httpd@2.4.23-122.jbcs.el6?arch=x86_64" } } }, { "category": "product_version", "name": "jbcs-httpd24-httpd-devel-0:2.4.23-122.jbcs.el6.x86_64", "product": { "name": "jbcs-httpd24-httpd-devel-0:2.4.23-122.jbcs.el6.x86_64", "product_id": "jbcs-httpd24-httpd-devel-0:2.4.23-122.jbcs.el6.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-httpd-devel@2.4.23-122.jbcs.el6?arch=x86_64" } } } ], "category": "architecture", "name": "x86_64" }, { "branches": [ { "category": "product_version", "name": "jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el6.i686", "product": { "name": "jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el6.i686", "product_id": "jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el6.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-openssl-static@1.0.2h-14.jbcs.el6?arch=i686\u0026epoch=1" } } }, { "category": "product_version", "name": "jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el6.i686", "product": { "name": "jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el6.i686", "product_id": "jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el6.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-openssl-libs@1.0.2h-14.jbcs.el6?arch=i686\u0026epoch=1" } } }, { "category": "product_version", "name": "jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el6.i686", "product": { "name": "jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el6.i686", "product_id": "jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el6.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-openssl-perl@1.0.2h-14.jbcs.el6?arch=i686\u0026epoch=1" } } }, { "category": "product_version", "name": "jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.i686", "product": { "name": "jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.i686", "product_id": "jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-openssl@1.0.2h-14.jbcs.el6?arch=i686\u0026epoch=1" } } }, { "category": "product_version", "name": "jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el6.i686", "product": { "name": "jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el6.i686", "product_id": "jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el6.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-openssl-debuginfo@1.0.2h-14.jbcs.el6?arch=i686\u0026epoch=1" } } }, { "category": "product_version", "name": "jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el6.i686", "product": { "name": "jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el6.i686", "product_id": "jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el6.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-openssl-devel@1.0.2h-14.jbcs.el6?arch=i686\u0026epoch=1" } } }, { "category": "product_version", "name": "jbcs-httpd24-httpd-debuginfo-0:2.4.23-122.jbcs.el6.i686", "product": { "name": "jbcs-httpd24-httpd-debuginfo-0:2.4.23-122.jbcs.el6.i686", "product_id": "jbcs-httpd24-httpd-debuginfo-0:2.4.23-122.jbcs.el6.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-httpd-debuginfo@2.4.23-122.jbcs.el6?arch=i686" } } }, { "category": "product_version", "name": "jbcs-httpd24-mod_session-0:2.4.23-122.jbcs.el6.i686", "product": { "name": "jbcs-httpd24-mod_session-0:2.4.23-122.jbcs.el6.i686", "product_id": "jbcs-httpd24-mod_session-0:2.4.23-122.jbcs.el6.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-mod_session@2.4.23-122.jbcs.el6?arch=i686" } } }, { "category": "product_version", "name": "jbcs-httpd24-mod_ldap-0:2.4.23-122.jbcs.el6.i686", "product": { "name": "jbcs-httpd24-mod_ldap-0:2.4.23-122.jbcs.el6.i686", "product_id": "jbcs-httpd24-mod_ldap-0:2.4.23-122.jbcs.el6.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-mod_ldap@2.4.23-122.jbcs.el6?arch=i686" } } }, { "category": "product_version", "name": "jbcs-httpd24-mod_ssl-1:2.4.23-122.jbcs.el6.i686", "product": { "name": "jbcs-httpd24-mod_ssl-1:2.4.23-122.jbcs.el6.i686", "product_id": "jbcs-httpd24-mod_ssl-1:2.4.23-122.jbcs.el6.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-mod_ssl@2.4.23-122.jbcs.el6?arch=i686\u0026epoch=1" } } }, { "category": "product_version", "name": "jbcs-httpd24-httpd-libs-0:2.4.23-122.jbcs.el6.i686", "product": { "name": "jbcs-httpd24-httpd-libs-0:2.4.23-122.jbcs.el6.i686", "product_id": "jbcs-httpd24-httpd-libs-0:2.4.23-122.jbcs.el6.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-httpd-libs@2.4.23-122.jbcs.el6?arch=i686" } } }, { "category": "product_version", "name": "jbcs-httpd24-httpd-tools-0:2.4.23-122.jbcs.el6.i686", "product": { "name": "jbcs-httpd24-httpd-tools-0:2.4.23-122.jbcs.el6.i686", "product_id": "jbcs-httpd24-httpd-tools-0:2.4.23-122.jbcs.el6.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-httpd-tools@2.4.23-122.jbcs.el6?arch=i686" } } }, { "category": "product_version", "name": "jbcs-httpd24-mod_proxy_html-1:2.4.23-122.jbcs.el6.i686", "product": { "name": "jbcs-httpd24-mod_proxy_html-1:2.4.23-122.jbcs.el6.i686", "product_id": "jbcs-httpd24-mod_proxy_html-1:2.4.23-122.jbcs.el6.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-mod_proxy_html@2.4.23-122.jbcs.el6?arch=i686\u0026epoch=1" } } }, { "category": "product_version", "name": "jbcs-httpd24-httpd-selinux-0:2.4.23-122.jbcs.el6.i686", "product": { "name": "jbcs-httpd24-httpd-selinux-0:2.4.23-122.jbcs.el6.i686", "product_id": "jbcs-httpd24-httpd-selinux-0:2.4.23-122.jbcs.el6.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-httpd-selinux@2.4.23-122.jbcs.el6?arch=i686" } } }, { "category": "product_version", "name": "jbcs-httpd24-httpd-0:2.4.23-122.jbcs.el6.i686", "product": { "name": "jbcs-httpd24-httpd-0:2.4.23-122.jbcs.el6.i686", "product_id": "jbcs-httpd24-httpd-0:2.4.23-122.jbcs.el6.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-httpd@2.4.23-122.jbcs.el6?arch=i686" } } }, { "category": "product_version", "name": "jbcs-httpd24-httpd-devel-0:2.4.23-122.jbcs.el6.i686", "product": { "name": "jbcs-httpd24-httpd-devel-0:2.4.23-122.jbcs.el6.i686", "product_id": "jbcs-httpd24-httpd-devel-0:2.4.23-122.jbcs.el6.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-httpd-devel@2.4.23-122.jbcs.el6?arch=i686" } } } ], "category": "architecture", "name": "i686" }, { "branches": [ { "category": "product_version", "name": "jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.src", "product": { "name": "jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.src", "product_id": "jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-openssl@1.0.2h-14.jbcs.el6?arch=src\u0026epoch=1" } } }, { "category": "product_version", "name": "jbcs-httpd24-httpd-0:2.4.23-122.jbcs.el6.src", "product": { "name": "jbcs-httpd24-httpd-0:2.4.23-122.jbcs.el6.src", "product_id": "jbcs-httpd24-httpd-0:2.4.23-122.jbcs.el6.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-httpd@2.4.23-122.jbcs.el6?arch=src" } } } ], "category": "architecture", "name": "src" }, { "branches": [ { "category": "product_version", "name": "jbcs-httpd24-httpd-manual-0:2.4.23-122.jbcs.el6.noarch", "product": { "name": "jbcs-httpd24-httpd-manual-0:2.4.23-122.jbcs.el6.noarch", "product_id": "jbcs-httpd24-httpd-manual-0:2.4.23-122.jbcs.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-httpd-manual@2.4.23-122.jbcs.el6?arch=noarch" } } } ], "category": "architecture", "name": "noarch" } ], "category": "vendor", "name": "Red Hat" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-httpd-0:2.4.23-122.jbcs.el6.i686 as a component of Red Hat JBoss Core Services on RHEL 6 Server", "product_id": "6Server-JBCS:jbcs-httpd24-httpd-0:2.4.23-122.jbcs.el6.i686" }, "product_reference": "jbcs-httpd24-httpd-0:2.4.23-122.jbcs.el6.i686", "relates_to_product_reference": "6Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-httpd-0:2.4.23-122.jbcs.el6.src as a component of Red Hat JBoss Core Services on RHEL 6 Server", "product_id": "6Server-JBCS:jbcs-httpd24-httpd-0:2.4.23-122.jbcs.el6.src" }, "product_reference": "jbcs-httpd24-httpd-0:2.4.23-122.jbcs.el6.src", "relates_to_product_reference": "6Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-httpd-0:2.4.23-122.jbcs.el6.x86_64 as a component of Red Hat JBoss Core Services on RHEL 6 Server", "product_id": "6Server-JBCS:jbcs-httpd24-httpd-0:2.4.23-122.jbcs.el6.x86_64" }, "product_reference": "jbcs-httpd24-httpd-0:2.4.23-122.jbcs.el6.x86_64", "relates_to_product_reference": "6Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-httpd-debuginfo-0:2.4.23-122.jbcs.el6.i686 as a component of Red Hat JBoss Core Services on RHEL 6 Server", "product_id": "6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.23-122.jbcs.el6.i686" }, "product_reference": "jbcs-httpd24-httpd-debuginfo-0:2.4.23-122.jbcs.el6.i686", "relates_to_product_reference": "6Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-httpd-debuginfo-0:2.4.23-122.jbcs.el6.x86_64 as a component of Red Hat JBoss Core Services on RHEL 6 Server", "product_id": "6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.23-122.jbcs.el6.x86_64" }, "product_reference": "jbcs-httpd24-httpd-debuginfo-0:2.4.23-122.jbcs.el6.x86_64", "relates_to_product_reference": "6Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-httpd-devel-0:2.4.23-122.jbcs.el6.i686 as a component of Red Hat JBoss Core Services on RHEL 6 Server", "product_id": "6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.23-122.jbcs.el6.i686" }, "product_reference": "jbcs-httpd24-httpd-devel-0:2.4.23-122.jbcs.el6.i686", "relates_to_product_reference": "6Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-httpd-devel-0:2.4.23-122.jbcs.el6.x86_64 as a component of Red Hat JBoss Core Services on RHEL 6 Server", "product_id": "6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.23-122.jbcs.el6.x86_64" }, "product_reference": "jbcs-httpd24-httpd-devel-0:2.4.23-122.jbcs.el6.x86_64", "relates_to_product_reference": "6Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-httpd-libs-0:2.4.23-122.jbcs.el6.i686 as a component of Red Hat JBoss Core Services on RHEL 6 Server", "product_id": "6Server-JBCS:jbcs-httpd24-httpd-libs-0:2.4.23-122.jbcs.el6.i686" }, "product_reference": "jbcs-httpd24-httpd-libs-0:2.4.23-122.jbcs.el6.i686", "relates_to_product_reference": "6Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-httpd-libs-0:2.4.23-122.jbcs.el6.x86_64 as a component of Red Hat JBoss Core Services on RHEL 6 Server", "product_id": "6Server-JBCS:jbcs-httpd24-httpd-libs-0:2.4.23-122.jbcs.el6.x86_64" }, "product_reference": "jbcs-httpd24-httpd-libs-0:2.4.23-122.jbcs.el6.x86_64", "relates_to_product_reference": "6Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-httpd-manual-0:2.4.23-122.jbcs.el6.noarch as a component of Red Hat JBoss Core Services on RHEL 6 Server", "product_id": "6Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.23-122.jbcs.el6.noarch" }, "product_reference": "jbcs-httpd24-httpd-manual-0:2.4.23-122.jbcs.el6.noarch", "relates_to_product_reference": "6Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-httpd-selinux-0:2.4.23-122.jbcs.el6.i686 as a component of Red Hat JBoss Core Services on RHEL 6 Server", "product_id": "6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.23-122.jbcs.el6.i686" }, "product_reference": "jbcs-httpd24-httpd-selinux-0:2.4.23-122.jbcs.el6.i686", "relates_to_product_reference": "6Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-httpd-selinux-0:2.4.23-122.jbcs.el6.x86_64 as a component of Red Hat JBoss Core Services on RHEL 6 Server", "product_id": "6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.23-122.jbcs.el6.x86_64" }, "product_reference": "jbcs-httpd24-httpd-selinux-0:2.4.23-122.jbcs.el6.x86_64", "relates_to_product_reference": "6Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-httpd-tools-0:2.4.23-122.jbcs.el6.i686 as a component of Red Hat JBoss Core Services on RHEL 6 Server", "product_id": "6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.23-122.jbcs.el6.i686" }, "product_reference": "jbcs-httpd24-httpd-tools-0:2.4.23-122.jbcs.el6.i686", "relates_to_product_reference": "6Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-httpd-tools-0:2.4.23-122.jbcs.el6.x86_64 as a component of Red Hat JBoss Core Services on RHEL 6 Server", "product_id": "6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.23-122.jbcs.el6.x86_64" }, "product_reference": "jbcs-httpd24-httpd-tools-0:2.4.23-122.jbcs.el6.x86_64", "relates_to_product_reference": "6Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-mod_ldap-0:2.4.23-122.jbcs.el6.i686 as a component of Red Hat JBoss Core Services on RHEL 6 Server", "product_id": "6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.23-122.jbcs.el6.i686" }, "product_reference": "jbcs-httpd24-mod_ldap-0:2.4.23-122.jbcs.el6.i686", "relates_to_product_reference": "6Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-mod_ldap-0:2.4.23-122.jbcs.el6.x86_64 as a component of Red Hat JBoss Core Services on RHEL 6 Server", "product_id": "6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.23-122.jbcs.el6.x86_64" }, "product_reference": "jbcs-httpd24-mod_ldap-0:2.4.23-122.jbcs.el6.x86_64", "relates_to_product_reference": "6Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-mod_proxy_html-1:2.4.23-122.jbcs.el6.i686 as a component of Red Hat JBoss Core Services on RHEL 6 Server", "product_id": "6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.23-122.jbcs.el6.i686" }, "product_reference": "jbcs-httpd24-mod_proxy_html-1:2.4.23-122.jbcs.el6.i686", "relates_to_product_reference": "6Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-mod_proxy_html-1:2.4.23-122.jbcs.el6.x86_64 as a component of Red Hat JBoss Core Services on RHEL 6 Server", "product_id": "6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.23-122.jbcs.el6.x86_64" }, "product_reference": "jbcs-httpd24-mod_proxy_html-1:2.4.23-122.jbcs.el6.x86_64", "relates_to_product_reference": "6Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-mod_session-0:2.4.23-122.jbcs.el6.i686 as a component of Red Hat JBoss Core Services on RHEL 6 Server", "product_id": "6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.23-122.jbcs.el6.i686" }, "product_reference": "jbcs-httpd24-mod_session-0:2.4.23-122.jbcs.el6.i686", "relates_to_product_reference": "6Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-mod_session-0:2.4.23-122.jbcs.el6.x86_64 as a component of Red Hat JBoss Core Services on RHEL 6 Server", "product_id": "6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.23-122.jbcs.el6.x86_64" }, "product_reference": "jbcs-httpd24-mod_session-0:2.4.23-122.jbcs.el6.x86_64", "relates_to_product_reference": "6Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-mod_ssl-1:2.4.23-122.jbcs.el6.i686 as a component of Red Hat JBoss Core Services on RHEL 6 Server", "product_id": "6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.23-122.jbcs.el6.i686" }, "product_reference": "jbcs-httpd24-mod_ssl-1:2.4.23-122.jbcs.el6.i686", "relates_to_product_reference": "6Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-mod_ssl-1:2.4.23-122.jbcs.el6.x86_64 as a component of Red Hat JBoss Core Services on RHEL 6 Server", "product_id": "6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.23-122.jbcs.el6.x86_64" }, "product_reference": "jbcs-httpd24-mod_ssl-1:2.4.23-122.jbcs.el6.x86_64", "relates_to_product_reference": "6Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.i686 as a component of Red Hat JBoss Core Services on RHEL 6 Server", "product_id": "6Server-JBCS:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.i686" }, "product_reference": "jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.i686", "relates_to_product_reference": "6Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.src as a component of Red Hat JBoss Core Services on RHEL 6 Server", "product_id": "6Server-JBCS:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.src" }, "product_reference": "jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.src", "relates_to_product_reference": "6Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.x86_64 as a component of Red Hat JBoss Core Services on RHEL 6 Server", "product_id": "6Server-JBCS:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.x86_64" }, "product_reference": "jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.x86_64", "relates_to_product_reference": "6Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el6.i686 as a component of Red Hat JBoss Core Services on RHEL 6 Server", "product_id": "6Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el6.i686" }, "product_reference": "jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el6.i686", "relates_to_product_reference": "6Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el6.x86_64 as a component of Red Hat JBoss Core Services on RHEL 6 Server", "product_id": "6Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el6.x86_64" }, "product_reference": "jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el6.x86_64", "relates_to_product_reference": "6Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el6.i686 as a component of Red Hat JBoss Core Services on RHEL 6 Server", "product_id": "6Server-JBCS:jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el6.i686" }, "product_reference": "jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el6.i686", "relates_to_product_reference": "6Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el6.x86_64 as a component of Red Hat JBoss Core Services on RHEL 6 Server", "product_id": "6Server-JBCS:jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el6.x86_64" }, "product_reference": "jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el6.x86_64", "relates_to_product_reference": "6Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el6.i686 as a component of Red Hat JBoss Core Services on RHEL 6 Server", "product_id": "6Server-JBCS:jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el6.i686" }, "product_reference": "jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el6.i686", "relates_to_product_reference": "6Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el6.x86_64 as a component of Red Hat JBoss Core Services on RHEL 6 Server", "product_id": "6Server-JBCS:jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el6.x86_64" }, "product_reference": "jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el6.x86_64", "relates_to_product_reference": "6Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el6.i686 as a component of Red Hat JBoss Core Services on RHEL 6 Server", "product_id": "6Server-JBCS:jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el6.i686" }, "product_reference": "jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el6.i686", "relates_to_product_reference": "6Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el6.x86_64 as a component of Red Hat JBoss Core Services on RHEL 6 Server", "product_id": "6Server-JBCS:jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el6.x86_64" }, "product_reference": "jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el6.x86_64", "relates_to_product_reference": "6Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el6.i686 as a component of Red Hat JBoss Core Services on RHEL 6 Server", "product_id": "6Server-JBCS:jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el6.i686" }, "product_reference": "jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el6.i686", "relates_to_product_reference": "6Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el6.x86_64 as a component of Red Hat JBoss Core Services on RHEL 6 Server", "product_id": "6Server-JBCS:jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el6.x86_64" }, "product_reference": "jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el6.x86_64", "relates_to_product_reference": "6Server-JBCS" } ] }, "vulnerabilities": [ { "cve": "CVE-2015-3185", "cwe": { "id": "CWE-287", "name": "Improper Authentication" }, "discovery_date": "2015-07-16T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1243888" } ], "notes": [ { "category": "description", "text": "It was discovered that in httpd 2.4, the internal API function ap_some_auth_required() could incorrectly indicate that a request was authenticated even when no authentication was used. An httpd module using this API function could consequently allow access that should have been denied.", "title": "Vulnerability description" }, { "category": "summary", "text": "httpd: ap_some_auth_required() does not properly indicate authenticated request in 2.4", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Server-JBCS:jbcs-httpd24-httpd-0:2.4.23-122.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-0:2.4.23-122.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-httpd-0:2.4.23-122.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.23-122.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.23-122.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.23-122.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.23-122.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-libs-0:2.4.23-122.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-libs-0:2.4.23-122.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.23-122.jbcs.el6.noarch", "6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.23-122.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.23-122.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.23-122.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.23-122.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.23-122.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.23-122.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.23-122.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.23-122.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.23-122.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.23-122.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.23-122.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.23-122.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el6.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2015-3185" }, { "category": "external", "summary": "RHBZ#1243888", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1243888" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2015-3185", "url": "https://www.cve.org/CVERecord?id=CVE-2015-3185" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2015-3185", "url": "https://nvd.nist.gov/vuln/detail/CVE-2015-3185" }, { "category": "external", "summary": "http://httpd.apache.org/security/vulnerabilities_24.html#2.4.16", "url": "http://httpd.apache.org/security/vulnerabilities_24.html#2.4.16" } ], "release_date": "2015-07-15T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the updated packages, the httpd daemon will be restarted automatically. For the update to take effect, all services linked to the OpenSSL library must be restarted, or the system rebooted.", "product_ids": [ "6Server-JBCS:jbcs-httpd24-httpd-0:2.4.23-122.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-0:2.4.23-122.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-httpd-0:2.4.23-122.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.23-122.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.23-122.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.23-122.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.23-122.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-libs-0:2.4.23-122.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-libs-0:2.4.23-122.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.23-122.jbcs.el6.noarch", "6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.23-122.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.23-122.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.23-122.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.23-122.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.23-122.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.23-122.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.23-122.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.23-122.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.23-122.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.23-122.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.23-122.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.23-122.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el6.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2017:2710" } ], "scores": [ { "cvss_v2": { "accessComplexity": "HIGH", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 2.6, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:H/Au:N/C:N/I:N/A:P", "version": "2.0" }, "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 3.7, "baseSeverity": "LOW", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L", "version": "3.0" }, "products": [ "6Server-JBCS:jbcs-httpd24-httpd-0:2.4.23-122.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-0:2.4.23-122.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-httpd-0:2.4.23-122.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.23-122.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.23-122.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.23-122.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.23-122.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-libs-0:2.4.23-122.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-libs-0:2.4.23-122.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.23-122.jbcs.el6.noarch", "6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.23-122.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.23-122.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.23-122.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.23-122.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.23-122.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.23-122.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.23-122.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.23-122.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.23-122.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.23-122.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.23-122.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.23-122.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el6.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "httpd: ap_some_auth_required() does not properly indicate authenticated request in 2.4" }, { "acknowledgments": [ { "names": [ "OpenVPN" ] }, { "names": [ "Karthikeyan Bhargavan", "Ga\u00ebtan Leurent" ], "organization": "Inria", "summary": "Acknowledged by upstream." } ], "cve": "CVE-2016-2183", "cwe": { "id": "CWE-327", "name": "Use of a Broken or Risky Cryptographic Algorithm" }, "discovery_date": "2016-08-18T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1369383" } ], "notes": [ { "category": "description", "text": "A flaw was found in the way the DES/3DES cipher was used as part of the TLS/SSL protocol. A man-in-the-middle attacker could use this flaw to recover some plaintext data by capturing large amounts of encrypted traffic between TLS/SSL server and client if the communication used a DES/3DES based ciphersuite.", "title": "Vulnerability description" }, { "category": "summary", "text": "SSL/TLS: Birthday attack against 64-bit block ciphers (SWEET32)", "title": "Vulnerability summary" }, { "category": "other", "text": "OpenSSL security update RHSA-2016:1940 mitigates this issue by lowering priority of DES cipher suites so they are not preferred over cipher suites using AES. For compatibility reasons, DES cipher suites remain enabled by default and included in the set of cipher suites identified by the HIGH cipher string. Future updates may move them to MEDIUM or not enable them by default.\n\nNSS addressed this issue by implementing limits on the amount of plain text which can be encrypted by using the same key. Once the limit is reached, the keys will need to be re-negotiated manually. This change will be available in nss-3.27.\n\nGnuTLS is not affected by this issue, since it prioritizes AES before 3DES in the cipher list.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Server-JBCS:jbcs-httpd24-httpd-0:2.4.23-122.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-0:2.4.23-122.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-httpd-0:2.4.23-122.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.23-122.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.23-122.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.23-122.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.23-122.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-libs-0:2.4.23-122.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-libs-0:2.4.23-122.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.23-122.jbcs.el6.noarch", "6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.23-122.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.23-122.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.23-122.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.23-122.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.23-122.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.23-122.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.23-122.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.23-122.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.23-122.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.23-122.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.23-122.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.23-122.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el6.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2016-2183" }, { "category": "external", "summary": "RHBZ#1369383", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1369383" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2016-2183", "url": "https://www.cve.org/CVERecord?id=CVE-2016-2183" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-2183", "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-2183" }, { "category": "external", "summary": "https://access.redhat.com/articles/2548661", "url": "https://access.redhat.com/articles/2548661" }, { "category": "external", "summary": "https://access.redhat.com/errata/RHSA-2016:1940", "url": "https://access.redhat.com/errata/RHSA-2016:1940" }, { "category": "external", "summary": "https://sweet32.info/", "url": "https://sweet32.info/" } ], "release_date": "2016-08-24T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the updated packages, the httpd daemon will be restarted automatically. For the update to take effect, all services linked to the OpenSSL library must be restarted, or the system rebooted.", "product_ids": [ "6Server-JBCS:jbcs-httpd24-httpd-0:2.4.23-122.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-0:2.4.23-122.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-httpd-0:2.4.23-122.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.23-122.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.23-122.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.23-122.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.23-122.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-libs-0:2.4.23-122.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-libs-0:2.4.23-122.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.23-122.jbcs.el6.noarch", "6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.23-122.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.23-122.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.23-122.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.23-122.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.23-122.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.23-122.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.23-122.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.23-122.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.23-122.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.23-122.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.23-122.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.23-122.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el6.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2017:2710" }, { "category": "workaround", "details": "1.SSL/TLS configurations should prefer AES over DES. Versions of OpenSSL shipped with Red Hat Enterprise Linux 6 and 7 already do so. In the version of OpenSSL shipped with Red Hat Enterprise Linux 5, 3DES is listed below the AES-256 cipher and above the AES-128 cipher, therefore AES-256 based ciphersuite should not be disabled on the server.\n2. Servers using OpenSSL, should not disable AES-128 and AES-256 ciphersuites. Versions of Apache shipped with Red Hat Enterprise Linux use the default cipher string, in which AES is preferred over DES/3DES based ciphersuites.\n\nFor JBoss Middleware, and Java mitigations, please review this knowledge base article:\n\nhttps://access.redhat.com/articles/2598471\n\nThis can be mitigated on OpenShift Container Platform (OCP) by disabling the vulnerable TLS cipher suite in the applicable component. TLS configuration options for OCP are described here:\n\nhttps://access.redhat.com/articles/5348961", "product_ids": [ "6Server-JBCS:jbcs-httpd24-httpd-0:2.4.23-122.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-0:2.4.23-122.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-httpd-0:2.4.23-122.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.23-122.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.23-122.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.23-122.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.23-122.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-libs-0:2.4.23-122.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-libs-0:2.4.23-122.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.23-122.jbcs.el6.noarch", "6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.23-122.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.23-122.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.23-122.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.23-122.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.23-122.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.23-122.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.23-122.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.23-122.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.23-122.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.23-122.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.23-122.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.23-122.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el6.x86_64" ] } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0" }, "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.0" }, "products": [ "6Server-JBCS:jbcs-httpd24-httpd-0:2.4.23-122.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-0:2.4.23-122.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-httpd-0:2.4.23-122.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.23-122.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.23-122.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.23-122.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.23-122.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-libs-0:2.4.23-122.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-libs-0:2.4.23-122.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.23-122.jbcs.el6.noarch", "6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.23-122.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.23-122.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.23-122.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.23-122.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.23-122.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.23-122.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.23-122.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.23-122.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.23-122.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.23-122.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.23-122.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.23-122.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el6.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "SSL/TLS: Birthday attack against 64-bit block ciphers (SWEET32)" }, { "cve": "CVE-2017-9788", "cwe": { "id": "CWE-456", "name": "Missing Initialization of a Variable" }, "discovery_date": "2017-07-13T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1470748" } ], "notes": [ { "category": "description", "text": "It was discovered that the httpd\u0027s mod_auth_digest module did not properly initialize memory before using it when processing certain headers related to digest authentication. A remote attacker could possibly use this flaw to disclose potentially sensitive information or cause httpd child process to crash by sending specially crafted requests to a server.", "title": "Vulnerability description" }, { "category": "summary", "text": "httpd: Uninitialized memory reflection in mod_auth_digest", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Server-JBCS:jbcs-httpd24-httpd-0:2.4.23-122.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-0:2.4.23-122.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-httpd-0:2.4.23-122.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.23-122.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.23-122.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.23-122.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.23-122.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-libs-0:2.4.23-122.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-libs-0:2.4.23-122.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.23-122.jbcs.el6.noarch", "6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.23-122.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.23-122.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.23-122.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.23-122.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.23-122.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.23-122.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.23-122.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.23-122.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.23-122.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.23-122.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.23-122.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.23-122.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el6.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2017-9788" }, { "category": "external", "summary": "RHBZ#1470748", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1470748" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2017-9788", "url": "https://www.cve.org/CVERecord?id=CVE-2017-9788" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-9788", "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-9788" }, { "category": "external", "summary": "https://httpd.apache.org/security/vulnerabilities_22.html#2.2.34", "url": "https://httpd.apache.org/security/vulnerabilities_22.html#2.2.34" }, { "category": "external", "summary": "https://httpd.apache.org/security/vulnerabilities_24.html#2.4.27", "url": "https://httpd.apache.org/security/vulnerabilities_24.html#2.4.27" } ], "release_date": "2017-07-11T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the updated packages, the httpd daemon will be restarted automatically. For the update to take effect, all services linked to the OpenSSL library must be restarted, or the system rebooted.", "product_ids": [ "6Server-JBCS:jbcs-httpd24-httpd-0:2.4.23-122.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-0:2.4.23-122.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-httpd-0:2.4.23-122.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.23-122.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.23-122.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.23-122.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.23-122.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-libs-0:2.4.23-122.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-libs-0:2.4.23-122.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.23-122.jbcs.el6.noarch", "6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.23-122.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.23-122.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.23-122.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.23-122.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.23-122.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.23-122.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.23-122.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.23-122.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.23-122.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.23-122.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.23-122.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.23-122.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el6.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2017:2710" }, { "category": "workaround", "details": "If you do not use digest authentication, do not load the \"auth_digest_module\".\n\nFor example, on RHEL 7, this can be done by commenting out or removing the\n\"LoadModule auth_digest_module modules/mod_auth_digest.so\"\nline within the /etc/httpd/conf.modules.d/00-base.conf configuration file and restarting the service.\n\nYou can then use the \"httpd -t -D DUMP_MODULES\" command to verify that the module is no longer loaded.", "product_ids": [ "6Server-JBCS:jbcs-httpd24-httpd-0:2.4.23-122.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-0:2.4.23-122.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-httpd-0:2.4.23-122.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.23-122.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.23-122.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.23-122.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.23-122.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-libs-0:2.4.23-122.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-libs-0:2.4.23-122.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.23-122.jbcs.el6.noarch", "6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.23-122.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.23-122.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.23-122.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.23-122.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.23-122.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.23-122.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.23-122.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.23-122.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.23-122.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.23-122.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.23-122.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.23-122.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el6.x86_64" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 4.8, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:L", "version": "3.0" }, "products": [ "6Server-JBCS:jbcs-httpd24-httpd-0:2.4.23-122.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-0:2.4.23-122.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-httpd-0:2.4.23-122.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.23-122.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.23-122.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.23-122.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.23-122.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-libs-0:2.4.23-122.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-libs-0:2.4.23-122.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.23-122.jbcs.el6.noarch", "6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.23-122.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.23-122.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.23-122.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.23-122.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.23-122.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.23-122.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.23-122.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.23-122.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.23-122.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.23-122.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.23-122.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.23-122.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-openssl-1:1.0.2h-14.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-14.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-openssl-devel-1:1.0.2h-14.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-openssl-libs-1:1.0.2h-14.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-openssl-perl-1:1.0.2h-14.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-openssl-static-1:1.0.2h-14.jbcs.el6.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "httpd: Uninitialized memory reflection in mod_auth_digest" } ] }
icsma-18-058-02
Vulnerability from csaf_cisa
Notes
{ "document": { "acknowledgments": [ { "organization": "Phillips", "summary": "reporting these vulnerabilities to CISA" } ], "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Disclosure is not limited", "tlp": { "label": "WHITE", "url": "https://us-cert.cisa.gov/tlp/" } }, "lang": "en-US", "notes": [ { "category": "general", "text": "This CSAF advisory was extracted from unstructured data and may contain inaccuracies. If you notice any errors, please reach out to the designated contact at CISA CSAF: central@cisa.dhs.gov", "title": "CISA Disclaimer" }, { "category": "legal_disclaimer", "text": "All information products included in https://us-cert.cisa.gov/ics are provided \"as is\" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.", "title": "Legal Notice" }, { "category": "summary", "text": "Successful exploitation of these vulnerabilities could allow an attacker to gain unauthorized access to sensitive information, perform man-in-the-middle attacks, create denial of service conditions, or execute arbitrary code.", "title": "Risk evaluation" }, { "category": "other", "text": "Healthcare and Public Health", "title": "Critical infrastructure sectors" }, { "category": "other", "text": "Worldwide", "title": "Countries/areas deployed" }, { "category": "other", "text": "United States", "title": "Company headquarters location" }, { "category": "general", "text": "CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability, such as:", "title": "Recommended Practices" }, { "category": "general", "text": "Minimize network exposure for all control system devices and/or systems, ensuring they are not accessible from the internet.", "title": "Recommended Practices" }, { "category": "general", "text": "Locate control system networks and remote devices behind firewalls and isolating them from business networks.", "title": "Recommended Practices" }, { "category": "general", "text": "When remote access is required, use more secure methods, such as Virtual Private Networks (VPNs), recognizing VPNs may have vulnerabilities and should be updated to the most current version available. Also recognize VPN is only as secure as the connected devices.", "title": "Recommended Practices" }, { "category": "general", "text": "CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.", "title": "Recommended Practices" }, { "category": "general", "text": "CISA also provides a section for control systems security recommended practices on the ICS webpage on cisa.gov/ics. Several CISA products detailing cyber defense best practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.", "title": "Recommended Practices" }, { "category": "general", "text": "CISA encourages organizations to implement recommended cybersecurity strategies for proactive defense of ICS assets.", "title": "Recommended Practices" }, { "category": "general", "text": "Additional mitigation guidance and recommended practices are publicly available on the ICS webpage at cisa.gov/ics in the technical information paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.", "title": "Recommended Practices" }, { "category": "general", "text": "Organizations observing suspected malicious activity should follow established internal procedures and report findings to CISA for tracking and correlation against other incidents.", "title": "Recommended Practices" }, { "category": "general", "text": "CISA also recommends users take the following measures to protect themselves from social engineering attacks:", "title": "Recommended Practices" }, { "category": "general", "text": "Do not click web links or open attachments in unsolicited email messages.", "title": "Recommended Practices" }, { "category": "general", "text": "Refer to Recognizing and Avoiding Email Scams for more information on avoiding email scams.", "title": "Recommended Practices" }, { "category": "general", "text": "Refer to Avoiding Social Engineering and Phishing Attacks for more information on social engineering attacks.", "title": "Recommended Practices" } ], "publisher": { "category": "coordinator", "contact_details": "central@cisa.dhs.gov", "name": "CISA", "namespace": "https://www.cisa.gov/" }, "references": [ { "category": "self", "summary": "ICS Advisory ICSMA-18-058-02 JSON", "url": "https://raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/OT/white/2018/icsma-18-058-02.json" }, { "category": "self", "summary": "ICSA Advisory ICSMA-18-058-02 - Web Version", "url": "https://www.cisa.gov/news-events/ics-medical-advisories/icsma-18-058-02" }, { "category": "external", "summary": "Recommended Practices", "url": "https://www.cisa.gov/uscert/ics/alerts/ICS-ALERT-10-301-01" }, { "category": "external", "summary": "Recommended Practices", "url": "https://www.cisa.gov/resources-tools/resources/ics-recommended-practices" }, { "category": "external", "summary": "Recommended Practices", "url": "https://www.cisa.gov/sites/default/files/publications/Cybersecurity_Best_Practices_for_Industrial_Control_Systems.pdf" }, { "category": "external", "summary": "Recommended Practices", "url": "https://www.cisa.gov/topics/industrial-control-systems" }, { "category": "external", "summary": "Recommended Practices", "url": "https://www.cisa.gov/uscert/sites/default/files/publications/emailscams0905.pdf" }, { "category": "external", "summary": "Recommended Practices", "url": "https://www.cisa.gov/uscert/ncas/tips/ST04-014" }, { "category": "external", "summary": "Recommended Practices", "url": "https://us-cert.cisa.gov/sites/default/files/recommended_practices/NCCIC_ICS-CERT_Defense_in_Depth_2016_S508C.pdf" }, { "category": "external", "summary": "Recommended Practices", "url": "https://www.cisa.gov/uscert/ics/tips/ICS-TIP-12-146-01B" } ], "title": "Philips Intellispace Portal ISP Vulnerabilities", "tracking": { "current_release_date": "2018-02-27T00:00:00.000000Z", "generator": { "engine": { "name": "CISA CSAF Generator", "version": "1.0.0" } }, "id": "ICSMA-18-058-02", "initial_release_date": "2018-02-27T00:00:00.000000Z", "revision_history": [ { "date": "2018-02-27T00:00:00.000000Z", "legacy_version": "Initial", "number": "1", "summary": "ICSMA-18-058-02 Philips Intellispace Portal ISP Vulnerabilities" } ], "status": "final", "version": "1" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_version_range", "name": "vers:all/*", "product": { "name": "IntelliSpace Portal 8.0.x: *", "product_id": "CSAFPID-0001" } } ], "category": "product_name", "name": "IntelliSpace Portal 8.0.x" }, { "branches": [ { "category": "product_version_range", "name": "vers:all/*", "product": { "name": "IntelliSpace Portal 7.0.x: *", "product_id": "CSAFPID-0002" } } ], "category": "product_name", "name": "IntelliSpace Portal 7.0.x" } ], "category": "vendor", "name": "Phillips" } ] }, "vulnerabilities": [ { "cve": "CVE-2018-5474", "cwe": { "id": "CWE-20", "name": "Improper Input Validation" }, "notes": [ { "category": "summary", "text": "Philips Intellispace Portal all versions 7.0.x and 8.0.x have an input validation vulnerability that could allow a remote attacker to execute arbitrary code or cause the application to crash.", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001", "CSAFPID-0002" ] }, "references": [ { "category": "external", "summary": "web.nvd.nist.gov", "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-5474" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "remediations": [ { "category": "mitigation", "details": "Philips\u0027 evaluation of Operating System security patches is ongoing, and after appropriate testing, the patches and mitigating controls are posted on Philips\u0027 InCenter. ISP users are recommended to obtain available mitigating controls by accessing their InCenter account at this location: http://incenter.medical.philips.com", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002" ], "url": "http://incenter.medical.philips.com" }, { "category": "mitigation", "details": "Users with questions regarding their specific ISP installations are advised by Philips to contact their local Philips service support team or their regional service support.", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002" ] }, { "category": "mitigation", "details": "Philips\u0027 contact information is available at the following location: https://www.usa.philips.com/healthcare/solutions/customer-service-solutions", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002" ], "url": "https://www.usa.philips.com/healthcare/solutions/customer-service-solutions" }, { "category": "mitigation", "details": "Please see the Philips product security website for the latest security information for Philips products: https://www.philips.com/productsecurity", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002" ], "url": "https://www.philips.com/productsecurity" } ], "scores": [ { "cvss_v3": { "baseScore": 9.8, "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" }, "products": [ "CSAFPID-0001", "CSAFPID-0002" ] } ] }, { "cve": "CVE-2017-0143", "cwe": { "id": "CWE-20", "name": "Improper Input Validation" }, "notes": [ { "category": "summary", "text": "The SMBv1 server in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and Windows 10 Gold, 1511, and 1607; and Windows Server 2016 allows remote attackers to execute arbitrary code via crafted packets, aka \"Windows SMB Remote Code Execution Vulnerability.\" This vulnerability is different from those described in CVE-2017-0144, CVE-2017-0145, CVE-2017-0146, and CVE-2017-0148.", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001", "CSAFPID-0002" ] }, "references": [ { "category": "external", "summary": "web.nvd.nist.gov", "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-0143" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "remediations": [ { "category": "mitigation", "details": "Philips\u0027 evaluation of Operating System security patches is ongoing, and after appropriate testing, the patches and mitigating controls are posted on Philips\u0027 InCenter. ISP users are recommended to obtain available mitigating controls by accessing their InCenter account at this location: http://incenter.medical.philips.com", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002" ], "url": "http://incenter.medical.philips.com" }, { "category": "mitigation", "details": "Users with questions regarding their specific ISP installations are advised by Philips to contact their local Philips service support team or their regional service support.", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002" ] }, { "category": "mitigation", "details": "Philips\u0027 contact information is available at the following location: https://www.usa.philips.com/healthcare/solutions/customer-service-solutions", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002" ], "url": "https://www.usa.philips.com/healthcare/solutions/customer-service-solutions" }, { "category": "mitigation", "details": "Please see the Philips product security website for the latest security information for Philips products: https://www.philips.com/productsecurity", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002" ], "url": "https://www.philips.com/productsecurity" } ], "scores": [ { "cvss_v3": { "baseScore": 8.1, "baseSeverity": "HIGH", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" }, "products": [ "CSAFPID-0001", "CSAFPID-0002" ] } ] }, { "cve": "CVE-2017-0144", "cwe": { "id": "CWE-20", "name": "Improper Input Validation" }, "notes": [ { "category": "summary", "text": "The SMBv1 server in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and Windows 10 Gold, 1511, and 1607; and Windows Server 2016 allows remote attackers to execute arbitrary code via crafted packets, aka \"Windows SMB Remote Code Execution Vulnerability.\" This vulnerability is different from those described in CVE-2017-0143, CVE-2017-0145, CVE-2017-0146, and CVE-2017-0148.", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001", "CSAFPID-0002" ] }, "references": [ { "category": "external", "summary": "web.nvd.nist.gov", "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-0144" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "remediations": [ { "category": "mitigation", "details": "Philips\u0027 evaluation of Operating System security patches is ongoing, and after appropriate testing, the patches and mitigating controls are posted on Philips\u0027 InCenter. ISP users are recommended to obtain available mitigating controls by accessing their InCenter account at this location: http://incenter.medical.philips.com", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002" ], "url": "http://incenter.medical.philips.com" }, { "category": "mitigation", "details": "Users with questions regarding their specific ISP installations are advised by Philips to contact their local Philips service support team or their regional service support.", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002" ] }, { "category": "mitigation", "details": "Philips\u0027 contact information is available at the following location: https://www.usa.philips.com/healthcare/solutions/customer-service-solutions", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002" ], "url": "https://www.usa.philips.com/healthcare/solutions/customer-service-solutions" }, { "category": "mitigation", "details": "Please see the Philips product security website for the latest security information for Philips products: https://www.philips.com/productsecurity", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002" ], "url": "https://www.philips.com/productsecurity" } ], "scores": [ { "cvss_v3": { "baseScore": 8.1, "baseSeverity": "HIGH", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" }, "products": [ "CSAFPID-0001", "CSAFPID-0002" ] } ] }, { "cve": "CVE-2017-0145", "cwe": { "id": "CWE-20", "name": "Improper Input Validation" }, "notes": [ { "category": "summary", "text": "The SMBv1 server in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and Windows 10 Gold, 1511, and 1607; and Windows Server 2016 allows remote attackers to execute arbitrary code via crafted packets, aka \"Windows SMB Remote Code Execution Vulnerability.\" This vulnerability is different from those described in CVE-2017-0143, CVE-2017-0144, CVE-2017-0146, and CVE-2017-0148.", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001", "CSAFPID-0002" ] }, "references": [ { "category": "external", "summary": "web.nvd.nist.gov", "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-0145" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "remediations": [ { "category": "mitigation", "details": "Philips\u0027 evaluation of Operating System security patches is ongoing, and after appropriate testing, the patches and mitigating controls are posted on Philips\u0027 InCenter. ISP users are recommended to obtain available mitigating controls by accessing their InCenter account at this location: http://incenter.medical.philips.com", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002" ], "url": "http://incenter.medical.philips.com" }, { "category": "mitigation", "details": "Users with questions regarding their specific ISP installations are advised by Philips to contact their local Philips service support team or their regional service support.", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002" ] }, { "category": "mitigation", "details": "Philips\u0027 contact information is available at the following location: https://www.usa.philips.com/healthcare/solutions/customer-service-solutions", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002" ], "url": "https://www.usa.philips.com/healthcare/solutions/customer-service-solutions" }, { "category": "mitigation", "details": "Please see the Philips product security website for the latest security information for Philips products: https://www.philips.com/productsecurity", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002" ], "url": "https://www.philips.com/productsecurity" } ], "scores": [ { "cvss_v3": { "baseScore": 8.1, "baseSeverity": "HIGH", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" }, "products": [ "CSAFPID-0001", "CSAFPID-0002" ] } ] }, { "cve": "CVE-2017-0146", "cwe": { "id": "CWE-20", "name": "Improper Input Validation" }, "notes": [ { "category": "summary", "text": "The SMBv1 server in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and Windows 10 Gold, 1511, and 1607; and Windows Server 2016 allows remote attackers to execute arbitrary code via crafted packets, aka \"Windows SMB Remote Code Execution Vulnerability.\" This vulnerability is different from those described in CVE-2017-0143, CVE-2017-0144, CVE-2017-0145, and CVE-2017-0148.", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001", "CSAFPID-0002" ] }, "references": [ { "category": "external", "summary": "web.nvd.nist.gov", "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-0146" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "remediations": [ { "category": "mitigation", "details": "Philips\u0027 evaluation of Operating System security patches is ongoing, and after appropriate testing, the patches and mitigating controls are posted on Philips\u0027 InCenter. ISP users are recommended to obtain available mitigating controls by accessing their InCenter account at this location: http://incenter.medical.philips.com", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002" ], "url": "http://incenter.medical.philips.com" }, { "category": "mitigation", "details": "Users with questions regarding their specific ISP installations are advised by Philips to contact their local Philips service support team or their regional service support.", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002" ] }, { "category": "mitigation", "details": "Philips\u0027 contact information is available at the following location: https://www.usa.philips.com/healthcare/solutions/customer-service-solutions", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002" ], "url": "https://www.usa.philips.com/healthcare/solutions/customer-service-solutions" }, { "category": "mitigation", "details": "Please see the Philips product security website for the latest security information for Philips products: https://www.philips.com/productsecurity", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002" ], "url": "https://www.philips.com/productsecurity" } ], "scores": [ { "cvss_v3": { "baseScore": 8.1, "baseSeverity": "HIGH", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" }, "products": [ "CSAFPID-0001", "CSAFPID-0002" ] } ] }, { "cve": "CVE-2017-0148", "cwe": { "id": "CWE-20", "name": "Improper Input Validation" }, "notes": [ { "category": "summary", "text": "The SMBv1 server in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and Windows 10 Gold, 1511, and 1607; and Windows Server 2016 allows remote attackers to execute arbitrary code via crafted packets, aka \"Windows SMB Remote Code Execution Vulnerability.\" This vulnerability is different from those described in CVE-2017-0143, CVE-2017-0144, CVE-2017-0145, and CVE-2017-0146.", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001", "CSAFPID-0002" ] }, "references": [ { "category": "external", "summary": "web.nvd.nist.gov", "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-0148" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "remediations": [ { "category": "mitigation", "details": "Philips\u0027 evaluation of Operating System security patches is ongoing, and after appropriate testing, the patches and mitigating controls are posted on Philips\u0027 InCenter. ISP users are recommended to obtain available mitigating controls by accessing their InCenter account at this location: http://incenter.medical.philips.com", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002" ], "url": "http://incenter.medical.philips.com" }, { "category": "mitigation", "details": "Users with questions regarding their specific ISP installations are advised by Philips to contact their local Philips service support team or their regional service support.", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002" ] }, { "category": "mitigation", "details": "Philips\u0027 contact information is available at the following location: https://www.usa.philips.com/healthcare/solutions/customer-service-solutions", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002" ], "url": "https://www.usa.philips.com/healthcare/solutions/customer-service-solutions" }, { "category": "mitigation", "details": "Please see the Philips product security website for the latest security information for Philips products: https://www.philips.com/productsecurity", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002" ], "url": "https://www.philips.com/productsecurity" } ], "scores": [ { "cvss_v3": { "baseScore": 8.1, "baseSeverity": "HIGH", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" }, "products": [ "CSAFPID-0001", "CSAFPID-0002" ] } ] }, { "cve": "CVE-2017-0272", "cwe": { "id": "CWE-20", "name": "Improper Input Validation" }, "notes": [ { "category": "summary", "text": "The Microsoft Server Message Block 1.0 (SMBv1) server on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows an attacker to execute remote code by the way it handles certain requests, aka \"Windows SMB Remote Code Execution Vulnerability\". This CVE ID is unique from CVE-2017-0277, CVE-2017-0278, and CVE-2017-0279.", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001", "CSAFPID-0002" ] }, "references": [ { "category": "external", "summary": "web.nvd.nist.gov", "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-0272" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "remediations": [ { "category": "mitigation", "details": "Philips\u0027 evaluation of Operating System security patches is ongoing, and after appropriate testing, the patches and mitigating controls are posted on Philips\u0027 InCenter. ISP users are recommended to obtain available mitigating controls by accessing their InCenter account at this location: http://incenter.medical.philips.com", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002" ], "url": "http://incenter.medical.philips.com" }, { "category": "mitigation", "details": "Users with questions regarding their specific ISP installations are advised by Philips to contact their local Philips service support team or their regional service support.", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002" ] }, { "category": "mitigation", "details": "Philips\u0027 contact information is available at the following location: https://www.usa.philips.com/healthcare/solutions/customer-service-solutions", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002" ], "url": "https://www.usa.philips.com/healthcare/solutions/customer-service-solutions" }, { "category": "mitigation", "details": "Please see the Philips product security website for the latest security information for Philips products: https://www.philips.com/productsecurity", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002" ], "url": "https://www.philips.com/productsecurity" } ], "scores": [ { "cvss_v3": { "baseScore": 8.1, "baseSeverity": "HIGH", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" }, "products": [ "CSAFPID-0001", "CSAFPID-0002" ] } ] }, { "cve": "CVE-2017-0277", "cwe": { "id": "CWE-20", "name": "Improper Input Validation" }, "notes": [ { "category": "summary", "text": "The Microsoft Server Message Block 1.0 (SMBv1) server on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows an attacker to execute remote code by the way it handles certain requests, aka \"Windows SMB Remote Code Execution Vulnerability\". This CVE ID is unique from CVE-2017-0272, CVE-2017-0278, and CVE-2017-0279.", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001", "CSAFPID-0002" ] }, "references": [ { "category": "external", "summary": "web.nvd.nist.gov", "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-0277" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:L" } ], "remediations": [ { "category": "mitigation", "details": "Philips\u0027 evaluation of Operating System security patches is ongoing, and after appropriate testing, the patches and mitigating controls are posted on Philips\u0027 InCenter. ISP users are recommended to obtain available mitigating controls by accessing their InCenter account at this location: http://incenter.medical.philips.com", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002" ], "url": "http://incenter.medical.philips.com" }, { "category": "mitigation", "details": "Users with questions regarding their specific ISP installations are advised by Philips to contact their local Philips service support team or their regional service support.", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002" ] }, { "category": "mitigation", "details": "Philips\u0027 contact information is available at the following location: https://www.usa.philips.com/healthcare/solutions/customer-service-solutions", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002" ], "url": "https://www.usa.philips.com/healthcare/solutions/customer-service-solutions" }, { "category": "mitigation", "details": "Please see the Philips product security website for the latest security information for Philips products: https://www.philips.com/productsecurity", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002" ], "url": "https://www.philips.com/productsecurity" } ], "scores": [ { "cvss_v3": { "baseScore": 7.0, "baseSeverity": "HIGH", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:L", "version": "3.0" }, "products": [ "CSAFPID-0001", "CSAFPID-0002" ] } ] }, { "cve": "CVE-2017-0278", "cwe": { "id": "CWE-20", "name": "Improper Input Validation" }, "notes": [ { "category": "summary", "text": "The Microsoft Server Message Block 1.0 (SMBv1) server on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows an attacker to execute remote code by the way it handles certain requests, aka \"Windows SMB Remote Code Execution Vulnerability\". This CVE ID is unique from CVE-2017-0272, CVE-2017-0277, and CVE-2017-0279.", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001", "CSAFPID-0002" ] }, "references": [ { "category": "external", "summary": "web.nvd.nist.gov", "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-0278" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:L" } ], "remediations": [ { "category": "mitigation", "details": "Philips\u0027 evaluation of Operating System security patches is ongoing, and after appropriate testing, the patches and mitigating controls are posted on Philips\u0027 InCenter. ISP users are recommended to obtain available mitigating controls by accessing their InCenter account at this location: http://incenter.medical.philips.com", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002" ], "url": "http://incenter.medical.philips.com" }, { "category": "mitigation", "details": "Users with questions regarding their specific ISP installations are advised by Philips to contact their local Philips service support team or their regional service support.", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002" ] }, { "category": "mitigation", "details": "Philips\u0027 contact information is available at the following location: https://www.usa.philips.com/healthcare/solutions/customer-service-solutions", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002" ], "url": "https://www.usa.philips.com/healthcare/solutions/customer-service-solutions" }, { "category": "mitigation", "details": "Please see the Philips product security website for the latest security information for Philips products: https://www.philips.com/productsecurity", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002" ], "url": "https://www.philips.com/productsecurity" } ], "scores": [ { "cvss_v3": { "baseScore": 7.0, "baseSeverity": "HIGH", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:L", "version": "3.0" }, "products": [ "CSAFPID-0001", "CSAFPID-0002" ] } ] }, { "cve": "CVE-2017-0279", "cwe": { "id": "CWE-20", "name": "Improper Input Validation" }, "notes": [ { "category": "summary", "text": "The Microsoft Server Message Block 1.0 (SMBv1) server on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows an attacker to execute remote code by the way it handles certain requests, aka \"Windows SMB Remote Code Execution Vulnerability\". This CVE ID is unique from CVE-2017-0272, CVE-2017-0277, and CVE-2017-0278.", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001", "CSAFPID-0002" ] }, "references": [ { "category": "external", "summary": "web.nvd.nist.gov", "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-0279" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:L" } ], "remediations": [ { "category": "mitigation", "details": "Philips\u0027 evaluation of Operating System security patches is ongoing, and after appropriate testing, the patches and mitigating controls are posted on Philips\u0027 InCenter. ISP users are recommended to obtain available mitigating controls by accessing their InCenter account at this location: http://incenter.medical.philips.com", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002" ], "url": "http://incenter.medical.philips.com" }, { "category": "mitigation", "details": "Users with questions regarding their specific ISP installations are advised by Philips to contact their local Philips service support team or their regional service support.", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002" ] }, { "category": "mitigation", "details": "Philips\u0027 contact information is available at the following location: https://www.usa.philips.com/healthcare/solutions/customer-service-solutions", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002" ], "url": "https://www.usa.philips.com/healthcare/solutions/customer-service-solutions" }, { "category": "mitigation", "details": "Please see the Philips product security website for the latest security information for Philips products: https://www.philips.com/productsecurity", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002" ], "url": "https://www.philips.com/productsecurity" } ], "scores": [ { "cvss_v3": { "baseScore": 7.0, "baseSeverity": "HIGH", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:L", "version": "3.0" }, "products": [ "CSAFPID-0001", "CSAFPID-0002" ] } ] }, { "cve": "CVE-2017-0269", "cwe": { "id": "CWE-20", "name": "Improper Input Validation" }, "notes": [ { "category": "summary", "text": "The Microsoft Server Message Block 1.0 (SMBv1) allows denial of service when an attacker sends specially crafted requests to the server, aka \"Windows SMB Denial of Service Vulnerability\". This CVE ID is unique from CVE-2017-0273 and CVE-2017-0280.", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001", "CSAFPID-0002" ] }, "references": [ { "category": "external", "summary": "web.nvd.nist.gov", "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-0269" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "remediations": [ { "category": "mitigation", "details": "Philips\u0027 evaluation of Operating System security patches is ongoing, and after appropriate testing, the patches and mitigating controls are posted on Philips\u0027 InCenter. ISP users are recommended to obtain available mitigating controls by accessing their InCenter account at this location: http://incenter.medical.philips.com", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002" ], "url": "http://incenter.medical.philips.com" }, { "category": "mitigation", "details": "Users with questions regarding their specific ISP installations are advised by Philips to contact their local Philips service support team or their regional service support.", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002" ] }, { "category": "mitigation", "details": "Philips\u0027 contact information is available at the following location: https://www.usa.philips.com/healthcare/solutions/customer-service-solutions", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002" ], "url": "https://www.usa.philips.com/healthcare/solutions/customer-service-solutions" }, { "category": "mitigation", "details": "Please see the Philips product security website for the latest security information for Philips products: https://www.philips.com/productsecurity", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002" ], "url": "https://www.philips.com/productsecurity" } ], "scores": [ { "cvss_v3": { "baseScore": 5.9, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0" }, "products": [ "CSAFPID-0001", "CSAFPID-0002" ] } ] }, { "cve": "CVE-2017-0273", "cwe": { "id": "CWE-20", "name": "Improper Input Validation" }, "notes": [ { "category": "summary", "text": "The Microsoft Server Message Block 1.0 (SMBv1) allows denial of service when an attacker sends specially crafted requests to the server, aka \"Windows SMB Denial of Service Vulnerability\". This CVE ID is unique from CVE-2017-0269 and CVE-2017-0280", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001", "CSAFPID-0002" ] }, "references": [ { "category": "external", "summary": "web.nvd.nist.gov", "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-0273" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "remediations": [ { "category": "mitigation", "details": "Philips\u0027 evaluation of Operating System security patches is ongoing, and after appropriate testing, the patches and mitigating controls are posted on Philips\u0027 InCenter. ISP users are recommended to obtain available mitigating controls by accessing their InCenter account at this location: http://incenter.medical.philips.com", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002" ], "url": "http://incenter.medical.philips.com" }, { "category": "mitigation", "details": "Users with questions regarding their specific ISP installations are advised by Philips to contact their local Philips service support team or their regional service support.", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002" ] }, { "category": "mitigation", "details": "Philips\u0027 contact information is available at the following location: https://www.usa.philips.com/healthcare/solutions/customer-service-solutions", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002" ], "url": "https://www.usa.philips.com/healthcare/solutions/customer-service-solutions" }, { "category": "mitigation", "details": "Please see the Philips product security website for the latest security information for Philips products: https://www.philips.com/productsecurity", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002" ], "url": "https://www.philips.com/productsecurity" } ], "scores": [ { "cvss_v3": { "baseScore": 5.9, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0" }, "products": [ "CSAFPID-0001", "CSAFPID-0002" ] } ] }, { "cve": "CVE-2017-0280", "cwe": { "id": "CWE-20", "name": "Improper Input Validation" }, "notes": [ { "category": "summary", "text": "The Microsoft Server Message Block 1.0 (SMBv1) allows denial of service when an attacker sends specially crafted requests to the server, aka \"Windows SMB Denial of Service Vulnerability\". This CVE ID is unique from CVE-2017-0269 and CVE-2017-0273.", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001", "CSAFPID-0002" ] }, "references": [ { "category": "external", "summary": "web.nvd.nist.gov", "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-0280" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "remediations": [ { "category": "mitigation", "details": "Philips\u0027 evaluation of Operating System security patches is ongoing, and after appropriate testing, the patches and mitigating controls are posted on Philips\u0027 InCenter. ISP users are recommended to obtain available mitigating controls by accessing their InCenter account at this location: http://incenter.medical.philips.com", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002" ], "url": "http://incenter.medical.philips.com" }, { "category": "mitigation", "details": "Users with questions regarding their specific ISP installations are advised by Philips to contact their local Philips service support team or their regional service support.", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002" ] }, { "category": "mitigation", "details": "Philips\u0027 contact information is available at the following location: https://www.usa.philips.com/healthcare/solutions/customer-service-solutions", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002" ], "url": "https://www.usa.philips.com/healthcare/solutions/customer-service-solutions" }, { "category": "mitigation", "details": "Please see the Philips product security website for the latest security information for Philips products: https://www.philips.com/productsecurity", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002" ], "url": "https://www.philips.com/productsecurity" } ], "scores": [ { "cvss_v3": { "baseScore": 5.9, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0" }, "products": [ "CSAFPID-0001", "CSAFPID-0002" ] } ] }, { "cve": "CVE-2017-0147", "cwe": { "id": "CWE-200", "name": "Exposure of Sensitive Information to an Unauthorized Actor" }, "notes": [ { "category": "summary", "text": "The SMBv1 server in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and Windows 10 Gold, 1511, and 1607; and Windows Server 2016 allows remote attackers to obtain sensitive information from process memory via a crafted packets, aka \"Windows SMB Information Disclosure Vulnerability.\"", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001", "CSAFPID-0002" ] }, "references": [ { "category": "external", "summary": "web.nvd.nist.gov", "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-0147" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" } ], "remediations": [ { "category": "mitigation", "details": "Philips\u0027 evaluation of Operating System security patches is ongoing, and after appropriate testing, the patches and mitigating controls are posted on Philips\u0027 InCenter. ISP users are recommended to obtain available mitigating controls by accessing their InCenter account at this location: http://incenter.medical.philips.com", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002" ], "url": "http://incenter.medical.philips.com" }, { "category": "mitigation", "details": "Users with questions regarding their specific ISP installations are advised by Philips to contact their local Philips service support team or their regional service support.", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002" ] }, { "category": "mitigation", "details": "Philips\u0027 contact information is available at the following location: https://www.usa.philips.com/healthcare/solutions/customer-service-solutions", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002" ], "url": "https://www.usa.philips.com/healthcare/solutions/customer-service-solutions" }, { "category": "mitigation", "details": "Please see the Philips product security website for the latest security information for Philips products: https://www.philips.com/productsecurity", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002" ], "url": "https://www.philips.com/productsecurity" } ], "scores": [ { "cvss_v3": { "baseScore": 5.9, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.0" }, "products": [ "CSAFPID-0001", "CSAFPID-0002" ] } ] }, { "cve": "CVE-2017-0267", "cwe": { "id": "CWE-200", "name": "Exposure of Sensitive Information to an Unauthorized Actor" }, "notes": [ { "category": "summary", "text": "Microsoft Server Message Block 1.0 (SMBv1) allows an information disclosure vulnerability in the way that Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 handles certain requests, aka \"Windows SMB Information Disclosure Vulnerability\". This CVE ID is unique from CVE-2017-0268, CVE-2017-0270, CVE-2017-0271, CVE-2017-0274, CVE-2017-0275, and CVE-2017-0276.", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001", "CSAFPID-0002" ] }, "references": [ { "category": "external", "summary": "web.nvd.nist.gov", "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-0267" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" } ], "remediations": [ { "category": "mitigation", "details": "Philips\u0027 evaluation of Operating System security patches is ongoing, and after appropriate testing, the patches and mitigating controls are posted on Philips\u0027 InCenter. ISP users are recommended to obtain available mitigating controls by accessing their InCenter account at this location: http://incenter.medical.philips.com", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002" ], "url": "http://incenter.medical.philips.com" }, { "category": "mitigation", "details": "Users with questions regarding their specific ISP installations are advised by Philips to contact their local Philips service support team or their regional service support.", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002" ] }, { "category": "mitigation", "details": "Philips\u0027 contact information is available at the following location: https://www.usa.philips.com/healthcare/solutions/customer-service-solutions", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002" ], "url": "https://www.usa.philips.com/healthcare/solutions/customer-service-solutions" }, { "category": "mitigation", "details": "Please see the Philips product security website for the latest security information for Philips products: https://www.philips.com/productsecurity", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002" ], "url": "https://www.philips.com/productsecurity" } ], "scores": [ { "cvss_v3": { "baseScore": 5.9, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.0" }, "products": [ "CSAFPID-0001", "CSAFPID-0002" ] } ] }, { "cve": "CVE-2017-0268", "cwe": { "id": "CWE-200", "name": "Exposure of Sensitive Information to an Unauthorized Actor" }, "notes": [ { "category": "summary", "text": "Microsoft Server Message Block 1.0 (SMBv1) allows an information disclosure vulnerability in the way that Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 handles certain requests, aka \"Windows SMB Information Disclosure Vulnerability\". This CVE ID is unique from CVE-2017-0267, CVE-2017-0270, CVE-2017-0271, CVE-2017-0274, CVE-2017-0275, and CVE-2017-0276.", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001", "CSAFPID-0002" ] }, "references": [ { "category": "external", "summary": "web.nvd.nist.gov", "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-0268" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" } ], "remediations": [ { "category": "mitigation", "details": "Philips\u0027 evaluation of Operating System security patches is ongoing, and after appropriate testing, the patches and mitigating controls are posted on Philips\u0027 InCenter. ISP users are recommended to obtain available mitigating controls by accessing their InCenter account at this location: http://incenter.medical.philips.com", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002" ], "url": "http://incenter.medical.philips.com" }, { "category": "mitigation", "details": "Users with questions regarding their specific ISP installations are advised by Philips to contact their local Philips service support team or their regional service support.", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002" ] }, { "category": "mitigation", "details": "Philips\u0027 contact information is available at the following location: https://www.usa.philips.com/healthcare/solutions/customer-service-solutions", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002" ], "url": "https://www.usa.philips.com/healthcare/solutions/customer-service-solutions" }, { "category": "mitigation", "details": "Please see the Philips product security website for the latest security information for Philips products: https://www.philips.com/productsecurity", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002" ], "url": "https://www.philips.com/productsecurity" } ], "scores": [ { "cvss_v3": { "baseScore": 5.9, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.0" }, "products": [ "CSAFPID-0001", "CSAFPID-0002" ] } ] }, { "cve": "CVE-2017-0270", "cwe": { "id": "CWE-200", "name": "Exposure of Sensitive Information to an Unauthorized Actor" }, "notes": [ { "category": "summary", "text": "Microsoft Server Message Block 1.0 (SMBv1) allows an information disclosure vulnerability in the way that Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 handles certain requests, aka \"Windows SMB Information Disclosure Vulnerability\". This CVE ID is unique from CVE-2017-0267, CVE-2017-0268, CVE-2017-0271, CVE-2017-0274, CVE-2017-0275, and CVE-2017-0276.", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001", "CSAFPID-0002" ] }, "references": [ { "category": "external", "summary": "web.nvd.nist.gov", "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-0270" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" } ], "remediations": [ { "category": "mitigation", "details": "Philips\u0027 evaluation of Operating System security patches is ongoing, and after appropriate testing, the patches and mitigating controls are posted on Philips\u0027 InCenter. ISP users are recommended to obtain available mitigating controls by accessing their InCenter account at this location: http://incenter.medical.philips.com", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002" ], "url": "http://incenter.medical.philips.com" }, { "category": "mitigation", "details": "Users with questions regarding their specific ISP installations are advised by Philips to contact their local Philips service support team or their regional service support.", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002" ] }, { "category": "mitigation", "details": "Philips\u0027 contact information is available at the following location: https://www.usa.philips.com/healthcare/solutions/customer-service-solutions", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002" ], "url": "https://www.usa.philips.com/healthcare/solutions/customer-service-solutions" }, { "category": "mitigation", "details": "Please see the Philips product security website for the latest security information for Philips products: https://www.philips.com/productsecurity", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002" ], "url": "https://www.philips.com/productsecurity" } ], "scores": [ { "cvss_v3": { "baseScore": 5.9, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.0" }, "products": [ "CSAFPID-0001", "CSAFPID-0002" ] } ] }, { "cve": "CVE-2017-0271", "cwe": { "id": "CWE-200", "name": "Exposure of Sensitive Information to an Unauthorized Actor" }, "notes": [ { "category": "summary", "text": "Microsoft Server Message Block 1.0 (SMBv1) allows an information disclosure vulnerability in the way that Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 handles certain requests, aka \"Windows SMB Information Disclosure Vulnerability\". This CVE ID is unique from CVE-2017-0267, CVE-2017-0268, CVE-2017-0270, CVE-2017-0274, CVE-2017-0275, and CVE-2017-0276.", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001", "CSAFPID-0002" ] }, "references": [ { "category": "external", "summary": "web.nvd.nist.gov", "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-0271" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" } ], "remediations": [ { "category": "mitigation", "details": "Philips\u0027 evaluation of Operating System security patches is ongoing, and after appropriate testing, the patches and mitigating controls are posted on Philips\u0027 InCenter. ISP users are recommended to obtain available mitigating controls by accessing their InCenter account at this location: http://incenter.medical.philips.com", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002" ], "url": "http://incenter.medical.philips.com" }, { "category": "mitigation", "details": "Users with questions regarding their specific ISP installations are advised by Philips to contact their local Philips service support team or their regional service support.", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002" ] }, { "category": "mitigation", "details": "Philips\u0027 contact information is available at the following location: https://www.usa.philips.com/healthcare/solutions/customer-service-solutions", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002" ], "url": "https://www.usa.philips.com/healthcare/solutions/customer-service-solutions" }, { "category": "mitigation", "details": "Please see the Philips product security website for the latest security information for Philips products: https://www.philips.com/productsecurity", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002" ], "url": "https://www.philips.com/productsecurity" } ], "scores": [ { "cvss_v3": { "baseScore": 5.9, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.0" }, "products": [ "CSAFPID-0001", "CSAFPID-0002" ] } ] }, { "cve": "CVE-2017-0274", "cwe": { "id": "CWE-200", "name": "Exposure of Sensitive Information to an Unauthorized Actor" }, "notes": [ { "category": "summary", "text": "Microsoft Server Message Block 1.0 (SMBv1) allows an information disclosure vulnerability in the way that Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 handles certain requests, aka \"Windows SMB Information Disclosure Vulnerability\". This CVE ID is unique from CVE-2017-0267, CVE-2017-0268, CVE-2017-0270, CVE-2017-0271, CVE-2017-0275, and CVE-2017-0276.", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001", "CSAFPID-0002" ] }, "references": [ { "category": "external", "summary": "web.nvd.nist.gov", "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-0274" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" } ], "remediations": [ { "category": "mitigation", "details": "Philips\u0027 evaluation of Operating System security patches is ongoing, and after appropriate testing, the patches and mitigating controls are posted on Philips\u0027 InCenter. ISP users are recommended to obtain available mitigating controls by accessing their InCenter account at this location: http://incenter.medical.philips.com", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002" ], "url": "http://incenter.medical.philips.com" }, { "category": "mitigation", "details": "Users with questions regarding their specific ISP installations are advised by Philips to contact their local Philips service support team or their regional service support.", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002" ] }, { "category": "mitigation", "details": "Philips\u0027 contact information is available at the following location: https://www.usa.philips.com/healthcare/solutions/customer-service-solutions", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002" ], "url": "https://www.usa.philips.com/healthcare/solutions/customer-service-solutions" }, { "category": "mitigation", "details": "Please see the Philips product security website for the latest security information for Philips products: https://www.philips.com/productsecurity", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002" ], "url": "https://www.philips.com/productsecurity" } ], "scores": [ { "cvss_v3": { "baseScore": 5.9, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.0" }, "products": [ "CSAFPID-0001", "CSAFPID-0002" ] } ] }, { "cve": "CVE-2017-0275", "cwe": { "id": "CWE-200", "name": "Exposure of Sensitive Information to an Unauthorized Actor" }, "notes": [ { "category": "summary", "text": "Microsoft Server Message Block 1.0 (SMBv1) allows an information disclosure vulnerability in the way that Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 handles certain requests, aka \"Windows SMB Information Disclosure Vulnerability\". This CVE ID is unique from CVE-2017-0267, CVE-2017-0268, CVE-2017-0270, CVE-2017-0271, CVE-2017-0274, and CVE-2017-0276.", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001", "CSAFPID-0002" ] }, "references": [ { "category": "external", "summary": "web.nvd.nist.gov", "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-0275" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" } ], "remediations": [ { "category": "mitigation", "details": "Philips\u0027 evaluation of Operating System security patches is ongoing, and after appropriate testing, the patches and mitigating controls are posted on Philips\u0027 InCenter. ISP users are recommended to obtain available mitigating controls by accessing their InCenter account at this location: http://incenter.medical.philips.com", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002" ], "url": "http://incenter.medical.philips.com" }, { "category": "mitigation", "details": "Users with questions regarding their specific ISP installations are advised by Philips to contact their local Philips service support team or their regional service support.", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002" ] }, { "category": "mitigation", "details": "Philips\u0027 contact information is available at the following location: https://www.usa.philips.com/healthcare/solutions/customer-service-solutions", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002" ], "url": "https://www.usa.philips.com/healthcare/solutions/customer-service-solutions" }, { "category": "mitigation", "details": "Please see the Philips product security website for the latest security information for Philips products: https://www.philips.com/productsecurity", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002" ], "url": "https://www.philips.com/productsecurity" } ], "scores": [ { "cvss_v3": { "baseScore": 5.9, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.0" }, "products": [ "CSAFPID-0001", "CSAFPID-0002" ] } ] }, { "cve": "CVE-2017-0276", "cwe": { "id": "CWE-200", "name": "Exposure of Sensitive Information to an Unauthorized Actor" }, "notes": [ { "category": "summary", "text": "Microsoft Server Message Block 1.0 (SMBv1) allows an information disclosure vulnerability in the way that Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 handles certain requests, aka \"Windows SMB Information Disclosure Vulnerability\". This CVE ID is unique from CVE-2017-0267, CVE-2017-0268, CVE-2017-0270, CVE-2017-0271, CVE-2017-0274, and CVE-2017-0275.", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001", "CSAFPID-0002" ] }, "references": [ { "category": "external", "summary": "web.nvd.nist.gov", "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-0276" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" } ], "remediations": [ { "category": "mitigation", "details": "Philips\u0027 evaluation of Operating System security patches is ongoing, and after appropriate testing, the patches and mitigating controls are posted on Philips\u0027 InCenter. ISP users are recommended to obtain available mitigating controls by accessing their InCenter account at this location: http://incenter.medical.philips.com", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002" ], "url": "http://incenter.medical.philips.com" }, { "category": "mitigation", "details": "Users with questions regarding their specific ISP installations are advised by Philips to contact their local Philips service support team or their regional service support.", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002" ] }, { "category": "mitigation", "details": "Philips\u0027 contact information is available at the following location: https://www.usa.philips.com/healthcare/solutions/customer-service-solutions", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002" ], "url": "https://www.usa.philips.com/healthcare/solutions/customer-service-solutions" }, { "category": "mitigation", "details": "Please see the Philips product security website for the latest security information for Philips products: https://www.philips.com/productsecurity", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002" ], "url": "https://www.philips.com/productsecurity" } ], "scores": [ { "cvss_v3": { "baseScore": 5.9, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.0" }, "products": [ "CSAFPID-0001", "CSAFPID-0002" ] } ] }, { "cve": "CVE-2018-5472", "cwe": { "id": "CWE-269", "name": "Improper Privilege Management" }, "notes": [ { "category": "summary", "text": "Philips Intellispace Portal all versions 7.0.x and 8.0.x have an insecure windows permissions vulnerability that could allow an attacker to gain unauthorized access and in some cases escalate their level of privilege or execute arbitrary code.", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001", "CSAFPID-0002" ] }, "references": [ { "category": "external", "summary": "web.nvd.nist.gov", "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-5472" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "remediations": [ { "category": "mitigation", "details": "Philips\u0027 evaluation of Operating System security patches is ongoing, and after appropriate testing, the patches and mitigating controls are posted on Philips\u0027 InCenter. ISP users are recommended to obtain available mitigating controls by accessing their InCenter account at this location: http://incenter.medical.philips.com", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002" ], "url": "http://incenter.medical.philips.com" }, { "category": "mitigation", "details": "Users with questions regarding their specific ISP installations are advised by Philips to contact their local Philips service support team or their regional service support.", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002" ] }, { "category": "mitigation", "details": "Philips\u0027 contact information is available at the following location: https://www.usa.philips.com/healthcare/solutions/customer-service-solutions", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002" ], "url": "https://www.usa.philips.com/healthcare/solutions/customer-service-solutions" }, { "category": "mitigation", "details": "Please see the Philips product security website for the latest security information for Philips products: https://www.philips.com/productsecurity", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002" ], "url": "https://www.philips.com/productsecurity" } ], "scores": [ { "cvss_v3": { "baseScore": 9.8, "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" }, "products": [ "CSAFPID-0001", "CSAFPID-0002" ] } ] }, { "cve": "CVE-2018-5468", "cwe": { "id": "CWE-269", "name": "Improper Privilege Management" }, "notes": [ { "category": "summary", "text": "Philips Intellispace Portal all versions 7.0.x and 8.0.x have a remote desktop access vulnerability that could allow an attacker to gain unauthorized access and in some cases escalate their level of privilege or execute arbitrary code", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001", "CSAFPID-0002" ] }, "references": [ { "category": "external", "summary": "web.nvd.nist.gov", "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-5468" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "remediations": [ { "category": "mitigation", "details": "Philips\u0027 evaluation of Operating System security patches is ongoing, and after appropriate testing, the patches and mitigating controls are posted on Philips\u0027 InCenter. ISP users are recommended to obtain available mitigating controls by accessing their InCenter account at this location: http://incenter.medical.philips.com", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002" ], "url": "http://incenter.medical.philips.com" }, { "category": "mitigation", "details": "Users with questions regarding their specific ISP installations are advised by Philips to contact their local Philips service support team or their regional service support.", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002" ] }, { "category": "mitigation", "details": "Philips\u0027 contact information is available at the following location: https://www.usa.philips.com/healthcare/solutions/customer-service-solutions", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002" ], "url": "https://www.usa.philips.com/healthcare/solutions/customer-service-solutions" }, { "category": "mitigation", "details": "Please see the Philips product security website for the latest security information for Philips products: https://www.philips.com/productsecurity", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002" ], "url": "https://www.philips.com/productsecurity" } ], "scores": [ { "cvss_v3": { "baseScore": 9.8, "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" }, "products": [ "CSAFPID-0001", "CSAFPID-0002" ] } ] }, { "cve": "CVE-2017-0199", "cwe": { "id": "CWE-269", "name": "Improper Privilege Management" }, "notes": [ { "category": "summary", "text": "Microsoft Office 2007 SP3, Microsoft Office 2010 SP2, Microsoft Office 2013 SP1, Microsoft Office 2016, Microsoft Windows Vista SP2, Windows Server 2008 SP2, Windows 7 SP1, Windows 8.1 allow remote attackers to execute arbitrary code via a crafted document, aka \"Microsoft Office/WordPad Remote Code Execution Vulnerability w/Windows API.\"", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001", "CSAFPID-0002" ] }, "references": [ { "category": "external", "summary": "web.nvd.nist.gov", "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-0199" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "remediations": [ { "category": "mitigation", "details": "Philips\u0027 evaluation of Operating System security patches is ongoing, and after appropriate testing, the patches and mitigating controls are posted on Philips\u0027 InCenter. ISP users are recommended to obtain available mitigating controls by accessing their InCenter account at this location: http://incenter.medical.philips.com", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002" ], "url": "http://incenter.medical.philips.com" }, { "category": "mitigation", "details": "Users with questions regarding their specific ISP installations are advised by Philips to contact their local Philips service support team or their regional service support.", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002" ] }, { "category": "mitigation", "details": "Philips\u0027 contact information is available at the following location: https://www.usa.philips.com/healthcare/solutions/customer-service-solutions", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002" ], "url": "https://www.usa.philips.com/healthcare/solutions/customer-service-solutions" }, { "category": "mitigation", "details": "Please see the Philips product security website for the latest security information for Philips products: https://www.philips.com/productsecurity", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002" ], "url": "https://www.philips.com/productsecurity" } ], "scores": [ { "cvss_v3": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0" }, "products": [ "CSAFPID-0001", "CSAFPID-0002" ] } ] }, { "cve": "CVE-2005-1794", "cwe": { "id": "CWE-269", "name": "Improper Privilege Management" }, "notes": [ { "category": "summary", "text": "Microsoft Terminal Server using Remote Desktop Protocol (RDP) 5.2 stores an RSA private key in mstlsapi.dll and uses it to sign a certificate, which allows remote attackers to spoof public keys of legitimate servers and conduct man-in-the-middle attacks.", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001", "CSAFPID-0002" ] }, "references": [ { "category": "external", "summary": "web.nvd.nist.gov", "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2005-1794" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N" } ], "remediations": [ { "category": "mitigation", "details": "Philips\u0027 evaluation of Operating System security patches is ongoing, and after appropriate testing, the patches and mitigating controls are posted on Philips\u0027 InCenter. ISP users are recommended to obtain available mitigating controls by accessing their InCenter account at this location: http://incenter.medical.philips.com", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002" ], "url": "http://incenter.medical.philips.com" }, { "category": "mitigation", "details": "Users with questions regarding their specific ISP installations are advised by Philips to contact their local Philips service support team or their regional service support.", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002" ] }, { "category": "mitigation", "details": "Philips\u0027 contact information is available at the following location: https://www.usa.philips.com/healthcare/solutions/customer-service-solutions", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002" ], "url": "https://www.usa.philips.com/healthcare/solutions/customer-service-solutions" }, { "category": "mitigation", "details": "Please see the Philips product security website for the latest security information for Philips products: https://www.philips.com/productsecurity", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002" ], "url": "https://www.philips.com/productsecurity" } ], "scores": [ { "cvss_v3": { "baseScore": 6.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N", "version": "3.0" }, "products": [ "CSAFPID-0001", "CSAFPID-0002" ] } ] }, { "cve": "CVE-2018-5470", "cwe": { "id": "CWE-428", "name": "Unquoted Search Path or Element" }, "notes": [ { "category": "summary", "text": "An unquoted search path or element vulnerability has been identified, which may allow an authorized local user to execute arbitrary code and escalate their level of privileges.", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001", "CSAFPID-0002" ] }, "references": [ { "category": "external", "summary": "web.nvd.nist.gov", "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-5470" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "remediations": [ { "category": "mitigation", "details": "Philips\u0027 evaluation of Operating System security patches is ongoing, and after appropriate testing, the patches and mitigating controls are posted on Philips\u0027 InCenter. ISP users are recommended to obtain available mitigating controls by accessing their InCenter account at this location: http://incenter.medical.philips.com", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002" ], "url": "http://incenter.medical.philips.com" }, { "category": "mitigation", "details": "Users with questions regarding their specific ISP installations are advised by Philips to contact their local Philips service support team or their regional service support.", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002" ] }, { "category": "mitigation", "details": "Philips\u0027 contact information is available at the following location: https://www.usa.philips.com/healthcare/solutions/customer-service-solutions", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002" ], "url": "https://www.usa.philips.com/healthcare/solutions/customer-service-solutions" }, { "category": "mitigation", "details": "Please see the Philips product security website for the latest security information for Philips products: https://www.philips.com/productsecurity", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002" ], "url": "https://www.philips.com/productsecurity" } ], "scores": [ { "cvss_v3": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" }, "products": [ "CSAFPID-0001", "CSAFPID-0002" ] } ] }, { "cve": "CVE-2018-5454", "cwe": { "id": "CWE-489", "name": "Active Debug Code" }, "notes": [ { "category": "summary", "text": "The ISP has a vulnerability where code debugging methods are enabled, which could allow an attacker to remotely execute arbitrary code during runtime.", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001", "CSAFPID-0002" ] }, "references": [ { "category": "external", "summary": "web.nvd.nist.gov", "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-5454" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" } ], "remediations": [ { "category": "mitigation", "details": "Philips\u0027 evaluation of Operating System security patches is ongoing, and after appropriate testing, the patches and mitigating controls are posted on Philips\u0027 InCenter. ISP users are recommended to obtain available mitigating controls by accessing their InCenter account at this location: http://incenter.medical.philips.com", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002" ], "url": "http://incenter.medical.philips.com" }, { "category": "mitigation", "details": "Users with questions regarding their specific ISP installations are advised by Philips to contact their local Philips service support team or their regional service support.", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002" ] }, { "category": "mitigation", "details": "Philips\u0027 contact information is available at the following location: https://www.usa.philips.com/healthcare/solutions/customer-service-solutions", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002" ], "url": "https://www.usa.philips.com/healthcare/solutions/customer-service-solutions" }, { "category": "mitigation", "details": "Please see the Philips product security website for the latest security information for Philips products: https://www.philips.com/productsecurity", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002" ], "url": "https://www.philips.com/productsecurity" } ], "scores": [ { "cvss_v3": { "baseScore": 5.3, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", "version": "3.0" }, "products": [ "CSAFPID-0001", "CSAFPID-0002" ] } ] }, { "cve": "CVE-2018-5458", "cwe": { "id": "CWE-327", "name": "Use of a Broken or Risky Cryptographic Algorithm" }, "notes": [ { "category": "summary", "text": "Philips Intellispace Portal all versions 7.0.x and 8.0.x have a remote desktop access vulnerability that could allow an attacker to gain unauthorized access and in some cases escalate their level of privilege or execute arbitrary code", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001", "CSAFPID-0002" ] }, "references": [ { "category": "external", "summary": "web.nvd.nist.gov", "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-5458" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" } ], "remediations": [ { "category": "mitigation", "details": "Philips\u0027 evaluation of Operating System security patches is ongoing, and after appropriate testing, the patches and mitigating controls are posted on Philips\u0027 InCenter. ISP users are recommended to obtain available mitigating controls by accessing their InCenter account at this location: http://incenter.medical.philips.com", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002" ], "url": "http://incenter.medical.philips.com" }, { "category": "mitigation", "details": "Users with questions regarding their specific ISP installations are advised by Philips to contact their local Philips service support team or their regional service support.", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002" ] }, { "category": "mitigation", "details": "Philips\u0027 contact information is available at the following location: https://www.usa.philips.com/healthcare/solutions/customer-service-solutions", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002" ], "url": "https://www.usa.philips.com/healthcare/solutions/customer-service-solutions" }, { "category": "mitigation", "details": "Please see the Philips product security website for the latest security information for Philips products: https://www.philips.com/productsecurity", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002" ], "url": "https://www.philips.com/productsecurity" } ], "scores": [ { "cvss_v3": { "baseScore": 7.5, "baseSeverity": "HIGH", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.0" }, "products": [ "CSAFPID-0001", "CSAFPID-0002" ] } ] }, { "cve": "CVE-2018-5462", "cwe": { "id": "CWE-295", "name": "Improper Certificate Validation" }, "notes": [ { "category": "summary", "text": "Philips IntelliSpace Portal all versions of 8.0.x, and 7.0.x have an SSL incorrect hostname certificate vulnerability this could allow an attacker to gain unauthorized access to resources and information.", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001", "CSAFPID-0002" ] }, "references": [ { "category": "external", "summary": "web.nvd.nist.gov", "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-5462" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" } ], "remediations": [ { "category": "mitigation", "details": "Philips\u0027 evaluation of Operating System security patches is ongoing, and after appropriate testing, the patches and mitigating controls are posted on Philips\u0027 InCenter. ISP users are recommended to obtain available mitigating controls by accessing their InCenter account at this location: http://incenter.medical.philips.com", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002" ], "url": "http://incenter.medical.philips.com" }, { "category": "mitigation", "details": "Users with questions regarding their specific ISP installations are advised by Philips to contact their local Philips service support team or their regional service support.", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002" ] }, { "category": "mitigation", "details": "Philips\u0027 contact information is available at the following location: https://www.usa.philips.com/healthcare/solutions/customer-service-solutions", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002" ], "url": "https://www.usa.philips.com/healthcare/solutions/customer-service-solutions" }, { "category": "mitigation", "details": "Please see the Philips product security website for the latest security information for Philips products: https://www.philips.com/productsecurity", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002" ], "url": "https://www.philips.com/productsecurity" } ], "scores": [ { "cvss_v3": { "baseScore": 7.5, "baseSeverity": "HIGH", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.0" }, "products": [ "CSAFPID-0001", "CSAFPID-0002" ] } ] }, { "cve": "CVE-2018-5464", "cwe": { "id": "CWE-295", "name": "Improper Certificate Validation" }, "notes": [ { "category": "summary", "text": "Philips IntelliSpace Portal all versions of 8.0.x, and 7.0.x have an untrusted SSL certificate vulnerability this could allow an attacker to gain unauthorized access to resources and information.", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001", "CSAFPID-0002" ] }, "references": [ { "category": "external", "summary": "web.nvd.nist.gov", "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-5464" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" } ], "remediations": [ { "category": "mitigation", "details": "Philips\u0027 evaluation of Operating System security patches is ongoing, and after appropriate testing, the patches and mitigating controls are posted on Philips\u0027 InCenter. ISP users are recommended to obtain available mitigating controls by accessing their InCenter account at this location: http://incenter.medical.philips.com", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002" ], "url": "http://incenter.medical.philips.com" }, { "category": "mitigation", "details": "Users with questions regarding their specific ISP installations are advised by Philips to contact their local Philips service support team or their regional service support.", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002" ] }, { "category": "mitigation", "details": "Philips\u0027 contact information is available at the following location: https://www.usa.philips.com/healthcare/solutions/customer-service-solutions", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002" ], "url": "https://www.usa.philips.com/healthcare/solutions/customer-service-solutions" }, { "category": "mitigation", "details": "Please see the Philips product security website for the latest security information for Philips products: https://www.philips.com/productsecurity", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002" ], "url": "https://www.philips.com/productsecurity" } ], "scores": [ { "cvss_v3": { "baseScore": 7.5, "baseSeverity": "HIGH", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.0" }, "products": [ "CSAFPID-0001", "CSAFPID-0002" ] } ] }, { "cve": "CVE-2018-5466", "cwe": { "id": "CWE-295", "name": "Improper Certificate Validation" }, "notes": [ { "category": "summary", "text": "Philips IntelliSpace Portal all versions of 8.0.x, and 7.0.x have a self-signed SSL certificate vulnerability this could allow an attacker to gain unauthorized access to resources and information.", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001", "CSAFPID-0002" ] }, "references": [ { "category": "external", "summary": "web.nvd.nist.gov", "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-5466" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" } ], "remediations": [ { "category": "mitigation", "details": "Philips\u0027 evaluation of Operating System security patches is ongoing, and after appropriate testing, the patches and mitigating controls are posted on Philips\u0027 InCenter. ISP users are recommended to obtain available mitigating controls by accessing their InCenter account at this location: http://incenter.medical.philips.com", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002" ], "url": "http://incenter.medical.philips.com" }, { "category": "mitigation", "details": "Users with questions regarding their specific ISP installations are advised by Philips to contact their local Philips service support team or their regional service support.", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002" ] }, { "category": "mitigation", "details": "Philips\u0027 contact information is available at the following location: https://www.usa.philips.com/healthcare/solutions/customer-service-solutions", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002" ], "url": "https://www.usa.philips.com/healthcare/solutions/customer-service-solutions" }, { "category": "mitigation", "details": "Please see the Philips product security website for the latest security information for Philips products: https://www.philips.com/productsecurity", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002" ], "url": "https://www.philips.com/productsecurity" } ], "scores": [ { "cvss_v3": { "baseScore": 7.5, "baseSeverity": "HIGH", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.0" }, "products": [ "CSAFPID-0001", "CSAFPID-0002" ] } ] }, { "cve": "CVE-2011-3389", "cwe": { "id": "CWE-327", "name": "Use of a Broken or Risky Cryptographic Algorithm" }, "notes": [ { "category": "summary", "text": "The SSL protocol, as used in certain configurations in Microsoft Windows and Microsoft Internet Explorer, Mozilla Firefox, Google Chrome, Opera, and other products, encrypts data by using CBC mode with chained initialization vectors, which allows man-in-the-middle attackers to obtain plaintext HTTP headers via a blockwise chosen-boundary attack (BCBA) on an HTTPS session, in conjunction with JavaScript code that uses (1) the HTML5 WebSocket API, (2) the Java URLConnection API, or (3) the Silverlight WebClient API, aka a \"BEAST\" attack.", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001", "CSAFPID-0002" ] }, "references": [ { "category": "external", "summary": "web.nvd.nist.gov", "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3389" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N" } ], "remediations": [ { "category": "mitigation", "details": "Philips\u0027 evaluation of Operating System security patches is ongoing, and after appropriate testing, the patches and mitigating controls are posted on Philips\u0027 InCenter. ISP users are recommended to obtain available mitigating controls by accessing their InCenter account at this location: http://incenter.medical.philips.com", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002" ], "url": "http://incenter.medical.philips.com" }, { "category": "mitigation", "details": "Users with questions regarding their specific ISP installations are advised by Philips to contact their local Philips service support team or their regional service support.", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002" ] }, { "category": "mitigation", "details": "Philips\u0027 contact information is available at the following location: https://www.usa.philips.com/healthcare/solutions/customer-service-solutions", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002" ], "url": "https://www.usa.philips.com/healthcare/solutions/customer-service-solutions" }, { "category": "mitigation", "details": "Please see the Philips product security website for the latest security information for Philips products: https://www.philips.com/productsecurity", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002" ], "url": "https://www.philips.com/productsecurity" } ], "scores": [ { "cvss_v3": { "baseScore": 3.7, "baseSeverity": "LOW", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N", "version": "3.0" }, "products": [ "CSAFPID-0001", "CSAFPID-0002" ] } ] }, { "cve": "CVE-2004-2761", "cwe": { "id": "CWE-327", "name": "Use of a Broken or Risky Cryptographic Algorithm" }, "notes": [ { "category": "summary", "text": "The MD5 Message-Digest Algorithm is not collision resistant, which makes it easier for context-dependent attackers to conduct spoofing attacks, as demonstrated by attacks on the use of MD5 in the signature algorithm of an X.509 certificate.", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001", "CSAFPID-0002" ] }, "references": [ { "category": "external", "summary": "web.nvd.nist.gov", "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2004-2761" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" } ], "remediations": [ { "category": "mitigation", "details": "Philips\u0027 evaluation of Operating System security patches is ongoing, and after appropriate testing, the patches and mitigating controls are posted on Philips\u0027 InCenter. ISP users are recommended to obtain available mitigating controls by accessing their InCenter account at this location: http://incenter.medical.philips.com", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002" ], "url": "http://incenter.medical.philips.com" }, { "category": "mitigation", "details": "Users with questions regarding their specific ISP installations are advised by Philips to contact their local Philips service support team or their regional service support.", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002" ] }, { "category": "mitigation", "details": "Philips\u0027 contact information is available at the following location: https://www.usa.philips.com/healthcare/solutions/customer-service-solutions", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002" ], "url": "https://www.usa.philips.com/healthcare/solutions/customer-service-solutions" }, { "category": "mitigation", "details": "Please see the Philips product security website for the latest security information for Philips products: https://www.philips.com/productsecurity", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002" ], "url": "https://www.philips.com/productsecurity" } ], "scores": [ { "cvss_v3": { "baseScore": 3.7, "baseSeverity": "LOW", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N", "version": "3.0" }, "products": [ "CSAFPID-0001", "CSAFPID-0002" ] } ] }, { "cve": "CVE-2014-3566", "cwe": { "id": "CWE-327", "name": "Use of a Broken or Risky Cryptographic Algorithm" }, "notes": [ { "category": "summary", "text": "The SSL protocol 3.0, as used in OpenSSL through 1.0.1i and other products, uses nondeterministic CBC padding, which makes it easier for man-in-the-middle attackers to obtain cleartext data via a padding-oracle attack, aka the \"POODLE\" issue.", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001", "CSAFPID-0002" ] }, "references": [ { "category": "external", "summary": "web.nvd.nist.gov", "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-3566" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" } ], "remediations": [ { "category": "mitigation", "details": "Philips\u0027 evaluation of Operating System security patches is ongoing, and after appropriate testing, the patches and mitigating controls are posted on Philips\u0027 InCenter. ISP users are recommended to obtain available mitigating controls by accessing their InCenter account at this location: http://incenter.medical.philips.com", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002" ], "url": "http://incenter.medical.philips.com" }, { "category": "mitigation", "details": "Users with questions regarding their specific ISP installations are advised by Philips to contact their local Philips service support team or their regional service support.", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002" ] }, { "category": "mitigation", "details": "Philips\u0027 contact information is available at the following location: https://www.usa.philips.com/healthcare/solutions/customer-service-solutions", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002" ], "url": "https://www.usa.philips.com/healthcare/solutions/customer-service-solutions" }, { "category": "mitigation", "details": "Please see the Philips product security website for the latest security information for Philips products: https://www.philips.com/productsecurity", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002" ], "url": "https://www.philips.com/productsecurity" } ], "scores": [ { "cvss_v3": { "baseScore": 3.4, "baseSeverity": "LOW", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N", "version": "3.1" }, "products": [ "CSAFPID-0001", "CSAFPID-0002" ] } ] }, { "cve": "CVE-2016-2183", "cwe": { "id": "CWE-327", "name": "Use of a Broken or Risky Cryptographic Algorithm" }, "notes": [ { "category": "summary", "text": "The DES and Triple DES ciphers, as used in the TLS, SSH, and IPSec protocols and other protocols and products, have a birthday bound of approximately four billion blocks, which makes it easier for remote attackers to obtain cleartext data via a birthday attack against a long-duration encrypted session, as demonstrated by an HTTPS session using Triple DES in CBC mode, aka a \"Sweet32\" attack.", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001", "CSAFPID-0002" ] }, "references": [ { "category": "external", "summary": "web.nvd.nist.gov", "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-2183" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" } ], "remediations": [ { "category": "mitigation", "details": "Philips\u0027 evaluation of Operating System security patches is ongoing, and after appropriate testing, the patches and mitigating controls are posted on Philips\u0027 InCenter. ISP users are recommended to obtain available mitigating controls by accessing their InCenter account at this location: http://incenter.medical.philips.com", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002" ], "url": "http://incenter.medical.philips.com" }, { "category": "mitigation", "details": "Users with questions regarding their specific ISP installations are advised by Philips to contact their local Philips service support team or their regional service support.", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002" ] }, { "category": "mitigation", "details": "Philips\u0027 contact information is available at the following location: https://www.usa.philips.com/healthcare/solutions/customer-service-solutions", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002" ], "url": "https://www.usa.philips.com/healthcare/solutions/customer-service-solutions" }, { "category": "mitigation", "details": "Please see the Philips product security website for the latest security information for Philips products: https://www.philips.com/productsecurity", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002" ], "url": "https://www.philips.com/productsecurity" } ], "scores": [ { "cvss_v3": { "baseScore": 7.5, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1" }, "products": [ "CSAFPID-0001", "CSAFPID-0002" ] } ] } ] }
icsa-22-349-21
Vulnerability from csaf_cisa
Notes
{ "document": { "acknowledgments": [ { "organization": "Siemens", "summary": "reporting these vulnerabilities to CISA" } ], "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Disclosure is not limited", "tlp": { "label": "WHITE", "url": "https://us-cert.cisa.gov/tlp/" } }, "lang": "en-US", "notes": [ { "category": "general", "text": "This CSAF advisory was extracted from unstructured data and may contain inaccuracies. If you notice any errors, please reach out to the designated contact at CISA CSAF: central@cisa.dhs.gov", "title": "CISA Disclaimer" }, { "category": "legal_disclaimer", "text": "All information products included in https://us-cert.cisa.gov/ics are provided \"as is\" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.", "title": "Legal Notice" }, { "category": "summary", "text": "Successful exploitation of these vulnerabilities could allow a denial-of-service condition or could lead to execution of arbitrary code.", "title": "Risk evaluation" }, { "category": "other", "text": " Multiple", "title": "Critical infrastructure sectors" }, { "category": "other", "text": " Worldwide", "title": "Countries/areas deployed" }, { "category": "other", "text": " Germany", "title": "Company headquarters location" }, { "category": "general", "text": "CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability these vulnerabilities. Specifically, users should:", "title": "Recommended Practices" }, { "category": "general", "text": "CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.", "title": "Recommended Practices" }, { "category": "general", "text": "CISA also provides a section for control systems security recommended practices on the ICS webpage at cisa.gov/ics. Several CISA products detailing cyber defense best practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.", "title": "Recommended Practices" }, { "category": "general", "text": "Organizations observing suspected malicious activity should follow established internal procedures and report findings to CISA for tracking and correlation against other incidents.", "title": "Recommended Practices" }, { "category": "general", "text": "CISA also recommends users take the following measures to protect themselves from social engineering attacks:", "title": "Recommended Practices" }, { "category": "general", "text": "Additional mitigation guidance and recommended practices are publicly available on the ICS webpage at cisa.gov/ics in the technical information paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.", "title": "Recommended Practices" }, { "category": "general", "text": "For further inquiries on security vulnerabilities in Siemens products and solutions, please contact the Siemens ProductCERT: https://www.siemens.com/cert/advisories", "title": "Additional Resources" }, { "category": "other", "text": "These vulnerabilities are exploitable remotely. These vulnerabilities have a low attack complexity.", "title": "Exploitability" } ], "publisher": { "category": "coordinator", "contact_details": "Email: CISAservicedesk@cisa.dhs.gov;\n Toll Free: 1-888-282-0870", "name": "CISA", "namespace": "https://www.cisa.gov/" }, "references": [ { "category": "external", "summary": "SSA-412672: Multiple OpenSSL and OpenSSH Vulnerabilities in SCALANCE X-200RNA Switch Devices before V3.2.7 - CSAF Version", "url": "https://cert-portal.siemens.com/productcert/csaf/ssa-412672.json" }, { "category": "self", "summary": "ICS Advisory ICSA-22-349-21 JSON", "url": "https://raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/OT/white/2022/icsa-22-349-21.json" }, { "category": "self", "summary": "ICS Advisory ICSA-22-349-21 Web Version", "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-22-349-21" }, { "category": "external", "summary": "Recommended Practices", "url": "https://www.cisa.gov/uscert/ncas/tips/ST04-014" }, { "category": "external", "summary": "Recommended Practices", "url": "https://us-cert.cisa.gov/sites/default/files/recommended_practices/NCCIC_ICS-CERT_Defense_in_Depth_2016_S508C.pdf" }, { "category": "external", "summary": "SSA-412672: Multiple OpenSSL and OpenSSH Vulnerabilities in SCALANCE X-200RNA Switch Devices before V3.2.7 - PDF Version", "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-412672.pdf" }, { "category": "external", "summary": "SSA-412672: Multiple OpenSSL and OpenSSH Vulnerabilities in SCALANCE X-200RNA Switch Devices before V3.2.7 - TXT Version", "url": "https://cert-portal.siemens.com/productcert/txt/ssa-412672.txt" } ], "title": "Siemens SCALANCE X-200RNA Switch Devices", "tracking": { "current_release_date": "2022-12-15T00:00:00.000000Z", "generator": { "engine": { "name": "CISA CSAF Generator", "version": "1.0.0" } }, "id": "ICSA-22-349-21", "initial_release_date": "2022-12-15T00:00:00.000000Z", "revision_history": [ { "date": "2022-12-15T00:00:00.000000Z", "legacy_version": "Initial", "number": "1", "summary": "Publication Date" } ], "status": "final", "version": "1" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_version_range", "name": "\u003c V3.2.7", "product": { "name": "SCALANCE X204RNA (HSR) (6GK5204-0BA00-2MB2)", "product_id": "CSAFPID-0001", "product_identification_helper": { "model_numbers": [ "6GK5204-0BA00-2MB2" ] } } } ], "category": "product_name", "name": "SCALANCE X204RNA (HSR) (6GK5204-0BA00-2MB2)" }, { "branches": [ { "category": "product_version_range", "name": "\u003c V3.2.7", "product": { "name": "SCALANCE X204RNA (PRP) (6GK5204-0BA00-2KB2)", "product_id": "CSAFPID-0002", "product_identification_helper": { "model_numbers": [ "6GK5204-0BA00-2KB2" ] } } } ], "category": "product_name", "name": "SCALANCE X204RNA (PRP) (6GK5204-0BA00-2KB2)" }, { "branches": [ { "category": "product_version_range", "name": "\u003c V3.2.7", "product": { "name": "SCALANCE X204RNA EEC (HSR) (6GK5204-0BS00-2NA3)", "product_id": "CSAFPID-0003", "product_identification_helper": { "model_numbers": [ "6GK5204-0BS00-2NA3" ] } } } ], "category": "product_name", "name": "SCALANCE X204RNA EEC (HSR) (6GK5204-0BS00-2NA3)" }, { "branches": [ { "category": "product_version_range", "name": "\u003c V3.2.7", "product": { "name": "SCALANCE X204RNA EEC (PRP) (6GK5204-0BS00-3LA3)", "product_id": "CSAFPID-0004", "product_identification_helper": { "model_numbers": [ "6GK5204-0BS00-3LA3" ] } } } ], "category": "product_name", "name": "SCALANCE X204RNA EEC (PRP) (6GK5204-0BS00-3LA3)" }, { "branches": [ { "category": "product_version_range", "name": "\u003c V3.2.7", "product": { "name": "SCALANCE X204RNA EEC (PRP/HSR) (6GK5204-0BS00-3PA3)", "product_id": "CSAFPID-0005", "product_identification_helper": { "model_numbers": [ "6GK5204-0BS00-3PA3" ] } } } ], "category": "product_name", "name": "SCALANCE X204RNA EEC (PRP/HSR) (6GK5204-0BS00-3PA3)" } ], "category": "vendor", "name": "Siemens" } ] }, "vulnerabilities": [ { "cve": "CVE-2003-0190", "cwe": { "id": "CWE-208", "name": "Observable Timing Discrepancy" }, "notes": [ { "category": "summary", "text": "OpenSSH-portable (OpenSSH) 3.6.1p1 and earlier with PAM support enabled immediately sends an error message when a user does not exist, which allows remote attackers to determine valid usernames via a timing attack.", "title": "Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] }, "references": [ { "category": "external", "summary": "nvd.nist.gov", "url": "https://nvd.nist.gov/vuln/detail/CVE-2003-0190" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" } ], "remediations": [ { "category": "mitigation", "details": "Restrict access to the affected systems, especially to ports 22/tcp and 443/tcp to trusted IP addresses only", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] }, { "category": "mitigation", "details": "Deactivate the webserver if not required, and if deactivation is supported by the product", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] }, { "category": "vendor_fix", "details": "Update to V3.2.7 or later version", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109814809/" }, { "category": "mitigation", "details": "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens\u0027 operational guidelines for Industrial Security (Download: \nhttps://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.\nAdditional information on Industrial Security by Siemens can be found at: \nhttps://www.siemens.com/industrialsecurity", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] } ], "scores": [ { "cvss_v3": { "baseScore": 5.3, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] } ], "title": "CVE-2003-0190" }, { "cve": "CVE-2003-1562", "cwe": { "id": "CWE-362", "name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)" }, "notes": [ { "category": "summary", "text": "sshd in OpenSSH 3.6.1p2 and earlier, when PermitRootLogin is disabled and using PAM keyboard-interactive authentication, does not insert a delay after a root login attempt with the correct password, which makes it easier for remote attackers to use timing differences to determine if the password step of a multi-step authentication is successful, a different vulnerability than CVE-2003-0190.", "title": "Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] }, "references": [ { "category": "external", "summary": "nvd.nist.gov", "url": "https://nvd.nist.gov/vuln/detail/CVE-2003-1562" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "remediations": [ { "category": "mitigation", "details": "Restrict access to the affected systems, especially to ports 22/tcp and 443/tcp to trusted IP addresses only", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] }, { "category": "mitigation", "details": "Deactivate the webserver if not required, and if deactivation is supported by the product", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] }, { "category": "vendor_fix", "details": "Update to V3.2.7 or later version", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109814809/" }, { "category": "mitigation", "details": "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens\u0027 operational guidelines for Industrial Security (Download: \nhttps://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.\nAdditional information on Industrial Security by Siemens can be found at: \nhttps://www.siemens.com/industrialsecurity", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] } ], "scores": [ { "cvss_v3": { "baseScore": 8.1, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] } ], "title": "CVE-2003-1562" }, { "cve": "CVE-2014-8176", "cwe": { "id": "CWE-119", "name": "Improper Restriction of Operations within the Bounds of a Memory Buffer" }, "notes": [ { "category": "summary", "text": "The dtls1_clear_queues function in ssl/d1_lib.c in OpenSSL before 0.9.8za, 1.0.0 before 1.0.0m, and 1.0.1 before 1.0.1h frees data structures without considering that application data can arrive between a ChangeCipherSpec message and a Finished message, which allows remote DTLS peers to cause a denial of service (memory corruption and application crash) or possibly have unspecified other impact via unexpected application data.", "title": "Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] }, "references": [ { "category": "external", "summary": "nvd.nist.gov", "url": "https://nvd.nist.gov/vuln/detail/CVE-2014-8176" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L" } ], "remediations": [ { "category": "mitigation", "details": "Restrict access to the affected systems, especially to ports 22/tcp and 443/tcp to trusted IP addresses only", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] }, { "category": "mitigation", "details": "Deactivate the webserver if not required, and if deactivation is supported by the product", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] }, { "category": "vendor_fix", "details": "Update to V3.2.7 or later version", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109814809/" }, { "category": "mitigation", "details": "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens\u0027 operational guidelines for Industrial Security (Download: \nhttps://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.\nAdditional information on Industrial Security by Siemens can be found at: \nhttps://www.siemens.com/industrialsecurity", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.3, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] } ], "title": "CVE-2014-8176" }, { "cve": "CVE-2015-0207", "cwe": { "id": "CWE-20", "name": "Improper Input Validation" }, "notes": [ { "category": "summary", "text": "The dtls1_listen function in d1_lib.c in OpenSSL 1.0.2 before 1.0.2a does not properly isolate the state information of independent data streams, which allows remote attackers to cause a denial of service (application crash) via crafted DTLS traffic, as demonstrated by DTLS 1.0 traffic to a DTLS 1.2 server.", "title": "Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] }, "references": [ { "category": "external", "summary": "nvd.nist.gov", "url": "https://nvd.nist.gov/vuln/detail/CVE-2015-0207" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "remediations": [ { "category": "mitigation", "details": "Restrict access to the affected systems, especially to ports 22/tcp and 443/tcp to trusted IP addresses only", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] }, { "category": "mitigation", "details": "Deactivate the webserver if not required, and if deactivation is supported by the product", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] }, { "category": "vendor_fix", "details": "Update to V3.2.7 or later version", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109814809/" }, { "category": "mitigation", "details": "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens\u0027 operational guidelines for Industrial Security (Download: \nhttps://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.\nAdditional information on Industrial Security by Siemens can be found at: \nhttps://www.siemens.com/industrialsecurity", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] } ], "scores": [ { "cvss_v3": { "baseScore": 5.3, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] } ], "title": "CVE-2015-0207" }, { "cve": "CVE-2015-0208", "cwe": { "id": "CWE-476", "name": "NULL Pointer Dereference" }, "notes": [ { "category": "summary", "text": "The ASN.1 signature-verification implementation in the rsa_item_verify function in crypto/rsa/rsa_ameth.c in OpenSSL 1.0.2 before 1.0.2a allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via crafted RSA PSS parameters to an endpoint that uses the certificate-verification feature.", "title": "Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] }, "references": [ { "category": "external", "summary": "nvd.nist.gov", "url": "https://nvd.nist.gov/vuln/detail/CVE-2015-0208" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "remediations": [ { "category": "mitigation", "details": "Restrict access to the affected systems, especially to ports 22/tcp and 443/tcp to trusted IP addresses only", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] }, { "category": "mitigation", "details": "Deactivate the webserver if not required, and if deactivation is supported by the product", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] }, { "category": "vendor_fix", "details": "Update to V3.2.7 or later version", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109814809/" }, { "category": "mitigation", "details": "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens\u0027 operational guidelines for Industrial Security (Download: \nhttps://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.\nAdditional information on Industrial Security by Siemens can be found at: \nhttps://www.siemens.com/industrialsecurity", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] } ], "scores": [ { "cvss_v3": { "baseScore": 5.3, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] } ], "title": "CVE-2015-0208" }, { "cve": "CVE-2015-0209", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "notes": [ { "category": "summary", "text": "Use-after-free vulnerability in the d2i_ECPrivateKey function in crypto/ec/ec_asn1.c in OpenSSL before 0.9.8zf, 1.0.0 before 1.0.0r, 1.0.1 before 1.0.1m, and 1.0.2 before 1.0.2a might allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly have unspecified other impact via a malformed Elliptic Curve (EC) private-key file that is improperly handled during import.", "title": "Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] }, "references": [ { "category": "external", "summary": "nvd.nist.gov", "url": "https://nvd.nist.gov/vuln/detail/CVE-2015-0209" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L" } ], "remediations": [ { "category": "mitigation", "details": "Restrict access to the affected systems, especially to ports 22/tcp and 443/tcp to trusted IP addresses only", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] }, { "category": "mitigation", "details": "Deactivate the webserver if not required, and if deactivation is supported by the product", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] }, { "category": "vendor_fix", "details": "Update to V3.2.7 or later version", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109814809/" }, { "category": "mitigation", "details": "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens\u0027 operational guidelines for Industrial Security (Download: \nhttps://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.\nAdditional information on Industrial Security by Siemens can be found at: \nhttps://www.siemens.com/industrialsecurity", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.3, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] } ], "title": "CVE-2015-0209" }, { "cve": "CVE-2015-0285", "cwe": { "id": "CWE-335", "name": "Incorrect Usage of Seeds in Pseudo-Random Number Generator (PRNG)" }, "notes": [ { "category": "summary", "text": "The ssl3_client_hello function in s3_clnt.c in OpenSSL 1.0.2 before 1.0.2a does not ensure that the PRNG is seeded before proceeding with a handshake, which makes it easier for remote attackers to defeat cryptographic protection mechanisms by sniffing the network and then conducting a brute-force attack.", "title": "Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] }, "references": [ { "category": "external", "summary": "nvd.nist.gov", "url": "https://nvd.nist.gov/vuln/detail/CVE-2015-0285" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N" } ], "remediations": [ { "category": "mitigation", "details": "Restrict access to the affected systems, especially to ports 22/tcp and 443/tcp to trusted IP addresses only", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] }, { "category": "mitigation", "details": "Deactivate the webserver if not required, and if deactivation is supported by the product", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] }, { "category": "vendor_fix", "details": "Update to V3.2.7 or later version", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109814809/" }, { "category": "mitigation", "details": "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens\u0027 operational guidelines for Industrial Security (Download: \nhttps://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.\nAdditional information on Industrial Security by Siemens can be found at: \nhttps://www.siemens.com/industrialsecurity", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] } ], "scores": [ { "cvss_v3": { "baseScore": 4.3, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] } ], "title": "CVE-2015-0285" }, { "cve": "CVE-2015-0286", "cwe": { "id": "CWE-1024", "name": "Comparison of Incompatible Types" }, "notes": [ { "category": "summary", "text": "The ASN1_TYPE_cmp function in crypto/asn1/a_type.c in OpenSSL before 0.9.8zf, 1.0.0 before 1.0.0r, 1.0.1 before 1.0.1m, and 1.0.2 before 1.0.2a does not properly perform boolean-type comparisons, which allows remote attackers to cause a denial of service (invalid read operation and application crash) via a crafted X.509 certificate to an endpoint that uses the certificate-verification feature.", "title": "Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] }, "references": [ { "category": "external", "summary": "nvd.nist.gov", "url": "https://nvd.nist.gov/vuln/detail/CVE-2015-0286" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "remediations": [ { "category": "mitigation", "details": "Restrict access to the affected systems, especially to ports 22/tcp and 443/tcp to trusted IP addresses only", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] }, { "category": "mitigation", "details": "Deactivate the webserver if not required, and if deactivation is supported by the product", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] }, { "category": "vendor_fix", "details": "Update to V3.2.7 or later version", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109814809/" }, { "category": "mitigation", "details": "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens\u0027 operational guidelines for Industrial Security (Download: \nhttps://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.\nAdditional information on Industrial Security by Siemens can be found at: \nhttps://www.siemens.com/industrialsecurity", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] } ], "scores": [ { "cvss_v3": { "baseScore": 5.3, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] } ], "title": "CVE-2015-0286" }, { "cve": "CVE-2015-0287", "cwe": { "id": "CWE-119", "name": "Improper Restriction of Operations within the Bounds of a Memory Buffer" }, "notes": [ { "category": "summary", "text": "The ASN1_item_ex_d2i function in crypto/asn1/tasn_dec.c in OpenSSL before 0.9.8zf, 1.0.0 before 1.0.0r, 1.0.1 before 1.0.1m, and 1.0.2 before 1.0.2a does not reinitialize CHOICE and ADB data structures, which might allow attackers to cause a denial of service (invalid write operation and memory corruption) by leveraging an application that relies on ASN.1 structure reuse.", "title": "Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] }, "references": [ { "category": "external", "summary": "nvd.nist.gov", "url": "https://nvd.nist.gov/vuln/detail/CVE-2015-0287" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "remediations": [ { "category": "mitigation", "details": "Restrict access to the affected systems, especially to ports 22/tcp and 443/tcp to trusted IP addresses only", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] }, { "category": "mitigation", "details": "Deactivate the webserver if not required, and if deactivation is supported by the product", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] }, { "category": "vendor_fix", "details": "Update to V3.2.7 or later version", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109814809/" }, { "category": "mitigation", "details": "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens\u0027 operational guidelines for Industrial Security (Download: \nhttps://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.\nAdditional information on Industrial Security by Siemens can be found at: \nhttps://www.siemens.com/industrialsecurity", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] } ], "scores": [ { "cvss_v3": { "baseScore": 5.3, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] } ], "title": "CVE-2015-0287" }, { "cve": "CVE-2015-0288", "cwe": { "id": "CWE-476", "name": "NULL Pointer Dereference" }, "notes": [ { "category": "summary", "text": "The X509_to_X509_REQ function in crypto/x509/x509_req.c in OpenSSL before 0.9.8zf, 1.0.0 before 1.0.0r, 1.0.1 before 1.0.1m, and 1.0.2 before 1.0.2a might allow attackers to cause a denial of service (NULL pointer dereference and application crash) via an invalid certificate key.", "title": "Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] }, "references": [ { "category": "external", "summary": "nvd.nist.gov", "url": "https://nvd.nist.gov/vuln/detail/CVE-2015-0288" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "remediations": [ { "category": "mitigation", "details": "Restrict access to the affected systems, especially to ports 22/tcp and 443/tcp to trusted IP addresses only", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] }, { "category": "mitigation", "details": "Deactivate the webserver if not required, and if deactivation is supported by the product", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] }, { "category": "vendor_fix", "details": "Update to V3.2.7 or later version", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109814809/" }, { "category": "mitigation", "details": "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens\u0027 operational guidelines for Industrial Security (Download: \nhttps://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.\nAdditional information on Industrial Security by Siemens can be found at: \nhttps://www.siemens.com/industrialsecurity", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] } ], "scores": [ { "cvss_v3": { "baseScore": 5.3, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] } ], "title": "CVE-2015-0288" }, { "cve": "CVE-2015-0289", "cwe": { "id": "CWE-476", "name": "NULL Pointer Dereference" }, "notes": [ { "category": "summary", "text": "The PKCS#7 implementation in OpenSSL before 0.9.8zf, 1.0.0 before 1.0.0r, 1.0.1 before 1.0.1m, and 1.0.2 before 1.0.2a does not properly handle a lack of outer ContentInfo, which allows attackers to cause a denial of service (NULL pointer dereference and application crash) by leveraging an application that processes arbitrary PKCS#7 data and providing malformed data with ASN.1 encoding, related to crypto/pkcs7/pk7_doit.c and crypto/pkcs7/pk7_lib.c.", "title": "Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] }, "references": [ { "category": "external", "summary": "nvd.nist.gov", "url": "https://nvd.nist.gov/vuln/detail/CVE-2015-0289" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "remediations": [ { "category": "mitigation", "details": "Restrict access to the affected systems, especially to ports 22/tcp and 443/tcp to trusted IP addresses only", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] }, { "category": "mitigation", "details": "Deactivate the webserver if not required, and if deactivation is supported by the product", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] }, { "category": "vendor_fix", "details": "Update to V3.2.7 or later version", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109814809/" }, { "category": "mitigation", "details": "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens\u0027 operational guidelines for Industrial Security (Download: \nhttps://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.\nAdditional information on Industrial Security by Siemens can be found at: \nhttps://www.siemens.com/industrialsecurity", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] } ], "scores": [ { "cvss_v3": { "baseScore": 5.3, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] } ], "title": "CVE-2015-0289" }, { "cve": "CVE-2015-0290", "cwe": { "id": "CWE-476", "name": "NULL Pointer Dereference" }, "notes": [ { "category": "summary", "text": "The multi-block feature in the ssl3_write_bytes function in s3_pkt.c in OpenSSL 1.0.2 before 1.0.2a on 64-bit x86 platforms with AES NI support does not properly handle certain non-blocking I/O cases, which allows remote attackers to cause a denial of service (pointer corruption and application crash) via unspecified vectors.", "title": "Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] }, "references": [ { "category": "external", "summary": "nvd.nist.gov", "url": "https://nvd.nist.gov/vuln/detail/CVE-2015-0290" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "remediations": [ { "category": "mitigation", "details": "Restrict access to the affected systems, especially to ports 22/tcp and 443/tcp to trusted IP addresses only", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] }, { "category": "mitigation", "details": "Deactivate the webserver if not required, and if deactivation is supported by the product", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] }, { "category": "vendor_fix", "details": "Update to V3.2.7 or later version", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109814809/" }, { "category": "mitigation", "details": "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens\u0027 operational guidelines for Industrial Security (Download: \nhttps://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.\nAdditional information on Industrial Security by Siemens can be found at: \nhttps://www.siemens.com/industrialsecurity", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] } ], "scores": [ { "cvss_v3": { "baseScore": 5.3, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] } ], "title": "CVE-2015-0290" }, { "cve": "CVE-2015-0291", "cwe": { "id": "CWE-476", "name": "NULL Pointer Dereference" }, "notes": [ { "category": "summary", "text": "The sigalgs implementation in t1_lib.c in OpenSSL 1.0.2 before 1.0.2a allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) by using an invalid signature_algorithms extension in the ClientHello message during a renegotiation.", "title": "Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] }, "references": [ { "category": "external", "summary": "nvd.nist.gov", "url": "https://nvd.nist.gov/vuln/detail/CVE-2015-0291" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "remediations": [ { "category": "mitigation", "details": "Restrict access to the affected systems, especially to ports 22/tcp and 443/tcp to trusted IP addresses only", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] }, { "category": "mitigation", "details": "Deactivate the webserver if not required, and if deactivation is supported by the product", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] }, { "category": "vendor_fix", "details": "Update to V3.2.7 or later version", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109814809/" }, { "category": "mitigation", "details": "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens\u0027 operational guidelines for Industrial Security (Download: \nhttps://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.\nAdditional information on Industrial Security by Siemens can be found at: \nhttps://www.siemens.com/industrialsecurity", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] } ], "scores": [ { "cvss_v3": { "baseScore": 5.3, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] } ], "title": "CVE-2015-0291" }, { "cve": "CVE-2015-0292", "cwe": { "id": "CWE-119", "name": "Improper Restriction of Operations within the Bounds of a Memory Buffer" }, "notes": [ { "category": "summary", "text": "Integer underflow in the EVP_DecodeUpdate function in crypto/evp/encode.c in the base64-decoding implementation in OpenSSL before 0.9.8za, 1.0.0 before 1.0.0m, and 1.0.1 before 1.0.1h allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via crafted base64 data that triggers a buffer overflow.", "title": "Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] }, "references": [ { "category": "external", "summary": "nvd.nist.gov", "url": "https://nvd.nist.gov/vuln/detail/CVE-2015-0292" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L" } ], "remediations": [ { "category": "mitigation", "details": "Restrict access to the affected systems, especially to ports 22/tcp and 443/tcp to trusted IP addresses only", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] }, { "category": "mitigation", "details": "Deactivate the webserver if not required, and if deactivation is supported by the product", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] }, { "category": "vendor_fix", "details": "Update to V3.2.7 or later version", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109814809/" }, { "category": "mitigation", "details": "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens\u0027 operational guidelines for Industrial Security (Download: \nhttps://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.\nAdditional information on Industrial Security by Siemens can be found at: \nhttps://www.siemens.com/industrialsecurity", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.3, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] } ], "title": "CVE-2015-0292" }, { "cve": "CVE-2015-0293", "cwe": { "id": "CWE-20", "name": "Improper Input Validation" }, "notes": [ { "category": "summary", "text": "The SSLv2 implementation in OpenSSL before 0.9.8zf, 1.0.0 before 1.0.0r, 1.0.1 before 1.0.1m, and 1.0.2 before 1.0.2a allows remote attackers to cause a denial of service (s2_lib.c assertion failure and daemon exit) via a crafted CLIENT-MASTER-KEY message.", "title": "Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] }, "references": [ { "category": "external", "summary": "nvd.nist.gov", "url": "https://nvd.nist.gov/vuln/detail/CVE-2015-0293" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "remediations": [ { "category": "mitigation", "details": "Restrict access to the affected systems, especially to ports 22/tcp and 443/tcp to trusted IP addresses only", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] }, { "category": "mitigation", "details": "Deactivate the webserver if not required, and if deactivation is supported by the product", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] }, { "category": "vendor_fix", "details": "Update to V3.2.7 or later version", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109814809/" }, { "category": "mitigation", "details": "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens\u0027 operational guidelines for Industrial Security (Download: \nhttps://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.\nAdditional information on Industrial Security by Siemens can be found at: \nhttps://www.siemens.com/industrialsecurity", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] } ], "scores": [ { "cvss_v3": { "baseScore": 5.3, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] } ], "title": "CVE-2015-0293" }, { "cve": "CVE-2015-1787", "cwe": { "id": "CWE-20", "name": "Improper Input Validation" }, "notes": [ { "category": "summary", "text": "The ssl3_get_client_key_exchange function in s3_srvr.c in OpenSSL 1.0.2 before 1.0.2a, when client authentication and an ephemeral Diffie-Hellman ciphersuite are enabled, allows remote attackers to cause a denial of service (daemon crash) via a ClientKeyExchange message with a length of zero.", "title": "Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] }, "references": [ { "category": "external", "summary": "nvd.nist.gov", "url": "https://nvd.nist.gov/vuln/detail/CVE-2015-1787" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "remediations": [ { "category": "mitigation", "details": "Restrict access to the affected systems, especially to ports 22/tcp and 443/tcp to trusted IP addresses only", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] }, { "category": "mitigation", "details": "Deactivate the webserver if not required, and if deactivation is supported by the product", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] }, { "category": "vendor_fix", "details": "Update to V3.2.7 or later version", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109814809/" }, { "category": "mitigation", "details": "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens\u0027 operational guidelines for Industrial Security (Download: \nhttps://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.\nAdditional information on Industrial Security by Siemens can be found at: \nhttps://www.siemens.com/industrialsecurity", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] } ], "scores": [ { "cvss_v3": { "baseScore": 3.7, "baseSeverity": "LOW", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] } ], "title": "CVE-2015-1787" }, { "cve": "CVE-2015-1788", "cwe": { "id": "CWE-327", "name": "Use of a Broken or Risky Cryptographic Algorithm" }, "notes": [ { "category": "summary", "text": "The BN_GF2m_mod_inv function in crypto/bn/bn_gf2m.c in OpenSSL before 0.9.8s, 1.0.0 before 1.0.0e, 1.0.1 before 1.0.1n, and 1.0.2 before 1.0.2b does not properly handle ECParameters structures in which the curve is over a malformed binary polynomial field, which allows remote attackers to cause a denial of service (infinite loop) via a session that uses an Elliptic Curve algorithm, as demonstrated by an attack against a server that supports client authentication.", "title": "Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] }, "references": [ { "category": "external", "summary": "nvd.nist.gov", "url": "https://nvd.nist.gov/vuln/detail/CVE-2015-1788" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "remediations": [ { "category": "mitigation", "details": "Restrict access to the affected systems, especially to ports 22/tcp and 443/tcp to trusted IP addresses only", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] }, { "category": "mitigation", "details": "Deactivate the webserver if not required, and if deactivation is supported by the product", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] }, { "category": "vendor_fix", "details": "Update to V3.2.7 or later version", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109814809/" }, { "category": "mitigation", "details": "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens\u0027 operational guidelines for Industrial Security (Download: \nhttps://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.\nAdditional information on Industrial Security by Siemens can be found at: \nhttps://www.siemens.com/industrialsecurity", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] } ], "scores": [ { "cvss_v3": { "baseScore": 5.3, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] } ], "title": "CVE-2015-1788" }, { "cve": "CVE-2015-1789", "cwe": { "id": "CWE-119", "name": "Improper Restriction of Operations within the Bounds of a Memory Buffer" }, "notes": [ { "category": "summary", "text": "The X509_cmp_time function in crypto/x509/x509_vfy.c in OpenSSL before 0.9.8zg, 1.0.0 before 1.0.0s, 1.0.1 before 1.0.1n, and 1.0.2 before 1.0.2b allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted length field in ASN1_TIME data, as demonstrated by an attack against a server that supports client authentication with a custom verification callback.", "title": "Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] }, "references": [ { "category": "external", "summary": "nvd.nist.gov", "url": "https://nvd.nist.gov/vuln/detail/CVE-2015-1789" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "remediations": [ { "category": "mitigation", "details": "Restrict access to the affected systems, especially to ports 22/tcp and 443/tcp to trusted IP addresses only", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] }, { "category": "mitigation", "details": "Deactivate the webserver if not required, and if deactivation is supported by the product", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] }, { "category": "vendor_fix", "details": "Update to V3.2.7 or later version", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109814809/" }, { "category": "mitigation", "details": "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens\u0027 operational guidelines for Industrial Security (Download: \nhttps://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.\nAdditional information on Industrial Security by Siemens can be found at: \nhttps://www.siemens.com/industrialsecurity", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.5, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] } ], "title": "CVE-2015-1789" }, { "cve": "CVE-2015-1790", "cwe": { "id": "CWE-476", "name": "NULL Pointer Dereference" }, "notes": [ { "category": "summary", "text": "The PKCS7_dataDecodefunction in crypto/pkcs7/pk7_doit.c in OpenSSL before 0.9.8zg, 1.0.0 before 1.0.0s, 1.0.1 before 1.0.1n, and 1.0.2 before 1.0.2b allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a PKCS#7 blob that uses ASN.1 encoding and lacks inner EncryptedContent data.", "title": "Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] }, "references": [ { "category": "external", "summary": "nvd.nist.gov", "url": "https://nvd.nist.gov/vuln/detail/CVE-2015-1790" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "remediations": [ { "category": "mitigation", "details": "Restrict access to the affected systems, especially to ports 22/tcp and 443/tcp to trusted IP addresses only", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] }, { "category": "mitigation", "details": "Deactivate the webserver if not required, and if deactivation is supported by the product", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] }, { "category": "vendor_fix", "details": "Update to V3.2.7 or later version", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109814809/" }, { "category": "mitigation", "details": "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens\u0027 operational guidelines for Industrial Security (Download: \nhttps://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.\nAdditional information on Industrial Security by Siemens can be found at: \nhttps://www.siemens.com/industrialsecurity", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] } ], "scores": [ { "cvss_v3": { "baseScore": 5.3, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] } ], "title": "CVE-2015-1790" }, { "cve": "CVE-2015-1791", "cwe": { "id": "CWE-362", "name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)" }, "notes": [ { "category": "summary", "text": "Race condition in the ssl3_get_new_session_ticket function in ssl/s3_clnt.c in OpenSSL before 0.9.8zg, 1.0.0 before 1.0.0s, 1.0.1 before 1.0.1n, and 1.0.2 before 1.0.2b, when used for a multi-threaded client, allows remote attackers to cause a denial of service (double free and application crash) or possibly have unspecified other impact by providing a NewSessionTicket during an attempt to reuse a ticket that had been obtained earlier.", "title": "Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] }, "references": [ { "category": "external", "summary": "nvd.nist.gov", "url": "https://nvd.nist.gov/vuln/detail/CVE-2015-1791" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L" } ], "remediations": [ { "category": "mitigation", "details": "Restrict access to the affected systems, especially to ports 22/tcp and 443/tcp to trusted IP addresses only", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] }, { "category": "mitigation", "details": "Deactivate the webserver if not required, and if deactivation is supported by the product", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] }, { "category": "vendor_fix", "details": "Update to V3.2.7 or later version", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109814809/" }, { "category": "mitigation", "details": "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens\u0027 operational guidelines for Industrial Security (Download: \nhttps://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.\nAdditional information on Industrial Security by Siemens can be found at: \nhttps://www.siemens.com/industrialsecurity", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.3, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] } ], "title": "CVE-2015-1791" }, { "cve": "CVE-2015-1792", "cwe": { "id": "CWE-690", "name": "Unchecked Return Value to NULL Pointer Dereference" }, "notes": [ { "category": "summary", "text": "The do_free_upto function in crypto/cms/cms_smime.c in OpenSSL before 0.9.8zg, 1.0.0 before 1.0.0s, 1.0.1 before 1.0.1n, and 1.0.2 before 1.0.2b allows remote attackers to cause a denial of service (infinite loop) via vectors that trigger a NULL value of a BIO data structure, as demonstrated by an unrecognized X.660 OID for a hash function.", "title": "Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] }, "references": [ { "category": "external", "summary": "nvd.nist.gov", "url": "https://nvd.nist.gov/vuln/detail/CVE-2015-1792" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "remediations": [ { "category": "mitigation", "details": "Restrict access to the affected systems, especially to ports 22/tcp and 443/tcp to trusted IP addresses only", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] }, { "category": "mitigation", "details": "Deactivate the webserver if not required, and if deactivation is supported by the product", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] }, { "category": "vendor_fix", "details": "Update to V3.2.7 or later version", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109814809/" }, { "category": "mitigation", "details": "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens\u0027 operational guidelines for Industrial Security (Download: \nhttps://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.\nAdditional information on Industrial Security by Siemens can be found at: \nhttps://www.siemens.com/industrialsecurity", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] } ], "scores": [ { "cvss_v3": { "baseScore": 5.3, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] } ], "title": "CVE-2015-1792" }, { "cve": "CVE-2015-1794", "cwe": { "id": "CWE-682", "name": "Incorrect Calculation" }, "notes": [ { "category": "summary", "text": "The ssl3_get_key_exchange function in ssl/s3_clnt.c in OpenSSL 1.0.2 before 1.0.2e allows remote servers to cause a denial of service (segmentation fault) via a zero p value in an anonymous Diffie-Hellman (DH) ServerKeyExchange message.", "title": "Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] }, "references": [ { "category": "external", "summary": "nvd.nist.gov", "url": "https://nvd.nist.gov/vuln/detail/CVE-2015-1794" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "remediations": [ { "category": "mitigation", "details": "Restrict access to the affected systems, especially to ports 22/tcp and 443/tcp to trusted IP addresses only", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] }, { "category": "mitigation", "details": "Deactivate the webserver if not required, and if deactivation is supported by the product", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] }, { "category": "vendor_fix", "details": "Update to V3.2.7 or later version", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109814809/" }, { "category": "mitigation", "details": "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens\u0027 operational guidelines for Industrial Security (Download: \nhttps://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.\nAdditional information on Industrial Security by Siemens can be found at: \nhttps://www.siemens.com/industrialsecurity", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] } ], "scores": [ { "cvss_v3": { "baseScore": 5.3, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] } ], "title": "CVE-2015-1794" }, { "cve": "CVE-2015-3193", "cwe": { "id": "CWE-200", "name": "Exposure of Sensitive Information to an Unauthorized Actor" }, "notes": [ { "category": "summary", "text": "The Montgomery squaring implementation in crypto/bn/asm/x86_64-mont5.pl in OpenSSL 1.0.2 before 1.0.2e on the x86_64 platform, as used by the BN_mod_exp function, mishandles carry propagation and produces incorrect output, which makes it easier for remote attackers to obtain sensitive private-key information via an attack against use of a (1) Diffie-Hellman (DH) or (2) Diffie-Hellman Ephemeral (DHE) ciphersuite.", "title": "Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] }, "references": [ { "category": "external", "summary": "nvd.nist.gov", "url": "https://nvd.nist.gov/vuln/detail/CVE-2015-3193" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" } ], "remediations": [ { "category": "mitigation", "details": "Restrict access to the affected systems, especially to ports 22/tcp and 443/tcp to trusted IP addresses only", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] }, { "category": "mitigation", "details": "Deactivate the webserver if not required, and if deactivation is supported by the product", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] }, { "category": "vendor_fix", "details": "Update to V3.2.7 or later version", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109814809/" }, { "category": "mitigation", "details": "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens\u0027 operational guidelines for Industrial Security (Download: \nhttps://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.\nAdditional information on Industrial Security by Siemens can be found at: \nhttps://www.siemens.com/industrialsecurity", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.5, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] } ], "title": "CVE-2015-3193" }, { "cve": "CVE-2015-3194", "cwe": { "id": "CWE-476", "name": "NULL Pointer Dereference" }, "notes": [ { "category": "summary", "text": "crypto/rsa/rsa_ameth.c in OpenSSL 1.0.1 before 1.0.1q and 1.0.2 before 1.0.2e allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via an RSA PSS ASN.1 signature that lacks a mask generation function parameter.", "title": "Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] }, "references": [ { "category": "external", "summary": "nvd.nist.gov", "url": "https://nvd.nist.gov/vuln/detail/CVE-2015-3194" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "remediations": [ { "category": "mitigation", "details": "Restrict access to the affected systems, especially to ports 22/tcp and 443/tcp to trusted IP addresses only", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] }, { "category": "mitigation", "details": "Deactivate the webserver if not required, and if deactivation is supported by the product", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] }, { "category": "vendor_fix", "details": "Update to V3.2.7 or later version", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109814809/" }, { "category": "mitigation", "details": "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens\u0027 operational guidelines for Industrial Security (Download: \nhttps://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.\nAdditional information on Industrial Security by Siemens can be found at: \nhttps://www.siemens.com/industrialsecurity", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.5, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] } ], "title": "CVE-2015-3194" }, { "cve": "CVE-2015-3195", "cwe": { "id": "CWE-200", "name": "Exposure of Sensitive Information to an Unauthorized Actor" }, "notes": [ { "category": "summary", "text": "The ASN1_TFLG_COMBINE implementation in crypto/asn1/tasn_dec.c in OpenSSL before 0.9.8zh, 1.0.0 before 1.0.0t, 1.0.1 before 1.0.1q, and 1.0.2 before 1.0.2e mishandles errors caused by malformed X509_ATTRIBUTE data, which allows remote attackers to obtain sensitive information from process memory by triggering a decoding failure in a PKCS#7 or CMS application.", "title": "Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] }, "references": [ { "category": "external", "summary": "nvd.nist.gov", "url": "https://nvd.nist.gov/vuln/detail/CVE-2015-3195" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "remediations": [ { "category": "mitigation", "details": "Restrict access to the affected systems, especially to ports 22/tcp and 443/tcp to trusted IP addresses only", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] }, { "category": "mitigation", "details": "Deactivate the webserver if not required, and if deactivation is supported by the product", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] }, { "category": "vendor_fix", "details": "Update to V3.2.7 or later version", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109814809/" }, { "category": "mitigation", "details": "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens\u0027 operational guidelines for Industrial Security (Download: \nhttps://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.\nAdditional information on Industrial Security by Siemens can be found at: \nhttps://www.siemens.com/industrialsecurity", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] } ], "scores": [ { "cvss_v3": { "baseScore": 5.3, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] } ], "title": "CVE-2015-3195" }, { "cve": "CVE-2015-3196", "cwe": { "id": "CWE-362", "name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)" }, "notes": [ { "category": "summary", "text": "ssl/s3_clnt.c in OpenSSL 1.0.0 before 1.0.0t, 1.0.1 before 1.0.1p, and 1.0.2 before 1.0.2d, when used for a multi-threaded client, writes the PSK identity hint to an incorrect data structure, which allows remote servers to cause a denial of service (race condition and double free) via a crafted ServerKeyExchange message.", "title": "Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] }, "references": [ { "category": "external", "summary": "nvd.nist.gov", "url": "https://nvd.nist.gov/vuln/detail/CVE-2015-3196" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "remediations": [ { "category": "mitigation", "details": "Restrict access to the affected systems, especially to ports 22/tcp and 443/tcp to trusted IP addresses only", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] }, { "category": "mitigation", "details": "Deactivate the webserver if not required, and if deactivation is supported by the product", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] }, { "category": "vendor_fix", "details": "Update to V3.2.7 or later version", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109814809/" }, { "category": "mitigation", "details": "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens\u0027 operational guidelines for Industrial Security (Download: \nhttps://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.\nAdditional information on Industrial Security by Siemens can be found at: \nhttps://www.siemens.com/industrialsecurity", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] } ], "scores": [ { "cvss_v3": { "baseScore": 5.3, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] } ], "title": "CVE-2015-3196" }, { "cve": "CVE-2015-3197", "cwe": { "id": "CWE-200", "name": "Exposure of Sensitive Information to an Unauthorized Actor" }, "notes": [ { "category": "summary", "text": "ssl/s2_srvr.c in OpenSSL 1.0.1 before 1.0.1r and 1.0.2 before 1.0.2f does not prevent use of disabled ciphers, which makes it easier for man-in-the-middle attackers to defeat cryptographic protection mechanisms by performing computations on SSLv2 traffic, related to the get_client_master_key and get_client_hello functions.", "title": "Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] }, "references": [ { "category": "external", "summary": "nvd.nist.gov", "url": "https://nvd.nist.gov/vuln/detail/CVE-2015-3197" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" } ], "remediations": [ { "category": "mitigation", "details": "Restrict access to the affected systems, especially to ports 22/tcp and 443/tcp to trusted IP addresses only", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] }, { "category": "mitigation", "details": "Deactivate the webserver if not required, and if deactivation is supported by the product", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] }, { "category": "vendor_fix", "details": "Update to V3.2.7 or later version", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109814809/" }, { "category": "mitigation", "details": "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens\u0027 operational guidelines for Industrial Security (Download: \nhttps://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.\nAdditional information on Industrial Security by Siemens can be found at: \nhttps://www.siemens.com/industrialsecurity", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] } ], "scores": [ { "cvss_v3": { "baseScore": 5.9, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] } ], "title": "CVE-2015-3197" }, { "cve": "CVE-2015-4000", "cwe": { "id": "CWE-327", "name": "Use of a Broken or Risky Cryptographic Algorithm" }, "notes": [ { "category": "summary", "text": "The TLS protocol 1.2 and earlier, when a DHE_EXPORT ciphersuite is enabled on a server but not on a client, does not properly convey a DHE_EXPORT choice, which allows man-in-the-middle attackers to conduct cipher-downgrade attacks by rewriting a ClientHello with DHE replaced by DHE_EXPORT and then rewriting a ServerHello with DHE_EXPORT replaced by DHE, aka the \"Logjam\" issue.", "title": "Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] }, "references": [ { "category": "external", "summary": "nvd.nist.gov", "url": "https://nvd.nist.gov/vuln/detail/CVE-2015-4000" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" } ], "remediations": [ { "category": "mitigation", "details": "Restrict access to the affected systems, especially to ports 22/tcp and 443/tcp to trusted IP addresses only", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] }, { "category": "mitigation", "details": "Deactivate the webserver if not required, and if deactivation is supported by the product", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] }, { "category": "vendor_fix", "details": "Update to V3.2.7 or later version", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109814809/" }, { "category": "mitigation", "details": "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens\u0027 operational guidelines for Industrial Security (Download: \nhttps://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.\nAdditional information on Industrial Security by Siemens can be found at: \nhttps://www.siemens.com/industrialsecurity", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] } ], "scores": [ { "cvss_v3": { "baseScore": 3.7, "baseSeverity": "LOW", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] } ], "title": "CVE-2015-4000" }, { "cve": "CVE-2015-5352", "cwe": { "id": "CWE-829", "name": "Inclusion of Functionality from Untrusted Control Sphere" }, "notes": [ { "category": "summary", "text": "The x11_open_helper function in channels.c in ssh in OpenSSH before 6.9, when ForwardX11Trusted mode is not used, lacks a check of the refusal deadline for X connections, which makes it easier for remote attackers to bypass intended access restrictions via a connection outside of the permitted time window.", "title": "Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] }, "references": [ { "category": "external", "summary": "nvd.nist.gov", "url": "https://nvd.nist.gov/vuln/detail/CVE-2015-5352" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" } ], "remediations": [ { "category": "mitigation", "details": "Restrict access to the affected systems, especially to ports 22/tcp and 443/tcp to trusted IP addresses only", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] }, { "category": "mitigation", "details": "Deactivate the webserver if not required, and if deactivation is supported by the product", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] }, { "category": "vendor_fix", "details": "Update to V3.2.7 or later version", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109814809/" }, { "category": "mitigation", "details": "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens\u0027 operational guidelines for Industrial Security (Download: \nhttps://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.\nAdditional information on Industrial Security by Siemens can be found at: \nhttps://www.siemens.com/industrialsecurity", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] } ], "scores": [ { "cvss_v3": { "baseScore": 5.3, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] } ], "title": "CVE-2015-5352" }, { "cve": "CVE-2015-5600", "cwe": { "id": "CWE-799", "name": "Improper Control of Interaction Frequency" }, "notes": [ { "category": "summary", "text": "The kbdint_next_device function in auth2-chall.c in sshd in OpenSSH through 6.9 does not properly restrict the processing of keyboard-interactive devices within a single connection, which makes it easier for remote attackers to conduct brute-force attacks or cause a denial of service (CPU consumption) via a long and duplicative list in the ssh -oKbdInteractiveDevices option, as demonstrated by a modified client that provides a different password for each pam element on this list.", "title": "Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] }, "references": [ { "category": "external", "summary": "nvd.nist.gov", "url": "https://nvd.nist.gov/vuln/detail/CVE-2015-5600" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H" } ], "remediations": [ { "category": "mitigation", "details": "Restrict access to the affected systems, especially to ports 22/tcp and 443/tcp to trusted IP addresses only", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] }, { "category": "mitigation", "details": "Deactivate the webserver if not required, and if deactivation is supported by the product", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] }, { "category": "vendor_fix", "details": "Update to V3.2.7 or later version", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109814809/" }, { "category": "mitigation", "details": "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens\u0027 operational guidelines for Industrial Security (Download: \nhttps://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.\nAdditional information on Industrial Security by Siemens can be found at: \nhttps://www.siemens.com/industrialsecurity", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] } ], "scores": [ { "cvss_v3": { "baseScore": 8.2, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] } ], "title": "CVE-2015-5600" }, { "cve": "CVE-2015-6563", "cwe": { "id": "CWE-20", "name": "Improper Input Validation" }, "notes": [ { "category": "summary", "text": "The monitor component in sshd in OpenSSH before 7.0 on non-OpenBSD platforms accepts extraneous username data in MONITOR_REQ_PAM_INIT_CTX requests, which allows local users to conduct impersonation attacks by leveraging any SSH login access in conjunction with control of the sshd uid to send a crafted MONITOR_REQ_PWNAM request, related to monitor.c and monitor_wrap.c.", "title": "Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] }, "references": [ { "category": "external", "summary": "nvd.nist.gov", "url": "https://nvd.nist.gov/vuln/detail/CVE-2015-6563" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" } ], "remediations": [ { "category": "mitigation", "details": "Restrict access to the affected systems, especially to ports 22/tcp and 443/tcp to trusted IP addresses only", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] }, { "category": "mitigation", "details": "Deactivate the webserver if not required, and if deactivation is supported by the product", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] }, { "category": "vendor_fix", "details": "Update to V3.2.7 or later version", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109814809/" }, { "category": "mitigation", "details": "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens\u0027 operational guidelines for Industrial Security (Download: \nhttps://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.\nAdditional information on Industrial Security by Siemens can be found at: \nhttps://www.siemens.com/industrialsecurity", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] } ], "scores": [ { "cvss_v3": { "baseScore": 2.9, "baseSeverity": "LOW", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] } ], "title": "CVE-2015-6563" }, { "cve": "CVE-2015-6564", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "notes": [ { "category": "summary", "text": "Use-after-free vulnerability in the mm_answer_pam_free_ctx function in monitor.c in sshd in OpenSSH before 7.0 on non-OpenBSD platforms might allow local users to gain privileges by leveraging control of the sshd uid to send an unexpectedly early MONITOR_REQ_PAM_FREE_CTX request.", "title": "Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] }, "references": [ { "category": "external", "summary": "nvd.nist.gov", "url": "https://nvd.nist.gov/vuln/detail/CVE-2015-6564" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "remediations": [ { "category": "mitigation", "details": "Restrict access to the affected systems, especially to ports 22/tcp and 443/tcp to trusted IP addresses only", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] }, { "category": "mitigation", "details": "Deactivate the webserver if not required, and if deactivation is supported by the product", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] }, { "category": "vendor_fix", "details": "Update to V3.2.7 or later version", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109814809/" }, { "category": "mitigation", "details": "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens\u0027 operational guidelines for Industrial Security (Download: \nhttps://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.\nAdditional information on Industrial Security by Siemens can be found at: \nhttps://www.siemens.com/industrialsecurity", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.4, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] } ], "title": "CVE-2015-6564" }, { "cve": "CVE-2015-6565", "cwe": { "id": "CWE-284", "name": "Improper Access Control" }, "notes": [ { "category": "summary", "text": "sshd in OpenSSH 6.8 and 6.9 uses world-writable permissions for TTY devices, which allows local users to cause a denial of service (terminal disruption) or possibly have unspecified other impact by writing to a device, as demonstrated by writing an escape sequence.", "title": "Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] }, "references": [ { "category": "external", "summary": "nvd.nist.gov", "url": "https://nvd.nist.gov/vuln/detail/CVE-2015-6565" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "remediations": [ { "category": "mitigation", "details": "Restrict access to the affected systems, especially to ports 22/tcp and 443/tcp to trusted IP addresses only", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] }, { "category": "mitigation", "details": "Deactivate the webserver if not required, and if deactivation is supported by the product", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] }, { "category": "vendor_fix", "details": "Update to V3.2.7 or later version", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109814809/" }, { "category": "mitigation", "details": "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens\u0027 operational guidelines for Industrial Security (Download: \nhttps://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.\nAdditional information on Industrial Security by Siemens can be found at: \nhttps://www.siemens.com/industrialsecurity", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] } ], "scores": [ { "cvss_v3": { "baseScore": 8.4, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] } ], "title": "CVE-2015-6565" }, { "cve": "CVE-2015-8325", "cwe": { "id": "CWE-426", "name": "Untrusted Search Path" }, "notes": [ { "category": "summary", "text": "The do_setup_env function in session.c in sshd in OpenSSH through 7.2p2, when the UseLogin feature is enabled and PAM is configured to read .pam_environment files in user home directories, allows local users to gain privileges by triggering a crafted environment for the /bin/login program, as demonstrated by an LD_PRELOAD environment variable.", "title": "Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] }, "references": [ { "category": "external", "summary": "nvd.nist.gov", "url": "https://nvd.nist.gov/vuln/detail/CVE-2015-8325" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "remediations": [ { "category": "mitigation", "details": "Restrict access to the affected systems, especially to ports 22/tcp and 443/tcp to trusted IP addresses only", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] }, { "category": "mitigation", "details": "Deactivate the webserver if not required, and if deactivation is supported by the product", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] }, { "category": "vendor_fix", "details": "Update to V3.2.7 or later version", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109814809/" }, { "category": "mitigation", "details": "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens\u0027 operational guidelines for Industrial Security (Download: \nhttps://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.\nAdditional information on Industrial Security by Siemens can be found at: \nhttps://www.siemens.com/industrialsecurity", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C", "version": "3.1" }, "products": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] } ], "title": "CVE-2015-8325" }, { "cve": "CVE-2016-0701", "cwe": { "id": "CWE-200", "name": "Exposure of Sensitive Information to an Unauthorized Actor" }, "notes": [ { "category": "summary", "text": "The DH_check_pub_key function in crypto/dh/dh_check.c in OpenSSL 1.0.2 before 1.0.2f does not ensure that prime numbers are appropriate for Diffie-Hellman (DH) key exchange, which makes it easier for remote attackers to discover a private DH exponent by making multiple handshakes with a peer that chose an inappropriate number, as demonstrated by a number in an X9.42 file.", "title": "Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] }, "references": [ { "category": "external", "summary": "nvd.nist.gov", "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-0701" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N" } ], "remediations": [ { "category": "mitigation", "details": "Restrict access to the affected systems, especially to ports 22/tcp and 443/tcp to trusted IP addresses only", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] }, { "category": "mitigation", "details": "Deactivate the webserver if not required, and if deactivation is supported by the product", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] }, { "category": "vendor_fix", "details": "Update to V3.2.7 or later version", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109814809/" }, { "category": "mitigation", "details": "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens\u0027 operational guidelines for Industrial Security (Download: \nhttps://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.\nAdditional information on Industrial Security by Siemens can be found at: \nhttps://www.siemens.com/industrialsecurity", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] } ], "scores": [ { "cvss_v3": { "baseScore": 3.7, "baseSeverity": "LOW", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] } ], "title": "CVE-2016-0701" }, { "cve": "CVE-2016-0702", "cwe": { "id": "CWE-200", "name": "Exposure of Sensitive Information to an Unauthorized Actor" }, "notes": [ { "category": "summary", "text": "The MOD_EXP_CTIME_COPY_FROM_PREBUF function in crypto/bn/bn_exp.c in OpenSSL 1.0.1 before 1.0.1s and 1.0.2 before 1.0.2g does not properly consider cache-bank access times during modular exponentiation, which makes it easier for local users to discover RSA keys by running a crafted application on the same Intel Sandy Bridge CPU core as a victim and leveraging cache-bank conflicts, aka a \"CacheBleed\" attack.", "title": "Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] }, "references": [ { "category": "external", "summary": "nvd.nist.gov", "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-0702" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" } ], "remediations": [ { "category": "mitigation", "details": "Restrict access to the affected systems, especially to ports 22/tcp and 443/tcp to trusted IP addresses only", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] }, { "category": "mitigation", "details": "Deactivate the webserver if not required, and if deactivation is supported by the product", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] }, { "category": "vendor_fix", "details": "Update to V3.2.7 or later version", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109814809/" }, { "category": "mitigation", "details": "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens\u0027 operational guidelines for Industrial Security (Download: \nhttps://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.\nAdditional information on Industrial Security by Siemens can be found at: \nhttps://www.siemens.com/industrialsecurity", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] } ], "scores": [ { "cvss_v3": { "baseScore": 5.1, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] } ], "title": "CVE-2016-0702" }, { "cve": "CVE-2016-0703", "cwe": { "id": "CWE-200", "name": "Exposure of Sensitive Information to an Unauthorized Actor" }, "notes": [ { "category": "summary", "text": "The get_client_master_key function in s2_srvr.c in the SSLv2 implementation in OpenSSL before 0.9.8zf, 1.0.0 before 1.0.0r, 1.0.1 before 1.0.1m, and 1.0.2 before 1.0.2a accepts a nonzero CLIENT-MASTER-KEY CLEAR-KEY-LENGTH value for an arbitrary cipher, which allows man-in-the-middle attackers to determine the MASTER-KEY value and decrypt TLS ciphertext data by leveraging a Bleichenbacher RSA padding oracle, a related issue to CVE-2016-0800.", "title": "Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] }, "references": [ { "category": "external", "summary": "nvd.nist.gov", "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-0703" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" } ], "remediations": [ { "category": "mitigation", "details": "Restrict access to the affected systems, especially to ports 22/tcp and 443/tcp to trusted IP addresses only", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] }, { "category": "mitigation", "details": "Deactivate the webserver if not required, and if deactivation is supported by the product", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] }, { "category": "vendor_fix", "details": "Update to V3.2.7 or later version", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109814809/" }, { "category": "mitigation", "details": "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens\u0027 operational guidelines for Industrial Security (Download: \nhttps://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.\nAdditional information on Industrial Security by Siemens can be found at: \nhttps://www.siemens.com/industrialsecurity", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] } ], "scores": [ { "cvss_v3": { "baseScore": 5.9, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] } ], "title": "CVE-2016-0703" }, { "cve": "CVE-2016-0704", "cwe": { "id": "CWE-200", "name": "Exposure of Sensitive Information to an Unauthorized Actor" }, "notes": [ { "category": "summary", "text": "An oracle protection mechanism in the get_client_master_key function in s2_srvr.c in the SSLv2 implementation in OpenSSL before 0.9.8zf, 1.0.0 before 1.0.0r, 1.0.1 before 1.0.1m, and 1.0.2 before 1.0.2a overwrites incorrect MASTER-KEY bytes during use of export cipher suites, which makes it easier for remote attackers to decrypt TLS ciphertext data by leveraging a Bleichenbacher RSA padding oracle, a related issue to CVE-2016-0800.", "title": "Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] }, "references": [ { "category": "external", "summary": "nvd.nist.gov", "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-0704" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" } ], "remediations": [ { "category": "mitigation", "details": "Restrict access to the affected systems, especially to ports 22/tcp and 443/tcp to trusted IP addresses only", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] }, { "category": "mitigation", "details": "Deactivate the webserver if not required, and if deactivation is supported by the product", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] }, { "category": "vendor_fix", "details": "Update to V3.2.7 or later version", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109814809/" }, { "category": "mitigation", "details": "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens\u0027 operational guidelines for Industrial Security (Download: \nhttps://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.\nAdditional information on Industrial Security by Siemens can be found at: \nhttps://www.siemens.com/industrialsecurity", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] } ], "scores": [ { "cvss_v3": { "baseScore": 5.9, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] } ], "title": "CVE-2016-0704" }, { "cve": "CVE-2016-0705", "cwe": { "id": "CWE-20", "name": "Improper Input Validation" }, "notes": [ { "category": "summary", "text": "Double free vulnerability in the dsa_priv_decode function in crypto/dsa/dsa_ameth.c in OpenSSL 1.0.1 before 1.0.1s and 1.0.2 before 1.0.2g allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a malformed DSA private key.", "title": "Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] }, "references": [ { "category": "external", "summary": "nvd.nist.gov", "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-0705" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "remediations": [ { "category": "mitigation", "details": "Restrict access to the affected systems, especially to ports 22/tcp and 443/tcp to trusted IP addresses only", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] }, { "category": "mitigation", "details": "Deactivate the webserver if not required, and if deactivation is supported by the product", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] }, { "category": "vendor_fix", "details": "Update to V3.2.7 or later version", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109814809/" }, { "category": "mitigation", "details": "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens\u0027 operational guidelines for Industrial Security (Download: \nhttps://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.\nAdditional information on Industrial Security by Siemens can be found at: \nhttps://www.siemens.com/industrialsecurity", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] } ], "scores": [ { "cvss_v3": { "baseScore": 9.8, "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] } ], "title": "CVE-2016-0705" }, { "cve": "CVE-2016-0777", "cwe": { "id": "CWE-200", "name": "Exposure of Sensitive Information to an Unauthorized Actor" }, "notes": [ { "category": "summary", "text": "The resend_bytes function in roaming_common.c in the client in OpenSSH 5.x, 6.x, and 7.x before 7.1p2 allows remote servers to obtain sensitive information from process memory by requesting transmission of an entire buffer, as demonstrated by reading a private key.", "title": "Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] }, "references": [ { "category": "external", "summary": "nvd.nist.gov", "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-0777" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N" } ], "remediations": [ { "category": "mitigation", "details": "Restrict access to the affected systems, especially to ports 22/tcp and 443/tcp to trusted IP addresses only", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] }, { "category": "mitigation", "details": "Deactivate the webserver if not required, and if deactivation is supported by the product", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] }, { "category": "vendor_fix", "details": "Update to V3.2.7 or later version", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109814809/" }, { "category": "mitigation", "details": "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens\u0027 operational guidelines for Industrial Security (Download: \nhttps://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.\nAdditional information on Industrial Security by Siemens can be found at: \nhttps://www.siemens.com/industrialsecurity", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] } ], "scores": [ { "cvss_v3": { "baseScore": 6.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] } ], "title": "CVE-2016-0777" }, { "cve": "CVE-2016-0778", "cwe": { "id": "CWE-119", "name": "Improper Restriction of Operations within the Bounds of a Memory Buffer" }, "notes": [ { "category": "summary", "text": "The (1) roaming_read and (2) roaming_write functions in roaming_common.c in the client in OpenSSH 5.x, 6.x, and 7.x before 7.1p2, when certain proxy and forward options are enabled, do not properly maintain connection file descriptors, which allows remote servers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact by requesting many forwardings.", "title": "Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] }, "references": [ { "category": "external", "summary": "nvd.nist.gov", "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-0778" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "remediations": [ { "category": "mitigation", "details": "Restrict access to the affected systems, especially to ports 22/tcp and 443/tcp to trusted IP addresses only", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] }, { "category": "mitigation", "details": "Deactivate the webserver if not required, and if deactivation is supported by the product", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] }, { "category": "vendor_fix", "details": "Update to V3.2.7 or later version", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109814809/" }, { "category": "mitigation", "details": "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens\u0027 operational guidelines for Industrial Security (Download: \nhttps://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.\nAdditional information on Industrial Security by Siemens can be found at: \nhttps://www.siemens.com/industrialsecurity", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] } ], "scores": [ { "cvss_v3": { "baseScore": 8.1, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] } ], "title": "CVE-2016-0778" }, { "cve": "CVE-2016-0797", "cwe": { "id": "CWE-20", "name": "Improper Input Validation" }, "notes": [ { "category": "summary", "text": "Multiple integer overflows in OpenSSL 1.0.1 before 1.0.1s and 1.0.2 before 1.0.2g allow remote attackers to cause a denial of service (heap memory corruption or NULL pointer dereference) or possibly have unspecified other impact via a long digit string that is mishandled by the (1) BN_dec2bn or (2) BN_hex2bn function, related to crypto/bn/bn.h and crypto/bn/bn_print.c.", "title": "Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] }, "references": [ { "category": "external", "summary": "nvd.nist.gov", "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-0797" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "remediations": [ { "category": "mitigation", "details": "Restrict access to the affected systems, especially to ports 22/tcp and 443/tcp to trusted IP addresses only", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] }, { "category": "mitigation", "details": "Deactivate the webserver if not required, and if deactivation is supported by the product", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] }, { "category": "vendor_fix", "details": "Update to V3.2.7 or later version", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109814809/" }, { "category": "mitigation", "details": "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens\u0027 operational guidelines for Industrial Security (Download: \nhttps://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.\nAdditional information on Industrial Security by Siemens can be found at: \nhttps://www.siemens.com/industrialsecurity", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.5, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] } ], "title": "CVE-2016-0797" }, { "cve": "CVE-2016-0798", "cwe": { "id": "CWE-401", "name": "Missing Release of Memory after Effective Lifetime" }, "notes": [ { "category": "summary", "text": "Memory leak in the SRP_VBASE_get_by_user implementation in OpenSSL 1.0.1 before 1.0.1s and 1.0.2 before 1.0.2g allows remote attackers to cause a denial of service (memory consumption) by providing an invalid username in a connection attempt, related to apps/s_server.c and crypto/srp/srp_vfy.c.", "title": "Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] }, "references": [ { "category": "external", "summary": "nvd.nist.gov", "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-0798" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "remediations": [ { "category": "mitigation", "details": "Restrict access to the affected systems, especially to ports 22/tcp and 443/tcp to trusted IP addresses only", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] }, { "category": "mitigation", "details": "Deactivate the webserver if not required, and if deactivation is supported by the product", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] }, { "category": "vendor_fix", "details": "Update to V3.2.7 or later version", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109814809/" }, { "category": "mitigation", "details": "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens\u0027 operational guidelines for Industrial Security (Download: \nhttps://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.\nAdditional information on Industrial Security by Siemens can be found at: \nhttps://www.siemens.com/industrialsecurity", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.5, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] } ], "title": "CVE-2016-0798" }, { "cve": "CVE-2016-0799", "cwe": { "id": "CWE-119", "name": "Improper Restriction of Operations within the Bounds of a Memory Buffer" }, "notes": [ { "category": "summary", "text": "The fmtstr function in crypto/bio/b_print.c in OpenSSL 1.0.1 before 1.0.1s and 1.0.2 before 1.0.2g improperly calculates string lengths, which allows remote attackers to cause a denial of service (overflow and out-of-bounds read) or possibly have unspecified other impact via a long string, as demonstrated by a large amount of ASN.1 data, a different vulnerability than CVE-2016-2842.", "title": "Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] }, "references": [ { "category": "external", "summary": "nvd.nist.gov", "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-0799" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "remediations": [ { "category": "mitigation", "details": "Restrict access to the affected systems, especially to ports 22/tcp and 443/tcp to trusted IP addresses only", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] }, { "category": "mitigation", "details": "Deactivate the webserver if not required, and if deactivation is supported by the product", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] }, { "category": "vendor_fix", "details": "Update to V3.2.7 or later version", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109814809/" }, { "category": "mitigation", "details": "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens\u0027 operational guidelines for Industrial Security (Download: \nhttps://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.\nAdditional information on Industrial Security by Siemens can be found at: \nhttps://www.siemens.com/industrialsecurity", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] } ], "scores": [ { "cvss_v3": { "baseScore": 9.8, "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] } ], "title": "CVE-2016-0799" }, { "cve": "CVE-2016-0800", "cwe": { "id": "CWE-787", "name": "Out-of-bounds Write" }, "notes": [ { "category": "summary", "text": "A cross-protocol attack was discovered that could allow an attacker to decrypt intercepted TLS sessions by using a server supporting SSLv2 as a Bleichenbacher RSA padding oracle.\nIn order to exploit the vulnerability, the attacker must have network access to the affected devices and must be in a privileged network position.", "title": "Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] }, "references": [ { "category": "external", "summary": "nvd.nist.gov", "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-0800" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:N/A:N" } ], "remediations": [ { "category": "mitigation", "details": "Restrict access to the affected systems, especially to ports 22/tcp and 443/tcp to trusted IP addresses only", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] }, { "category": "mitigation", "details": "Deactivate the webserver if not required, and if deactivation is supported by the product", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] }, { "category": "vendor_fix", "details": "Update to V3.2.7 or later version", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109814809/" }, { "category": "mitigation", "details": "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens\u0027 operational guidelines for Industrial Security (Download: \nhttps://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.\nAdditional information on Industrial Security by Siemens can be found at: \nhttps://www.siemens.com/industrialsecurity", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] } ], "scores": [ { "cvss_v3": { "baseScore": 4.0, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:N/A:N/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] } ], "title": "CVE-2016-0800" }, { "cve": "CVE-2016-1907", "cwe": { "id": "CWE-119", "name": "Improper Restriction of Operations within the Bounds of a Memory Buffer" }, "notes": [ { "category": "summary", "text": "The ssh_packet_read_poll2 function in packet.c in OpenSSH before 7.1p2 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via crafted network traffic.", "title": "Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] }, "references": [ { "category": "external", "summary": "nvd.nist.gov", "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-1907" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "remediations": [ { "category": "mitigation", "details": "Restrict access to the affected systems, especially to ports 22/tcp and 443/tcp to trusted IP addresses only", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] }, { "category": "mitigation", "details": "Deactivate the webserver if not required, and if deactivation is supported by the product", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] }, { "category": "vendor_fix", "details": "Update to V3.2.7 or later version", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109814809/" }, { "category": "mitigation", "details": "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens\u0027 operational guidelines for Industrial Security (Download: \nhttps://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.\nAdditional information on Industrial Security by Siemens can be found at: \nhttps://www.siemens.com/industrialsecurity", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] } ], "scores": [ { "cvss_v3": { "baseScore": 5.3, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] } ], "title": "CVE-2016-1907" }, { "cve": "CVE-2016-1908", "cwe": { "id": "CWE-287", "name": "Improper Authentication" }, "notes": [ { "category": "summary", "text": "The client in OpenSSH before 7.2 mishandles failed cookie generation for untrusted X11 forwarding and relies on the local X11 server for access-control decisions, which allows remote X11 clients to trigger a fallback and obtain trusted X11 forwarding privileges by leveraging configuration issues on this X11 server, as demonstrated by lack of the SECURITY extension on this X11 server.", "title": "Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] }, "references": [ { "category": "external", "summary": "nvd.nist.gov", "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-1908" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "remediations": [ { "category": "mitigation", "details": "Restrict access to the affected systems, especially to ports 22/tcp and 443/tcp to trusted IP addresses only", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] }, { "category": "mitigation", "details": "Deactivate the webserver if not required, and if deactivation is supported by the product", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] }, { "category": "vendor_fix", "details": "Update to V3.2.7 or later version", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109814809/" }, { "category": "mitigation", "details": "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens\u0027 operational guidelines for Industrial Security (Download: \nhttps://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.\nAdditional information on Industrial Security by Siemens can be found at: \nhttps://www.siemens.com/industrialsecurity", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] } ], "scores": [ { "cvss_v3": { "baseScore": 9.8, "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] } ], "title": "CVE-2016-1908" }, { "cve": "CVE-2016-2105", "cwe": { "id": "CWE-190", "name": "Integer Overflow or Wraparound" }, "notes": [ { "category": "summary", "text": "Integer overflow in the EVP_EncodeUpdate function in crypto/evp/encode.c in OpenSSL before 1.0.1t and 1.0.2 before 1.0.2h allows remote attackers to cause a denial of service (heap memory corruption) via a large amount of binary data.", "title": "Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] }, "references": [ { "category": "external", "summary": "nvd.nist.gov", "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-2105" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "remediations": [ { "category": "mitigation", "details": "Restrict access to the affected systems, especially to ports 22/tcp and 443/tcp to trusted IP addresses only", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] }, { "category": "mitigation", "details": "Deactivate the webserver if not required, and if deactivation is supported by the product", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] }, { "category": "vendor_fix", "details": "Update to V3.2.7 or later version", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109814809/" }, { "category": "mitigation", "details": "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens\u0027 operational guidelines for Industrial Security (Download: \nhttps://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.\nAdditional information on Industrial Security by Siemens can be found at: \nhttps://www.siemens.com/industrialsecurity", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.5, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] } ], "title": "CVE-2016-2105" }, { "cve": "CVE-2016-2106", "cwe": { "id": "CWE-190", "name": "Integer Overflow or Wraparound" }, "notes": [ { "category": "summary", "text": "Integer overflow in the EVP_EncryptUpdate function in crypto/evp/evp_enc.c in OpenSSL before 1.0.1t and 1.0.2 before 1.0.2h allows remote attackers to cause a denial of service (heap memory corruption) via a large amount of data.", "title": "Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] }, "references": [ { "category": "external", "summary": "nvd.nist.gov", "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-2106" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "remediations": [ { "category": "mitigation", "details": "Restrict access to the affected systems, especially to ports 22/tcp and 443/tcp to trusted IP addresses only", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] }, { "category": "mitigation", "details": "Deactivate the webserver if not required, and if deactivation is supported by the product", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] }, { "category": "vendor_fix", "details": "Update to V3.2.7 or later version", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109814809/" }, { "category": "mitigation", "details": "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens\u0027 operational guidelines for Industrial Security (Download: \nhttps://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.\nAdditional information on Industrial Security by Siemens can be found at: \nhttps://www.siemens.com/industrialsecurity", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.5, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] } ], "title": "CVE-2016-2106" }, { "cve": "CVE-2016-2107", "cwe": { "id": "CWE-200", "name": "Exposure of Sensitive Information to an Unauthorized Actor" }, "notes": [ { "category": "summary", "text": "The AES-NI implementation in OpenSSL before 1.0.1t and 1.0.2 before 1.0.2h does not consider memory allocation during a certain padding check, which allows remote attackers to obtain sensitive cleartext information via a padding-oracle attack against an AES CBC session. NOTE: this vulnerability exists because of an incorrect fix for CVE-2013-0169.", "title": "Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] }, "remediations": [ { "category": "mitigation", "details": "Restrict access to the affected systems, especially to ports 22/tcp and 443/tcp to trusted IP addresses only", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] }, { "category": "mitigation", "details": "Deactivate the webserver if not required, and if deactivation is supported by the product", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] }, { "category": "vendor_fix", "details": "Update to V3.2.7 or later version", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109814809/" }, { "category": "mitigation", "details": "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens\u0027 operational guidelines for Industrial Security (Download: \nhttps://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.\nAdditional information on Industrial Security by Siemens can be found at: \nhttps://www.siemens.com/industrialsecurity", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] } ], "scores": [ { "cvss_v3": { "baseScore": 5.9, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] } ], "title": "CVE-2016-2107" }, { "cve": "CVE-2016-2108", "cwe": { "id": "CWE-119", "name": "Improper Restriction of Operations within the Bounds of a Memory Buffer" }, "notes": [ { "category": "summary", "text": "The ASN.1 implementation in OpenSSL before 1.0.1o and 1.0.2 before 1.0.2c allows remote attackers to execute arbitrary code or cause a denial of service (buffer underflow and memory corruption) via an ANY field in crafted serialized data, aka the \"negative zero\" issue.", "title": "Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] }, "references": [ { "category": "external", "summary": "nvd.nist.gov", "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-2108" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "remediations": [ { "category": "mitigation", "details": "Restrict access to the affected systems, especially to ports 22/tcp and 443/tcp to trusted IP addresses only", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] }, { "category": "mitigation", "details": "Deactivate the webserver if not required, and if deactivation is supported by the product", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] }, { "category": "vendor_fix", "details": "Update to V3.2.7 or later version", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109814809/" }, { "category": "mitigation", "details": "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens\u0027 operational guidelines for Industrial Security (Download: \nhttps://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.\nAdditional information on Industrial Security by Siemens can be found at: \nhttps://www.siemens.com/industrialsecurity", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] } ], "scores": [ { "cvss_v3": { "baseScore": 9.8, "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] } ], "title": "CVE-2016-2108" }, { "cve": "CVE-2016-2109", "cwe": { "id": "CWE-327", "name": "Use of a Broken or Risky Cryptographic Algorithm" }, "notes": [ { "category": "summary", "text": "The asn1_d2i_read_bio function in crypto/asn1/a_d2i_fp.c in the ASN.1 BIO implementation in OpenSSL before 1.0.1t and 1.0.2 before 1.0.2h allows remote attackers to cause a denial of service (memory consumption) via a short invalid encoding.", "title": "Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] }, "references": [ { "category": "external", "summary": "nvd.nist.gov", "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-2109" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "remediations": [ { "category": "mitigation", "details": "Restrict access to the affected systems, especially to ports 22/tcp and 443/tcp to trusted IP addresses only", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] }, { "category": "mitigation", "details": "Deactivate the webserver if not required, and if deactivation is supported by the product", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] }, { "category": "vendor_fix", "details": "Update to V3.2.7 or later version", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109814809/" }, { "category": "mitigation", "details": "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens\u0027 operational guidelines for Industrial Security (Download: \nhttps://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.\nAdditional information on Industrial Security by Siemens can be found at: \nhttps://www.siemens.com/industrialsecurity", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.5, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] } ], "title": "CVE-2016-2109" }, { "cve": "CVE-2016-2176", "cwe": { "id": "CWE-119", "name": "Improper Restriction of Operations within the Bounds of a Memory Buffer" }, "notes": [ { "category": "summary", "text": "The X509_NAME_oneline function in crypto/x509/x509_obj.c in OpenSSL before 1.0.1t and 1.0.2 before 1.0.2h allows remote attackers to obtain sensitive information from process stack memory or cause a denial of service (buffer over-read) via crafted EBCDIC ASN.1 data.", "title": "Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] }, "references": [ { "category": "external", "summary": "nvd.nist.gov", "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-2176" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H" } ], "remediations": [ { "category": "mitigation", "details": "Restrict access to the affected systems, especially to ports 22/tcp and 443/tcp to trusted IP addresses only", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] }, { "category": "mitigation", "details": "Deactivate the webserver if not required, and if deactivation is supported by the product", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] }, { "category": "vendor_fix", "details": "Update to V3.2.7 or later version", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109814809/" }, { "category": "mitigation", "details": "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens\u0027 operational guidelines for Industrial Security (Download: \nhttps://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.\nAdditional information on Industrial Security by Siemens can be found at: \nhttps://www.siemens.com/industrialsecurity", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] } ], "scores": [ { "cvss_v3": { "baseScore": 8.2, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] } ], "title": "CVE-2016-2176" }, { "cve": "CVE-2016-2177", "cwe": { "id": "CWE-190", "name": "Integer Overflow or Wraparound" }, "notes": [ { "category": "summary", "text": "OpenSSL through 1.0.2h incorrectly uses pointer arithmetic for heap-buffer boundary checks, which might allow remote attackers to cause a denial of service (integer overflow and application crash) or possibly have unspecified other impact by leveraging unexpected malloc behavior, related to s3_srvr.c, ssl_sess.c, and t1_lib.c.", "title": "Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] }, "references": [ { "category": "external", "summary": "nvd.nist.gov", "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-2177" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "remediations": [ { "category": "mitigation", "details": "Restrict access to the affected systems, especially to ports 22/tcp and 443/tcp to trusted IP addresses only", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] }, { "category": "mitigation", "details": "Deactivate the webserver if not required, and if deactivation is supported by the product", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] }, { "category": "vendor_fix", "details": "Update to V3.2.7 or later version", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109814809/" }, { "category": "mitigation", "details": "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens\u0027 operational guidelines for Industrial Security (Download: \nhttps://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.\nAdditional information on Industrial Security by Siemens can be found at: \nhttps://www.siemens.com/industrialsecurity", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] } ], "scores": [ { "cvss_v3": { "baseScore": 9.8, "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] } ], "title": "CVE-2016-2177" }, { "cve": "CVE-2016-2178", "cwe": { "id": "CWE-203", "name": "Observable Discrepancy" }, "notes": [ { "category": "summary", "text": "The dsa_sign_setup function in crypto/dsa/dsa_ossl.c in OpenSSL through 1.0.2h does not properly ensure the use of constant-time operations, which makes it easier for local users to discover a DSA private key via a timing side-channel attack.", "title": "Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] }, "references": [ { "category": "external", "summary": "nvd.nist.gov", "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-2178" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N" } ], "remediations": [ { "category": "mitigation", "details": "Restrict access to the affected systems, especially to ports 22/tcp and 443/tcp to trusted IP addresses only", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] }, { "category": "mitigation", "details": "Deactivate the webserver if not required, and if deactivation is supported by the product", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] }, { "category": "vendor_fix", "details": "Update to V3.2.7 or later version", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109814809/" }, { "category": "mitigation", "details": "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens\u0027 operational guidelines for Industrial Security (Download: \nhttps://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.\nAdditional information on Industrial Security by Siemens can be found at: \nhttps://www.siemens.com/industrialsecurity", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] } ], "scores": [ { "cvss_v3": { "baseScore": 5.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] } ], "title": "CVE-2016-2178" }, { "cve": "CVE-2016-2179", "cwe": { "id": "CWE-401", "name": "Missing Release of Memory after Effective Lifetime" }, "notes": [ { "category": "summary", "text": "The DTLS implementation in OpenSSL before 1.1.0 does not properly restrict the lifetime of queue entries associated with unused out-of-order messages, which allows remote attackers to cause a denial of service (memory consumption) by maintaining many crafted DTLS sessions simultaneously, related to d1_lib.c, statem_dtls.c, statem_lib.c, and statem_srvr.c.", "title": "Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] }, "references": [ { "category": "external", "summary": "nvd.nist.gov", "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-2179" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "remediations": [ { "category": "mitigation", "details": "Restrict access to the affected systems, especially to ports 22/tcp and 443/tcp to trusted IP addresses only", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] }, { "category": "mitigation", "details": "Deactivate the webserver if not required, and if deactivation is supported by the product", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] }, { "category": "vendor_fix", "details": "Update to V3.2.7 or later version", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109814809/" }, { "category": "mitigation", "details": "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens\u0027 operational guidelines for Industrial Security (Download: \nhttps://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.\nAdditional information on Industrial Security by Siemens can be found at: \nhttps://www.siemens.com/industrialsecurity", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.5, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] } ], "title": "CVE-2016-2179" }, { "cve": "CVE-2016-2180", "cwe": { "id": "CWE-125", "name": "Out-of-bounds Read" }, "notes": [ { "category": "summary", "text": "The TS_OBJ_print_bio function in crypto/ts/ts_lib.c in the X.509 Public Key Infrastructure Time-Stamp Protocol (TSP) implementation in OpenSSL through 1.0.2h allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted time-stamp file that is mishandled by the \"openssl ts\" command.", "title": "Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] }, "references": [ { "category": "external", "summary": "nvd.nist.gov", "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-2180" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "remediations": [ { "category": "mitigation", "details": "Restrict access to the affected systems, especially to ports 22/tcp and 443/tcp to trusted IP addresses only", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] }, { "category": "mitigation", "details": "Deactivate the webserver if not required, and if deactivation is supported by the product", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] }, { "category": "vendor_fix", "details": "Update to V3.2.7 or later version", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109814809/" }, { "category": "mitigation", "details": "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens\u0027 operational guidelines for Industrial Security (Download: \nhttps://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.\nAdditional information on Industrial Security by Siemens can be found at: \nhttps://www.siemens.com/industrialsecurity", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.5, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] } ], "title": "CVE-2016-2180" }, { "cve": "CVE-2016-2181", "cwe": { "id": "CWE-682", "name": "Incorrect Calculation" }, "notes": [ { "category": "summary", "text": "The Anti-Replay feature in the DTLS implementation in OpenSSL before 1.1.0 mishandles early use of a new epoch number in conjunction with a large sequence number, which allows remote attackers to cause a denial of service (false-positive packet drops) via spoofed DTLS records, related to rec_layer_d1.c and ssl3_record.c.", "title": "Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] }, "references": [ { "category": "external", "summary": "nvd.nist.gov", "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-2181" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "remediations": [ { "category": "mitigation", "details": "Restrict access to the affected systems, especially to ports 22/tcp and 443/tcp to trusted IP addresses only", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] }, { "category": "mitigation", "details": "Deactivate the webserver if not required, and if deactivation is supported by the product", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] }, { "category": "vendor_fix", "details": "Update to V3.2.7 or later version", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109814809/" }, { "category": "mitigation", "details": "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens\u0027 operational guidelines for Industrial Security (Download: \nhttps://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.\nAdditional information on Industrial Security by Siemens can be found at: \nhttps://www.siemens.com/industrialsecurity", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.5, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] } ], "title": "CVE-2016-2181" }, { "cve": "CVE-2016-2182", "cwe": { "id": "CWE-787", "name": "Out-of-bounds Write" }, "notes": [ { "category": "summary", "text": "The BN_bn2dec function in crypto/bn/bn_print.c in OpenSSL before 1.1.0 does not properly validate division results, which allows remote attackers to cause a denial of service (out-of-bounds write and application crash) or possibly have unspecified other impact via unknown vectors.", "title": "Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] }, "references": [ { "category": "external", "summary": "nvd.nist.gov", "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-2182" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "remediations": [ { "category": "mitigation", "details": "Restrict access to the affected systems, especially to ports 22/tcp and 443/tcp to trusted IP addresses only", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] }, { "category": "mitigation", "details": "Deactivate the webserver if not required, and if deactivation is supported by the product", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] }, { "category": "vendor_fix", "details": "Update to V3.2.7 or later version", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109814809/" }, { "category": "mitigation", "details": "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens\u0027 operational guidelines for Industrial Security (Download: \nhttps://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.\nAdditional information on Industrial Security by Siemens can be found at: \nhttps://www.siemens.com/industrialsecurity", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] } ], "scores": [ { "cvss_v3": { "baseScore": 9.8, "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] } ], "title": "CVE-2016-2182" }, { "cve": "CVE-2016-2183", "cwe": { "id": "CWE-200", "name": "Exposure of Sensitive Information to an Unauthorized Actor" }, "notes": [ { "category": "summary", "text": "The DES and Triple DES ciphers, as used in the TLS, SSH, and IPSec protocols and other protocols and products, have a birthday bound of approximately four billion blocks, which makes it easier for remote attackers to obtain cleartext data via a birthday attack against a long-duration encrypted session, as demonstrated by an HTTPS session using Triple DES in CBC mode, aka a \"Sweet32\" attack.", "title": "Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] }, "references": [ { "category": "external", "summary": "nvd.nist.gov", "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-2183" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" } ], "remediations": [ { "category": "mitigation", "details": "Restrict access to the affected systems, especially to ports 22/tcp and 443/tcp to trusted IP addresses only", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] }, { "category": "mitigation", "details": "Deactivate the webserver if not required, and if deactivation is supported by the product", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] }, { "category": "vendor_fix", "details": "Update to V3.2.7 or later version", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109814809/" }, { "category": "mitigation", "details": "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens\u0027 operational guidelines for Industrial Security (Download: \nhttps://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.\nAdditional information on Industrial Security by Siemens can be found at: \nhttps://www.siemens.com/industrialsecurity", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.5, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] } ], "title": "CVE-2016-2183" }, { "cve": "CVE-2016-6210", "cwe": { "id": "CWE-200", "name": "Exposure of Sensitive Information to an Unauthorized Actor" }, "notes": [ { "category": "summary", "text": "sshd in OpenSSH before 7.3, when SHA256 or SHA512 are used for user password hashing, uses BLOWFISH hashing on a static password when the username does not exist, which allows remote attackers to enumerate users by leveraging the timing difference between responses when a large password is provided.", "title": "Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] }, "references": [ { "category": "external", "summary": "nvd.nist.gov", "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-6210" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" } ], "remediations": [ { "category": "mitigation", "details": "Restrict access to the affected systems, especially to ports 22/tcp and 443/tcp to trusted IP addresses only", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] }, { "category": "mitigation", "details": "Deactivate the webserver if not required, and if deactivation is supported by the product", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] }, { "category": "vendor_fix", "details": "Update to V3.2.7 or later version", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109814809/" }, { "category": "mitigation", "details": "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens\u0027 operational guidelines for Industrial Security (Download: \nhttps://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.\nAdditional information on Industrial Security by Siemens can be found at: \nhttps://www.siemens.com/industrialsecurity", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] } ], "scores": [ { "cvss_v3": { "baseScore": 5.9, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] } ], "title": "CVE-2016-6210" }, { "cve": "CVE-2016-6302", "cwe": { "id": "CWE-20", "name": "Improper Input Validation" }, "notes": [ { "category": "summary", "text": "The tls_decrypt_ticket function in ssl/t1_lib.c in OpenSSL before 1.1.0 does not consider the HMAC size during validation of the ticket length, which allows remote attackers to cause a denial of service via a ticket that is too short.", "title": "Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] }, "references": [ { "category": "external", "summary": "nvd.nist.gov", "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-6302" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "remediations": [ { "category": "mitigation", "details": "Restrict access to the affected systems, especially to ports 22/tcp and 443/tcp to trusted IP addresses only", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] }, { "category": "mitigation", "details": "Deactivate the webserver if not required, and if deactivation is supported by the product", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] }, { "category": "vendor_fix", "details": "Update to V3.2.7 or later version", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109814809/" }, { "category": "mitigation", "details": "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens\u0027 operational guidelines for Industrial Security (Download: \nhttps://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.\nAdditional information on Industrial Security by Siemens can be found at: \nhttps://www.siemens.com/industrialsecurity", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.5, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] } ], "title": "CVE-2016-6302" }, { "cve": "CVE-2016-6303", "cwe": { "id": "CWE-787", "name": "Out-of-bounds Write" }, "notes": [ { "category": "summary", "text": "Integer overflow in the MDC2_Update function in crypto/mdc2/mdc2dgst.c in OpenSSL before 1.1.0 allows remote attackers to cause a denial of service (out-of-bounds write and application crash) or possibly have unspecified other impact via unknown vectors.", "title": "Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] }, "references": [ { "category": "external", "summary": "nvd.nist.gov", "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-6303" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "remediations": [ { "category": "mitigation", "details": "Restrict access to the affected systems, especially to ports 22/tcp and 443/tcp to trusted IP addresses only", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] }, { "category": "mitigation", "details": "Deactivate the webserver if not required, and if deactivation is supported by the product", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] }, { "category": "vendor_fix", "details": "Update to V3.2.7 or later version", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109814809/" }, { "category": "mitigation", "details": "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens\u0027 operational guidelines for Industrial Security (Download: \nhttps://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.\nAdditional information on Industrial Security by Siemens can be found at: \nhttps://www.siemens.com/industrialsecurity", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] } ], "scores": [ { "cvss_v3": { "baseScore": 9.8, "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] } ], "title": "CVE-2016-6303" }, { "cve": "CVE-2016-6304", "cwe": { "id": "CWE-401", "name": "Missing Release of Memory after Effective Lifetime" }, "notes": [ { "category": "summary", "text": "Multiple memory leaks in t1_lib.c in OpenSSL before 1.0.1u, 1.0.2 before 1.0.2i, and 1.1.0 before 1.1.0a allow remote attackers to cause a denial of service (memory consumption) via large OCSP Status Request extensions.", "title": "Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] }, "references": [ { "category": "external", "summary": "nvd.nist.gov", "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-6304" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "remediations": [ { "category": "mitigation", "details": "Restrict access to the affected systems, especially to ports 22/tcp and 443/tcp to trusted IP addresses only", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] }, { "category": "mitigation", "details": "Deactivate the webserver if not required, and if deactivation is supported by the product", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] }, { "category": "vendor_fix", "details": "Update to V3.2.7 or later version", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109814809/" }, { "category": "mitigation", "details": "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens\u0027 operational guidelines for Industrial Security (Download: \nhttps://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.\nAdditional information on Industrial Security by Siemens can be found at: \nhttps://www.siemens.com/industrialsecurity", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.5, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] } ], "title": "CVE-2016-6304" }, { "cve": "CVE-2016-6305", "cwe": { "id": "CWE-20", "name": "Improper Input Validation" }, "notes": [ { "category": "summary", "text": "The ssl3_read_bytes function in record/rec_layer_s3.c in OpenSSL 1.1.0 before 1.1.0a allows remote attackers to cause a denial of service (infinite loop) by triggering a zero-length record in an SSL_peek call.", "title": "Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] }, "references": [ { "category": "external", "summary": "nvd.nist.gov", "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-6305" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "remediations": [ { "category": "mitigation", "details": "Restrict access to the affected systems, especially to ports 22/tcp and 443/tcp to trusted IP addresses only", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] }, { "category": "mitigation", "details": "Deactivate the webserver if not required, and if deactivation is supported by the product", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] }, { "category": "vendor_fix", "details": "Update to V3.2.7 or later version", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109814809/" }, { "category": "mitigation", "details": "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens\u0027 operational guidelines for Industrial Security (Download: \nhttps://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.\nAdditional information on Industrial Security by Siemens can be found at: \nhttps://www.siemens.com/industrialsecurity", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.5, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] } ], "title": "CVE-2016-6305" }, { "cve": "CVE-2016-6306", "cwe": { "id": "CWE-125", "name": "Out-of-bounds Read" }, "notes": [ { "category": "summary", "text": "The certificate parser in OpenSSL before 1.0.1u and 1.0.2 before 1.0.2i might allow remote attackers to cause a denial of service (out-of-bounds read) via crafted certificate operations, related to s3_clnt.c and s3_srvr.c.", "title": "Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] }, "references": [ { "category": "external", "summary": "nvd.nist.gov", "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-6306" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "remediations": [ { "category": "mitigation", "details": "Restrict access to the affected systems, especially to ports 22/tcp and 443/tcp to trusted IP addresses only", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] }, { "category": "mitigation", "details": "Deactivate the webserver if not required, and if deactivation is supported by the product", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] }, { "category": "vendor_fix", "details": "Update to V3.2.7 or later version", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109814809/" }, { "category": "mitigation", "details": "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens\u0027 operational guidelines for Industrial Security (Download: \nhttps://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.\nAdditional information on Industrial Security by Siemens can be found at: \nhttps://www.siemens.com/industrialsecurity", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] } ], "scores": [ { "cvss_v3": { "baseScore": 5.9, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] } ], "title": "CVE-2016-6306" }, { "cve": "CVE-2016-6307", "cwe": { "id": "CWE-400", "name": "Uncontrolled Resource Consumption" }, "notes": [ { "category": "summary", "text": "The state-machine implementation in OpenSSL 1.1.0 before 1.1.0a allocates memory before checking for an excessive length, which might allow remote attackers to cause a denial of service (memory consumption) via crafted TLS messages, related to statem/statem.c and statem/statem_lib.c.", "title": "Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] }, "references": [ { "category": "external", "summary": "nvd.nist.gov", "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-6307" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "remediations": [ { "category": "mitigation", "details": "Restrict access to the affected systems, especially to ports 22/tcp and 443/tcp to trusted IP addresses only", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] }, { "category": "mitigation", "details": "Deactivate the webserver if not required, and if deactivation is supported by the product", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] }, { "category": "vendor_fix", "details": "Update to V3.2.7 or later version", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109814809/" }, { "category": "mitigation", "details": "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens\u0027 operational guidelines for Industrial Security (Download: \nhttps://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.\nAdditional information on Industrial Security by Siemens can be found at: \nhttps://www.siemens.com/industrialsecurity", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] } ], "scores": [ { "cvss_v3": { "baseScore": 5.9, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] } ], "title": "CVE-2016-6307" }, { "cve": "CVE-2016-6308", "cwe": { "id": "CWE-130", "name": "Improper Handling of Length Parameter Inconsistency" }, "notes": [ { "category": "summary", "text": "statem/statem_dtls.c in the DTLS implementation in OpenSSL 1.1.0 before 1.1.0a allocates memory before checking for an excessive length, which might allow remote attackers to cause a denial of service (memory consumption) via crafted DTLS messages.", "title": "Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] }, "references": [ { "category": "external", "summary": "nvd.nist.gov", "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-6308" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "remediations": [ { "category": "mitigation", "details": "Restrict access to the affected systems, especially to ports 22/tcp and 443/tcp to trusted IP addresses only", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] }, { "category": "mitigation", "details": "Deactivate the webserver if not required, and if deactivation is supported by the product", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] }, { "category": "vendor_fix", "details": "Update to V3.2.7 or later version", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109814809/" }, { "category": "mitigation", "details": "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens\u0027 operational guidelines for Industrial Security (Download: \nhttps://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.\nAdditional information on Industrial Security by Siemens can be found at: \nhttps://www.siemens.com/industrialsecurity", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] } ], "scores": [ { "cvss_v3": { "baseScore": 5.9, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] } ], "title": "CVE-2016-6308" }, { "cve": "CVE-2016-6515", "cwe": { "id": "CWE-20", "name": "Improper Input Validation" }, "notes": [ { "category": "summary", "text": "The auth_password function in auth-passwd.c in sshd in OpenSSH before 7.3 does not limit password lengths for password authentication, which allows remote attackers to cause a denial of service (crypt CPU consumption) via a long string.", "title": "Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] }, "references": [ { "category": "external", "summary": "nvd.nist.gov", "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-6515" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "remediations": [ { "category": "mitigation", "details": "Restrict access to the affected systems, especially to ports 22/tcp and 443/tcp to trusted IP addresses only", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] }, { "category": "mitigation", "details": "Deactivate the webserver if not required, and if deactivation is supported by the product", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] }, { "category": "vendor_fix", "details": "Update to V3.2.7 or later version", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109814809/" }, { "category": "mitigation", "details": "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens\u0027 operational guidelines for Industrial Security (Download: \nhttps://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.\nAdditional information on Industrial Security by Siemens can be found at: \nhttps://www.siemens.com/industrialsecurity", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.5, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] } ], "title": "CVE-2016-6515" }, { "cve": "CVE-2016-8858", "cwe": { "id": "CWE-401", "name": "Missing Release of Memory after Effective Lifetime" }, "notes": [ { "category": "summary", "text": "** DISPUTED ** The kex_input_kexinit function in kex.c in OpenSSH 6.x and 7.x through 7.3 allows remote attackers to cause a denial of service (memory consumption) by sending many duplicate KEXINIT requests. NOTE: a third party reports that \"OpenSSH upstream does not consider this as a security issue.\"", "title": "Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] }, "remediations": [ { "category": "mitigation", "details": "Restrict access to the affected systems, especially to ports 22/tcp and 443/tcp to trusted IP addresses only", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] }, { "category": "mitigation", "details": "Deactivate the webserver if not required, and if deactivation is supported by the product", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] }, { "category": "vendor_fix", "details": "Update to V3.2.7 or later version", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109814809/" }, { "category": "mitigation", "details": "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens\u0027 operational guidelines for Industrial Security (Download: \nhttps://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.\nAdditional information on Industrial Security by Siemens can be found at: \nhttps://www.siemens.com/industrialsecurity", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.5, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] } ], "title": "CVE-2016-8858" }, { "cve": "CVE-2016-10009", "cwe": { "id": "CWE-426", "name": "Untrusted Search Path" }, "notes": [ { "category": "summary", "text": "Untrusted search path vulnerability in ssh-agent.c in ssh-agent in OpenSSH before 7.4 allows remote attackers to execute arbitrary local PKCS#11 modules by leveraging control over a forwarded agent-socket.", "title": "Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] }, "references": [ { "category": "external", "summary": "nvd.nist.gov", "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-10009" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L" } ], "remediations": [ { "category": "mitigation", "details": "Restrict access to the affected systems, especially to ports 22/tcp and 443/tcp to trusted IP addresses only", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] }, { "category": "mitigation", "details": "Deactivate the webserver if not required, and if deactivation is supported by the product", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] }, { "category": "vendor_fix", "details": "Update to V3.2.7 or later version", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109814809/" }, { "category": "mitigation", "details": "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens\u0027 operational guidelines for Industrial Security (Download: \nhttps://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.\nAdditional information on Industrial Security by Siemens can be found at: \nhttps://www.siemens.com/industrialsecurity", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.3, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:U/RL:O/RC:C", "version": "3.1" }, "products": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] } ], "title": "CVE-2016-10009" }, { "cve": "CVE-2016-10010", "cwe": { "id": "CWE-284", "name": "Improper Access Control" }, "notes": [ { "category": "summary", "text": "sshd in OpenSSH before 7.4, when privilege separation is not used, creates forwarded Unix-domain sockets as root, which might allow local users to gain privileges via unspecified vectors, related to serverloop.c.", "title": "Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] }, "references": [ { "category": "external", "summary": "nvd.nist.gov", "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-10010" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "remediations": [ { "category": "mitigation", "details": "Restrict access to the affected systems, especially to ports 22/tcp and 443/tcp to trusted IP addresses only", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] }, { "category": "mitigation", "details": "Deactivate the webserver if not required, and if deactivation is supported by the product", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] }, { "category": "vendor_fix", "details": "Update to V3.2.7 or later version", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109814809/" }, { "category": "mitigation", "details": "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens\u0027 operational guidelines for Industrial Security (Download: \nhttps://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.\nAdditional information on Industrial Security by Siemens can be found at: \nhttps://www.siemens.com/industrialsecurity", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.0, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C", "version": "3.1" }, "products": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] } ], "title": "CVE-2016-10010" }, { "cve": "CVE-2016-10011", "cwe": { "id": "CWE-244", "name": "Improper Clearing of Heap Memory Before Release (\u0027Heap Inspection\u0027)" }, "notes": [ { "category": "summary", "text": "authfile.c in sshd in OpenSSH before 7.4 does not properly consider the effects of realloc on buffer contents, which might allow local users to obtain sensitive private-key information by leveraging access to a privilege-separated child process.", "title": "Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] }, "references": [ { "category": "external", "summary": "nvd.nist.gov", "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-10011" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N" } ], "remediations": [ { "category": "mitigation", "details": "Restrict access to the affected systems, especially to ports 22/tcp and 443/tcp to trusted IP addresses only", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] }, { "category": "mitigation", "details": "Deactivate the webserver if not required, and if deactivation is supported by the product", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] }, { "category": "vendor_fix", "details": "Update to V3.2.7 or later version", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109814809/" }, { "category": "mitigation", "details": "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens\u0027 operational guidelines for Industrial Security (Download: \nhttps://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.\nAdditional information on Industrial Security by Siemens can be found at: \nhttps://www.siemens.com/industrialsecurity", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] } ], "scores": [ { "cvss_v3": { "baseScore": 5.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C", "version": "3.1" }, "products": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] } ], "title": "CVE-2016-10011" }, { "cve": "CVE-2016-10012", "cwe": { "id": "CWE-119", "name": "Improper Restriction of Operations within the Bounds of a Memory Buffer" }, "notes": [ { "category": "summary", "text": "The shared memory manager (associated with pre-authentication compression) in sshd in OpenSSH before 7.4 does not ensure that a bounds check is enforced by all compilers, which might allows local users to gain privileges by leveraging access to a sandboxed privilege-separation process, related to the m_zback and m_zlib data structures.", "title": "Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] }, "references": [ { "category": "external", "summary": "nvd.nist.gov", "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-10012" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "remediations": [ { "category": "mitigation", "details": "Restrict access to the affected systems, especially to ports 22/tcp and 443/tcp to trusted IP addresses only", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] }, { "category": "mitigation", "details": "Deactivate the webserver if not required, and if deactivation is supported by the product", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] }, { "category": "vendor_fix", "details": "Update to V3.2.7 or later version", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109814809/" }, { "category": "mitigation", "details": "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens\u0027 operational guidelines for Industrial Security (Download: \nhttps://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.\nAdditional information on Industrial Security by Siemens can be found at: \nhttps://www.siemens.com/industrialsecurity", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C", "version": "3.1" }, "products": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] } ], "title": "CVE-2016-10012" }, { "cve": "CVE-2017-3735", "cwe": { "id": "CWE-119", "name": "Improper Restriction of Operations within the Bounds of a Memory Buffer" }, "notes": [ { "category": "summary", "text": "While parsing an IPAddressFamily extension in an X.509 certificate, it is possible to do a one-byte overread. This would result in an incorrect text display of the certificate. This bug has been present since 2006 and is present in all versions of OpenSSL before 1.0.2m and 1.1.0g.", "title": "Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] }, "references": [ { "category": "external", "summary": "nvd.nist.gov", "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-3735" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" } ], "remediations": [ { "category": "mitigation", "details": "Restrict access to the affected systems, especially to ports 22/tcp and 443/tcp to trusted IP addresses only", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] }, { "category": "mitigation", "details": "Deactivate the webserver if not required, and if deactivation is supported by the product", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] }, { "category": "vendor_fix", "details": "Update to V3.2.7 or later version", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109814809/" }, { "category": "mitigation", "details": "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens\u0027 operational guidelines for Industrial Security (Download: \nhttps://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.\nAdditional information on Industrial Security by Siemens can be found at: \nhttps://www.siemens.com/industrialsecurity", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] } ], "scores": [ { "cvss_v3": { "baseScore": 5.3, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] } ], "title": "CVE-2017-3735" }, { "cve": "CVE-2017-15906", "cwe": { "id": "CWE-732", "name": "Incorrect Permission Assignment for Critical Resource" }, "notes": [ { "category": "summary", "text": "The process_open function in sftp-server.c in OpenSSH before 7.6 does not properly prevent write operations in readonly mode, which allows attackers to create zero-length files.", "title": "Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] }, "references": [ { "category": "external", "summary": "nvd.nist.gov", "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-15906" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" } ], "remediations": [ { "category": "mitigation", "details": "Restrict access to the affected systems, especially to ports 22/tcp and 443/tcp to trusted IP addresses only", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] }, { "category": "mitigation", "details": "Deactivate the webserver if not required, and if deactivation is supported by the product", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] }, { "category": "vendor_fix", "details": "Update to V3.2.7 or later version", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109814809/" }, { "category": "mitigation", "details": "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens\u0027 operational guidelines for Industrial Security (Download: \nhttps://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.\nAdditional information on Industrial Security by Siemens can be found at: \nhttps://www.siemens.com/industrialsecurity", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] } ], "scores": [ { "cvss_v3": { "baseScore": 5.3, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N/E:U/RL:O/RC:C", "version": "3.1" }, "products": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] } ], "title": "CVE-2017-15906" }, { "cve": "CVE-2018-15473", "cwe": { "id": "CWE-362", "name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)" }, "notes": [ { "category": "summary", "text": "OpenSSH through 7.7 is prone to a user enumeration vulnerability due to not delaying bailout for an invalid authenticating user until after the packet containing the request has been fully parsed, related to auth2-gss.c, auth2-hostbased.c, and auth2-pubkey.c.", "title": "Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] }, "references": [ { "category": "external", "summary": "nvd.nist.gov", "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-15473" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" } ], "remediations": [ { "category": "mitigation", "details": "Restrict access to the affected systems, especially to ports 22/tcp and 443/tcp to trusted IP addresses only", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] }, { "category": "mitigation", "details": "Deactivate the webserver if not required, and if deactivation is supported by the product", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] }, { "category": "vendor_fix", "details": "Update to V3.2.7 or later version", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109814809/" }, { "category": "mitigation", "details": "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens\u0027 operational guidelines for Industrial Security (Download: \nhttps://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.\nAdditional information on Industrial Security by Siemens can be found at: \nhttps://www.siemens.com/industrialsecurity", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] } ], "scores": [ { "cvss_v3": { "baseScore": 5.3, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C", "version": "3.1" }, "products": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] } ], "title": "CVE-2018-15473" }, { "cve": "CVE-2018-20685", "cwe": { "id": "CWE-863", "name": "Incorrect Authorization" }, "notes": [ { "category": "summary", "text": "In OpenSSH 7.9, scp.c in the scp client allows remote SSH servers to bypass intended access restrictions via the filename of . or an empty filename. The impact is modifying the permissions of the target directory on the client side.", "title": "Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] }, "references": [ { "category": "external", "summary": "nvd.nist.gov", "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-20685" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N" } ], "remediations": [ { "category": "mitigation", "details": "Restrict access to the affected systems, especially to ports 22/tcp and 443/tcp to trusted IP addresses only", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] }, { "category": "mitigation", "details": "Deactivate the webserver if not required, and if deactivation is supported by the product", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] }, { "category": "vendor_fix", "details": "Update to V3.2.7 or later version", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109814809/" }, { "category": "mitigation", "details": "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens\u0027 operational guidelines for Industrial Security (Download: \nhttps://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.\nAdditional information on Industrial Security by Siemens can be found at: \nhttps://www.siemens.com/industrialsecurity", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] } ], "scores": [ { "cvss_v3": { "baseScore": 5.3, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] } ], "title": "CVE-2018-20685" }, { "cve": "CVE-2019-1552", "cwe": { "id": "CWE-295", "name": "Improper Certificate Validation" }, "notes": [ { "category": "summary", "text": "OpenSSL has internal defaults for a directory tree where it can find a configuration file as well as certificates used for verification in TLS. This directory is most commonly referred to as OPENSSLDIR, and is configurable with the --prefix / --openssldir configuration options. For OpenSSL versions 1.1.0 and 1.1.1, the mingw configuration targets assume that resulting programs and libraries are installed in a Unix-like environment and the default prefix for program installation as well as for OPENSSLDIR should be \u0027/usr/local\u0027. However, mingw programs are Windows programs, and as such, find themselves looking at sub-directories of \u0027C:/usr/local\u0027, which may be world writable, which enables untrusted users to modify OpenSSL\u0027s default configuration, insert CA certificates, modify (or even replace) existing engine modules, etc. For OpenSSL 1.0.2, \u0027/usr/local/ssl\u0027 is used as default for OPENSSLDIR on all Unix and Windows targets, including Visual C builds. However, some build instructions for the diverse Windows targets on 1.0.2 encourage you to specify your own --prefix. OpenSSL versions 1.1.1, 1.1.0 and 1.0.2 are affected by this issue. Due to the limited scope of affected deployments this has been assessed as low severity and therefore we are not creating new releases at this time. Fixed in OpenSSL 1.1.1d (Affected 1.1.1-1.1.1c). Fixed in OpenSSL 1.1.0l (Affected 1.1.0-1.1.0k). Fixed in OpenSSL 1.0.2t (Affected 1.0.2-1.0.2s).", "title": "Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] }, "references": [ { "category": "external", "summary": "nvd.nist.gov", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-1552" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N" } ], "remediations": [ { "category": "mitigation", "details": "Restrict access to the affected systems, especially to ports 22/tcp and 443/tcp to trusted IP addresses only", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] }, { "category": "mitigation", "details": "Deactivate the webserver if not required, and if deactivation is supported by the product", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] }, { "category": "vendor_fix", "details": "Update to V3.2.7 or later version", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109814809/" }, { "category": "mitigation", "details": "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens\u0027 operational guidelines for Industrial Security (Download: \nhttps://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.\nAdditional information on Industrial Security by Siemens can be found at: \nhttps://www.siemens.com/industrialsecurity", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] } ], "scores": [ { "cvss_v3": { "baseScore": 3.3, "baseSeverity": "LOW", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] } ], "title": "CVE-2019-1552" }, { "cve": "CVE-2019-6109", "cwe": { "id": "CWE-116", "name": "Improper Encoding or Escaping of Output" }, "notes": [ { "category": "summary", "text": "An issue was discovered in OpenSSH 7.9. Due to missing character encoding in the progress display, a malicious server (or Man-in-The-Middle attacker) can employ crafted object names to manipulate the client output, e.g., by using ANSI control codes to hide additional files being transferred. This affects refresh_progress_meter() in progressmeter.c.", "title": "Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] }, "references": [ { "category": "external", "summary": "nvd.nist.gov", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-6109" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N" } ], "remediations": [ { "category": "mitigation", "details": "Restrict access to the affected systems, especially to ports 22/tcp and 443/tcp to trusted IP addresses only", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] }, { "category": "mitigation", "details": "Deactivate the webserver if not required, and if deactivation is supported by the product", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] }, { "category": "vendor_fix", "details": "Update to V3.2.7 or later version", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109814809/" }, { "category": "mitigation", "details": "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens\u0027 operational guidelines for Industrial Security (Download: \nhttps://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.\nAdditional information on Industrial Security by Siemens can be found at: \nhttps://www.siemens.com/industrialsecurity", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] } ], "scores": [ { "cvss_v3": { "baseScore": 6.8, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] } ], "title": "CVE-2019-6109" }, { "cve": "CVE-2019-6110", "cwe": { "id": "CWE-838", "name": "Inappropriate Encoding for Output Context" }, "notes": [ { "category": "summary", "text": "In OpenSSH 7.9, due to accepting and displaying arbitrary stderr output from the server, a malicious server (or Man-in-The-Middle attacker) can manipulate the client output, for example to use ANSI control codes to hide additional files being transferred.", "title": "Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] }, "references": [ { "category": "external", "summary": "nvd.nist.gov", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-6110" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N" } ], "remediations": [ { "category": "mitigation", "details": "Restrict access to the affected systems, especially to ports 22/tcp and 443/tcp to trusted IP addresses only", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] }, { "category": "mitigation", "details": "Deactivate the webserver if not required, and if deactivation is supported by the product", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] }, { "category": "vendor_fix", "details": "Update to V3.2.7 or later version", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109814809/" }, { "category": "mitigation", "details": "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens\u0027 operational guidelines for Industrial Security (Download: \nhttps://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.\nAdditional information on Industrial Security by Siemens can be found at: \nhttps://www.siemens.com/industrialsecurity", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] } ], "scores": [ { "cvss_v3": { "baseScore": 6.8, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] } ], "title": "CVE-2019-6110" }, { "cve": "CVE-2019-6111", "cwe": { "id": "CWE-22", "name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)" }, "notes": [ { "category": "summary", "text": "An issue was discovered in OpenSSH 7.9. Due to the scp implementation being derived from 1983 rcp, the server chooses which files/directories are sent to the client. However, the scp client only performs cursory validation of the object name returned (only directory traversal attacks are prevented). A malicious scp server (or Man-in-The-Middle attacker) can overwrite arbitrary files in the scp client target directory. If recursive operation (-r) is performed, the server can manipulate subdirectories as well (for example, to overwrite the .ssh/authorized_keys file).", "title": "Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] }, "references": [ { "category": "external", "summary": "nvd.nist.gov", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-6111" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" } ], "remediations": [ { "category": "mitigation", "details": "Restrict access to the affected systems, especially to ports 22/tcp and 443/tcp to trusted IP addresses only", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] }, { "category": "mitigation", "details": "Deactivate the webserver if not required, and if deactivation is supported by the product", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] }, { "category": "vendor_fix", "details": "Update to V3.2.7 or later version", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109814809/" }, { "category": "mitigation", "details": "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens\u0027 operational guidelines for Industrial Security (Download: \nhttps://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.\nAdditional information on Industrial Security by Siemens can be found at: \nhttps://www.siemens.com/industrialsecurity", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] } ], "scores": [ { "cvss_v3": { "baseScore": 5.9, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] } ], "title": "CVE-2019-6111" }, { "cve": "CVE-2019-16905", "cwe": { "id": "CWE-190", "name": "Integer Overflow or Wraparound" }, "notes": [ { "category": "summary", "text": "OpenSSH 7.7 through 7.9 and 8.x before 8.1, when compiled with an experimental key type, has a pre-authentication integer overflow if a client or server is configured to use a crafted XMSS key. This leads to memory corruption and local code execution because of an error in the XMSS key parsing algorithm. NOTE: the XMSS implementation is considered experimental in all released OpenSSH versions, and there is no supported way to enable it when building portable OpenSSH.", "title": "Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] }, "remediations": [ { "category": "mitigation", "details": "Restrict access to the affected systems, especially to ports 22/tcp and 443/tcp to trusted IP addresses only", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] }, { "category": "mitigation", "details": "Deactivate the webserver if not required, and if deactivation is supported by the product", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] }, { "category": "vendor_fix", "details": "Update to V3.2.7 or later version", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109814809/" }, { "category": "mitigation", "details": "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens\u0027 operational guidelines for Industrial Security (Download: \nhttps://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.\nAdditional information on Industrial Security by Siemens can be found at: \nhttps://www.siemens.com/industrialsecurity", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005" ] } ], "title": "CVE-2019-16905" } ] }
icsa-21-075-02
Vulnerability from csaf_cisa
Notes
{ "document": { "acknowledgments": [ { "organization": "SCADA-X", "summary": "reporting these vulnerabilities to GE" }, { "organization": "DOE \u0027s Cyber Testing for Resilient Industrial Control Systems (CyTRICS) program", "summary": "reporting these vulnerabilities to GE" }, { "organization": "Verve Industrial", "summary": "reporting these vulnerabilities to GE" }, { "organization": "VuMetric", "summary": "reporting these vulnerabilities to GE" } ], "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Disclosure is not limited", "tlp": { "label": "WHITE", "url": "https://us-cert.cisa.gov/tlp/" } }, "lang": "en-US", "notes": [ { "category": "general", "text": "This CSAF advisory was extracted from unstructured data and may contain inaccuracies. If you notice any errors, please reach out to the designated contact at CISA CSAF: central@cisa.dhs.gov", "title": "CISA Disclaimer" }, { "category": "legal_disclaimer", "text": "All information products included in https://us-cert.cisa.gov/ics are provided \"as is\" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.", "title": "Legal Notice" }, { "category": "summary", "text": "Successful exploitation of these vulnerabilities could allow an attacker to access sensitive information, reboot the UR, gain privileged access, or cause a denial-of-service condition.", "title": "Risk evaluation" }, { "category": "other", "text": "Communications, Critical Manufacturing, Energy, Healthcare and Public Health, Transportation Systems, Water and Wastewater Systems", "title": "Critical infrastructure sectors" }, { "category": "other", "text": "Worldwide", "title": "Countries/areas deployed" }, { "category": "other", "text": "United States", "title": "Company headquarters location" }, { "category": "general", "text": "CISA recommends users take defensive measures to minimize the risk of exploitation of these vulnerabilities. Specifically, users should:", "title": "Recommended Practices" }, { "category": "general", "text": "CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.\nCISA also provides a section for control systems security recommended practices on the ICS webpage onus-cert.cisa.gov. Several recommended practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.", "title": "Recommended Practices" }, { "category": "general", "text": "Additional mitigation guidance and recommended practices are publicly available on the ICS webpage on us-cert.cisa.gov in the Technical Information Paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.\nOrganizations observing any suspected malicious activity should follow their established internal procedures and report their findings to CISA for tracking and correlation against other incidents.", "title": "Recommended Practices" }, { "category": "other", "text": "No known public exploits specifically target these vulnerabilities.", "title": "Exploitability" } ], "publisher": { "category": "coordinator", "contact_details": "Email: CISAservicedesk@cisa.dhs.gov;\n Toll Free: 1-888-282-0870", "name": "CISA", "namespace": "https://www.cisa.gov/" }, "references": [ { "category": "self", "summary": "ICS Advisory ICSA-21-075-02 JSON", "url": "https://raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/OT/white/2021/icsa-21-075-02.json" }, { "category": "self", "summary": "ICS Advisory ICSA-21-075-02 Web Version", "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-21-075-02" }, { "category": "external", "summary": "Recommended Practices", "url": "https://us-cert.cisa.gov/ics/alerts/ICS-ALERT-10-301-01" }, { "category": "external", "summary": "Recommended Practices", "url": "https://us-cert.cisa.gov/sites/default/files/recommended_practices/NCCIC_ICS-CERT_Defense_in_Depth_2016_S508C.pdf" }, { "category": "external", "summary": "Recommended Practices", "url": "https://us-cert.cisa.gov/ics/tips/ICS-TIP-12-146-01B" } ], "title": "GE UR family", "tracking": { "current_release_date": "2021-03-16T00:00:00.000000Z", "generator": { "engine": { "name": "CISA CSAF Generator", "version": "1.0.0" } }, "id": "ICSA-21-075-02", "initial_release_date": "2021-03-16T00:00:00.000000Z", "revision_history": [ { "date": "2021-03-16T00:00:00.000000Z", "legacy_version": "Initial", "number": "1", "summary": "ICSA-21-075-02 GE UR family" } ], "status": "final", "version": "1" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_version_range", "name": "\u003c 8.1x", "product": { "name": "Protection from unintended firmware upload: all versions prior to 8.1x with basic security option", "product_id": "CSAFPID-0001" } } ], "category": "product_name", "name": "Protection from unintended firmware upload" }, { "branches": [ { "category": "product_version_range", "name": "\u003e= 7.4x | \u003c= 8.0x", "product": { "name": "Vulnerabilities related to SSH Support: firmware versions 7.4x to 8.0x (CyberSentry option)", "product_id": "CSAFPID-0002" } } ], "category": "product_name", "name": "Vulnerabilities related to SSH Support" }, { "branches": [ { "category": "product_version_range", "name": "\u003c 8.1x", "product": { "name": "Provisions to disable Factory Mode: all versions prior to 8.1x with basic security option", "product_id": "CSAFPID-0003" } } ], "category": "product_name", "name": "Provisions to disable Factory Mode" }, { "branches": [ { "category": "product_version_range", "name": "\u003c 8.1x", "product": { "name": "Web server vulnerabilities: all versions prior to version 8.1x", "product_id": "CSAFPID-0004" } } ], "category": "product_name", "name": "Web server vulnerabilities" }, { "branches": [ { "category": "product_version_range", "name": "\u003c 8.1x", "product": { "name": "Access to Last-key pressed register: all versions prior to 8.1x with basic security option", "product_id": "CSAFPID-0005" } } ], "category": "product_name", "name": "Access to Last-key pressed register" }, { "branches": [ { "category": "product_version_range", "name": "\u003c 7.03 /7.04", "product": { "name": "Weakness in UR bootloader binary: all bootloader versions prior to 7.03/7.04", "product_id": "CSAFPID-0006" } } ], "category": "product_name", "name": "Weakness in UR bootloader binary" } ], "category": "vendor", "name": "General Electric (GE)" } ] }, "vulnerabilities": [ { "cve": "CVE-2016-2183", "cwe": { "id": "CWE-326", "name": "Inadequate Encryption Strength" }, "notes": [ { "category": "summary", "text": "Prior to UR firmware Version 8.1x, UR supported various encryption and MAC algorithms for SSH communication, some of which are weak.CVE-2016-2183 and CVE-2013-2566 have been assigned to this vulnerability. A CVSS v3 base score of 7.5 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N).", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006" ] }, "references": [ { "category": "external", "summary": "web.nvd.nist.gov", "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-2183" }, { "category": "external", "summary": "web.nvd.nist.gov", "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-2566" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" } ], "remediations": [ { "category": "mitigation", "details": "GE strongly recommends users with impacted firmware versions update their UR devices to UR firmware Version 8.10, or greater to resolve these vulnerabilities. GE provides additional mitigations and information about these vulnerabilities in GE Publication Number: GES-2021-004 (login required).", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006" ], "url": "https://www.gegridsolutions.com/Passport/Login.aspx" }, { "category": "mitigation", "details": "GE recommends protecting UR IED by using network defense-in-depth practices. This includes, but is not limited to, placing UR IED inside the control system network security perimeter, and having access controls, monitoring (such as an Intrusion Detection System), and other mitigating technologies in place.", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006" ] }, { "category": "mitigation", "details": "GE recommends users refer to the UR Deployment guide for secure configuration of UR IED and system.", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.5, "baseSeverity": "HIGH", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.0" }, "products": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006" ] } ] }, { "cve": "CVE-1999-1085", "cwe": { "id": "CWE-384", "name": "Session Fixation" }, "notes": [ { "category": "summary", "text": "Prior to firmware Version 7.4x, UR supported only SSHv2. Starting from firmware Version 7.4x, UR added support to SSHv1. SSHv1 has known vulnerabilities (SSH protocol session key retrieval and insertion attack).CVE-1999-1085 has been assigned to this vulnerability. A CVSS v3 base score of 5.3 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N).", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006" ] }, "references": [ { "category": "external", "summary": "web.nvd.nist.gov", "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-1999-1085" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" } ], "remediations": [ { "category": "mitigation", "details": "GE strongly recommends users with impacted firmware versions update their UR devices to UR firmware Version 8.10, or greater to resolve these vulnerabilities. GE provides additional mitigations and information about these vulnerabilities in GE Publication Number: GES-2021-004 (login required).", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006" ], "url": "https://www.gegridsolutions.com/Passport/Login.aspx" }, { "category": "mitigation", "details": "GE recommends protecting UR IED by using network defense-in-depth practices. This includes, but is not limited to, placing UR IED inside the control system network security perimeter, and having access controls, monitoring (such as an Intrusion Detection System), and other mitigating technologies in place.", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006" ] }, { "category": "mitigation", "details": "GE recommends users refer to the UR Deployment guide for secure configuration of UR IED and system.", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006" ] } ], "scores": [ { "cvss_v3": { "baseScore": 5.3, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", "version": "3.0" }, "products": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006" ] } ] }, { "cve": "CVE-2021-27422", "cwe": { "id": "CWE-200", "name": "Exposure of Sensitive Information to an Unauthorized Actor" }, "notes": [ { "category": "summary", "text": "Web server interface is supported on UR over HTTP protocol. It allows sensitive information exposure without authentication.CVE-2021-27422 has been assigned to this vulnerability. A CVSS v3 base score of 7.5 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N).", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006" ] }, "references": [ { "category": "external", "summary": "web.nvd.nist.gov", "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-27422" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" } ], "remediations": [ { "category": "mitigation", "details": "GE strongly recommends users with impacted firmware versions update their UR devices to UR firmware Version 8.10, or greater to resolve these vulnerabilities. GE provides additional mitigations and information about these vulnerabilities in GE Publication Number: GES-2021-004 (login required).", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006" ], "url": "https://www.gegridsolutions.com/Passport/Login.aspx" }, { "category": "mitigation", "details": "GE recommends protecting UR IED by using network defense-in-depth practices. This includes, but is not limited to, placing UR IED inside the control system network security perimeter, and having access controls, monitoring (such as an Intrusion Detection System), and other mitigating technologies in place.", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006" ] }, { "category": "mitigation", "details": "GE recommends users refer to the UR Deployment guide for secure configuration of UR IED and system.", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.5, "baseSeverity": "HIGH", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.0" }, "products": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006" ] } ] }, { "cve": "CVE-2021-27418", "cwe": { "id": "CWE-20", "name": "Improper Input Validation" }, "notes": [ { "category": "summary", "text": "UR supports web interface with read-only access. The device fails to properly validate user input, making it possible to perform cross-site scripting attacks, which may be used to send a malicious script. Also, UR Firmware web server does not perform HTML encoding of user-supplied strings.CVE-2021-27418 has been assigned to this vulnerability. A CVSS v3 base score of 5.3 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N).", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006" ] }, "references": [ { "category": "external", "summary": "web.nvd.nist.gov", "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-27418" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" } ], "remediations": [ { "category": "mitigation", "details": "GE strongly recommends users with impacted firmware versions update their UR devices to UR firmware Version 8.10, or greater to resolve these vulnerabilities. GE provides additional mitigations and information about these vulnerabilities in GE Publication Number: GES-2021-004 (login required).", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006" ], "url": "https://www.gegridsolutions.com/Passport/Login.aspx" }, { "category": "mitigation", "details": "GE recommends protecting UR IED by using network defense-in-depth practices. This includes, but is not limited to, placing UR IED inside the control system network security perimeter, and having access controls, monitoring (such as an Intrusion Detection System), and other mitigating technologies in place.", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006" ] }, { "category": "mitigation", "details": "GE recommends users refer to the UR Deployment guide for secure configuration of UR IED and system.", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006" ] } ], "scores": [ { "cvss_v3": { "baseScore": 5.3, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", "version": "3.0" }, "products": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006" ] } ] }, { "cve": "CVE-2021-27420", "cwe": { "id": "CWE-20", "name": "Improper Input Validation" }, "notes": [ { "category": "summary", "text": "UR Firmware web server task does not properly handle receipt of unsupported HTTP verbs, resulting in the web server becoming temporarily unresponsive after receiving a series of unsupported HTTP requests. When unresponsive, the web server is inaccessible. By itself, this is not particularly significant as the relay remains effective in all other functionality and communication channels.CVE-2021-27420 has been assigned to this vulnerability. A CVSS v3 base score of 5.3 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006" ] }, "references": [ { "category": "external", "summary": "web.nvd.nist.gov", "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-27420" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" } ], "remediations": [ { "category": "mitigation", "details": "GE strongly recommends users with impacted firmware versions update their UR devices to UR firmware Version 8.10, or greater to resolve these vulnerabilities. GE provides additional mitigations and information about these vulnerabilities in GE Publication Number: GES-2021-004 (login required).", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006" ], "url": "https://www.gegridsolutions.com/Passport/Login.aspx" }, { "category": "mitigation", "details": "GE recommends protecting UR IED by using network defense-in-depth practices. This includes, but is not limited to, placing UR IED inside the control system network security perimeter, and having access controls, monitoring (such as an Intrusion Detection System), and other mitigating technologies in place.", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006" ] }, { "category": "mitigation", "details": "GE recommends users refer to the UR Deployment guide for secure configuration of UR IED and system.", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006" ] } ], "scores": [ { "cvss_v3": { "baseScore": 5.3, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", "version": "3.0" }, "products": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006" ] } ] }, { "cve": "CVE-2021-27428", "cwe": { "id": "CWE-434", "name": "Unrestricted Upload of File with Dangerous Type" }, "notes": [ { "category": "summary", "text": "UR IED supports upgrading firmware using UR Setup configuration tool - Enervista UR Setup. This UR Setup tool validates the authenticity and integrity of firmware file before uploading the UR IED. An illegitimate user could upgrade firmware without appropriate privileges. The weakness is assessed, and mitigation is implemented in firmware Version 8.10.CVE-2021-27428 has been assigned to this vulnerability. A CVSS v3 base score of 7.5 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N).", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006" ] }, "references": [ { "category": "external", "summary": "web.nvd.nist.gov", "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-27428" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" } ], "remediations": [ { "category": "mitigation", "details": "GE strongly recommends users with impacted firmware versions update their UR devices to UR firmware Version 8.10, or greater to resolve these vulnerabilities. GE provides additional mitigations and information about these vulnerabilities in GE Publication Number: GES-2021-004 (login required).", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006" ], "url": "https://www.gegridsolutions.com/Passport/Login.aspx" }, { "category": "mitigation", "details": "GE recommends protecting UR IED by using network defense-in-depth practices. This includes, but is not limited to, placing UR IED inside the control system network security perimeter, and having access controls, monitoring (such as an Intrusion Detection System), and other mitigating technologies in place.", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006" ] }, { "category": "mitigation", "details": "GE recommends users refer to the UR Deployment guide for secure configuration of UR IED and system.", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.5, "baseSeverity": "HIGH", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.0" }, "products": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006" ] } ] }, { "cve": "CVE-2021-27426", "cwe": { "id": "CWE-453", "name": "Insecure Default Variable Initialization" }, "notes": [ { "category": "summary", "text": "UR IED with Basic security variant does not allow the disabling of the Factory Mode, which is used for servicing the IED by a Factory user.CVE-2021-27426 has been assigned to this vulnerability. A CVSS v3 base score of 9.8 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006" ] }, "references": [ { "category": "external", "summary": "web.nvd.nist.gov", "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-27426" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "remediations": [ { "category": "mitigation", "details": "GE strongly recommends users with impacted firmware versions update their UR devices to UR firmware Version 8.10, or greater to resolve these vulnerabilities. GE provides additional mitigations and information about these vulnerabilities in GE Publication Number: GES-2021-004 (login required).", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006" ], "url": "https://www.gegridsolutions.com/Passport/Login.aspx" }, { "category": "mitigation", "details": "GE recommends protecting UR IED by using network defense-in-depth practices. This includes, but is not limited to, placing UR IED inside the control system network security perimeter, and having access controls, monitoring (such as an Intrusion Detection System), and other mitigating technologies in place.", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006" ] }, { "category": "mitigation", "details": "GE recommends users refer to the UR Deployment guide for secure configuration of UR IED and system.", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006" ] } ], "scores": [ { "cvss_v3": { "baseScore": 9.8, "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" }, "products": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006" ] } ] }, { "cve": "CVE-2021-27424", "cwe": { "id": "CWE-200", "name": "Exposure of Sensitive Information to an Unauthorized Actor" }, "notes": [ { "category": "summary", "text": "UR shares MODBUS memory map as part of the communications guide. GE was made aware a Last-key pressed MODBUS register can be used to gain unauthorized information.CVE-2021-27424 has been assigned to this vulnerability. A CVSS v3 base score of 5.3 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N).", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006" ] }, "references": [ { "category": "external", "summary": "web.nvd.nist.gov", "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-27424" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" } ], "remediations": [ { "category": "mitigation", "details": "GE strongly recommends users with impacted firmware versions update their UR devices to UR firmware Version 8.10, or greater to resolve these vulnerabilities. GE provides additional mitigations and information about these vulnerabilities in GE Publication Number: GES-2021-004 (login required).", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006" ], "url": "https://www.gegridsolutions.com/Passport/Login.aspx" }, { "category": "mitigation", "details": "GE recommends protecting UR IED by using network defense-in-depth practices. This includes, but is not limited to, placing UR IED inside the control system network security perimeter, and having access controls, monitoring (such as an Intrusion Detection System), and other mitigating technologies in place.", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006" ] }, { "category": "mitigation", "details": "GE recommends users refer to the UR Deployment guide for secure configuration of UR IED and system.", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006" ] } ], "scores": [ { "cvss_v3": { "baseScore": 5.3, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", "version": "3.0" }, "products": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006" ] } ] }, { "cve": "CVE-2021-27430", "cwe": { "id": "CWE-798", "name": "Use of Hard-coded Credentials" }, "notes": [ { "category": "summary", "text": "UR bootloader binary Version 7.00, 7.01 and 7.02 included unused hardcoded credentials. Additionally, a user with physical access to the UR IED can interrupt the boot sequence by rebooting the UR.CVE-2021-27430 has been assigned to this vulnerability. A CVSS v3 base score of 8.4 has been calculated; the CVSS vector string is (AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006" ] }, "references": [ { "category": "external", "summary": "web.nvd.nist.gov", "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-27430" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "remediations": [ { "category": "mitigation", "details": "GE strongly recommends users with impacted firmware versions update their UR devices to UR firmware Version 8.10, or greater to resolve these vulnerabilities. GE provides additional mitigations and information about these vulnerabilities in GE Publication Number: GES-2021-004 (login required).", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006" ], "url": "https://www.gegridsolutions.com/Passport/Login.aspx" }, { "category": "mitigation", "details": "GE recommends protecting UR IED by using network defense-in-depth practices. This includes, but is not limited to, placing UR IED inside the control system network security perimeter, and having access controls, monitoring (such as an Intrusion Detection System), and other mitigating technologies in place.", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006" ] }, { "category": "mitigation", "details": "GE recommends users refer to the UR Deployment guide for secure configuration of UR IED and system.", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006" ] } ], "scores": [ { "cvss_v3": { "baseScore": 8.4, "baseSeverity": "HIGH", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" }, "products": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006" ] } ] } ] }
icsa-22-160-01
Vulnerability from csaf_cisa
Notes
{ "document": { "acknowledgments": [ { "organization": "Mitsubishi Electric", "summary": "reporting these vulnerabilities to CISA" } ], "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Disclosure is not limited", "tlp": { "label": "WHITE", "url": "https://us-cert.cisa.gov/tlp/" } }, "lang": "en-US", "notes": [ { "category": "general", "text": "This CSAF advisory was extracted from unstructured data and may contain inaccuracies. If you notice any errors, please reach out to the designated contact at CISA CSAF: central@cisa.dhs.gov", "title": "CISA Disclaimer" }, { "category": "legal_disclaimer", "text": "All information products included in https://us-cert.cisa.gov/ics are provided \"as is\" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.", "title": "Legal Notice" }, { "category": "summary", "text": "Successful exploitation of these vulnerabilities could allow an attacker to disclose or tamper data in communication between the air conditioning system and the external computers or cause a denial-of-service condition.", "title": "Risk evaluation" }, { "category": "other", "text": "Commercial Facilities", "title": "Critical infrastructure sectors" }, { "category": "other", "text": "Worldwide", "title": "Countries/areas deployed" }, { "category": "other", "text": "Japan", "title": "Company headquarters location" }, { "category": "general", "text": "CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability. Specifically, users should:", "title": "Recommended Practices" }, { "category": "general", "text": "CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.", "title": "Recommended Practices" }, { "category": "general", "text": "CISA also provides a section for control systems security recommended practices on the ICS webpage on cisa.gov/icsSeveral recommended practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.", "title": "Recommended Practices" }, { "category": "general", "text": "Additional mitigation guidance and recommended practices are publicly available on the ICS webpage on cisa.gov/icsin the Technical Information Paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.", "title": "Recommended Practices" }, { "category": "other", "text": "No known public exploits specifically target these vulnerabilities. These vulnerabilities have a high attack complexity.\nOrganizations observing any suspected malicious activity should follow their established internal procedures and report their findings to CISA for tracking and correlation against other incidents.", "title": "Exploitability" } ], "publisher": { "category": "coordinator", "contact_details": "Email: CISAservicedesk@cisa.dhs.gov;\n Toll Free: 1-888-282-0870", "name": "CISA", "namespace": "https://www.cisa.gov/" }, "references": [ { "category": "self", "summary": "ICS Advisory ICSA-22-160-01 JSON", "url": "https://raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/OT/white/2022/icsa-22-160-01.json" }, { "category": "self", "summary": "ICS Advisory ICSA-22-160-01 Web Version", "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-22-160-01" }, { "category": "external", "summary": "Recommended Practices", "url": "https://www.cisa.gov/uscert/ics/alerts/ICS-ALERT-10-301-01" }, { "category": "external", "summary": "Recommended Practices", "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-22-160-01" }, { "category": "external", "summary": "Recommended Practices", "url": "https://www.cisa.gov/uscert/sites/default/files/recommended_practices/NCCIC_ICS-CERT_Defense_in_Depth_2016_S508C.pdf" } ], "title": "Mitsubishi Electric Air Conditioning Systems", "tracking": { "current_release_date": "2022-06-09T00:00:00.000000Z", "generator": { "engine": { "name": "CISA CSAF Generator", "version": "1.0.0" } }, "id": "ICSA-22-160-01", "initial_release_date": "2022-06-09T00:00:00.000000Z", "revision_history": [ { "date": "2022-06-09T00:00:00.000000Z", "legacy_version": "Initial", "number": "1", "summary": "ICSA-22-160-01 Mitsubishi Electric Air Conditioning Systems" } ], "status": "final", "version": "1" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_version_range", "name": "\u003c= 7.97", "product": { "name": "AE-200A: Versions 7.97 and prior", "product_id": "CSAFPID-0001" } } ], "category": "product_name", "name": "AE-200A" }, { "branches": [ { "category": "product_version_range", "name": "\u003c= 7.97", "product": { "name": "AE-200E: Versions 7.97 and prior", "product_id": "CSAFPID-0002" } } ], "category": "product_name", "name": "AE-200E" }, { "branches": [ { "category": "product_version_range", "name": "\u003c= 7.97", "product": { "name": "AE-200J: Versions 7.97 and prior", "product_id": "CSAFPID-0003" } } ], "category": "product_name", "name": "AE-200J" }, { "branches": [ { "category": "product_version_range", "name": "\u003c= 7.97", "product": { "name": "AE-50A: Versions 7.97 and prior", "product_id": "CSAFPID-0004" } } ], "category": "product_name", "name": "AE-50A" }, { "branches": [ { "category": "product_version_range", "name": "\u003c= 7.97", "product": { "name": "AE-50E: Versions 7.97 and prior", "product_id": "CSAFPID-0005" } } ], "category": "product_name", "name": "AE-50E" }, { "branches": [ { "category": "product_version_range", "name": "\u003c= 7.97", "product": { "name": "AE-50J: Versions 7.97 and prior", "product_id": "CSAFPID-0006" } } ], "category": "product_name", "name": "AE-50J" }, { "branches": [ { "category": "product_version_range", "name": "\u003c= 3.21", "product": { "name": "AG-150A-A: Versions 3.21 and prior", "product_id": "CSAFPID-0007" } } ], "category": "product_name", "name": "AG-150A-A" }, { "branches": [ { "category": "product_version_range", "name": "\u003c= 3.21", "product": { "name": "AG-150A-J: Versions 3.21 and prior", "product_id": "CSAFPID-0008" } } ], "category": "product_name", "name": "AG-150A-J" }, { "branches": [ { "category": "product_version_range", "name": "\u003c= 7.10", "product": { "name": "EB-50GU-A: Versions. 7.10 and prior", "product_id": "CSAFPID-0009" } } ], "category": "product_name", "name": "EB-50GU-A" }, { "branches": [ { "category": "product_version_range", "name": "\u003c= 7.10", "product": { "name": "EB-50GU-J: Versions 7.10 and prior", "product_id": "CSAFPID-00010" } } ], "category": "product_name", "name": "EB-50GU-J" }, { "branches": [ { "category": "product_version_range", "name": "\u003c= 7.97", "product": { "name": "EW-50A: Versions 7.97 and prior", "product_id": "CSAFPID-00011" } } ], "category": "product_name", "name": "EW-50A" }, { "branches": [ { "category": "product_version_range", "name": "\u003c= 7.97", "product": { "name": "EW-50E: Versions 7.97 and prior", "product_id": "CSAFPID-00012" } } ], "category": "product_name", "name": "EW-50E" }, { "branches": [ { "category": "product_version_range", "name": "\u003c= 7.97", "product": { "name": "EW-50J: Versions 7.97 and prior", "product_id": "CSAFPID-00013" } } ], "category": "product_name", "name": "EW-50J" }, { "branches": [ { "category": "product_version_range", "name": "\u003c= 3.21", "product": { "name": "G-150AD: Versions 3.21 and prior", "product_id": "CSAFPID-00014" } } ], "category": "product_name", "name": "G-150AD" }, { "branches": [ { "category": "product_version_range", "name": "\u003c= 3.21", "product": { "name": "GB-50AD: Versions 3.21 and prior", "product_id": "CSAFPID-00015" } } ], "category": "product_name", "name": "GB-50AD" }, { "branches": [ { "category": "product_version_range", "name": "\u003c= 3.21", "product": { "name": "GB-50ADA-A: Versions 3.21 and prior", "product_id": "CSAFPID-00016" } } ], "category": "product_name", "name": "GB-50ADA-A" }, { "branches": [ { "category": "product_version_range", "name": "\u003c= 3.21", "product": { "name": "GB-50ADA-J: Versions 3.21 and prior", "product_id": "CSAFPID-00017" } } ], "category": "product_name", "name": "GB-50ADA-J" }, { "branches": [ { "category": "product_version_range", "name": "\u003c= 7.97", "product": { "name": "TE-200A: Versions 7.97 and prior", "product_id": "CSAFPID-00018" } } ], "category": "product_name", "name": "TE-200A" }, { "branches": [ { "category": "product_version_range", "name": "\u003c= 7.97", "product": { "name": "TE-50A: Versions 7.97 and prior", "product_id": "CSAFPID-00019" } } ], "category": "product_name", "name": "TE-50A" }, { "branches": [ { "category": "product_version_range", "name": "\u003c= 7.97", "product": { "name": "TW-50A: Versions 7.97 and prior", "product_id": "CSAFPID-00020" } } ], "category": "product_name", "name": "TW-50A" } ], "category": "vendor", "name": "Mitsubishi Electric" } ] }, "vulnerabilities": [ { "cve": "CVE-2022-24296", "cwe": { "id": "CWE-327", "name": "Use of a Broken or Risky Cryptographic Algorithm" }, "notes": [ { "category": "summary", "text": "Use of a broken or risky cryptographic algorithm allows a remote unauthenticated attacker to cause a disclosure of an encrypted message from the air conditioning systems by sniffing encrypted communications.CVE-2022-24296 has been assigned to this vulnerability. A CVSS v3 base score of 3.1 has been assigned; the CVSS vector string is (AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N).", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020" ] }, "references": [ { "category": "external", "summary": "web.nvd.nist.gov", "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-24296" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N" } ], "remediations": [ { "category": "mitigation", "details": "G-150AD: Replace the air conditioning systems to AE-200J, AE-50J or EW-50J Version 7.98 or later", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020" ] }, { "category": "mitigation", "details": "AG-150A-A: Replace the air conditioning systems to AE-200A, AE-50A or EW-50A Version 7.98 or later", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020" ] }, { "category": "mitigation", "details": "AG-150A-J: Replace the air conditioning systems to AE-200E, AE-50E or EW-50E Version 7.98 or later", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020" ] }, { "category": "mitigation", "details": "GB-50AD: Replace the air conditioning systems to AE-200J, AE-50J or EW-50J Version 7.98 or later", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020" ] }, { "category": "mitigation", "details": "GB-50ADA-A: Replace the air conditioning systems to AE-200A, AE-50A or EW-50A Version 7.98 or later", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020" ] }, { "category": "mitigation", "details": "GB-50ADA-J: Replace the air conditioning systems to AE-200E, AE-50E or EW-50E Version 7.98 or later", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020" ] }, { "category": "mitigation", "details": "EB-50GU-A: Update to Version 7.11 or later", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020" ] }, { "category": "mitigation", "details": "EB-50GU-J: Update to Version 7.11 or later", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020" ] }, { "category": "mitigation", "details": "AE-200J: Update to Version 7.98 or later", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020" ] }, { "category": "mitigation", "details": "AE-200A: Update to Version 7.98 or later", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020" ] }, { "category": "mitigation", "details": "AE-200E: Update to Version 7.98 or later", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020" ] }, { "category": "mitigation", "details": "AE-50J: Update to Version 7.98 or later", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020" ] }, { "category": "mitigation", "details": "AE-50A: Update to Version 7.98 or later", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020" ] }, { "category": "mitigation", "details": "AE-50E: Update to Version 7.98 or later", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020" ] }, { "category": "mitigation", "details": "EW-50J: Update to Version 7.98 or later", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020" ] }, { "category": "mitigation", "details": "EW-50A: Update to Version 7.98 or later", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020" ] }, { "category": "mitigation", "details": "EW-50E: Update to Version 7.98 or later", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020" ] }, { "category": "mitigation", "details": "TE-200A: Update to Version 7.98 or later", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020" ] }, { "category": "mitigation", "details": "TE-50A: Update to Version 7.98 or later", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020" ] }, { "category": "vendor_fix", "details": "TW-50A: Update to Version 7.98 or later", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020" ] }, { "category": "mitigation", "details": "To minimize the risk of these vulnerabilities being exploited, please make sure air conditioning systems are properly configured as recommended by Mitsubishi Electric. Mitsubishi Electric recommends taking the following mitigation measures:", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020" ] }, { "category": "mitigation", "details": "Restrict the access to air conditioning systems from untrusted networks and hosts.", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020" ] }, { "category": "mitigation", "details": "Use an anti-virus software and update the OS and the web browser to the latest version on your computer to connect your air conditioning system.", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020" ] }, { "category": "mitigation", "details": "See Mitsubishi Electric\u0027s security bulletin for more information.", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020" ], "url": "https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2022-005_en.pdf" } ], "scores": [ { "cvss_v3": { "baseScore": 3.1, "baseSeverity": "LOW", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N", "version": "3.0" }, "products": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020" ] } ] }, { "cve": "CVE-2016-2183", "cwe": { "id": "CWE-200", "name": "Exposure of Sensitive Information to an Unauthorized Actor" }, "notes": [ { "category": "summary", "text": "The DES and Triple DES ciphers, as used in the TLS, SSH, and IPSec protocols and other protocols and products, have a birthday bound of approximately 4 billion blocks. This which makes it easier for remote attackers to obtain cleartext data via a birthday attack against a long duration encrypted session, as demonstrated by an HTTPS session using Triple DES in CBC mode (a.k.a. a Sweet32 attack).CVE-2016-2183 has been assigned to this vulnerability. A CVSS v3 base score of 7.5 has been assigned; the CVSS vector string is (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N).", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020" ] }, "references": [ { "category": "external", "summary": "web.nvd.nist.gov", "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-2183" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" } ], "remediations": [ { "category": "mitigation", "details": "G-150AD: Replace the air conditioning systems to AE-200J, AE-50J or EW-50J Version 7.98 or later", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020" ] }, { "category": "mitigation", "details": "AG-150A-A: Replace the air conditioning systems to AE-200A, AE-50A or EW-50A Version 7.98 or later", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020" ] }, { "category": "mitigation", "details": "AG-150A-J: Replace the air conditioning systems to AE-200E, AE-50E or EW-50E Version 7.98 or later", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020" ] }, { "category": "mitigation", "details": "GB-50AD: Replace the air conditioning systems to AE-200J, AE-50J or EW-50J Version 7.98 or later", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020" ] }, { "category": "mitigation", "details": "GB-50ADA-A: Replace the air conditioning systems to AE-200A, AE-50A or EW-50A Version 7.98 or later", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020" ] }, { "category": "mitigation", "details": "GB-50ADA-J: Replace the air conditioning systems to AE-200E, AE-50E or EW-50E Version 7.98 or later", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020" ] }, { "category": "mitigation", "details": "EB-50GU-A: Update to Version 7.11 or later", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020" ] }, { "category": "mitigation", "details": "EB-50GU-J: Update to Version 7.11 or later", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020" ] }, { "category": "mitigation", "details": "AE-200J: Update to Version 7.98 or later", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020" ] }, { "category": "mitigation", "details": "AE-200A: Update to Version 7.98 or later", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020" ] }, { "category": "mitigation", "details": "AE-200E: Update to Version 7.98 or later", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020" ] }, { "category": "mitigation", "details": "AE-50J: Update to Version 7.98 or later", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020" ] }, { "category": "mitigation", "details": "AE-50A: Update to Version 7.98 or later", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020" ] }, { "category": "mitigation", "details": "AE-50E: Update to Version 7.98 or later", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020" ] }, { "category": "mitigation", "details": "EW-50J: Update to Version 7.98 or later", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020" ] }, { "category": "mitigation", "details": "EW-50A: Update to Version 7.98 or later", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020" ] }, { "category": "mitigation", "details": "EW-50E: Update to Version 7.98 or later", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020" ] }, { "category": "mitigation", "details": "TE-200A: Update to Version 7.98 or later", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020" ] }, { "category": "mitigation", "details": "TE-50A: Update to Version 7.98 or later", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020" ] }, { "category": "vendor_fix", "details": "TW-50A: Update to Version 7.98 or later", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020" ] }, { "category": "mitigation", "details": "To minimize the risk of these vulnerabilities being exploited, please make sure air conditioning systems are properly configured as recommended by Mitsubishi Electric. Mitsubishi Electric recommends taking the following mitigation measures:", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020" ] }, { "category": "mitigation", "details": "Restrict the access to air conditioning systems from untrusted networks and hosts.", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020" ] }, { "category": "mitigation", "details": "Use an anti-virus software and update the OS and the web browser to the latest version on your computer to connect your air conditioning system.", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020" ] }, { "category": "mitigation", "details": "See Mitsubishi Electric\u0027s security bulletin for more information.", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020" ], "url": "https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2022-005_en.pdf" } ], "scores": [ { "cvss_v3": { "baseScore": 7.5, "baseSeverity": "HIGH", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.0" }, "products": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020" ] } ] }, { "cve": "CVE-2013-2566", "cwe": { "id": "CWE-327", "name": "Use of a Broken or Risky Cryptographic Algorithm" }, "notes": [ { "category": "summary", "text": "The RC4 algorithm, as used in the TLS protocol and SSL protocol, has many single-byte biases that make it easier for remote attackers to conduct plaintext-recovery attacks via statistical analysis of ciphertext in a large number of sessions using the same plaintext.CVE-2013-2566 has been assigned to this vulnerability. A CVSS v3 base score of 5.9 has been assigned; the CVSS vector string is (AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N).", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020" ] }, "references": [ { "category": "external", "summary": "web.nvd.nist.gov", "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-2566" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" } ], "remediations": [ { "category": "mitigation", "details": "G-150AD: Replace the air conditioning systems to AE-200J, AE-50J or EW-50J Version 7.98 or later", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020" ] }, { "category": "mitigation", "details": "AG-150A-A: Replace the air conditioning systems to AE-200A, AE-50A or EW-50A Version 7.98 or later", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020" ] }, { "category": "mitigation", "details": "AG-150A-J: Replace the air conditioning systems to AE-200E, AE-50E or EW-50E Version 7.98 or later", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020" ] }, { "category": "mitigation", "details": "GB-50AD: Replace the air conditioning systems to AE-200J, AE-50J or EW-50J Version 7.98 or later", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020" ] }, { "category": "mitigation", "details": "GB-50ADA-A: Replace the air conditioning systems to AE-200A, AE-50A or EW-50A Version 7.98 or later", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020" ] }, { "category": "mitigation", "details": "GB-50ADA-J: Replace the air conditioning systems to AE-200E, AE-50E or EW-50E Version 7.98 or later", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020" ] }, { "category": "mitigation", "details": "EB-50GU-A: Update to Version 7.11 or later", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020" ] }, { "category": "mitigation", "details": "EB-50GU-J: Update to Version 7.11 or later", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020" ] }, { "category": "mitigation", "details": "AE-200J: Update to Version 7.98 or later", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020" ] }, { "category": "mitigation", "details": "AE-200A: Update to Version 7.98 or later", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020" ] }, { "category": "mitigation", "details": "AE-200E: Update to Version 7.98 or later", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020" ] }, { "category": "mitigation", "details": "AE-50J: Update to Version 7.98 or later", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020" ] }, { "category": "mitigation", "details": "AE-50A: Update to Version 7.98 or later", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020" ] }, { "category": "mitigation", "details": "AE-50E: Update to Version 7.98 or later", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020" ] }, { "category": "mitigation", "details": "EW-50J: Update to Version 7.98 or later", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020" ] }, { "category": "mitigation", "details": "EW-50A: Update to Version 7.98 or later", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020" ] }, { "category": "mitigation", "details": "EW-50E: Update to Version 7.98 or later", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020" ] }, { "category": "mitigation", "details": "TE-200A: Update to Version 7.98 or later", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020" ] }, { "category": "mitigation", "details": "TE-50A: Update to Version 7.98 or later", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020" ] }, { "category": "vendor_fix", "details": "TW-50A: Update to Version 7.98 or later", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020" ] }, { "category": "mitigation", "details": "To minimize the risk of these vulnerabilities being exploited, please make sure air conditioning systems are properly configured as recommended by Mitsubishi Electric. Mitsubishi Electric recommends taking the following mitigation measures:", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020" ] }, { "category": "mitigation", "details": "Restrict the access to air conditioning systems from untrusted networks and hosts.", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020" ] }, { "category": "mitigation", "details": "Use an anti-virus software and update the OS and the web browser to the latest version on your computer to connect your air conditioning system.", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020" ] }, { "category": "mitigation", "details": "See Mitsubishi Electric\u0027s security bulletin for more information.", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020" ], "url": "https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2022-005_en.pdf" } ], "scores": [ { "cvss_v3": { "baseScore": 5.9, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.0" }, "products": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020" ] } ] }, { "cve": "CVE-2015-2808", "cwe": { "id": "CWE-327", "name": "Use of a Broken or Risky Cryptographic Algorithm" }, "notes": [ { "category": "summary", "text": "This vulnerability makes it easier for remote attackers to conduct plaintext-recovery attacks against the initial bytes of a stream by sniffing network traffic that relies on keys affected by the Invariance Weakness. An attacker can then use a brute-force approach involving LSB values (a.k.a. the Bar Mitzvah issue).CVE-2015-2808 has been assigned to this vulnerability. A CVSS v3 base score of 5.9 has been assigned; the CVSS vector string is (AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N).", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020" ] }, "references": [ { "category": "external", "summary": "web.nvd.nist.gov", "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-2808" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" } ], "remediations": [ { "category": "mitigation", "details": "G-150AD: Replace the air conditioning systems to AE-200J, AE-50J or EW-50J Version 7.98 or later", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020" ] }, { "category": "mitigation", "details": "AG-150A-A: Replace the air conditioning systems to AE-200A, AE-50A or EW-50A Version 7.98 or later", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020" ] }, { "category": "mitigation", "details": "AG-150A-J: Replace the air conditioning systems to AE-200E, AE-50E or EW-50E Version 7.98 or later", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020" ] }, { "category": "mitigation", "details": "GB-50AD: Replace the air conditioning systems to AE-200J, AE-50J or EW-50J Version 7.98 or later", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020" ] }, { "category": "mitigation", "details": "GB-50ADA-A: Replace the air conditioning systems to AE-200A, AE-50A or EW-50A Version 7.98 or later", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020" ] }, { "category": "mitigation", "details": "GB-50ADA-J: Replace the air conditioning systems to AE-200E, AE-50E or EW-50E Version 7.98 or later", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020" ] }, { "category": "mitigation", "details": "EB-50GU-A: Update to Version 7.11 or later", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020" ] }, { "category": "mitigation", "details": "EB-50GU-J: Update to Version 7.11 or later", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020" ] }, { "category": "mitigation", "details": "AE-200J: Update to Version 7.98 or later", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020" ] }, { "category": "mitigation", "details": "AE-200A: Update to Version 7.98 or later", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020" ] }, { "category": "mitigation", "details": "AE-200E: Update to Version 7.98 or later", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020" ] }, { "category": "mitigation", "details": "AE-50J: Update to Version 7.98 or later", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020" ] }, { "category": "mitigation", "details": "AE-50A: Update to Version 7.98 or later", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020" ] }, { "category": "mitigation", "details": "AE-50E: Update to Version 7.98 or later", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020" ] }, { "category": "mitigation", "details": "EW-50J: Update to Version 7.98 or later", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020" ] }, { "category": "mitigation", "details": "EW-50A: Update to Version 7.98 or later", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020" ] }, { "category": "mitigation", "details": "EW-50E: Update to Version 7.98 or later", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020" ] }, { "category": "mitigation", "details": "TE-200A: Update to Version 7.98 or later", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020" ] }, { "category": "mitigation", "details": "TE-50A: Update to Version 7.98 or later", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020" ] }, { "category": "vendor_fix", "details": "TW-50A: Update to Version 7.98 or later", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020" ] }, { "category": "mitigation", "details": "To minimize the risk of these vulnerabilities being exploited, please make sure air conditioning systems are properly configured as recommended by Mitsubishi Electric. Mitsubishi Electric recommends taking the following mitigation measures:", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020" ] }, { "category": "mitigation", "details": "Restrict the access to air conditioning systems from untrusted networks and hosts.", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020" ] }, { "category": "mitigation", "details": "Use an anti-virus software and update the OS and the web browser to the latest version on your computer to connect your air conditioning system.", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020" ] }, { "category": "mitigation", "details": "See Mitsubishi Electric\u0027s security bulletin for more information.", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020" ], "url": "https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2022-005_en.pdf" } ], "scores": [ { "cvss_v3": { "baseScore": 5.9, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.0" }, "products": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020" ] } ] }, { "cve": "CVE-2009-3555", "cwe": { "id": "CWE-300", "name": "Channel Accessible by Non-Endpoint" }, "notes": [ { "category": "summary", "text": "The TLS protocol and the SSL Protocol 3.0 and earlier do not properly associate renegotiation handshakes with an existing connection in some third-party products. This allows machine-in-the-middle attackers to insert data into sessions protected by TLS or SSL by sending an unauthenticated request processed retroactively by a server in a post-renegotiation context.CVE-2009-3555 has been assigned to this vulnerability. A CVSS v3 base score of 7.4 has been assigned; the CVSS vector string is (AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:H).", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020" ] }, "references": [ { "category": "external", "summary": "web.nvd.nist.gov", "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-3555" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:H" } ], "remediations": [ { "category": "mitigation", "details": "G-150AD: Replace the air conditioning systems to AE-200J, AE-50J or EW-50J Version 7.98 or later", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020" ] }, { "category": "mitigation", "details": "AG-150A-A: Replace the air conditioning systems to AE-200A, AE-50A or EW-50A Version 7.98 or later", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020" ] }, { "category": "mitigation", "details": "AG-150A-J: Replace the air conditioning systems to AE-200E, AE-50E or EW-50E Version 7.98 or later", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020" ] }, { "category": "mitigation", "details": "GB-50AD: Replace the air conditioning systems to AE-200J, AE-50J or EW-50J Version 7.98 or later", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020" ] }, { "category": "mitigation", "details": "GB-50ADA-A: Replace the air conditioning systems to AE-200A, AE-50A or EW-50A Version 7.98 or later", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020" ] }, { "category": "mitigation", "details": "GB-50ADA-J: Replace the air conditioning systems to AE-200E, AE-50E or EW-50E Version 7.98 or later", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020" ] }, { "category": "mitigation", "details": "EB-50GU-A: Update to Version 7.11 or later", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020" ] }, { "category": "mitigation", "details": "EB-50GU-J: Update to Version 7.11 or later", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020" ] }, { "category": "mitigation", "details": "AE-200J: Update to Version 7.98 or later", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020" ] }, { "category": "mitigation", "details": "AE-200A: Update to Version 7.98 or later", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020" ] }, { "category": "mitigation", "details": "AE-200E: Update to Version 7.98 or later", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020" ] }, { "category": "mitigation", "details": "AE-50J: Update to Version 7.98 or later", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020" ] }, { "category": "mitigation", "details": "AE-50A: Update to Version 7.98 or later", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020" ] }, { "category": "mitigation", "details": "AE-50E: Update to Version 7.98 or later", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020" ] }, { "category": "mitigation", "details": "EW-50J: Update to Version 7.98 or later", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020" ] }, { "category": "mitigation", "details": "EW-50A: Update to Version 7.98 or later", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020" ] }, { "category": "mitigation", "details": "EW-50E: Update to Version 7.98 or later", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020" ] }, { "category": "mitigation", "details": "TE-200A: Update to Version 7.98 or later", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020" ] }, { "category": "mitigation", "details": "TE-50A: Update to Version 7.98 or later", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020" ] }, { "category": "vendor_fix", "details": "TW-50A: Update to Version 7.98 or later", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020" ] }, { "category": "mitigation", "details": "To minimize the risk of these vulnerabilities being exploited, please make sure air conditioning systems are properly configured as recommended by Mitsubishi Electric. Mitsubishi Electric recommends taking the following mitigation measures:", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020" ] }, { "category": "mitigation", "details": "Restrict the access to air conditioning systems from untrusted networks and hosts.", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020" ] }, { "category": "mitigation", "details": "Use an anti-virus software and update the OS and the web browser to the latest version on your computer to connect your air conditioning system.", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020" ] }, { "category": "mitigation", "details": "See Mitsubishi Electric\u0027s security bulletin for more information.", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020" ], "url": "https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2022-005_en.pdf" } ], "scores": [ { "cvss_v3": { "baseScore": 7.4, "baseSeverity": "HIGH", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:H", "version": "3.0" }, "products": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020" ] } ] } ] }
wid-sec-w-2024-0064
Vulnerability from csaf_certbund
Notes
{ "document": { "aggregate_severity": { "text": "hoch" }, "category": "csaf_base", "csaf_version": "2.0", "distribution": { "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "de-DE", "notes": [ { "category": "legal_disclaimer", "text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen." }, { "category": "description", "text": "JUNOS ist das \"Juniper Network Operating System\", das in Juniper Appliances verwendet wird.\r\nSRX Series Services Gateways ist ein Next-Generation Anti-Threat Firewall von Juniper.\r\nBei den Switches der Juniper EX-Serie handelt es sich um Access- und Aggregations-/Core-Layer-Switches.\r\nDie Switches der QFX-Serie von Juniper sichern und automatisieren Netzwerke in Rechenzentren. \r\nDie Juniper MX-Serie ist eine Produktfamilie von Routern.", "title": "Produktbeschreibung" }, { "category": "summary", "text": "Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter, lokaler oder physischer Angreifer kann mehrere Schwachstellen in Juniper JUNOS, Juniper JUNOS Evolved, Juniper SRX Series, Juniper EX Series, Juniper QFX Series, Juniper ACX Series, Juniper PTX Series und Juniper MX Series ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren und seine Berechtigungen zu erweitern.", "title": "Angriff" }, { "category": "general", "text": "- BIOS/Firmware\n- Appliance", "title": "Betroffene Betriebssysteme" } ], "publisher": { "category": "other", "contact_details": "csaf-provider@cert-bund.de", "name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik", "namespace": "https://www.bsi.bund.de" }, "references": [ { "category": "self", "summary": "WID-SEC-W-2024-0064 - CSAF Version", "url": "https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-0064.json" }, { "category": "self", "summary": "WID-SEC-2024-0064 - Portal Version", "url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-0064" }, { "category": "external", "summary": "Juniper Security Advisory JSA11272 vom 2024-01-10", "url": "https://supportportal.juniper.net/JSA11272" }, { "category": "external", "summary": "Juniper Security Advisory JSA75233 vom 2024-01-10", "url": "https://supportportal.juniper.net/JSA75233" }, { "category": "external", "summary": "Juniper Security Advisory JSA75721 vom 2024-01-10", "url": "https://supportportal.juniper.net/JSA75721" }, { "category": "external", "summary": "Juniper Security Advisory JSA75723 vom 2024-01-10", "url": "https://supportportal.juniper.net/JSA75723" }, { "category": "external", "summary": "Juniper Security Advisory JSA75725 vom 2024-01-10", "url": "https://supportportal.juniper.net/JSA75725" }, { "category": "external", "summary": "Juniper Security Advisory JSA75727 vom 2024-01-10", "url": "https://supportportal.juniper.net/JSA75727" }, { "category": "external", "summary": "Juniper Security Advisory JSA75729 vom 2024-01-10", "url": "https://supportportal.juniper.net/JSA75729" }, { "category": "external", "summary": "Juniper Security Advisory JSA75730 vom 2024-01-10", "url": "https://supportportal.juniper.net/JSA75730" }, { "category": "external", "summary": "Juniper Security Advisory JSA75733 vom 2024-01-10", "url": "https://supportportal.juniper.net/JSA75733" }, { "category": "external", "summary": "Juniper Security Advisory JSA75734 vom 2024-01-10", "url": "https://supportportal.juniper.net/JSA75734" }, { "category": "external", "summary": "Juniper Security Advisory JSA75735 vom 2024-01-10", "url": "https://supportportal.juniper.net/JSA75735" }, { "category": "external", "summary": "Juniper Security Advisory JSA75736 vom 2024-01-10", "url": "https://supportportal.juniper.net/JSA75736" }, { "category": "external", "summary": "Juniper Security Advisory JSA75737 vom 2024-01-10", "url": "https://supportportal.juniper.net/JSA75737" }, { "category": "external", "summary": "Juniper Security Advisory JSA75738 vom 2024-01-10", "url": "https://supportportal.juniper.net/JSA75738" }, { "category": "external", "summary": "Juniper Security Advisory JSA75740 vom 2024-01-10", "url": "https://supportportal.juniper.net/JSA75740" }, { "category": "external", "summary": "Juniper Security Advisory JSA75741 vom 2024-01-10", "url": "https://supportportal.juniper.net/JSA75741" }, { "category": "external", "summary": "Juniper Security Advisory JSA75742 vom 2024-01-10", "url": "https://supportportal.juniper.net/JSA75742" }, { "category": "external", "summary": "Juniper Security Advisory JSA75743 vom 2024-01-10", "url": "https://supportportal.juniper.net/JSA75743" }, { "category": "external", "summary": "Juniper Security Advisory JSA75744 vom 2024-01-10", "url": "https://supportportal.juniper.net/JSA75744" }, { "category": "external", "summary": "Juniper Security Advisory JSA75745 vom 2024-01-10", "url": "https://supportportal.juniper.net/JSA75745" }, { "category": "external", "summary": "Juniper Security Advisory JSA75747 vom 2024-01-10", "url": "https://supportportal.juniper.net/JSA75747" }, { "category": "external", "summary": "Juniper Security Advisory JSA75748 vom 2024-01-10", "url": "https://supportportal.juniper.net/JSA75748" }, { "category": "external", "summary": "Juniper Security Advisory JSA75752 vom 2024-01-10", "url": "https://supportportal.juniper.net/JSA75752" }, { "category": "external", "summary": "Juniper Security Advisory JSA75753 vom 2024-01-10", "url": "https://supportportal.juniper.net/JSA75753" }, { "category": "external", "summary": "Juniper Security Advisory JSA75754 vom 2024-01-10", "url": "https://supportportal.juniper.net/JSA75754" }, { "category": "external", "summary": "Juniper Security Advisory JSA75755 vom 2024-01-10", "url": "https://supportportal.juniper.net/JSA75755" }, { "category": "external", "summary": "Juniper Security Advisory JSA75757 vom 2024-01-10", "url": "https://supportportal.juniper.net/JSA75757" }, { "category": "external", "summary": "Juniper Security Advisory JSA75758 vom 2024-01-10", "url": "https://supportportal.juniper.net/JSA75758" } ], "source_lang": "en-US", "title": "Juniper Produkte: Mehrere Schwachstellen", "tracking": { "current_release_date": "2024-01-10T23:00:00.000+00:00", "generator": { "date": "2024-02-15T17:56:09.941+00:00", "engine": { "name": "BSI-WID", "version": "1.3.0" } }, "id": "WID-SEC-W-2024-0064", "initial_release_date": "2024-01-10T23:00:00.000+00:00", "revision_history": [ { "date": "2024-01-10T23:00:00.000+00:00", "number": "1", "summary": "Initiale Fassung" } ], "status": "final", "version": "1" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "Juniper EX Series", "product": { "name": "Juniper EX Series", "product_id": "T019811", "product_identification_helper": { "cpe": "cpe:/h:juniper:ex:-" } } }, { "category": "product_name", "name": "Juniper EX Series 4600", "product": { "name": "Juniper EX Series 4600", "product_id": "T021598", "product_identification_helper": { "cpe": "cpe:/h:juniper:ex:ex4600" } } }, { "category": "product_name", "name": "Juniper EX Series 4100", "product": { "name": "Juniper EX Series 4100", "product_id": "T030475", "product_identification_helper": { "cpe": "cpe:/h:juniper:ex:4100" } } }, { "category": "product_name", "name": "Juniper EX Series 4400", "product": { "name": "Juniper EX Series 4400", "product_id": "T030476", "product_identification_helper": { "cpe": "cpe:/h:juniper:ex:4400" } } }, { "category": "product_name", "name": "Juniper EX Series EX9200", "product": { "name": "Juniper EX Series EX9200", "product_id": "T031997", "product_identification_helper": { "cpe": "cpe:/h:juniper:ex:ex9200" } } } ], "category": "product_name", "name": "EX Series" }, { "branches": [ { "category": "product_name", "name": "Juniper JUNOS Evolved", "product": { "name": "Juniper JUNOS Evolved", "product_id": "T018886", "product_identification_helper": { "cpe": "cpe:/o:juniper:junos:evolved" } } }, { "category": "product_name", "name": "Juniper JUNOS PTX Series", "product": { "name": "Juniper JUNOS PTX Series", "product_id": "T023853", "product_identification_helper": { "cpe": "cpe:/o:juniper:junos:ptx_series" } } }, { "category": "product_name", "name": "Juniper JUNOS", "product": { "name": "Juniper JUNOS", "product_id": "T030471", "product_identification_helper": { "cpe": "cpe:/o:juniper:junos:-" } } }, { "category": "product_name", "name": "Juniper JUNOS ACX7024", "product": { "name": "Juniper JUNOS ACX7024", "product_id": "T031994", "product_identification_helper": { "cpe": "cpe:/o:juniper:junos:acx7024" } } }, { "category": "product_name", "name": "Juniper JUNOS ACX7100-32C", "product": { "name": "Juniper JUNOS ACX7100-32C", "product_id": "T031995", "product_identification_helper": { "cpe": "cpe:/o:juniper:junos:acx7100-32c" } } }, { "category": "product_name", "name": "Juniper JUNOS ACX7100-48L", "product": { "name": "Juniper JUNOS ACX7100-48L", "product_id": "T031996", "product_identification_helper": { "cpe": "cpe:/o:juniper:junos:acx7100-48l" } } } ], "category": "product_name", "name": "JUNOS" }, { "category": "product_name", "name": "Juniper MX Series", "product": { "name": "Juniper MX Series", "product_id": "918766", "product_identification_helper": { "cpe": "cpe:/h:juniper:mx:-" } } }, { "category": "product_name", "name": "Juniper QFX Series 5000", "product": { "name": "Juniper QFX Series 5000", "product_id": "T021597", "product_identification_helper": { "cpe": "cpe:/h:juniper:qfx:qfx5000" } } }, { "category": "product_name", "name": "Juniper SRX Series", "product": { "name": "Juniper SRX Series", "product_id": "T021593", "product_identification_helper": { "cpe": "cpe:/h:juniper:srx_service_gateways:-" } } } ], "category": "vendor", "name": "Juniper" } ] }, "vulnerabilities": [ { "cve": "CVE-2022-2964", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2022-2964" }, { "cve": "CVE-2022-2873", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2022-2873" }, { "cve": "CVE-2022-2795", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2022-2795" }, { "cve": "CVE-2022-2663", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2022-2663" }, { "cve": "CVE-2022-25265", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2022-25265" }, { "cve": "CVE-2022-23307", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2022-23307" }, { "cve": "CVE-2022-23305", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2022-23305" }, { "cve": "CVE-2022-23302", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2022-23302" }, { "cve": "CVE-2022-22942", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2022-22942" }, { "cve": "CVE-2022-2196", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2022-2196" }, { "cve": "CVE-2022-21699", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2022-21699" }, { "cve": "CVE-2022-20141", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2022-20141" }, { "cve": "CVE-2022-1789", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2022-1789" }, { "cve": "CVE-2022-1679", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2022-1679" }, { "cve": "CVE-2022-1462", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2022-1462" }, { "cve": "CVE-2022-0934", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2022-0934" }, { "cve": "CVE-2022-0330", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2022-0330" }, { "cve": "CVE-2021-44832", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2021-44832" }, { "cve": "CVE-2021-44790", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2021-44790" }, { "cve": "CVE-2021-44228", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2021-44228" }, { "cve": "CVE-2021-4155", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2021-4155" }, { "cve": "CVE-2021-39275", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2021-39275" }, { "cve": "CVE-2021-3752", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2021-3752" }, { "cve": "CVE-2021-3621", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2021-3621" }, { "cve": "CVE-2021-3573", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2021-3573" }, { "cve": "CVE-2021-3564", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2021-3564" }, { "cve": "CVE-2021-34798", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2021-34798" }, { "cve": "CVE-2021-33656", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2021-33656" }, { "cve": "CVE-2021-33655", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2021-33655" }, { "cve": "CVE-2021-26691", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2021-26691" }, { "cve": "CVE-2021-26341", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2021-26341" }, { "cve": "CVE-2021-25220", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2021-25220" }, { "cve": "CVE-2021-0920", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2021-0920" }, { "cve": "CVE-2020-9493", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2020-9493" }, { "cve": "CVE-2020-12321", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2020-12321" }, { "cve": "CVE-2020-0466", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2020-0466" }, { "cve": "CVE-2020-0465", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2020-0465" }, { "cve": "CVE-2019-17571", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2019-17571" }, { "cve": "CVE-2016-2183", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2016-2183" }, { "cve": "CVE-2024-21617", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2024-21617" }, { "cve": "CVE-2024-21616", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2024-21616" }, { "cve": "CVE-2024-21614", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2024-21614" }, { "cve": "CVE-2024-21613", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2024-21613" }, { "cve": "CVE-2024-21612", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2024-21612" }, { "cve": "CVE-2024-21611", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2024-21611" }, { "cve": "CVE-2024-21607", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2024-21607" }, { "cve": "CVE-2024-21606", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2024-21606" }, { "cve": "CVE-2024-21604", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2024-21604" }, { "cve": "CVE-2024-21603", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2024-21603" }, { "cve": "CVE-2024-21602", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2024-21602" }, { "cve": "CVE-2024-21601", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2024-21601" }, { "cve": "CVE-2024-21600", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2024-21600" }, { "cve": "CVE-2024-21599", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2024-21599" }, { "cve": "CVE-2024-21597", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2024-21597" }, { "cve": "CVE-2024-21596", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2024-21596" }, { "cve": "CVE-2024-21595", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2024-21595" }, { "cve": "CVE-2024-21594", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2024-21594" }, { "cve": "CVE-2024-21591", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2024-21591" }, { "cve": "CVE-2024-21589", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2024-21589" }, { "cve": "CVE-2024-21587", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2024-21587" }, { "cve": "CVE-2024-21585", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2024-21585" }, { "cve": "CVE-2023-38802", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2023-38802" }, { "cve": "CVE-2023-38408", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2023-38408" }, { "cve": "CVE-2023-3817", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2023-3817" }, { "cve": "CVE-2023-36842", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2023-36842" }, { "cve": "CVE-2023-3446", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2023-3446" }, { "cve": "CVE-2023-3341", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2023-3341" }, { "cve": "CVE-2023-32360", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2023-32360" }, { "cve": "CVE-2023-32067", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2023-32067" }, { "cve": "CVE-2023-2828", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2023-2828" }, { "cve": "CVE-2023-2650", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2023-2650" }, { "cve": "CVE-2023-26464", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2023-26464" }, { "cve": "CVE-2023-24329", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2023-24329" }, { "cve": "CVE-2023-23920", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2023-23920" }, { "cve": "CVE-2023-23918", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2023-23918" }, { "cve": "CVE-2023-23454", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2023-23454" }, { "cve": "CVE-2023-22809", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2023-22809" }, { "cve": "CVE-2023-2235", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2023-2235" }, { "cve": "CVE-2023-22081", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2023-22081" }, { "cve": "CVE-2023-22049", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2023-22049" }, { "cve": "CVE-2023-22045", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2023-22045" }, { "cve": "CVE-2023-21968", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2023-21968" }, { "cve": "CVE-2023-21967", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2023-21967" }, { "cve": "CVE-2023-21954", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2023-21954" }, { "cve": "CVE-2023-2194", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2023-2194" }, { "cve": "CVE-2023-21939", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2023-21939" }, { "cve": "CVE-2023-21938", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2023-21938" }, { "cve": "CVE-2023-21937", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2023-21937" }, { "cve": "CVE-2023-21930", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2023-21930" }, { "cve": "CVE-2023-21843", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2023-21843" }, { "cve": "CVE-2023-21830", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2023-21830" }, { "cve": "CVE-2023-2124", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2023-2124" }, { "cve": "CVE-2023-20593", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2023-20593" }, { "cve": "CVE-2023-20569", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2023-20569" }, { "cve": "CVE-2023-1829", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2023-1829" }, { "cve": "CVE-2023-1582", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2023-1582" }, { "cve": "CVE-2023-1281", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2023-1281" }, { "cve": "CVE-2023-1195", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2023-1195" }, { "cve": "CVE-2023-0767", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2023-0767" }, { "cve": "CVE-2023-0461", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2023-0461" }, { "cve": "CVE-2023-0394", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2023-0394" }, { "cve": "CVE-2023-0386", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2023-0386" }, { "cve": "CVE-2023-0286", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2023-0286" }, { "cve": "CVE-2023-0266", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2023-0266" }, { "cve": "CVE-2022-47929", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2022-47929" }, { "cve": "CVE-2022-43945", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2022-43945" }, { "cve": "CVE-2022-4378", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2022-4378" }, { "cve": "CVE-2022-43750", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2022-43750" }, { "cve": "CVE-2022-42896", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2022-42896" }, { "cve": "CVE-2022-42722", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2022-42722" }, { "cve": "CVE-2022-42721", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2022-42721" }, { "cve": "CVE-2022-42720", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2022-42720" }, { "cve": "CVE-2022-42703", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2022-42703" }, { "cve": "CVE-2022-4269", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2022-4269" }, { "cve": "CVE-2022-4254", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2022-4254" }, { "cve": "CVE-2022-41974", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2022-41974" }, { "cve": "CVE-2022-41674", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2022-41674" }, { "cve": "CVE-2022-4139", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2022-4139" }, { "cve": "CVE-2022-4129", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2022-4129" }, { "cve": "CVE-2022-41222", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2022-41222" }, { "cve": "CVE-2022-41218", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2022-41218" }, { "cve": "CVE-2022-39189", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2022-39189" }, { "cve": "CVE-2022-39188", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2022-39188" }, { "cve": "CVE-2022-38023", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2022-38023" }, { "cve": "CVE-2022-37434", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2022-37434" }, { "cve": "CVE-2022-3707", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2022-3707" }, { "cve": "CVE-2022-3628", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2022-3628" }, { "cve": "CVE-2022-3625", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2022-3625" }, { "cve": "CVE-2022-3623", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2022-3623" }, { "cve": "CVE-2022-3619", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2022-3619" }, { "cve": "CVE-2022-3567", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2022-3567" }, { "cve": "CVE-2022-3566", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2022-3566" }, { "cve": "CVE-2022-3564", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2022-3564" }, { "cve": "CVE-2022-3524", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2022-3524" }, { "cve": "CVE-2022-3239", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2022-3239" }, { "cve": "CVE-2022-30594", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2022-30594" }, { "cve": "CVE-2022-3028", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2022-3028" } ] }
wid-sec-w-2024-0209
Vulnerability from csaf_certbund
Notes
{ "document": { "aggregate_severity": { "text": "mittel" }, "category": "csaf_base", "csaf_version": "2.0", "distribution": { "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "de-DE", "notes": [ { "category": "legal_disclaimer", "text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen." }, { "category": "description", "text": "OpenSSL ist eine im Quelltext frei verf\u00fcgbare Bibliothek, die Secure Sockets Layer (SSL) und Transport Layer Security (TLS) implementiert.", "title": "Produktbeschreibung" }, { "category": "summary", "text": "Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in OpenSSL ausnutzen, um Sicherheitsvorkehrungen zu umgehen, einen Denial of Service Angriff durchzuf\u00fchren oder vertrauliche Informationen offenzulegen.", "title": "Angriff" }, { "category": "general", "text": "- UNIX\n- Linux\n- Windows\n- CISCO Appliance\n- Juniper Appliance\n- F5 Networks\n- Appliance", "title": "Betroffene Betriebssysteme" } ], "publisher": { "category": "other", "contact_details": "csaf-provider@cert-bund.de", "name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik", "namespace": "https://www.bsi.bund.de" }, "references": [ { "category": "self", "summary": "WID-SEC-W-2024-0209 - CSAF Version", "url": "https://wid.cert-bund.de/.well-known/csaf/white/2016/wid-sec-w-2024-0209.json" }, { "category": "self", "summary": "WID-SEC-2024-0209 - Portal Version", "url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-0209" }, { "category": "external", "summary": "OpenSSL Security Advisory vom 2016-09-22", "url": "https://www.openssl.org/news/secadv/20160922.txt" }, { "category": "external", "summary": "FreeBSD Security Advisory FREEBSD-SA-16:26.OPENSSL vom 2016-09-23", "url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-16:26.openssl.asc" }, { "category": "external", "summary": "Ubuntu Security Notice USN-3087-2 vom 2016-09-23", "url": "http://www.ubuntu.com/usn/usn-3087-2/" }, { "category": "external", "summary": "SUSE Security Update Announcement ID SUSE-SU-2016:2387-1", "url": "https://www.suse.com/de-de/support/update/announcement/2016/suse-su-20162387-1.html" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2016:1940 vom 2016-09-27", "url": "https://access.redhat.com/errata/RHSA-2016:1940" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2016:2394-1 vom 2016-09-27", "url": "https://www.suse.com/support/update/announcement/2016/suse-su-20162394-1.html" }, { "category": "external", "summary": "CISCO Security Advisory CISCO-SA-20160927-OPENSSL vom 2016-09-27", "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160927-openssl?vs_f=Cisco%20Security%20Advisory\u0026vs_cat=Security%20Intelligence\u0026vs_type=RSS\u0026vs_p=Multiple%20Vulnerabilities%20in%20OpenSSL%20Affecting%20Cisco%20Products:%20September%202016\u0026vs_k=1" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2016:2458-1 vom 2016-10-05", "url": "https://www.suse.com/support/update/announcement/2016/suse-su-20162458-1.html" }, { "category": "external", "summary": "Arista Security Advisory 0024 vom 2016-10-05", "url": "http://www.arista.com/en/support/advisories-notices/security-advisories/1749-security-advisory-24" }, { "category": "external", "summary": "F5 Security Advisory sol13167034 vom 2016-10-05", "url": "https://support.f5.com/kb/en-us/solutions/public/k/13/sol13167034.html?ref=rss" }, { "category": "external", "summary": "Blue Coat Security Advisory sa13 vom 2016-10-06", "url": "https://kb.bluecoat.com/security-advisory/sa132" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2016:2468-1 vom 2016-10-07", "url": "https://www.suse.com/support/update/announcement/2016/suse-su-20162468-1.html" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2016:2469-1 vom 2016-10-07", "url": "https://www.suse.com/support/update/announcement/2016/suse-su-20162469-1.html" }, { "category": "external", "summary": "Juniper Security Bulletin JSA10759 vom 2016-10-14", "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10759\u0026cat=SIRT_1\u0026actp=LIST" }, { "category": "external", "summary": "Update des CISCO Security Advisory CISCO-SA-20160927-OPENSSL vom 2016-10-19", "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160927-openssl?vs_f=Cisco%20Security%20Advisory\u0026vs_cat=Security%20Intelligence\u0026vs_type=RSS\u0026vs_p=Multiple%20Vulnerabilities%20in%20OpenSSL%20Affecting%20Cisco%20Products:%20September%202016\u0026vs_k=1" }, { "category": "external", "summary": "F5 Security Advisory sol90492697 vom 2016-10-24", "url": "https://support.f5.com/kb/en-us/solutions/public/k/90/sol90492697.html" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2016:2545-1 vom 2016-10-25", "url": "https://www.suse.com/support/update/announcement/2016/suse-su-20162545-1.html" }, { "category": "external", "summary": "Tenable Advisory ID TNS-2016-16 vom 2016-10-25", "url": "http://www.tenable.com/security/tns-2016-16" }, { "category": "external", "summary": "F5 Security Advisory sol59298921 vom 2016-10-30", "url": "https://support.f5.com/kb/en-us/solutions/public/k/59/sol59298921.html?ref=rss" }, { "category": "external", "summary": "F5 Security Advisory SOL23512141 vom 2016-11-01", "url": "https://support.f5.com/kb/en-us/solutions/public/k/23/sol23512141.html" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2016:2470-2 vom 2016-11-01", "url": "https://www.suse.com/support/update/announcement/2016/suse-su-20162470-2.html" }, { "category": "external", "summary": "HPE SECURITY BULLETIN c05323116 vom 2016-11-01", "url": "https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c05323116" }, { "category": "external", "summary": "F5 Security Advisory SOL01276005 vom 2016-11-04", "url": "https://support.f5.com/kb/en-us/solutions/public/k/01/sol01276005.html" }, { "category": "external", "summary": "F5 Security Advisory SOL02652550 vom 2016-11-14", "url": "https://support.f5.com/kb/en-us/solutions/public/k/02/sol02652550.html" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2016:2802 vom 2016-11-18", "url": "https://access.redhat.com/errata/RHSA-2016:2802" }, { "category": "external", "summary": "BLUECOAT Security Advisory SA135 vom 2016-12-01", "url": "https://bto.bluecoat.com/security-advisory/sa135" }, { "category": "external", "summary": "Xerox Mini Bulletin XRX16AF vom 2016-12-04", "url": "https://www.xerox.com/download/security/security-bulletin/1cf9a-54159c674d1b0/cert_Security_Mini-_Bulletin_XRX16AF_for_PH3635_v1-0.pdf" }, { "category": "external", "summary": "RedHat Security Advisory RHSA-2016-2957", "url": "https://rhn.redhat.com/errata/RHSA-2016-2957.html" }, { "category": "external", "summary": "BLUECOAT Security Advisory SA137 vom 2016-12-20", "url": "https://bto.bluecoat.com/security-advisory/sa137" }, { "category": "external", "summary": "BLUECOAT Security Advisory SA133 vom 2016-12-23", "url": "https://bto.bluecoat.com/security-advisory/sa133" }, { "category": "external", "summary": "Juniper Security Advisory JSA10774 vom 2017-01-12", "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10774" }, { "category": "external", "summary": "Juniper Security Advisory JSA10770 vom 2017-01-12", "url": "http://www.auscert.org.au/render.html?it=42842" }, { "category": "external", "summary": "HP Security Bulletin c05369403", "url": "https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c05369403" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2017:0193 vom 2017-01-26", "url": "https://access.redhat.com/errata/RHSA-2017:0193" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2017:0194 vom 2017-01-26", "url": "https://access.redhat.com/errata/RHSA-2017:0194" }, { "category": "external", "summary": "Ubuntu Security Notice USN-3181-1 vom 2017-01-31", "url": "http://www.ubuntu.com/usn/usn-3181-1/" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2017:0460-1 vom 2017-02-14", "url": "https://lists.opensuse.org/opensuse-security-announce/2017-02/msg00023.html" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2017:0462 vom 2017-03-08", "url": "https://access.redhat.com/errata/RHSA-2017:0462" }, { "category": "external", "summary": "Xerox Security Bulletin XRX17-006 vom 2017-03-08", "url": "https://www.xerox.com/download/security/security-bulletin/2efe6-54a395387fa39/cert_XRX17-006_FFPSv8_UpdateManager_Mar2017.pdf" }, { "category": "external", "summary": "Xerox Security Bulletin XRX17-005 vom 2017-03-08", "url": "https://www.xerox.com/download/security/security-bulletin/312e6-54a3954424112/cert_XRX17-005_FFPSv7_v9_UpdateManager_Mar2017.pdf" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2017:0719-1 vom 2017-03-17", "url": "https://www.suse.com/support/update/announcement/2017/suse-su-20170719-1.html" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2017:0716-1 vom 2017-03-17", "url": "https://www.suse.com/support/update/announcement/2017/suse-su-20170716-1.html" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2017:0726-1 vom 2017-03-17", "url": "https://www.suse.com/support/update/announcement/2017/suse-su-20170726-1.html" }, { "category": "external", "summary": "Fortinet Security Advisory FG-IR-16-048 vom 2017-04-06", "url": "http://fortiguard.com/psirt/FG-IR-16-048" }, { "category": "external", "summary": "NetApp Advisory Number NTAP-20160928-0001 vom 2017-04-06", "url": "https://kb.netapp.com/support/s/article/ka51A00000007QeQAI/NTAP-20160928-0001?language=en_US" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2017:1414 vom 2017-06-07", "url": "https://access.redhat.com/errata/RHSA-2017:1414" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2017:1413 vom 2017-06-07", "url": "https://access.redhat.com/errata/RHSA-2017:1413" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2017:1415 vom 2017-06-08", "url": "https://rhn.redhat.com/errata/RHSA-2017-1415.html" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2017:1658 vom 2017-06-29", "url": "https://access.redhat.com/errata/RHSA-2017:1658" }, { "category": "external", "summary": "HPE SECURITY BULLETIN hpesbgn03765en_us vom 2017-08-31", "url": "https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbgn03765en_us" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2017:2710 vom 2017-09-13", "url": "https://access.redhat.com/errata/RHSA-2017:2710" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2017:2709 vom 2017-09-13", "url": "https://access.redhat.com/errata/RHSA-2017:2709" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2017:2708 vom 2017-09-13", "url": "https://access.redhat.com/errata/RHSA-2017:2708" }, { "category": "external", "summary": "Xerox Mini Bulletin XRX17AD vom 2017-09-28", "url": "https://security.business.xerox.com/wp-content/uploads/2017/09/cert_Security_Mini-_Bulletin_XRX17AD_for_PH3635_v1.0.pdf" }, { "category": "external", "summary": "Xerox Mini Bulletin XRX17AE vom 2017-09-28", "url": "https://security.business.xerox.com/wp-content/uploads/2017/09/cert_Security_Mini-_Bulletin_XRX17AE_for_WC3325_v1.0.pdf" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2017:3114 vom 2017-11-02", "url": "https://access.redhat.com/errata/RHSA-2017:3114" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2017:3113 vom 2017-11-02", "url": "https://access.redhat.com/errata/RHSA-2017:3113" }, { "category": "external", "summary": "F5 Security Advisory K53084033 vom 2017-11-06", "url": "https://support.f5.com/csp/article/K53084033" }, { "category": "external", "summary": "McAfee Security Bulletin:SB10215", "url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10215" }, { "category": "external", "summary": "NetApp Security Advisory NTAP-20160915-0001 vom 2018-01-30", "url": "https://security.netapp.com/advisory/ntap-20160915-0001/" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2018:2123 vom 2018-07-03", "url": "http://rhn.redhat.com/errata/RHSA-2018-2123.html" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2018:2185 vom 2018-07-13", "url": "https://access.redhat.com/errata/RHSA-2018:2185" }, { "category": "external", "summary": "CentOS Security Advisory CESA-2018:2123 vom 2018-07-13", "url": "http://centos-announce.2309468.n4.nabble.com/CentOS-announce-CESA-2018-2123-Moderate-CentOS-7-python-Security-Update-tp4645172.html" }, { "category": "external", "summary": "NetApp Security Advisory NTAP-20170119-0001 vom 2019-02-07", "url": "https://security.netapp.com/advisory/ntap-20170119-0001/" }, { "category": "external", "summary": "Oracle Linux Security Advisory ELSA-2019-4581 vom 2019-03-13", "url": "http://linux.oracle.com/errata/ELSA-2019-4581.html" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2019:1245 vom 2019-05-20", "url": "https://access.redhat.com/errata/RHSA-2019:1245" }, { "category": "external", "summary": "Oracle Linux Security Advisory ELSA-2019-4747 vom 2019-08-16", "url": "http://linux.oracle.com/errata/ELSA-2019-4747.html" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2019:2859 vom 2019-09-27", "url": "https://access.redhat.com/errata/RHSA-2019:2859" }, { "category": "external", "summary": "EMC Security Advisory 542344 vom 2020-03-31", "url": "https://www.dell.com/support/security/de-de/details/542344/DSA-2020-072-Dell-EMC-VNX2-Family-Security-Update-for-Multiple-Third-Party-Component-Vulnerabilit" }, { "category": "external", "summary": "Oracle Linux Security Advisory ELSA-2021-9150 vom 2021-04-01", "url": "https://linux.oracle.com/errata/ELSA-2021-9150.html" }, { "category": "external", "summary": "F5 Security Advisory K90492697 vom 2021-05-18", "url": "https://support.f5.com/csp/article/K90492697" }, { "category": "external", "summary": "Oracle Linux Security Advisory ELSA-2022-9272 vom 2022-04-08", "url": "https://linux.oracle.com/errata/ELSA-2022-9272.html" }, { "category": "external", "summary": "Dell Knowledge Base Article", "url": "https://www.dell.com/support/kbdoc/en-us/000221474/dsa-2024-059-security-update-for-dell-networker-multiple-components-vulnerabilities" } ], "source_lang": "en-US", "title": "OpenSSL: Mehrere Schwachstellen", "tracking": { "current_release_date": "2024-01-25T23:00:00.000+00:00", "generator": { "date": "2024-02-15T17:58:04.986+00:00", "engine": { "name": "BSI-WID", "version": "1.3.0" } }, "id": "WID-SEC-W-2024-0209", "initial_release_date": "2016-09-22T22:00:00.000+00:00", "revision_history": [ { "date": "2016-09-22T22:00:00.000+00:00", "number": "1", "summary": "Initial Release" }, { "date": "2016-09-22T22:00:00.000+00:00", "number": "2", "summary": "Version nicht vorhanden" }, { "date": "2016-09-25T22:00:00.000+00:00", "number": "3", "summary": "New remediations available" }, { "date": "2016-09-25T22:00:00.000+00:00", "number": "4", "summary": "Version nicht vorhanden" }, { "date": "2016-09-26T22:00:00.000+00:00", "number": "5", "summary": "New remediations available" }, { "date": "2016-09-26T22:00:00.000+00:00", "number": "6", "summary": "Version nicht vorhanden" }, { "date": "2016-09-27T22:00:00.000+00:00", "number": "7", "summary": "New remediations available" }, { "date": "2016-09-27T22:00:00.000+00:00", "number": "8", "summary": "New remediations available" }, { "date": "2016-10-05T22:00:00.000+00:00", "number": "9", "summary": "New remediations available" }, { "date": "2016-10-05T22:00:00.000+00:00", "number": "10", "summary": "Version nicht vorhanden" }, { "date": "2016-10-05T22:00:00.000+00:00", "number": "11", "summary": "Version nicht vorhanden" }, { "date": "2016-10-05T22:00:00.000+00:00", "number": "12", "summary": "Version nicht vorhanden" }, { "date": "2016-10-05T22:00:00.000+00:00", "number": "13", "summary": "Version nicht vorhanden" }, { "date": "2016-10-05T22:00:00.000+00:00", "number": "14", "summary": "Version nicht vorhanden" }, { "date": "2016-10-05T22:00:00.000+00:00", "number": "15", "summary": "Version nicht vorhanden" }, { "date": "2016-10-05T22:00:00.000+00:00", "number": "16", "summary": "Version nicht vorhanden" }, { "date": "2016-10-06T22:00:00.000+00:00", "number": "17", "summary": "New remediations available" }, { "date": "2016-10-06T22:00:00.000+00:00", "number": "18", "summary": "New remediations available" }, { "date": "2016-10-06T22:00:00.000+00:00", "number": "19", "summary": "Version nicht vorhanden" }, { "date": "2016-10-16T22:00:00.000+00:00", "number": "20", "summary": "New remediations available" }, { "date": "2016-10-16T22:00:00.000+00:00", "number": "21", "summary": "Version nicht vorhanden" }, { "date": "2016-10-16T22:00:00.000+00:00", "number": "22", "summary": "Version nicht vorhanden" }, { "date": "2016-10-16T22:00:00.000+00:00", "number": "23", "summary": "Version nicht vorhanden" }, { "date": "2016-10-16T22:00:00.000+00:00", "number": "24", "summary": "Version nicht vorhanden" }, { "date": "2016-10-16T22:00:00.000+00:00", "number": "25", "summary": "Version nicht vorhanden" }, { "date": "2016-10-16T22:00:00.000+00:00", "number": "26", "summary": "Version nicht vorhanden" }, { "date": "2016-10-24T22:00:00.000+00:00", "number": "27", "summary": "New remediations available" }, { "date": "2016-10-25T22:00:00.000+00:00", "number": "28", "summary": "New remediations available" }, { "date": "2016-10-25T22:00:00.000+00:00", "number": "29", "summary": "New remediations available" }, { "date": "2016-10-25T22:00:00.000+00:00", "number": "30", "summary": "Version nicht vorhanden" }, { "date": "2016-10-25T22:00:00.000+00:00", "number": "31", "summary": "Version nicht vorhanden" }, { "date": "2016-10-31T23:00:00.000+00:00", "number": "32", "summary": "New remediations available" }, { "date": "2016-11-01T23:00:00.000+00:00", "number": "33", "summary": "New remediations available" }, { "date": "2016-11-01T23:00:00.000+00:00", "number": "34", "summary": "New remediations available" }, { "date": "2016-11-01T23:00:00.000+00:00", "number": "35", "summary": "Version nicht vorhanden" }, { "date": "2016-11-01T23:00:00.000+00:00", "number": "36", "summary": "Version nicht vorhanden" }, { "date": "2016-11-06T23:00:00.000+00:00", "number": "37", "summary": "New remediations available" }, { "date": "2016-11-06T23:00:00.000+00:00", "number": "38", "summary": "Version nicht vorhanden" }, { "date": "2016-11-14T23:00:00.000+00:00", "number": "39", "summary": "New remediations available" }, { "date": "2016-11-17T23:00:00.000+00:00", "number": "40", "summary": "New remediations available" }, { "date": "2016-11-17T23:00:00.000+00:00", "number": "41", "summary": "Version nicht vorhanden" }, { "date": "2016-11-17T23:00:00.000+00:00", "number": "42", "summary": "Version nicht vorhanden" }, { "date": "2016-11-30T23:00:00.000+00:00", "number": "43", "summary": "New remediations available" }, { "date": "2016-11-30T23:00:00.000+00:00", "number": "44", "summary": "Version nicht vorhanden" }, { "date": "2016-11-30T23:00:00.000+00:00", "number": "45", "summary": "Version nicht vorhanden" }, { "date": "2016-12-18T23:00:00.000+00:00", "number": "46", "summary": "New remediations available" }, { "date": "2016-12-20T23:00:00.000+00:00", "number": "47", "summary": "New remediations available" }, { "date": "2016-12-22T23:00:00.000+00:00", "number": "48", "summary": "New remediations available" }, { "date": "2017-01-11T23:00:00.000+00:00", "number": "49", "summary": "New remediations available" }, { "date": "2017-01-12T23:00:00.000+00:00", "number": "50", "summary": "New remediations available" }, { "date": "2017-01-12T23:00:00.000+00:00", "number": "51", "summary": "Version nicht vorhanden" }, { "date": "2017-01-25T23:00:00.000+00:00", "number": "52", "summary": "New remediations available" }, { "date": "2017-01-31T23:00:00.000+00:00", "number": "53", "summary": "New remediations available" }, { "date": "2017-02-14T23:00:00.000+00:00", "number": "54", "summary": "New remediations available" }, { "date": "2017-03-08T23:00:00.000+00:00", "number": "55", "summary": "New remediations available" }, { "date": "2017-03-08T23:00:00.000+00:00", "number": "56", "summary": "New remediations available" }, { "date": "2017-03-08T23:00:00.000+00:00", "number": "57", "summary": "Version nicht vorhanden" }, { "date": "2017-03-08T23:00:00.000+00:00", "number": "58", "summary": "New remediations available" }, { "date": "2017-03-19T23:00:00.000+00:00", "number": "59", "summary": "New remediations available" }, { "date": "2017-03-19T23:00:00.000+00:00", "number": "60", "summary": "Version nicht vorhanden" }, { "date": "2017-03-19T23:00:00.000+00:00", "number": "61", "summary": "Version nicht vorhanden" }, { "date": "2017-06-07T22:00:00.000+00:00", "number": "62", "summary": "New remediations available" }, { "date": "2017-06-07T22:00:00.000+00:00", "number": "63", "summary": "New remediations available" }, { "date": "2017-06-28T22:00:00.000+00:00", "number": "64", "summary": "New remediations available" }, { "date": "2017-07-05T22:00:00.000+00:00", "number": "65", "summary": "Added references" }, { "date": "2017-08-31T22:00:00.000+00:00", "number": "66", "summary": "Version nicht vorhanden" }, { "date": "2017-09-13T22:00:00.000+00:00", "number": "67", "summary": "New remediations available" }, { "date": "2017-09-13T22:00:00.000+00:00", "number": "68", "summary": "Version nicht vorhanden" }, { "date": "2017-11-02T23:00:00.000+00:00", "number": "69", "summary": "New remediations available" }, { "date": "2017-11-05T23:00:00.000+00:00", "number": "70", "summary": "New remediations available" }, { "date": "2017-12-07T23:00:00.000+00:00", "number": "71", "summary": "New remediations available" }, { "date": "2018-01-30T23:00:00.000+00:00", "number": "72", "summary": "New remediations available" }, { "date": "2018-07-03T22:00:00.000+00:00", "number": "73", "summary": "New remediations available" }, { "date": "2018-07-12T22:00:00.000+00:00", "number": "74", "summary": "New remediations available" }, { "date": "2018-07-15T22:00:00.000+00:00", "number": "75", "summary": "New remediations available" }, { "date": "2018-11-05T23:00:00.000+00:00", "number": "76", "summary": "Added references" }, { "date": "2019-02-07T23:00:00.000+00:00", "number": "77", "summary": "Neue Updates von NetApp aufgenommen" }, { "date": "2019-03-13T23:00:00.000+00:00", "number": "78", "summary": "Neue Updates von Oracle Linux aufgenommen" }, { "date": "2019-05-20T22:00:00.000+00:00", "number": "79", "summary": "Neue Updates von Red Hat aufgenommen" }, { "date": "2019-08-18T22:00:00.000+00:00", "number": "80", "summary": "Neue Updates von Oracle Linux aufgenommen" }, { "date": "2019-09-26T22:00:00.000+00:00", "number": "81", "summary": "Neue Updates von Red Hat aufgenommen" }, { "date": "2020-03-30T22:00:00.000+00:00", "number": "82", "summary": "Neue Updates von EMC aufgenommen" }, { "date": "2021-03-31T22:00:00.000+00:00", "number": "83", "summary": "Neue Updates von Oracle Linux aufgenommen" }, { "date": "2021-05-17T22:00:00.000+00:00", "number": "84", "summary": "Neue Updates von F5 aufgenommen" }, { "date": "2022-04-10T22:00:00.000+00:00", "number": "85", "summary": "Neue Updates von Oracle Linux aufgenommen" }, { "date": "2024-01-25T23:00:00.000+00:00", "number": "86", "summary": "Neue Updates von Dell aufgenommen" } ], "status": "final", "version": "86" } }, "product_tree": { "branches": [ { "branches": [ { "category": "product_name", "name": "Arista EOS", "product": { "name": "Arista EOS", "product_id": "T006486", "product_identification_helper": { "cpe": "cpe:/o:arista:arista_eos:4.15" } } } ], "category": "vendor", "name": "Arista" }, { "branches": [ { "category": "product_name", "name": "Cisco Advanced Malware Protection", "product": { "name": "Cisco Advanced Malware Protection", "product_id": "T007044", "product_identification_helper": { "cpe": "cpe:/h:cisco:advanced_malware_protection:-" } } }, { "category": "product_name", "name": "Cisco AnyConnect Secure Mobility Solution", "product": { "name": "Cisco AnyConnect Secure Mobility Solution", "product_id": "148715", "product_identification_helper": { "cpe": "cpe:/a:cisco:anyconnect_secure_mobility_client:2.0" } } }, { "category": "product_name", "name": "Cisco Email Security Appliance", "product": { "name": "Cisco Email Security Appliance", "product_id": "196900", "product_identification_helper": { "cpe": "cpe:/h:cisco:email_security_appliance:-" } } }, { "category": "product_name", "name": "Cisco Emergency Responder (ER)", "product": { "name": "Cisco Emergency Responder (ER)", "product_id": "2040", "product_identification_helper": { "cpe": "cpe:/a:cisco:emergency_responder:-" } } }, { "category": "product_name", "name": "Cisco IOS", "product": { "name": "Cisco IOS", "product_id": "18557", "product_identification_helper": { "cpe": "cpe:/o:cisco:ios:10.0" } } }, { "category": "product_name", "name": "Cisco IOS XE", "product": { "name": "Cisco IOS XE", "product_id": "153141", "product_identification_helper": { "cpe": "cpe:/o:cisco:ios_xe:3.1.0s" } } }, { "category": "product_name", "name": "Cisco IP Phone", "product": { "name": "Cisco IP Phone", "product_id": "2070", "product_identification_helper": { "cpe": "cpe:/h:cisco:ip_phone:-" } } }, { "category": "product_name", "name": "Cisco MDS 9000", "product": { "name": "Cisco MDS 9000", "product_id": "T001069", "product_identification_helper": { "cpe": "cpe:/o:cisco:mds_9000:-" } } }, { "category": "product_name", "name": "Cisco Network Analysis Module", "product": { "name": "Cisco Network Analysis Module", "product_id": "2084", "product_identification_helper": { "cpe": "cpe:/h:cisco:network_analysis_module:-" } } }, { "category": "product_name", "name": "Cisco Nexus 2000", "product": { "name": "Cisco Nexus 2000", "product_id": "T003851", "product_identification_helper": { "cpe": "cpe:/h:cisco:nexus:3000" } } }, { "category": "product_name", "name": "Cisco Packet Tracer", "product": { "name": "Cisco Packet Tracer", "product_id": "131351", "product_identification_helper": { "cpe": "cpe:/a:cisco:packet_tracer:5.2" } } }, { "category": "product_name", "name": "Cisco Prime Collaboration", "product": { "name": "Cisco Prime Collaboration", "product_id": "190829", "product_identification_helper": { "cpe": "cpe:/a:cisco:prime_collaboration:-" } } }, { "category": "product_name", "name": "Cisco Prime Infrastructure", "product": { "name": "Cisco Prime Infrastructure", "product_id": "T000756", "product_identification_helper": { "cpe": "cpe:/a:cisco:prime_infrastructure:-" } } }, { "category": "product_name", "name": "Cisco Secure Access Control Server (ACS)", "product": { "name": "Cisco Secure Access Control Server (ACS)", "product_id": "138491", "product_identification_helper": { "cpe": "cpe:/a:cisco:secure_access_control_server:2.1%284%29:-:windows" } } }, { "category": "product_name", "name": "Cisco Security Manager (CSM)", "product": { "name": "Cisco Security Manager (CSM)", "product_id": "95918", "product_identification_helper": { "cpe": "cpe:/a:cisco:security_manager:-" } } }, { "category": "product_name", "name": "Cisco Show and Share", "product": { "name": "Cisco Show and Share", "product_id": "T003254", "product_identification_helper": { "cpe": "cpe:/a:cisco:show_and_share:-" } } }, { "category": "product_name", "name": "Cisco Unified Communications Domain Manager (CUCDM)", "product": { "name": "Cisco Unified Communications Domain Manager (CUCDM)", "product_id": "189046", "product_identification_helper": { "cpe": "cpe:/a:cisco:unified_communications_domain_manager:-" } } }, { "category": "product_name", "name": "Cisco Unified Communications Manager (CUCM)", "product": { "name": "Cisco Unified Communications Manager (CUCM)", "product_id": "2142", "product_identification_helper": { "cpe": "cpe:/a:cisco:unified_communications_manager:-" } } }, { "category": "product_name", "name": "Cisco Unified Contact Center Enterprise", "product": { "name": "Cisco Unified Contact Center Enterprise", "product_id": "2143", "product_identification_helper": { "cpe": "cpe:/a:cisco:unified_contact_center_enterprise:-" } } }, { "category": "product_name", "name": "Cisco Unified IP Phone", "product": { "name": "Cisco Unified IP Phone", "product_id": "T001530", "product_identification_helper": { "cpe": "cpe:/h:cisco:unified_ip_phones:::9900_series" } } }, { "category": "product_name", "name": "Cisco Unity Connection", "product": { "name": "Cisco Unity Connection", "product_id": "161504", "product_identification_helper": { "cpe": "cpe:/a:cisco:unity_connection:1.1" } } }, { "category": "product_name", "name": "Cisco Unity Express", "product": { "name": "Cisco Unity Express", "product_id": "2002", "product_identification_helper": { "cpe": "cpe:/h:cisco:unity_express:-" } } }, { "category": "product_name", "name": "Cisco WebEx Meeting Center", "product": { "name": "Cisco WebEx Meeting Center", "product_id": "T002323", "product_identification_helper": { "cpe": "cpe:/a:cisco:webex_meeting_center:-" } } }, { "category": "product_name", "name": "Cisco WebEx Meetings Server", "product": { "name": "Cisco WebEx Meetings Server", "product_id": "T001160", "product_identification_helper": { "cpe": "cpe:/a:cisco:webex_meetings_server:-" } } }, { "category": "product_name", "name": "Cisco Wide Area Application Services", "product": { "name": "Cisco Wide Area Application Services", "product_id": "2186", "product_identification_helper": { "cpe": "cpe:/a:cisco:wide_area_application_services:-" } } }, { "category": "product_name", "name": "Cisco Wireless LAN Controllers", "product": { "name": "Cisco Wireless LAN Controllers", "product_id": "1889", "product_identification_helper": { "cpe": "cpe:/a:cisco:wireless_lan_controllers:-" } } } ], "category": "vendor", "name": "Cisco" }, { "branches": [ { "category": "product_name", "name": "Debian Linux Jessie (8.0)", "product": { "name": "Debian Linux Jessie (8.0)", "product_id": "310725", "product_identification_helper": { "cpe": "cpe:/o:debian:debian_linux:8.0" } } } ], "category": "vendor", "name": "Debian" }, { "branches": [ { "category": "product_name", "name": "Dell NetWorker \u003c 19.10", "product": { "name": "Dell NetWorker \u003c 19.10", "product_id": "T032354", "product_identification_helper": { "cpe": "cpe:/a:dell:networker:19.10" } } } ], "category": "vendor", "name": "Dell" }, { "branches": [ { "category": "product_name", "name": "F5 BIG-IP", "product": { "name": "F5 BIG-IP", "product_id": "T001663", "product_identification_helper": { "cpe": "cpe:/a:f5:big-ip:-" } } } ], "category": "vendor", "name": "F5" }, { "branches": [ { "category": "product_name", "name": "Fortinet FortiOS", "product": { "name": "Fortinet FortiOS", "product_id": "T009615", "product_identification_helper": { "cpe": "cpe:/o:fortinet:fortios:-" } } } ], "category": "vendor", "name": "Fortinet" }, { "branches": [ { "branches": [ { "category": "product_name", "name": "FreeBSD Project FreeBSD OS 9", "product": { "name": "FreeBSD Project FreeBSD OS 9", "product_id": "157037", "product_identification_helper": { "cpe": "cpe:/o:freebsd:freebsd:9.0" } } }, { "category": "product_name", "name": "FreeBSD Project FreeBSD OS 9.3", "product": { "name": "FreeBSD Project FreeBSD OS 9.3", "product_id": "T003390", "product_identification_helper": { "cpe": "cpe:/o:freebsd:freebsd:9.3" } } }, { "category": "product_name", "name": "FreeBSD Project FreeBSD OS 10 - 10.3", "product": { "name": "FreeBSD Project FreeBSD OS 10 - 10.3", "product_id": "T007633", "product_identification_helper": { "cpe": "cpe:/o:freebsd:freebsd:10.3" } } }, { "category": "product_name", "name": "FreeBSD Project FreeBSD OS 11 - 11.0", "product": { "name": "FreeBSD Project FreeBSD OS 11 - 11.0", "product_id": "T008147", "product_identification_helper": { "cpe": "cpe:/o:freebsd:freebsd:11" } } } ], "category": "product_name", "name": "FreeBSD OS" } ], "category": "vendor", "name": "FreeBSD Project" }, { "branches": [ { "category": "product_name", "name": "HPE Integrated Lights-Out 4", "product": { "name": "HPE Integrated Lights-Out 4", "product_id": "205828", "product_identification_helper": { "cpe": "cpe:/h:hp:integrated_lights-out:4.0" } } } ], "category": "vendor", "name": "HPE" }, { "branches": [ { "category": "product_name", "name": "Juniper JUNOS", "product": { "name": "Juniper JUNOS", "product_id": "5930", "product_identification_helper": { "cpe": "cpe:/o:juniper:junos:-" } } }, { "category": "product_name", "name": "Juniper Junos Space", "product": { "name": "Juniper Junos Space", "product_id": "T003343", "product_identification_helper": { "cpe": "cpe:/a:juniper:junos_space:-" } } }, { "category": "product_name", "name": "Juniper ScreenOS", "product": { "name": "Juniper ScreenOS", "product_id": "T008638", "product_identification_helper": { "cpe": "cpe:/o:juniper:screenos:-" } } } ], "category": "vendor", "name": "Juniper" }, { "branches": [ { "category": "product_name", "name": "NetApp OnCommand Unified Manager", "product": { "name": "NetApp OnCommand Unified Manager", "product_id": "T009408", "product_identification_helper": { "cpe": "cpe:/a:netapp:oncommand_unified_manager:-" } } } ], "category": "vendor", "name": "NetApp" }, { "branches": [ { "category": "product_name", "name": "Open Source CentOS", "product": { "name": "Open Source CentOS", "product_id": "1727", "product_identification_helper": { "cpe": "cpe:/o:centos:centos:-" } } }, { "branches": [ { "category": "product_name", "name": "Open Source OpenSSL \u003c 1.1.0a", "product": { "name": "Open Source OpenSSL \u003c 1.1.0a", "product_id": "T008528", "product_identification_helper": { "cpe": "cpe:/a:openssl:openssl:1.1.0a" } } }, { "category": "product_name", "name": "Open Source OpenSSL \u003c 1.0.2i", "product": { "name": "Open Source OpenSSL \u003c 1.0.2i", "product_id": "T008529", "product_identification_helper": { "cpe": "cpe:/a:openssl:openssl:1.0.2i" } } }, { "category": "product_name", "name": "Open Source OpenSSL \u003c 1.0.1u", "product": { "name": "Open Source OpenSSL \u003c 1.0.1u", "product_id": "T008530", "product_identification_helper": { "cpe": "cpe:/a:openssl:openssl:1.0.1u" } } } ], "category": "product_name", "name": "OpenSSL" } ], "category": "vendor", "name": "Open Source" }, { "branches": [ { "category": "product_name", "name": "Oracle Linux", "product": { "name": "Oracle Linux", "product_id": "T004914", "product_identification_helper": { "cpe": "cpe:/o:oracle:linux:-" } } } ], "category": "vendor", "name": "Oracle" }, { "branches": [ { "category": "product_name", "name": "Red Hat Enterprise Linux", "product": { "name": "Red Hat Enterprise Linux", "product_id": "67646", "product_identification_helper": { "cpe": "cpe:/o:redhat:enterprise_linux:-" } } } ], "category": "vendor", "name": "Red Hat" }, { "branches": [ { "category": "product_name", "name": "SUSE Linux", "product": { "name": "SUSE Linux", "product_id": "T002207", "product_identification_helper": { "cpe": "cpe:/o:suse:suse_linux:-" } } } ], "category": "vendor", "name": "SUSE" }, { "branches": [ { "category": "product_name", "name": "Tenable Security Nessus 6.8 - 6.8.2", "product": { "name": "Tenable Security Nessus 6.8 - 6.8.2", "product_id": "T008769", "product_identification_helper": { "cpe": "cpe:/a:tenable:nessus:6.8.2" } } } ], "category": "vendor", "name": "Tenable Security" }, { "branches": [ { "branches": [ { "category": "product_name", "name": "Ubuntu Linux 12.04 LTS", "product": { "name": "Ubuntu Linux 12.04 LTS", "product_id": "170497", "product_identification_helper": { "cpe": "cpe:/o:canonical:ubuntu_linux:12.04:-:lts" } } }, { "category": "product_name", "name": "Ubuntu Linux 14.04 LTS", "product": { "name": "Ubuntu Linux 14.04 LTS", "product_id": "T003005", "product_identification_helper": { "cpe": "cpe:/o:canonical:ubuntu_linux:14.04:-:lts" } } }, { "category": "product_name", "name": "Ubuntu Linux 16.04 LTS", "product": { "name": "Ubuntu Linux 16.04 LTS", "product_id": "T007521", "product_identification_helper": { "cpe": "cpe:/o:canonical:ubuntu_linux:16.04_lts" } } } ], "category": "product_name", "name": "Linux" } ], "category": "vendor", "name": "Ubuntu" }, { "branches": [ { "category": "product_name", "name": "Xerox FreeFlow Print Server", "product": { "name": "Xerox FreeFlow Print Server", "product_id": "T000700", "product_identification_helper": { "cpe": "cpe:/a:xerox:freeflow_print_server:8" } } }, { "category": "product_name", "name": "Xerox Phaser", "product": { "name": "Xerox Phaser", "product_id": "T004484", "product_identification_helper": { "cpe": "cpe:/h:xerox:phaser:-" } } }, { "category": "product_name", "name": "Xerox WorkCentre", "product": { "name": "Xerox WorkCentre", "product_id": "T000855", "product_identification_helper": { "cpe": "cpe:/h:xerox:workcentre:-" } } } ], "category": "vendor", "name": "Xerox" }, { "branches": [ { "category": "product_name", "name": "Blue Coat Director 6.1", "product": { "name": "Blue Coat Director 6.1", "product_id": "T006616", "product_identification_helper": { "cpe": "cpe:/a:bluecoat:director:6.1" } } }, { "category": "product_name", "name": "Blue Coat ProxyAV 3.5", "product": { "name": "Blue Coat ProxyAV 3.5", "product_id": "T003290", "product_identification_helper": { "cpe": "cpe:/h:bluecoat:proxyav:3.5" } } }, { "branches": [ { "category": "product_name", "name": "Blue Coat ProxySG 6.6", "product": { "name": "Blue Coat ProxySG 6.6", "product_id": "T006617", "product_identification_helper": { "cpe": "cpe:/h:bluecoat:proxysg:6.6" } } }, { "category": "product_name", "name": "Blue Coat ProxySG 6.5", "product": { "name": "Blue Coat ProxySG 6.5", "product_id": "T006618", "product_identification_helper": { "cpe": "cpe:/h:bluecoat:proxysg:6.5" } } } ], "category": "product_name", "name": "proxysg" } ], "category": "vendor", "name": "bluecoat" }, { "branches": [ { "category": "product_name", "name": "Cisco Aironet Access Point", "product": { "name": "Cisco Aironet Access Point", "product_id": "177610", "product_identification_helper": { "cpe": "cpe:/h:cisco:aironet_3500:-" } } }, { "category": "product_name", "name": "Cisco ACE", "product": { "name": "Cisco ACE", "product_id": "171387", "product_identification_helper": { "cpe": "cpe:/a:cisco:application_control_engine_software:a1%287%29" } } }, { "category": "product_name", "name": "Cisco Application Networking Manager", "product": { "name": "Cisco Application Networking Manager", "product_id": "T000614", "product_identification_helper": { "cpe": "cpe:/a:cisco:application_networking_manager:-" } } }, { "category": "product_name", "name": "Cisco Digital Media Manager", "product": { "name": "Cisco Digital Media Manager", "product_id": "201470", "product_identification_helper": { "cpe": "cpe:/a:cisco:digital_media_manager:-" } } }, { "category": "product_name", "name": "Cisco Intrusion Prevention System (IPS)", "product": { "name": "Cisco Intrusion Prevention System (IPS)", "product_id": "2056", "product_identification_helper": { "cpe": "cpe:/h:cisco:intrusion_prevention_system:-" } } }, { "category": "product_name", "name": "Cisco Nexus 1000V", "product": { "name": "Cisco Nexus 1000V", "product_id": "160893", "product_identification_helper": { "cpe": "cpe:/h:cisco:nexus_1000v:-" } } }, { "category": "product_name", "name": "Cisco Nexus 5000", "product": { "name": "Cisco Nexus 5000", "product_id": "110496", "product_identification_helper": { "cpe": "cpe:/h:cisco:nexus_5000:-" } } }, { "category": "product_name", "name": "Cisco Nexus 6000", "product": { "name": "Cisco Nexus 6000", "product_id": "T004721", "product_identification_helper": { "cpe": "cpe:/h:cisco:nexus_6000:-" } } }, { "category": "product_name", "name": "Cisco Nexus 7000", "product": { "name": "Cisco Nexus 7000", "product_id": "110495", "product_identification_helper": { "cpe": "cpe:/h:cisco:nexus_7000:-" } } }, { "category": "product_name", "name": "Cisco Nexus 9000", "product": { "name": "Cisco Nexus 9000", "product_id": "T004723", "product_identification_helper": { "cpe": "cpe:/h:cisco:nexus_9000:-" } } }, { "category": "product_name", "name": "Cisco ONS", "product": { "name": "Cisco ONS", "product_id": "T002252", "product_identification_helper": { "cpe": "cpe:/h:cisco:ons:15454" } } }, { "category": "product_name", "name": "Cisco Small Business 300 Series Managed Switches", "product": { "name": "Cisco Small Business 300 Series Managed Switches", "product_id": "T000752", "product_identification_helper": { "cpe": "cpe:/h:cisco:small_business_300_series_managed_switches:1.2.7.76" } } }, { "category": "product_name", "name": "Cisco TelePresence", "product": { "name": "Cisco TelePresence", "product_id": "161441", "product_identification_helper": { "cpe": "cpe:/h:cisco:telepresence_video_communication_server:-::control" } } }, { "category": "product_name", "name": "Cisco Unified Contact Center Express (UCCX)", "product": { "name": "Cisco Unified Contact Center Express (UCCX)", "product_id": "T003053", "product_identification_helper": { "cpe": "cpe:/h:cisco:unified_contact_center_express:-" } } }, { "category": "product_name", "name": "Cisco Unified MeetingPlace (MP)", "product": { "name": "Cisco Unified MeetingPlace (MP)", "product_id": "2153", "product_identification_helper": { "cpe": "cpe:/a:cisco:unified_meetingplace:-" } } }, { "category": "product_name", "name": "Cisco Video Surveillance", "product": { "name": "Cisco Video Surveillance", "product_id": "64489", "product_identification_helper": { "cpe": "cpe:/a:cisco:video_surveillance_ip_gateway_encoder_decoder:-" } } }, { "category": "product_name", "name": "Cisco WebEx Node for MCS", "product": { "name": "Cisco WebEx Node for MCS", "product_id": "T001162", "product_identification_helper": { "cpe": "cpe:/a:cisco:webex_node_for_mcs:-" } } } ], "category": "vendor", "name": "cisco" }, { "branches": [ { "category": "product_name", "name": "F5 ARX 6.2.0 - 6.4.0", "product": { "name": "F5 ARX 6.2.0 - 6.4.0", "product_id": "T001664", "product_identification_helper": { "cpe": "cpe:/a:f5:arx:-" } } }, { "category": "product_name", "name": "F5 WAN Optimization Manager", "product": { "name": "F5 WAN Optimization Manager", "product_id": "T001721", "product_identification_helper": { "cpe": "cpe:/a:f5:big-ip_wan_optimization_manager:-" } } }, { "category": "product_name", "name": "F5 WebAccelerator", "product": { "name": "F5 WebAccelerator", "product_id": "T001411", "product_identification_helper": { "cpe": "cpe:/h:f5:big-ip_webaccelerator:10.2.4" } } }, { "category": "product_name", "name": "F5 FirePass", "product": { "name": "F5 FirePass", "product_id": "T001665", "product_identification_helper": { "cpe": "cpe:/a:f5:firepass:-" } } } ], "category": "vendor", "name": "f5" }, { "branches": [ { "category": "product_name", "name": "HPE Loadrunner Software", "product": { "name": "HPE Loadrunner Software", "product_id": "72612", "product_identification_helper": { "cpe": "cpe:/a:hp:loadrunner:-" } } }, { "category": "product_name", "name": "HPE Performance Center", "product": { "name": "HPE Performance Center", "product_id": "T010661", "product_identification_helper": { "cpe": "cpe:/a:hp:performance_center:-" } } }, { "category": "product_name", "name": "HPE SiteScope", "product": { "name": "HPE SiteScope", "product_id": "T008871", "product_identification_helper": { "cpe": "cpe:/a:hp:sitescope:-" } } } ], "category": "vendor", "name": "hp" }, { "branches": [ { "category": "product_name", "name": "SUSE Linux Enterprise Server", "product": { "name": "SUSE Linux Enterprise Server", "product_id": "T008429", "product_identification_helper": { "cpe": "cpe:/o:suse:linux_enterprise_server:12:ltss" } } } ], "category": "vendor", "name": "suse" } ] }, "vulnerabilities": [ { "cve": "CVE-2016-2183", "notes": [ { "category": "description", "text": "Es existiert eine Schwachstelle in OpenSSL im Zusammenhang mit verschl\u00fcsselten Sessions, die mit dem Verschl\u00fcsselungsalgorithmus Triple-DES (3DES) im Cipher Block Chaining (CBC) Modus chiffriert werden. Diese Schwachstelle beruht darauf, dass 3DES auf einer Blockgr\u00f6\u00dfe von 64 Bit basiert und aufgrund des Geburtstagsparadoxons bei gr\u00f6\u00dferen Datenmengen deshalb mit hoher Wahrscheinlichkeit Kollisionen im CBC Modus auftreten. In der Folge kann ein Angreifer, welcher sich in einer \"Man-in-the-Middle\" Position befindet und in der Lage ist gen\u00fcgend Datenverkehr mithilfe eines Known Plaintext Angriffs (Angreifer besitzt Geheimtext und den zugeh\u00f6rigen Klartext) zu generieren bzw. mitzulesen, diese Schwachstelle ausnutzen, um einen Kollisionsangriff durchzuf\u00fchren und verschl\u00fcsselte Inhalte offenzulegen. Voraussetzung f\u00fcr einen erfolgreichen Angriff ist, dass bei der Verschl\u00fcsselung der CBC Modus verwendet wurde und die mitgelesenen verschl\u00fcsselten Daten mit dem gleichen Session Schl\u00fcssel chiffriert wurden. Diese Angriffsmethode wird auch \"SWEET32\" genannt." } ], "product_status": { "known_affected": [ "2070", "T001160", "72612", "157037", "T003343", "T009408", "T008638", "T006616", "2153", "T006618", "T006617", "T004914", "148715", "T000756", "T001721", "T000752", "5930", "T008871", "T002252", "T001162", "190829", "T006486", "T003254", "T008147", "T003851", "T008429", "64489", "110495", "110496", "161441", "T010661", "2040", "2084", "T032354", "138491", "T000700", "T002207", "95918", "310725", "T002323", "T003290", "T003053", "T007521", "67646", "T003005", "2056", "189046", "T000614", "2002", "T001665", "T001664", "T001069", "T001663", "177610", "18557", "153141", "T007044", "161504", "T004484", "T007633", "131351", "T008769", "T004721", "T009615", "205828", "T004723", "2143", "2142", "2186", "160893", "196900", "170497", "201470", "T001411", "T001530", "T003390", "171387", "1727", "1889" ] }, "release_date": "2016-09-22T22:00:00Z", "title": "CVE-2016-2183" }, { "cve": "CVE-2016-2177", "notes": [ { "category": "description", "text": "In OpenSSL existieren mehrere Denial of Service Schwachstellen. Diese Schwachstellen werden u.a. verursacht durch eine fehlerhafte Programmlogik von OpenSSL, fehlerhafte L\u00e4ngenpr\u00fcfungen von Nachrichten, die Client Certificates, Client Certificate Requests und Server Certificates betreffen, Funktionsaufrufe von \"SSL_peek()\", den Funktionen \"MDC2_Update\" und \"EVP_DigestUpdate()\", die fehlerhafte Verwendung von TLS Session Tickets, der Funktion \"BN_bn2dec\", der Funktion \"TS_OBJ_print_bio\", Fehler in der DTLS-Implementierung und fehlerhafte Berechnung von Pointern. In der Folge kann ein entfernter, anonymer Angreifer diese Schwachstellen ausnutzen, um einen Denial of Service Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "2070", "T001160", "72612", "157037", "T003343", "T009408", "T008638", "T006616", "2153", "T006618", "T006617", "T004914", "148715", "T000756", "T001721", "T000752", "5930", "T008871", "T002252", "T001162", "190829", "T006486", "T003254", "T008147", "T003851", "T008429", "64489", "110495", "110496", "161441", "T010661", "2040", "2084", "T032354", "138491", "T000700", "T002207", "95918", "310725", "T002323", "T003290", "T003053", "T007521", "67646", "T003005", "2056", "189046", "T000614", "T000855", "2002", "T001665", "T001664", "T001069", "T001663", "177610", "18557", "153141", "T007044", "161504", "T004484", "T007633", "131351", "T008769", "T004721", "T009615", "205828", "T004723", "2143", "2142", "2186", "160893", "196900", "170497", "201470", "T001411", "T001530", "T003390", "171387", "1727", "1889" ] }, "release_date": "2016-09-22T22:00:00Z", "title": "CVE-2016-2177" }, { "cve": "CVE-2016-2179", "notes": [ { "category": "description", "text": "In OpenSSL existieren mehrere Denial of Service Schwachstellen. Diese Schwachstellen werden u.a. verursacht durch eine fehlerhafte Programmlogik von OpenSSL, fehlerhafte L\u00e4ngenpr\u00fcfungen von Nachrichten, die Client Certificates, Client Certificate Requests und Server Certificates betreffen, Funktionsaufrufe von \"SSL_peek()\", den Funktionen \"MDC2_Update\" und \"EVP_DigestUpdate()\", die fehlerhafte Verwendung von TLS Session Tickets, der Funktion \"BN_bn2dec\", der Funktion \"TS_OBJ_print_bio\", Fehler in der DTLS-Implementierung und fehlerhafte Berechnung von Pointern. In der Folge kann ein entfernter, anonymer Angreifer diese Schwachstellen ausnutzen, um einen Denial of Service Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "2070", "T001160", "72612", "157037", "T003343", "T009408", "T008638", "T006616", "2153", "T006618", "T006617", "T004914", "148715", "T000756", "T001721", "T000752", "5930", "T008871", "T002252", "T001162", "190829", "T006486", "T003254", "T008147", "T003851", "T008429", "64489", "110495", "110496", "161441", "T010661", "2040", "2084", "T032354", "138491", "T000700", "T002207", "95918", "310725", "T002323", "T003290", "T003053", "T007521", "67646", "T003005", "2056", "189046", "T000614", "T000855", "2002", "T001665", "T001664", "T001069", "T001663", "177610", "18557", "153141", "T007044", "161504", "T004484", "T007633", "131351", "T008769", "T004721", "T009615", "205828", "T004723", "2143", "2142", "2186", "160893", "196900", "170497", "201470", "T001411", "T001530", "T003390", "171387", "1727", "1889" ] }, "release_date": "2016-09-22T22:00:00Z", "title": "CVE-2016-2179" }, { "cve": "CVE-2016-2180", "notes": [ { "category": "description", "text": "In OpenSSL existieren mehrere Denial of Service Schwachstellen. Diese Schwachstellen werden u.a. verursacht durch eine fehlerhafte Programmlogik von OpenSSL, fehlerhafte L\u00e4ngenpr\u00fcfungen von Nachrichten, die Client Certificates, Client Certificate Requests und Server Certificates betreffen, Funktionsaufrufe von \"SSL_peek()\", den Funktionen \"MDC2_Update\" und \"EVP_DigestUpdate()\", die fehlerhafte Verwendung von TLS Session Tickets, der Funktion \"BN_bn2dec\", der Funktion \"TS_OBJ_print_bio\", Fehler in der DTLS-Implementierung und fehlerhafte Berechnung von Pointern. In der Folge kann ein entfernter, anonymer Angreifer diese Schwachstellen ausnutzen, um einen Denial of Service Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "2070", "T001160", "72612", "157037", "T003343", "T009408", "T008638", "T006616", "2153", "T006618", "T006617", "T004914", "148715", "T000756", "T001721", "T000752", "5930", "T008871", "T002252", "T001162", "190829", "T006486", "T003254", "T008147", "T003851", "T008429", "64489", "110495", "110496", "161441", "T010661", "2040", "2084", "T032354", "138491", "T000700", "T002207", "95918", "310725", "T002323", "T003290", "T003053", "T007521", "67646", "T003005", "2056", "189046", "T000614", "T000855", "2002", "T001665", "T001664", "T001069", "T001663", "177610", "18557", "153141", "T007044", "161504", "T004484", "T007633", "131351", "T008769", "T004721", "T009615", "205828", "T004723", "2143", "2142", "2186", "160893", "196900", "170497", "201470", "T001411", "T001530", "T003390", "171387", "1727", "1889" ] }, "release_date": "2016-09-22T22:00:00Z", "title": "CVE-2016-2180" }, { "cve": "CVE-2016-2181", "notes": [ { "category": "description", "text": "In OpenSSL existieren mehrere Denial of Service Schwachstellen. Diese Schwachstellen werden u.a. verursacht durch eine fehlerhafte Programmlogik von OpenSSL, fehlerhafte L\u00e4ngenpr\u00fcfungen von Nachrichten, die Client Certificates, Client Certificate Requests und Server Certificates betreffen, Funktionsaufrufe von \"SSL_peek()\", den Funktionen \"MDC2_Update\" und \"EVP_DigestUpdate()\", die fehlerhafte Verwendung von TLS Session Tickets, der Funktion \"BN_bn2dec\", der Funktion \"TS_OBJ_print_bio\", Fehler in der DTLS-Implementierung und fehlerhafte Berechnung von Pointern. In der Folge kann ein entfernter, anonymer Angreifer diese Schwachstellen ausnutzen, um einen Denial of Service Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "2070", "T001160", "72612", "157037", "T003343", "T009408", "T008638", "T006616", "2153", "T006618", "T006617", "T004914", "148715", "T000756", "T001721", "T000752", "5930", "T008871", "T002252", "T001162", "190829", "T006486", "T003254", "T008147", "T003851", "T008429", "64489", "110495", "110496", "161441", "T010661", "2040", "2084", "T032354", "138491", "T000700", "T002207", "95918", "310725", "T002323", "T003290", "T003053", "T007521", "67646", "T003005", "2056", "189046", "T000614", "T000855", "2002", "T001665", "T001664", "T001069", "T001663", "177610", "18557", "153141", "T007044", "161504", "T004484", "T007633", "131351", "T008769", "T004721", "T009615", "205828", "T004723", "2143", "2142", "2186", "160893", "196900", "170497", "201470", "T001411", "T001530", "T003390", "171387", "1727", "1889" ] }, "release_date": "2016-09-22T22:00:00Z", "title": "CVE-2016-2181" }, { "cve": "CVE-2016-2182", "notes": [ { "category": "description", "text": "In OpenSSL existieren mehrere Denial of Service Schwachstellen. Diese Schwachstellen werden u.a. verursacht durch eine fehlerhafte Programmlogik von OpenSSL, fehlerhafte L\u00e4ngenpr\u00fcfungen von Nachrichten, die Client Certificates, Client Certificate Requests und Server Certificates betreffen, Funktionsaufrufe von \"SSL_peek()\", den Funktionen \"MDC2_Update\" und \"EVP_DigestUpdate()\", die fehlerhafte Verwendung von TLS Session Tickets, der Funktion \"BN_bn2dec\", der Funktion \"TS_OBJ_print_bio\", Fehler in der DTLS-Implementierung und fehlerhafte Berechnung von Pointern. In der Folge kann ein entfernter, anonymer Angreifer diese Schwachstellen ausnutzen, um einen Denial of Service Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "2070", "T001160", "72612", "157037", "T003343", "T009408", "T008638", "T006616", "2153", "T006618", "T006617", "T004914", "148715", "T000756", "T001721", "T000752", "5930", "T008871", "T002252", "T001162", "190829", "T006486", "T003254", "T008147", "T003851", "T008429", "64489", "110495", "110496", "161441", "T010661", "2040", "2084", "T032354", "138491", "T000700", "T002207", "95918", "310725", "T002323", "T003290", "T003053", "T007521", "67646", "T003005", "2056", "189046", "T000614", "T000855", "2002", "T001665", "T001664", "T001069", "T001663", "177610", "18557", "153141", "T007044", "161504", "T004484", "T007633", "131351", "T008769", "T004721", "T009615", "205828", "T004723", "2143", "2142", "2186", "160893", "196900", "170497", "201470", "T001411", "T001530", "T003390", "171387", "1727", "1889" ] }, "release_date": "2016-09-22T22:00:00Z", "title": "CVE-2016-2182" }, { "cve": "CVE-2016-6302", "notes": [ { "category": "description", "text": "In OpenSSL existieren mehrere Denial of Service Schwachstellen. Diese Schwachstellen werden u.a. verursacht durch eine fehlerhafte Programmlogik von OpenSSL, fehlerhafte L\u00e4ngenpr\u00fcfungen von Nachrichten, die Client Certificates, Client Certificate Requests und Server Certificates betreffen, Funktionsaufrufe von \"SSL_peek()\", den Funktionen \"MDC2_Update\" und \"EVP_DigestUpdate()\", die fehlerhafte Verwendung von TLS Session Tickets, der Funktion \"BN_bn2dec\", der Funktion \"TS_OBJ_print_bio\", Fehler in der DTLS-Implementierung und fehlerhafte Berechnung von Pointern. In der Folge kann ein entfernter, anonymer Angreifer diese Schwachstellen ausnutzen, um einen Denial of Service Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "2070", "T001160", "72612", "157037", "T003343", "T009408", "T008638", "T006616", "2153", "T006618", "T006617", "T004914", "148715", "T000756", "T001721", "T000752", "5930", "T008871", "T002252", "T001162", "190829", "T006486", "T003254", "T008147", "T003851", "T008429", "64489", "110495", "110496", "161441", "T010661", "2040", "2084", "T032354", "138491", "T000700", "T002207", "95918", "310725", "T002323", "T003290", "T003053", "T007521", "67646", "T003005", "2056", "189046", "T000614", "T000855", "2002", "T001665", "T001664", "T001069", "T001663", "177610", "18557", "153141", "T007044", "161504", "T004484", "T007633", "131351", "T008769", "T004721", "T009615", "205828", "T004723", "2143", "2142", "2186", "160893", "196900", "170497", "201470", "T001411", "T001530", "T003390", "171387", "1727", "1889" ] }, "release_date": "2016-09-22T22:00:00Z", "title": "CVE-2016-6302" }, { "cve": "CVE-2016-6303", "notes": [ { "category": "description", "text": "In OpenSSL existieren mehrere Denial of Service Schwachstellen. Diese Schwachstellen werden u.a. verursacht durch eine fehlerhafte Programmlogik von OpenSSL, fehlerhafte L\u00e4ngenpr\u00fcfungen von Nachrichten, die Client Certificates, Client Certificate Requests und Server Certificates betreffen, Funktionsaufrufe von \"SSL_peek()\", den Funktionen \"MDC2_Update\" und \"EVP_DigestUpdate()\", die fehlerhafte Verwendung von TLS Session Tickets, der Funktion \"BN_bn2dec\", der Funktion \"TS_OBJ_print_bio\", Fehler in der DTLS-Implementierung und fehlerhafte Berechnung von Pointern. In der Folge kann ein entfernter, anonymer Angreifer diese Schwachstellen ausnutzen, um einen Denial of Service Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "2070", "T001160", "72612", "157037", "T003343", "T009408", "T008638", "T006616", "2153", "T006618", "T006617", "T004914", "148715", "T000756", "T001721", "T000752", "5930", "T008871", "T002252", "T001162", "190829", "T006486", "T003254", "T008147", "T003851", "T008429", "64489", "110495", "110496", "161441", "T010661", "2040", "2084", "T032354", "138491", "T000700", "T002207", "95918", "310725", "T002323", "T003290", "T003053", "T007521", "67646", "T003005", "2056", "189046", "T000614", "T000855", "2002", "T001665", "T001664", "T001069", "T001663", "177610", "18557", "153141", "T007044", "161504", "T004484", "T007633", "131351", "T008769", "T004721", "T009615", "205828", "T004723", "2143", "2142", "2186", "160893", "196900", "170497", "201470", "T001411", "T001530", "T003390", "171387", "1727", "1889" ] }, "release_date": "2016-09-22T22:00:00Z", "title": "CVE-2016-6303" }, { "cve": "CVE-2016-6304", "notes": [ { "category": "description", "text": "In OpenSSL existieren mehrere Denial of Service Schwachstellen. Diese Schwachstellen werden u.a. verursacht durch eine fehlerhafte Programmlogik von OpenSSL, fehlerhafte L\u00e4ngenpr\u00fcfungen von Nachrichten, die Client Certificates, Client Certificate Requests und Server Certificates betreffen, Funktionsaufrufe von \"SSL_peek()\", den Funktionen \"MDC2_Update\" und \"EVP_DigestUpdate()\", die fehlerhafte Verwendung von TLS Session Tickets, der Funktion \"BN_bn2dec\", der Funktion \"TS_OBJ_print_bio\", Fehler in der DTLS-Implementierung und fehlerhafte Berechnung von Pointern. In der Folge kann ein entfernter, anonymer Angreifer diese Schwachstellen ausnutzen, um einen Denial of Service Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "2070", "T001160", "72612", "157037", "T003343", "T009408", "T008638", "T006616", "2153", "T006618", "T006617", "T004914", "148715", "T000756", "T001721", "T000752", "5930", "T008871", "T002252", "T001162", "190829", "T006486", "T003254", "T008147", "T003851", "T008429", "64489", "110495", "110496", "161441", "T010661", "2040", "2084", "T032354", "138491", "T000700", "T002207", "95918", "310725", "T002323", "T003290", "T003053", "T007521", "67646", "T003005", "2056", "189046", "T000614", "T000855", "2002", "T001665", "T001664", "T001069", "T001663", "177610", "18557", "153141", "T007044", "161504", "T004484", "T007633", "131351", "T008769", "T004721", "T009615", "205828", "T004723", "2143", "2142", "2186", "160893", "196900", "170497", "201470", "T001411", "T001530", "T003390", "171387", "1727", "1889" ] }, "release_date": "2016-09-22T22:00:00Z", "title": "CVE-2016-6304" }, { "cve": "CVE-2016-6305", "notes": [ { "category": "description", "text": "In OpenSSL existieren mehrere Denial of Service Schwachstellen. Diese Schwachstellen werden u.a. verursacht durch eine fehlerhafte Programmlogik von OpenSSL, fehlerhafte L\u00e4ngenpr\u00fcfungen von Nachrichten, die Client Certificates, Client Certificate Requests und Server Certificates betreffen, Funktionsaufrufe von \"SSL_peek()\", den Funktionen \"MDC2_Update\" und \"EVP_DigestUpdate()\", die fehlerhafte Verwendung von TLS Session Tickets, der Funktion \"BN_bn2dec\", der Funktion \"TS_OBJ_print_bio\", Fehler in der DTLS-Implementierung und fehlerhafte Berechnung von Pointern. In der Folge kann ein entfernter, anonymer Angreifer diese Schwachstellen ausnutzen, um einen Denial of Service Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "2070", "T001160", "72612", "157037", "T003343", "T009408", "T008638", "T006616", "2153", "T006618", "T006617", "T004914", "148715", "T000756", "T001721", "T000752", "5930", "T008871", "T002252", "T001162", "190829", "T006486", "T003254", "T008147", "T003851", "T008429", "64489", "110495", "110496", "161441", "T010661", "2040", "2084", "T032354", "138491", "T000700", "T002207", "95918", "310725", "T002323", "T003290", "T003053", "T007521", "67646", "T003005", "2056", "189046", "T000614", "T000855", "2002", "T001665", "T001664", "T001069", "T001663", "177610", "18557", "153141", "T007044", "161504", "T004484", "T007633", "131351", "T008769", "T004721", "T009615", "205828", "T004723", "2143", "2142", "2186", "160893", "196900", "170497", "201470", "T001411", "T001530", "T003390", "171387", "1727", "1889" ] }, "release_date": "2016-09-22T22:00:00Z", "title": "CVE-2016-6305" }, { "cve": "CVE-2016-6306", "notes": [ { "category": "description", "text": "In OpenSSL existieren mehrere Denial of Service Schwachstellen. Diese Schwachstellen werden u.a. verursacht durch eine fehlerhafte Programmlogik von OpenSSL, fehlerhafte L\u00e4ngenpr\u00fcfungen von Nachrichten, die Client Certificates, Client Certificate Requests und Server Certificates betreffen, Funktionsaufrufe von \"SSL_peek()\", den Funktionen \"MDC2_Update\" und \"EVP_DigestUpdate()\", die fehlerhafte Verwendung von TLS Session Tickets, der Funktion \"BN_bn2dec\", der Funktion \"TS_OBJ_print_bio\", Fehler in der DTLS-Implementierung und fehlerhafte Berechnung von Pointern. In der Folge kann ein entfernter, anonymer Angreifer diese Schwachstellen ausnutzen, um einen Denial of Service Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "2070", "T001160", "72612", "157037", "T003343", "T009408", "T008638", "T006616", "2153", "T006618", "T006617", "T004914", "148715", "T000756", "T001721", "T000752", "5930", "T008871", "T002252", "T001162", "190829", "T006486", "T003254", "T008147", "T003851", "T008429", "64489", "110495", "110496", "161441", "T010661", "2040", "2084", "T032354", "138491", "T000700", "T002207", "95918", "310725", "T002323", "T003290", "T003053", "T007521", "67646", "T003005", "2056", "189046", "T000614", "T000855", "2002", "T001665", "T001664", "T001069", "T001663", "177610", "18557", "153141", "T007044", "161504", "T004484", "T007633", "131351", "T008769", "T004721", "T009615", "205828", "T004723", "2143", "2142", "2186", "160893", "196900", "170497", "201470", "T001411", "T001530", "T003390", "171387", "1727", "1889" ] }, "release_date": "2016-09-22T22:00:00Z", "title": "CVE-2016-6306" }, { "cve": "CVE-2016-6307", "notes": [ { "category": "description", "text": "In OpenSSL existieren mehrere Denial of Service Schwachstellen. Diese Schwachstellen werden u.a. verursacht durch eine fehlerhafte Programmlogik von OpenSSL, fehlerhafte L\u00e4ngenpr\u00fcfungen von Nachrichten, die Client Certificates, Client Certificate Requests und Server Certificates betreffen, Funktionsaufrufe von \"SSL_peek()\", den Funktionen \"MDC2_Update\" und \"EVP_DigestUpdate()\", die fehlerhafte Verwendung von TLS Session Tickets, der Funktion \"BN_bn2dec\", der Funktion \"TS_OBJ_print_bio\", Fehler in der DTLS-Implementierung und fehlerhafte Berechnung von Pointern. In der Folge kann ein entfernter, anonymer Angreifer diese Schwachstellen ausnutzen, um einen Denial of Service Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "2070", "T001160", "72612", "157037", "T003343", "T009408", "T008638", "T006616", "2153", "T006618", "T006617", "T004914", "148715", "T000756", "T001721", "T000752", "5930", "T008871", "T002252", "T001162", "190829", "T006486", "T003254", "T008147", "T003851", "T008429", "64489", "110495", "110496", "161441", "T010661", "2040", "2084", "T032354", "138491", "T000700", "T002207", "95918", "310725", "T002323", "T003290", "T003053", "T007521", "67646", "T003005", "2056", "189046", "T000614", "T000855", "2002", "T001665", "T001664", "T001069", "T001663", "177610", "18557", "153141", "T007044", "161504", "T004484", "T007633", "131351", "T008769", "T004721", "T009615", "205828", "T004723", "2143", "2142", "2186", "160893", "196900", "170497", "201470", "T001411", "T001530", "T003390", "171387", "1727", "1889" ] }, "release_date": "2016-09-22T22:00:00Z", "title": "CVE-2016-6307" }, { "cve": "CVE-2016-6308", "notes": [ { "category": "description", "text": "In OpenSSL existieren mehrere Denial of Service Schwachstellen. Diese Schwachstellen werden u.a. verursacht durch eine fehlerhafte Programmlogik von OpenSSL, fehlerhafte L\u00e4ngenpr\u00fcfungen von Nachrichten, die Client Certificates, Client Certificate Requests und Server Certificates betreffen, Funktionsaufrufe von \"SSL_peek()\", den Funktionen \"MDC2_Update\" und \"EVP_DigestUpdate()\", die fehlerhafte Verwendung von TLS Session Tickets, der Funktion \"BN_bn2dec\", der Funktion \"TS_OBJ_print_bio\", Fehler in der DTLS-Implementierung und fehlerhafte Berechnung von Pointern. In der Folge kann ein entfernter, anonymer Angreifer diese Schwachstellen ausnutzen, um einen Denial of Service Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "2070", "T001160", "72612", "157037", "T003343", "T009408", "T008638", "T006616", "2153", "T006618", "T006617", "T004914", "148715", "T000756", "T001721", "T000752", "5930", "T008871", "T002252", "T001162", "190829", "T006486", "T003254", "T008147", "T003851", "T008429", "64489", "110495", "110496", "161441", "T010661", "2040", "2084", "T032354", "138491", "T000700", "T002207", "95918", "310725", "T002323", "T003290", "T003053", "T007521", "67646", "T003005", "2056", "189046", "T000614", "T000855", "2002", "T001665", "T001664", "T001069", "T001663", "177610", "18557", "153141", "T007044", "161504", "T004484", "T007633", "131351", "T008769", "T004721", "T009615", "205828", "T004723", "2143", "2142", "2186", "160893", "196900", "170497", "201470", "T001411", "T001530", "T003390", "171387", "1727", "1889" ] }, "release_date": "2016-09-22T22:00:00Z", "title": "CVE-2016-6308" }, { "cve": "CVE-2016-2178", "notes": [ { "category": "description", "text": "Es existiert eine Schwachstelle in OpenSSL. Ein lokaler Angreifer kann einen Fehler im DSA signing Algorithmus ausnutzen um \u00fcber einen Side Chanel Angriff sensitive Daten des Signatur-Prozesses offenzulegen. So kann z.B. auch der DSA Private Key offengelegt werden." } ], "product_status": { "known_affected": [ "2070", "T001160", "157037", "T003343", "T009408", "T008638", "T006616", "2153", "T006618", "T006617", "T004914", "148715", "T000756", "T001721", "T000752", "5930", "T008871", "T002252", "T001162", "190829", "T006486", "T003254", "T008147", "T003851", "T008429", "64489", "110495", "110496", "161441", "2040", "2084", "T032354", "138491", "T000700", "T002207", "95918", "310725", "T002323", "T003290", "T003053", "T007521", "67646", "T003005", "2056", "189046", "T000614", "2002", "T001665", "T001664", "T001069", "T001663", "177610", "18557", "153141", "T007044", "161504", "T004484", "T007633", "131351", "T008769", "T004721", "T009615", "205828", "T004723", "2143", "2142", "2186", "160893", "196900", "170497", "201470", "T001411", "T001530", "T003390", "171387", "1727", "1889" ] }, "release_date": "2016-09-22T22:00:00Z", "title": "CVE-2016-2178" } ] }
wid-sec-w-2022-1955
Vulnerability from csaf_certbund
Notes
{ "document": { "aggregate_severity": { "text": "mittel" }, "category": "csaf_base", "csaf_version": "2.0", "distribution": { "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "de-DE", "notes": [ { "category": "legal_disclaimer", "text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen." }, { "category": "description", "text": "OpenSSL ist eine im Quelltext frei verf\u00fcgbare Bibliothek, die Secure Sockets Layer (SSL) und Transport Layer Security (TLS) implementiert.", "title": "Produktbeschreibung" }, { "category": "summary", "text": "Ein entfernter, anonymer Angreifer kann eine Schwachstelle in OpenSSL ausnutzen, um Sicherheitsvorkehrungen zu umgehen.", "title": "Angriff" }, { "category": "general", "text": "- UNIX\n- Linux\n- Windows\n- CISCO Appliance\n- F5 Networks\n- Appliance", "title": "Betroffene Betriebssysteme" } ], "publisher": { "category": "other", "contact_details": "csaf-provider@cert-bund.de", "name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik", "namespace": "https://www.bsi.bund.de" }, "references": [ { "category": "self", "summary": "WID-SEC-W-2022-1955 - CSAF Version", "url": "https://wid.cert-bund.de/.well-known/csaf/white/2016/wid-sec-w-2022-1955.json" }, { "category": "self", "summary": "WID-SEC-2022-1955 - Portal Version", "url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2022-1955" }, { "category": "external", "summary": "Paper \"On the Practical (In-)Security of 64-bit Block Ciphers\" von Bhargavan und Leurent vom 2016-08-28", "url": "https://sweet32.info/SWEET32_CCS16.pdf" }, { "category": "external", "summary": "OpenSSL Blog vom 2016-08-24", "url": "https://www.openssl.org/blog/blog/2016/08/24/sweet32/" }, { "category": "external", "summary": "Red Hat Knowledgebase Artikel \"SWEET32: Birthday attacks against TLS ciphers with 64bit block size\"", "url": "https://access.redhat.com/articles/2548661" }, { "category": "external", "summary": "Debian Security Advisory DSA-3673 vom 2016-09-22", "url": "https://www.debian.org/security/2016/dsa-3673" }, { "category": "external", "summary": "Ubuntu Security Notice USN-3087-2 vom 2016-09-23", "url": "http://www.ubuntu.com/usn/usn-3087-2/" }, { "category": "external", "summary": "SUSE Security Update Announcement ID SUSE-SU-2016:2387-1", "url": "https://www.suse.com/de-de/support/update/announcement/2016/suse-su-20162387-1.html" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2016:1940 vom 2016-09-27", "url": "https://access.redhat.com/errata/RHSA-2016:1940" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2016:2394-1 vom 2016-09-27", "url": "https://www.suse.com/support/update/announcement/2016/suse-su-20162394-1.html" }, { "category": "external", "summary": "CISCO Security Advisory CISCO-SA-20160927-OPENSSL vom 2016-09-27", "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160927-openssl?vs_f=Cisco%20Security%20Advisory\u0026vs_cat=Security%20Intelligence\u0026vs_type=RSS\u0026vs_p=Multiple%20Vulnerabilities%20in%20OpenSSL%20Affecting%20Cisco%20Products:%20September%202016\u0026vs_k=1" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2016:2458-1 vom 2016-10-05", "url": "https://www.suse.com/support/update/announcement/2016/suse-su-20162458-1.html" }, { "category": "external", "summary": "Arista Security Advisory 0024 vom 2016-10-05", "url": "http://www.arista.com/en/support/advisories-notices/security-advisories/1749-security-advisory-24" }, { "category": "external", "summary": "F5 Security Advisory sol13167034 vom 2016-10-05", "url": "https://support.f5.com/kb/en-us/solutions/public/k/13/sol13167034.html?ref=rss" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2016:2468-1 vom 2016-10-07", "url": "https://www.suse.com/support/update/announcement/2016/suse-su-20162468-1.html" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2016:2469-1 vom 2016-10-07", "url": "https://www.suse.com/support/update/announcement/2016/suse-su-20162469-1.html" }, { "category": "external", "summary": "Update des CISCO Security Advisory CISCO-SA-20160927-OPENSSL vom 2016-10-19", "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160927-openssl?vs_f=Cisco%20Security%20Advisory\u0026vs_cat=Security%20Intelligence\u0026vs_type=RSS\u0026vs_p=Multiple%20Vulnerabilities%20in%20OpenSSL%20Affecting%20Cisco%20Products:%20September%202016\u0026vs_k=1" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2016:2470-2 vom 2016-11-01", "url": "https://www.suse.com/support/update/announcement/2016/suse-su-20162470-2.html" }, { "category": "external", "summary": "HPE SECURITY BULLETIN c05323116 vom 2016-11-01", "url": "https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c05323116" }, { "category": "external", "summary": "BLUECOAT Security Advisory SA133 vom 2016-12-23", "url": "https://bto.bluecoat.com/security-advisory/sa133" }, { "category": "external", "summary": "HP Security Bulletin c05369403", "url": "https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c05369403" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2017:0460-1 vom 2017-02-14", "url": "https://lists.opensuse.org/opensuse-security-announce/2017-02/msg00023.html" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2017:0490-1 vom 2017-02-17", "url": "https://www.suse.com/support/update/announcement/2017/suse-su-20170490-1.html" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2017:0462 vom 2017-03-08", "url": "https://access.redhat.com/errata/RHSA-2017:0462" }, { "category": "external", "summary": "Xerox Security Bulletin XRX17-006 vom 2017-03-08", "url": "https://www.xerox.com/download/security/security-bulletin/2efe6-54a395387fa39/cert_XRX17-006_FFPSv8_UpdateManager_Mar2017.pdf" }, { "category": "external", "summary": "Xerox Security Bulletin XRX17-005 vom 2017-03-08", "url": "https://www.xerox.com/download/security/security-bulletin/312e6-54a3954424112/cert_XRX17-005_FFPSv7_v9_UpdateManager_Mar2017.pdf" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2017:0719-1 vom 2017-03-17", "url": "https://www.suse.com/support/update/announcement/2017/suse-su-20170719-1.html" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2017:0716-1 vom 2017-03-17", "url": "https://www.suse.com/support/update/announcement/2017/suse-su-20170716-1.html" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2017:0726-1 vom 2017-03-17", "url": "https://www.suse.com/support/update/announcement/2017/suse-su-20170726-1.html" }, { "category": "external", "summary": "Xerox Security Mini Bulletin XRX17D vom 2017-03-28", "url": "https://www.xerox.com/download/security/security-bulletin/252f0-54bcf4b63fb29/cert_Mini_Security_Bulletin_XRX17D_for_ConnectKey_R17-02_v1.0.docx" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2017:0839-1 vom 2017-03-29", "url": "https://www.suse.com/support/update/announcement/2017/suse-su-20170839-1.html" }, { "category": "external", "summary": "HPE Security Bulletin HPESBUX03725 vom 2017-03-29", "url": "https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbux03725en_us" }, { "category": "external", "summary": "NetApp Advisory Number NTAP-20170119-0001", "url": "https://kb.netapp.com/support/s/article/ka51A00000007P2QAI/NTAP-20170119-0001?language=en_US" }, { "category": "external", "summary": "Ubuntu Security Notice USN-3270-1 vom 2017-04-27", "url": "http://www.ubuntu.com/usn/usn-3270-1/" }, { "category": "external", "summary": "McAfee Security Advisory", "url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10197" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2017:1389-1 vom 2017-05-24", "url": "https://www.suse.com/support/update/announcement/2017/suse-su-20171389-1.html" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2017:2710 vom 2017-09-13", "url": "https://access.redhat.com/errata/RHSA-2017:2710" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2017:2709 vom 2017-09-13", "url": "https://access.redhat.com/errata/RHSA-2017:2709" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2017:2708 vom 2017-09-13", "url": "https://access.redhat.com/errata/RHSA-2017:2708" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2017:3114 vom 2017-11-02", "url": "https://access.redhat.com/errata/RHSA-2017:3114" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2017:3113 vom 2017-11-02", "url": "https://access.redhat.com/errata/RHSA-2017:3113" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2017:3240 vom 2017-11-16", "url": "https://access.redhat.com/errata/RHSA-2017:3240" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2017:3239 vom 2017-11-16", "url": "https://access.redhat.com/errata/RHSA-2017:3239" }, { "category": "external", "summary": "McAfee Security Bulletin:SB10215", "url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10215" }, { "category": "external", "summary": "NetApp Security Advisory NTAP-20160915-0001 vom 2018-01-30", "url": "https://security.netapp.com/advisory/ntap-20160915-0001/" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2018:2123 vom 2018-07-03", "url": "http://rhn.redhat.com/errata/RHSA-2018-2123.html" }, { "category": "external", "summary": "CentOS Security Advisory CESA-2018:2123 vom 2018-07-13", "url": "http://centos-announce.2309468.n4.nabble.com/CentOS-announce-CESA-2018-2123-Moderate-CentOS-7-python-Security-Update-tp4645172.html" }, { "category": "external", "summary": "Dell/EMC Knowledge Base Article: 000529947", "url": "https://support.emc.com/kb/529947" }, { "category": "external", "summary": "NetApp Security Advisory NTAP-20170119-0001 vom 2019-02-07", "url": "https://security.netapp.com/advisory/ntap-20170119-0001/" }, { "category": "external", "summary": "Fortinet PSIRT Advisory FG-IR-17-173", "url": "https://fortiguard.com/psirt/FG-IR-17-173" }, { "category": "external", "summary": "Oracle Linux Security Advisory ELSA-2019-4581 vom 2019-03-13", "url": "http://linux.oracle.com/errata/ELSA-2019-4581.html" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2019:1245 vom 2019-05-20", "url": "https://access.redhat.com/errata/RHSA-2019:1245" }, { "category": "external", "summary": "Xerox Mini Bulletin XRX19M", "url": "https://security.business.xerox.com/wp-content/uploads/2019/06/cert_Security_Mini_Bulletin_XRX19M_for_WC57xx.pdf" }, { "category": "external", "summary": "Oracle Linux Security Advisory ELSA-2019-4747 vom 2019-08-16", "url": "http://linux.oracle.com/errata/ELSA-2019-4747.html" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2019:2859 vom 2019-09-27", "url": "https://access.redhat.com/errata/RHSA-2019:2859" }, { "category": "external", "summary": "EMC Security Advisory 542344 vom 2020-03-31", "url": "https://www.dell.com/support/security/de-de/details/542344/DSA-2020-072-Dell-EMC-VNX2-Family-Security-Update-for-Multiple-Third-Party-Component-Vulnerabilit" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2020:3842 vom 2020-10-01", "url": "https://access.redhat.com/errata/RHSA-2020:3842" }, { "category": "external", "summary": "Oracle Linux Security Advisory ELSA-2021-9150 vom 2021-04-01", "url": "https://linux.oracle.com/errata/ELSA-2021-9150.html" }, { "category": "external", "summary": "Juniper Security Advisory JSA11172 vom 2021-04-16", "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA11172" }, { "category": "external", "summary": "Juniper Security Advisory JSA11174 vom 2021-04-16", "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA11174" }, { "category": "external", "summary": "Oracle Linux Security Advisory ELSA-2022-9272 vom 2022-04-08", "url": "https://linux.oracle.com/errata/ELSA-2022-9272.html" }, { "category": "external", "summary": "IBM Security Bulletin 6836869 vom 2022-11-04", "url": "https://www.ibm.com/blogs/psirt/security-bulletin-ibm-infosphere-information-server-is-vulnerable-to-sweet32-birthday-attack-cve-2016-2183/" }, { "category": "external", "summary": "HP Security Bulletin HPSBPI03823 vom 2022-12-06", "url": "https://support.hp.com/us-en/document/ish_7328903-7328970-16/HPSBPI03823" }, { "category": "external", "summary": "Dell Knowledge Base Article", "url": "https://www.dell.com/support/kbdoc/en-us/000221474/dsa-2024-059-security-update-for-dell-networker-multiple-components-vulnerabilities" } ], "source_lang": "en-US", "title": "OpenSSL: Schwachstelle erm\u00f6glicht Umgehen von Sicherheitsvorkehrungen", "tracking": { "current_release_date": "2024-01-25T23:00:00.000+00:00", "generator": { "date": "2024-02-15T17:02:31.528+00:00", "engine": { "name": "BSI-WID", "version": "1.3.0" } }, "id": "WID-SEC-W-2022-1955", "initial_release_date": "2016-08-28T22:00:00.000+00:00", "revision_history": [ { "date": "2016-08-28T22:00:00.000+00:00", "number": "1", "summary": "Initial Release" }, { "date": "2016-08-28T22:00:00.000+00:00", "number": "2", "summary": "Version nicht vorhanden" }, { "date": "2016-08-28T22:00:00.000+00:00", "number": "3", "summary": "Version nicht vorhanden" }, { "date": "2016-09-22T22:00:00.000+00:00", "number": "4", "summary": "New remediations available" }, { "date": "2016-09-25T22:00:00.000+00:00", "number": "5", "summary": "New remediations available" }, { "date": "2016-09-25T22:00:00.000+00:00", "number": "6", "summary": "Version nicht vorhanden" }, { "date": "2016-09-26T22:00:00.000+00:00", "number": "7", "summary": "New remediations available" }, { "date": "2016-09-26T22:00:00.000+00:00", "number": "8", "summary": "Version nicht vorhanden" }, { "date": "2016-09-27T22:00:00.000+00:00", "number": "9", "summary": "New remediations available" }, { "date": "2016-09-27T22:00:00.000+00:00", "number": "10", "summary": "New remediations available" }, { "date": "2016-10-05T22:00:00.000+00:00", "number": "11", "summary": "New remediations available" }, { "date": "2016-10-05T22:00:00.000+00:00", "number": "12", "summary": "Version nicht vorhanden" }, { "date": "2016-10-05T22:00:00.000+00:00", "number": "13", "summary": "Version nicht vorhanden" }, { "date": "2016-10-05T22:00:00.000+00:00", "number": "14", "summary": "Version nicht vorhanden" }, { "date": "2016-10-06T22:00:00.000+00:00", "number": "15", "summary": "New remediations available" }, { "date": "2016-10-06T22:00:00.000+00:00", "number": "16", "summary": "Version nicht vorhanden" }, { "date": "2016-10-06T22:00:00.000+00:00", "number": "17", "summary": "Version nicht vorhanden" }, { "date": "2016-11-01T23:00:00.000+00:00", "number": "18", "summary": "New remediations available" }, { "date": "2016-11-01T23:00:00.000+00:00", "number": "19", "summary": "New remediations available" }, { "date": "2016-11-01T23:00:00.000+00:00", "number": "20", "summary": "Version nicht vorhanden" }, { "date": "2016-12-22T23:00:00.000+00:00", "number": "21", "summary": "New remediations available" }, { "date": "2017-01-12T23:00:00.000+00:00", "number": "22", "summary": "New remediations available" }, { "date": "2017-01-12T23:00:00.000+00:00", "number": "23", "summary": "Version nicht vorhanden" }, { "date": "2017-02-14T23:00:00.000+00:00", "number": "24", "summary": "New remediations available" }, { "date": "2017-02-19T23:00:00.000+00:00", "number": "25", "summary": "New remediations available" }, { "date": "2017-03-08T23:00:00.000+00:00", "number": "26", "summary": "New remediations available" }, { "date": "2017-03-08T23:00:00.000+00:00", "number": "27", "summary": "New remediations available" }, { "date": "2017-03-08T23:00:00.000+00:00", "number": "28", "summary": "Version nicht vorhanden" }, { "date": "2017-03-08T23:00:00.000+00:00", "number": "29", "summary": "New remediations available" }, { "date": "2017-03-19T23:00:00.000+00:00", "number": "30", "summary": "New remediations available" }, { "date": "2017-03-19T23:00:00.000+00:00", "number": "31", "summary": "Version nicht vorhanden" }, { "date": "2017-03-28T22:00:00.000+00:00", "number": "32", "summary": "New remediations available" }, { "date": "2017-03-29T22:00:00.000+00:00", "number": "33", "summary": "New remediations available" }, { "date": "2017-03-29T22:00:00.000+00:00", "number": "34", "summary": "Version nicht vorhanden" }, { "date": "2017-03-30T22:00:00.000+00:00", "number": "35", "summary": "New remediations available" }, { "date": "2017-03-30T22:00:00.000+00:00", "number": "36", "summary": "Version nicht vorhanden" }, { "date": "2017-04-27T22:00:00.000+00:00", "number": "37", "summary": "New remediations available" }, { "date": "2017-05-10T22:00:00.000+00:00", "number": "38", "summary": "New remediations available" }, { "date": "2017-05-23T22:00:00.000+00:00", "number": "39", "summary": "New remediations available" }, { "date": "2017-07-05T22:00:00.000+00:00", "number": "40", "summary": "Added references" }, { "date": "2017-09-13T22:00:00.000+00:00", "number": "41", "summary": "New remediations available" }, { "date": "2017-11-02T23:00:00.000+00:00", "number": "42", "summary": "New remediations available" }, { "date": "2017-11-16T23:00:00.000+00:00", "number": "43", "summary": "New remediations available" }, { "date": "2017-11-16T23:00:00.000+00:00", "number": "44", "summary": "New remediations available" }, { "date": "2017-12-07T23:00:00.000+00:00", "number": "45", "summary": "New remediations available" }, { "date": "2018-01-30T23:00:00.000+00:00", "number": "46", "summary": "New remediations available" }, { "date": "2018-07-03T22:00:00.000+00:00", "number": "47", "summary": "New remediations available" }, { "date": "2018-07-15T22:00:00.000+00:00", "number": "48", "summary": "New remediations available" }, { "date": "2018-11-05T23:00:00.000+00:00", "number": "49", "summary": "Added references" }, { "date": "2019-01-30T23:00:00.000+00:00", "number": "50", "summary": "Neue Updates von EMC aufgenommen" }, { "date": "2019-02-07T23:00:00.000+00:00", "number": "51", "summary": "Neue Updates von NetApp aufgenommen" }, { "date": "2019-03-03T23:00:00.000+00:00", "number": "52", "summary": "Neue Updates aufgenommen" }, { "date": "2019-03-13T23:00:00.000+00:00", "number": "53", "summary": "Neue Updates von Oracle Linux aufgenommen" }, { "date": "2019-05-20T22:00:00.000+00:00", "number": "54", "summary": "Neue Updates von Red Hat aufgenommen" }, { "date": "2019-07-30T22:00:00.000+00:00", "number": "55", "summary": "Neue Updates von XEROX aufgenommen" }, { "date": "2019-08-18T22:00:00.000+00:00", "number": "56", "summary": "Neue Updates von Oracle Linux aufgenommen" }, { "date": "2019-09-26T22:00:00.000+00:00", "number": "57", "summary": "Neue Updates von Red Hat aufgenommen" }, { "date": "2020-03-30T22:00:00.000+00:00", "number": "58", "summary": "Neue Updates von EMC aufgenommen" }, { "date": "2020-09-30T22:00:00.000+00:00", "number": "59", "summary": "Neue Updates von Red Hat aufgenommen" }, { "date": "2021-03-31T22:00:00.000+00:00", "number": "60", "summary": "Neue Updates von Oracle Linux aufgenommen" }, { "date": "2021-04-15T22:00:00.000+00:00", "number": "61", "summary": "Neue Updates von Juniper aufgenommen" }, { "date": "2022-04-10T22:00:00.000+00:00", "number": "62", "summary": "Neue Updates von Oracle Linux aufgenommen" }, { "date": "2022-11-03T23:00:00.000+00:00", "number": "63", "summary": "Neue Updates von IBM aufgenommen" }, { "date": "2022-12-05T23:00:00.000+00:00", "number": "64", "summary": "Neue Updates von HP aufgenommen" }, { "date": "2024-01-25T23:00:00.000+00:00", "number": "65", "summary": "Neue Updates von Dell aufgenommen" } ], "status": "final", "version": "65" } }, "product_tree": { "branches": [ { "branches": [ { "category": "product_name", "name": "Arista EOS", "product": { "name": "Arista EOS", "product_id": "T006486", "product_identification_helper": { "cpe": "cpe:/o:arista:arista_eos:4.15" } } } ], "category": "vendor", "name": "Arista" }, { "branches": [ { "category": "product_name", "name": "Cisco Advanced Malware Protection", "product": { "name": "Cisco Advanced Malware Protection", "product_id": "T007044", "product_identification_helper": { "cpe": "cpe:/h:cisco:advanced_malware_protection:-" } } }, { "category": "product_name", "name": "Cisco AnyConnect Secure Mobility Solution", "product": { "name": "Cisco AnyConnect Secure Mobility Solution", "product_id": "148715", "product_identification_helper": { "cpe": "cpe:/a:cisco:anyconnect_secure_mobility_client:2.0" } } }, { "category": "product_name", "name": "Cisco Email Security Appliance", "product": { "name": "Cisco Email Security Appliance", "product_id": "196900", "product_identification_helper": { "cpe": "cpe:/h:cisco:email_security_appliance:-" } } }, { "category": "product_name", "name": "Cisco Emergency Responder (ER)", "product": { "name": "Cisco Emergency Responder (ER)", "product_id": "2040", "product_identification_helper": { "cpe": "cpe:/a:cisco:emergency_responder:-" } } }, { "category": "product_name", "name": "Cisco IOS", "product": { "name": "Cisco IOS", "product_id": "18557", "product_identification_helper": { "cpe": "cpe:/o:cisco:ios:10.0" } } }, { "category": "product_name", "name": "Cisco IOS XE", "product": { "name": "Cisco IOS XE", "product_id": "153141", "product_identification_helper": { "cpe": "cpe:/o:cisco:ios_xe:3.1.0s" } } }, { "category": "product_name", "name": "Cisco IP Phone", "product": { "name": "Cisco IP Phone", "product_id": "2070", "product_identification_helper": { "cpe": "cpe:/h:cisco:ip_phone:-" } } }, { "category": "product_name", "name": "Cisco MDS 9000", "product": { "name": "Cisco MDS 9000", "product_id": "T001069", "product_identification_helper": { "cpe": "cpe:/o:cisco:mds_9000:-" } } }, { "category": "product_name", "name": "Cisco Network Analysis Module", "product": { "name": "Cisco Network Analysis Module", "product_id": "2084", "product_identification_helper": { "cpe": "cpe:/h:cisco:network_analysis_module:-" } } }, { "category": "product_name", "name": "Cisco Nexus 2000", "product": { "name": "Cisco Nexus 2000", "product_id": "T003851", "product_identification_helper": { "cpe": "cpe:/h:cisco:nexus:3000" } } }, { "category": "product_name", "name": "Cisco Packet Tracer", "product": { "name": "Cisco Packet Tracer", "product_id": "131351", "product_identification_helper": { "cpe": "cpe:/a:cisco:packet_tracer:5.2" } } }, { "category": "product_name", "name": "Cisco Prime Collaboration", "product": { "name": "Cisco Prime Collaboration", "product_id": "190829", "product_identification_helper": { "cpe": "cpe:/a:cisco:prime_collaboration:-" } } }, { "category": "product_name", "name": "Cisco Prime Infrastructure", "product": { "name": "Cisco Prime Infrastructure", "product_id": "T000756", "product_identification_helper": { "cpe": "cpe:/a:cisco:prime_infrastructure:-" } } }, { "category": "product_name", "name": "Cisco Secure Access Control Server (ACS)", "product": { "name": "Cisco Secure Access Control Server (ACS)", "product_id": "138491", "product_identification_helper": { "cpe": "cpe:/a:cisco:secure_access_control_server:2.1%284%29:-:windows" } } }, { "category": "product_name", "name": "Cisco Security Manager (CSM)", "product": { "name": "Cisco Security Manager (CSM)", "product_id": "95918", "product_identification_helper": { "cpe": "cpe:/a:cisco:security_manager:-" } } }, { "category": "product_name", "name": "Cisco Show and Share", "product": { "name": "Cisco Show and Share", "product_id": "T003254", "product_identification_helper": { "cpe": "cpe:/a:cisco:show_and_share:-" } } }, { "category": "product_name", "name": "Cisco Unified Communications Domain Manager (CUCDM)", "product": { "name": "Cisco Unified Communications Domain Manager (CUCDM)", "product_id": "189046", "product_identification_helper": { "cpe": "cpe:/a:cisco:unified_communications_domain_manager:-" } } }, { "category": "product_name", "name": "Cisco Unified Communications Manager (CUCM)", "product": { "name": "Cisco Unified Communications Manager (CUCM)", "product_id": "2142", "product_identification_helper": { "cpe": "cpe:/a:cisco:unified_communications_manager:-" } } }, { "category": "product_name", "name": "Cisco Unified Contact Center Enterprise", "product": { "name": "Cisco Unified Contact Center Enterprise", "product_id": "2143", "product_identification_helper": { "cpe": "cpe:/a:cisco:unified_contact_center_enterprise:-" } } }, { "category": "product_name", "name": "Cisco Unified IP Phone", "product": { "name": "Cisco Unified IP Phone", "product_id": "T001530", "product_identification_helper": { "cpe": "cpe:/h:cisco:unified_ip_phones:::9900_series" } } }, { "category": "product_name", "name": "Cisco Unity Connection", "product": { "name": "Cisco Unity Connection", "product_id": "161504", "product_identification_helper": { "cpe": "cpe:/a:cisco:unity_connection:1.1" } } }, { "category": "product_name", "name": "Cisco Unity Express", "product": { "name": "Cisco Unity Express", "product_id": "2002", "product_identification_helper": { "cpe": "cpe:/h:cisco:unity_express:-" } } }, { "category": "product_name", "name": "Cisco WebEx Meeting Center", "product": { "name": "Cisco WebEx Meeting Center", "product_id": "T002323", "product_identification_helper": { "cpe": "cpe:/a:cisco:webex_meeting_center:-" } } }, { "category": "product_name", "name": "Cisco WebEx Meetings Server", "product": { "name": "Cisco WebEx Meetings Server", "product_id": "T001160", "product_identification_helper": { "cpe": "cpe:/a:cisco:webex_meetings_server:-" } } }, { "category": "product_name", "name": "Cisco Wide Area Application Services", "product": { "name": "Cisco Wide Area Application Services", "product_id": "2186", "product_identification_helper": { "cpe": "cpe:/a:cisco:wide_area_application_services:-" } } }, { "category": "product_name", "name": "Cisco Wireless LAN Controllers", "product": { "name": "Cisco Wireless LAN Controllers", "product_id": "1889", "product_identification_helper": { "cpe": "cpe:/a:cisco:wireless_lan_controllers:-" } } } ], "category": "vendor", "name": "Cisco" }, { "branches": [ { "category": "product_name", "name": "Debian Linux Jessie (8.0)", "product": { "name": "Debian Linux Jessie (8.0)", "product_id": "310725", "product_identification_helper": { "cpe": "cpe:/o:debian:debian_linux:8.0" } } } ], "category": "vendor", "name": "Debian" }, { "branches": [ { "category": "product_name", "name": "Dell NetWorker \u003c 19.10", "product": { "name": "Dell NetWorker \u003c 19.10", "product_id": "T032354", "product_identification_helper": { "cpe": "cpe:/a:dell:networker:19.10" } } } ], "category": "vendor", "name": "Dell" }, { "branches": [ { "category": "product_name", "name": "EMC VNX2", "product": { "name": "EMC VNX2", "product_id": "T004667", "product_identification_helper": { "cpe": "cpe:/h:emc:vnx:-" } } } ], "category": "vendor", "name": "EMC" }, { "branches": [ { "category": "product_name", "name": "F5 BIG-IP", "product": { "name": "F5 BIG-IP", "product_id": "T001663", "product_identification_helper": { "cpe": "cpe:/a:f5:big-ip:-" } } } ], "category": "vendor", "name": "F5" }, { "branches": [ { "category": "product_name", "name": "HP LaserJet", "product": { "name": "HP LaserJet", "product_id": "T000052", "product_identification_helper": { "cpe": "cpe:/h:hp:laserjet:p3015" } } } ], "category": "vendor", "name": "HP" }, { "branches": [ { "category": "product_name", "name": "HPE HP-UX", "product": { "name": "HPE HP-UX", "product_id": "4871", "product_identification_helper": { "cpe": "cpe:/o:hp:hp-ux:-" } } }, { "category": "product_name", "name": "HPE Integrated Lights-Out 4", "product": { "name": "HPE Integrated Lights-Out 4", "product_id": "138952", "product_identification_helper": { "cpe": "cpe:/h:hp:integrated_lights-out:-" } } } ], "category": "vendor", "name": "HPE" }, { "branches": [ { "category": "product_name", "name": "IBM InfoSphere Information Server 11.7", "product": { "name": "IBM InfoSphere Information Server 11.7", "product_id": "444803", "product_identification_helper": { "cpe": "cpe:/a:ibm:infosphere_information_server:11.7" } } } ], "category": "vendor", "name": "IBM" }, { "branches": [ { "category": "product_name", "name": "Juniper Junos Space \u003c 21.1R1", "product": { "name": "Juniper Junos Space \u003c 21.1R1", "product_id": "T018907", "product_identification_helper": { "cpe": "cpe:/a:juniper:junos_space:21.1r1" } } } ], "category": "vendor", "name": "Juniper" }, { "branches": [ { "category": "product_name", "name": "NetApp OnCommand Unified Manager", "product": { "name": "NetApp OnCommand Unified Manager", "product_id": "T009408", "product_identification_helper": { "cpe": "cpe:/a:netapp:oncommand_unified_manager:-" } } } ], "category": "vendor", "name": "NetApp" }, { "branches": [ { "category": "product_name", "name": "Open Source CentOS", "product": { "name": "Open Source CentOS", "product_id": "1727", "product_identification_helper": { "cpe": "cpe:/o:centos:centos:-" } } }, { "category": "product_name", "name": "Open Source OpenSSL \u003c 1.1.0", "product": { "name": "Open Source OpenSSL \u003c 1.1.0", "product_id": "T008353", "product_identification_helper": { "cpe": "cpe:/a:openssl:openssl:1.1.0" } } } ], "category": "vendor", "name": "Open Source" }, { "branches": [ { "category": "product_name", "name": "Oracle Linux", "product": { "name": "Oracle Linux", "product_id": "T004914", "product_identification_helper": { "cpe": "cpe:/o:oracle:linux:-" } } } ], "category": "vendor", "name": "Oracle" }, { "branches": [ { "category": "product_name", "name": "Red Hat Enterprise Linux", "product": { "name": "Red Hat Enterprise Linux", "product_id": "67646", "product_identification_helper": { "cpe": "cpe:/o:redhat:enterprise_linux:-" } } } ], "category": "vendor", "name": "Red Hat" }, { "branches": [ { "category": "product_name", "name": "SUSE Linux", "product": { "name": "SUSE Linux", "product_id": "T002207", "product_identification_helper": { "cpe": "cpe:/o:suse:suse_linux:-" } } } ], "category": "vendor", "name": "SUSE" }, { "branches": [ { "branches": [ { "category": "product_name", "name": "Ubuntu Linux 12.04 LTS", "product": { "name": "Ubuntu Linux 12.04 LTS", "product_id": "170497", "product_identification_helper": { "cpe": "cpe:/o:canonical:ubuntu_linux:12.04:-:lts" } } }, { "category": "product_name", "name": "Ubuntu Linux 14.04 LTS", "product": { "name": "Ubuntu Linux 14.04 LTS", "product_id": "T003005", "product_identification_helper": { "cpe": "cpe:/o:canonical:ubuntu_linux:14.04:-:lts" } } }, { "category": "product_name", "name": "Ubuntu Linux 16.04 LTS", "product": { "name": "Ubuntu Linux 16.04 LTS", "product_id": "T007521", "product_identification_helper": { "cpe": "cpe:/o:canonical:ubuntu_linux:16.04_lts" } } } ], "category": "product_name", "name": "Linux" } ], "category": "vendor", "name": "Ubuntu" }, { "branches": [ { "category": "product_name", "name": "Xerox FreeFlow Print Server", "product": { "name": "Xerox FreeFlow Print Server", "product_id": "T000700", "product_identification_helper": { "cpe": "cpe:/a:xerox:freeflow_print_server:8" } } }, { "category": "product_name", "name": "Xerox WorkCentre", "product": { "name": "Xerox WorkCentre", "product_id": "T004090", "product_identification_helper": { "cpe": "cpe:/h:xerox:workcentre:-" } } } ], "category": "vendor", "name": "Xerox" }, { "branches": [ { "category": "product_name", "name": "Cisco Aironet Access Point", "product": { "name": "Cisco Aironet Access Point", "product_id": "177610", "product_identification_helper": { "cpe": "cpe:/h:cisco:aironet_3500:-" } } }, { "category": "product_name", "name": "Cisco ACE", "product": { "name": "Cisco ACE", "product_id": "171387", "product_identification_helper": { "cpe": "cpe:/a:cisco:application_control_engine_software:a1%287%29" } } }, { "category": "product_name", "name": "Cisco Application Networking Manager", "product": { "name": "Cisco Application Networking Manager", "product_id": "T000614", "product_identification_helper": { "cpe": "cpe:/a:cisco:application_networking_manager:-" } } }, { "category": "product_name", "name": "Cisco Digital Media Manager", "product": { "name": "Cisco Digital Media Manager", "product_id": "201470", "product_identification_helper": { "cpe": "cpe:/a:cisco:digital_media_manager:-" } } }, { "category": "product_name", "name": "Cisco Intrusion Prevention System (IPS)", "product": { "name": "Cisco Intrusion Prevention System (IPS)", "product_id": "2056", "product_identification_helper": { "cpe": "cpe:/h:cisco:intrusion_prevention_system:-" } } }, { "category": "product_name", "name": "Cisco Nexus 1000V", "product": { "name": "Cisco Nexus 1000V", "product_id": "160893", "product_identification_helper": { "cpe": "cpe:/h:cisco:nexus_1000v:-" } } }, { "category": "product_name", "name": "Cisco Nexus 5000", "product": { "name": "Cisco Nexus 5000", "product_id": "110496", "product_identification_helper": { "cpe": "cpe:/h:cisco:nexus_5000:-" } } }, { "category": "product_name", "name": "Cisco Nexus 6000", "product": { "name": "Cisco Nexus 6000", "product_id": "T004721", "product_identification_helper": { "cpe": "cpe:/h:cisco:nexus_6000:-" } } }, { "category": "product_name", "name": "Cisco Nexus 7000", "product": { "name": "Cisco Nexus 7000", "product_id": "110495", "product_identification_helper": { "cpe": "cpe:/h:cisco:nexus_7000:-" } } }, { "category": "product_name", "name": "Cisco Nexus 9000", "product": { "name": "Cisco Nexus 9000", "product_id": "T004723", "product_identification_helper": { "cpe": "cpe:/h:cisco:nexus_9000:-" } } }, { "category": "product_name", "name": "Cisco ONS", "product": { "name": "Cisco ONS", "product_id": "T002252", "product_identification_helper": { "cpe": "cpe:/h:cisco:ons:15454" } } }, { "category": "product_name", "name": "Cisco Small Business 300 Series Managed Switches", "product": { "name": "Cisco Small Business 300 Series Managed Switches", "product_id": "T000752", "product_identification_helper": { "cpe": "cpe:/h:cisco:small_business_300_series_managed_switches:1.2.7.76" } } }, { "category": "product_name", "name": "Cisco TelePresence", "product": { "name": "Cisco TelePresence", "product_id": "161441", "product_identification_helper": { "cpe": "cpe:/h:cisco:telepresence_video_communication_server:-::control" } } }, { "category": "product_name", "name": "Cisco Unified Contact Center Express (UCCX)", "product": { "name": "Cisco Unified Contact Center Express (UCCX)", "product_id": "T003053", "product_identification_helper": { "cpe": "cpe:/h:cisco:unified_contact_center_express:-" } } }, { "category": "product_name", "name": "Cisco Unified MeetingPlace (MP)", "product": { "name": "Cisco Unified MeetingPlace (MP)", "product_id": "2153", "product_identification_helper": { "cpe": "cpe:/a:cisco:unified_meetingplace:-" } } }, { "category": "product_name", "name": "Cisco Video Surveillance", "product": { "name": "Cisco Video Surveillance", "product_id": "64489", "product_identification_helper": { "cpe": "cpe:/a:cisco:video_surveillance_ip_gateway_encoder_decoder:-" } } }, { "category": "product_name", "name": "Cisco WebEx Node for MCS", "product": { "name": "Cisco WebEx Node for MCS", "product_id": "T001162", "product_identification_helper": { "cpe": "cpe:/a:cisco:webex_node_for_mcs:-" } } } ], "category": "vendor", "name": "cisco" }, { "branches": [ { "category": "product_name", "name": "F5 WAN Optimization Manager", "product": { "name": "F5 WAN Optimization Manager", "product_id": "T001721", "product_identification_helper": { "cpe": "cpe:/a:f5:big-ip_wan_optimization_manager:-" } } }, { "category": "product_name", "name": "F5 WebAccelerator", "product": { "name": "F5 WebAccelerator", "product_id": "T001411", "product_identification_helper": { "cpe": "cpe:/h:f5:big-ip_webaccelerator:10.2.4" } } }, { "category": "product_name", "name": "F5 Enterprise Manager", "product": { "name": "F5 Enterprise Manager", "product_id": "T000125", "product_identification_helper": { "cpe": "cpe:/a:f5:enterprise_manager:-" } } }, { "category": "product_name", "name": "F5 FirePass", "product": { "name": "F5 FirePass", "product_id": "T001665", "product_identification_helper": { "cpe": "cpe:/a:f5:firepass:-" } } } ], "category": "vendor", "name": "f5" }, { "branches": [ { "category": "product_name", "name": "HPE SiteScope", "product": { "name": "HPE SiteScope", "product_id": "T008871", "product_identification_helper": { "cpe": "cpe:/a:hp:sitescope:-" } } } ], "category": "vendor", "name": "hp" }, { "branches": [ { "category": "product_name", "name": "SUSE Linux Enterprise Server", "product": { "name": "SUSE Linux Enterprise Server", "product_id": "T008429", "product_identification_helper": { "cpe": "cpe:/o:suse:linux_enterprise_server:12:ltss" } } } ], "category": "vendor", "name": "suse" } ] }, "vulnerabilities": [ { "cve": "CVE-2016-2183", "notes": [ { "category": "description", "text": "Es existiert eine Schwachstelle in OpenSSL im Zusammenhang mit verschl\u00fcsselten Sessions, die mit dem Verschl\u00fcsselungsalgorithmus Triple-DES (3DES) im Cipher Block Chaining (CBC) Modus chiffriert werden. Diese Schwachstelle beruht darauf, dass 3DES auf einer Blockgr\u00f6\u00dfe von 64 Bit basiert und aufgrund des Geburtstagsparadoxons bei gr\u00f6\u00dferen Datenmengen deshalb mit hoher Wahrscheinlichkeit Kollisionen im CBC Modus auftreten. In der Folge kann ein Angreifer, welcher sich in einer \"Man-in-the-Middle\" Position befindet und in der Lage ist gen\u00fcgend Datenverkehr mithilfe eines Known Plaintext Angriffs (Angreifer besitzt Geheimtext und den zugeh\u00f6rigen Klartext) zu generieren bzw. mitzulesen, diese Schwachstelle ausnutzen, um einen Kollisionsangriff durchzuf\u00fchren und verschl\u00fcsselte Inhalte offenzulegen. Voraussetzung f\u00fcr einen erfolgreichen Angriff ist, dass bei der Verschl\u00fcsselung der CBC Modus verwendet wurde und die mitgelesenen verschl\u00fcsselten Daten mit dem gleichen Session Schl\u00fcssel chiffriert wurden. Diese Angriffsmethode wird auch \"SWEET32\" genannt." } ], "product_status": { "known_affected": [ "2070", "T001160", "T009408", "138952", "2153", "T004914", "148715", "T000756", "T001721", "T000752", "T008871", "T002252", "T001162", "190829", "T006486", "T003254", "T003851", "T008429", "64489", "110495", "110496", "T004667", "161441", "2040", "2084", "T032354", "138491", "T000700", "T002207", "444803", "95918", "310725", "T002323", "T003053", "T007521", "67646", "4871", "T003005", "2056", "189046", "T000614", "2002", "T001665", "T004090", "T001069", "T001663", "177610", "18557", "T000052", "153141", "T007044", "161504", "131351", "T004721", "T004723", "2143", "2142", "2186", "160893", "196900", "170497", "T000125", "201470", "T001411", "T001530", "171387", "1727", "1889" ] }, "release_date": "2016-08-28T22:00:00Z", "title": "CVE-2016-2183" } ] }
gsd-2016-2183
Vulnerability from gsd
{ "GSD": { "alias": "CVE-2016-2183", "description": "The DES and Triple DES ciphers, as used in the TLS, SSH, and IPSec protocols and other protocols and products, have a birthday bound of approximately four billion blocks, which makes it easier for remote attackers to obtain cleartext data via a birthday attack against a long-duration encrypted session, as demonstrated by an HTTPS session using Triple DES in CBC mode, aka a \"Sweet32\" attack.", "id": "GSD-2016-2183", "references": [ "https://www.suse.com/security/cve/CVE-2016-2183.html", "https://www.debian.org/security/2016/dsa-3673", "https://access.redhat.com/errata/RHSA-2021:2438", "https://access.redhat.com/errata/RHSA-2021:0308", "https://access.redhat.com/errata/RHSA-2020:3842", "https://access.redhat.com/errata/RHSA-2020:0451", "https://access.redhat.com/errata/RHSA-2019:2859", "https://access.redhat.com/errata/RHBA-2019:2581", "https://access.redhat.com/errata/RHSA-2019:1245", "https://access.redhat.com/errata/RHSA-2018:2123", "https://access.redhat.com/errata/RHSA-2017:3240", "https://access.redhat.com/errata/RHSA-2017:3239", "https://access.redhat.com/errata/RHSA-2017:3114", "https://access.redhat.com/errata/RHSA-2017:3113", "https://access.redhat.com/errata/RHSA-2017:2710", "https://access.redhat.com/errata/RHSA-2017:2709", "https://access.redhat.com/errata/RHSA-2017:2708", "https://access.redhat.com/errata/RHSA-2017:1216", "https://access.redhat.com/errata/RHSA-2017:0462", "https://access.redhat.com/errata/RHSA-2017:0338", "https://access.redhat.com/errata/RHSA-2017:0337", "https://access.redhat.com/errata/RHSA-2017:0336", "https://ubuntu.com/security/CVE-2016-2183", "https://advisories.mageia.org/CVE-2016-2183.html", "https://security.archlinux.org/CVE-2016-2183", "https://alas.aws.amazon.com/cve/html/CVE-2016-2183.html", "https://linux.oracle.com/cve/CVE-2016-2183.html", "https://packetstormsecurity.com/files/cve/CVE-2016-2183" ] }, "gsd": { "metadata": { "exploitCode": "unknown", "remediation": "unknown", "reportConfidence": "confirmed", "type": "vulnerability" }, "osvSchema": { "aliases": [ "CVE-2016-2183" ], "details": "The DES and Triple DES ciphers, as used in the TLS, SSH, and IPSec protocols and other protocols and products, have a birthday bound of approximately four billion blocks, which makes it easier for remote attackers to obtain cleartext data via a birthday attack against a long-duration encrypted session, as demonstrated by an HTTPS session using Triple DES in CBC mode, aka a \"Sweet32\" attack.", "id": "GSD-2016-2183", "modified": "2023-12-13T01:21:19.285646Z", "schema_version": "1.4.0" } }, "namespaces": { "cve.org": { "CVE_data_meta": { "ASSIGNER": "secalert@redhat.com", "ID": "CVE-2016-2183", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_affected": "=", "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "The DES and Triple DES ciphers, as used in the TLS, SSH, and IPSec protocols and other protocols and products, have a birthday bound of approximately four billion blocks, which makes it easier for remote attackers to obtain cleartext data via a birthday attack against a long-duration encrypted session, as demonstrated by an HTTPS session using Triple DES in CBC mode, aka a \"Sweet32\" attack." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "https://www.oracle.com/security-alerts/cpuapr2020.html", "refsource": "MISC", "url": "https://www.oracle.com/security-alerts/cpuapr2020.html" }, { "name": "https://www.oracle.com/security-alerts/cpujul2020.html", "refsource": "MISC", "url": "https://www.oracle.com/security-alerts/cpujul2020.html" }, { "name": "https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html", "refsource": "MISC", "url": "https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html" }, { "name": "https://www.oracle.com/security-alerts/cpujan2020.html", "refsource": "MISC", "url": "https://www.oracle.com/security-alerts/cpujan2020.html" }, { "name": "https://sweet32.info/", "refsource": "MISC", "url": "https://sweet32.info/" }, { "name": "https://blog.cryptographyengineering.com/2016/08/24/attack-of-week-64-bit-ciphers-in-tls/", "refsource": "MISC", "url": "https://blog.cryptographyengineering.com/2016/08/24/attack-of-week-64-bit-ciphers-in-tls/" }, { "name": "https://www.teskalabs.com/blog/teskalabs-bulletin-160826-seacat-sweet32-issue", "refsource": "MISC", "url": "https://www.teskalabs.com/blog/teskalabs-bulletin-160826-seacat-sweet32-issue" }, { "name": "https://github.com/ssllabs/ssllabs-scan/issues/387#issuecomment-242514633", "refsource": "MISC", "url": "https://github.com/ssllabs/ssllabs-scan/issues/387#issuecomment-242514633" }, { "name": "https://www.sigsac.org/ccs/CCS2016/accepted-papers/", "refsource": "MISC", "url": "https://www.sigsac.org/ccs/CCS2016/accepted-papers/" }, { "name": "https://www.nccgroup.trust/us/about-us/newsroom-and-events/blog/2016/august/new-practical-attacks-on-64-bit-block-ciphers-3des-blowfish/", "refsource": "MISC", "url": "https://www.nccgroup.trust/us/about-us/newsroom-and-events/blog/2016/august/new-practical-attacks-on-64-bit-block-ciphers-3des-blowfish/" }, { "name": "https://ics-cert.us-cert.gov/advisories/ICSMA-18-058-02", "refsource": "MISC", "url": "https://ics-cert.us-cert.gov/advisories/ICSMA-18-058-02" }, { "name": "https://nakedsecurity.sophos.com/2016/08/25/anatomy-of-a-cryptographic-collision-the-sweet32-attack/", "refsource": "MISC", "url": "https://nakedsecurity.sophos.com/2016/08/25/anatomy-of-a-cryptographic-collision-the-sweet32-attack/" }, { "name": "https://www.oracle.com/security-alerts/cpuoct2020.html", "refsource": "MISC", "url": "https://www.oracle.com/security-alerts/cpuoct2020.html" }, { "name": "https://www.oracle.com/security-alerts/cpuoct2021.html", "refsource": "MISC", "url": "https://www.oracle.com/security-alerts/cpuoct2021.html" }, { "name": "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html", "refsource": "MISC", "url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html" }, { "name": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html", "refsource": "MISC", "url": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html" }, { "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21995039", "refsource": "MISC", "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21995039" }, { "name": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html", "refsource": "MISC", "url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html" }, { "name": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html", "refsource": "MISC", "url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html" }, { "name": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05385680", "refsource": "MISC", "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05385680" }, { "name": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722", "refsource": "MISC", "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722" }, { "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-412672.pdf", "refsource": "MISC", "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-412672.pdf" }, { "name": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10759", "refsource": "MISC", "url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10759" }, { "name": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10310", "refsource": "MISC", "url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10310" }, { "name": "http://www.oracle.com/technetwork/topics/security/ovmbulletinoct2016-3090547.html", "refsource": "MISC", "url": "http://www.oracle.com/technetwork/topics/security/ovmbulletinoct2016-3090547.html" }, { "name": "https://www.tenable.com/security/tns-2016-20", "refsource": "MISC", "url": "https://www.tenable.com/security/tns-2016-20" }, { "name": "http://www.splunk.com/view/SP-CAAAPSV", "refsource": "MISC", "url": "http://www.splunk.com/view/SP-CAAAPSV" }, { "name": "http://www.splunk.com/view/SP-CAAAPUE", "refsource": "MISC", "url": "http://www.splunk.com/view/SP-CAAAPUE" }, { "name": "http://lists.opensuse.org/opensuse-security-announce/2016-09/msg00022.html", "refsource": "MISC", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-09/msg00022.html" }, { "name": "http://lists.opensuse.org/opensuse-security-announce/2016-09/msg00023.html", "refsource": "MISC", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-09/msg00023.html" }, { "name": "http://lists.opensuse.org/opensuse-security-announce/2016-09/msg00024.html", "refsource": "MISC", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-09/msg00024.html" }, { "name": "http://lists.opensuse.org/opensuse-security-announce/2016-09/msg00031.html", "refsource": "MISC", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-09/msg00031.html" }, { "name": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00005.html", "refsource": "MISC", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00005.html" }, { "name": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00011.html", "refsource": "MISC", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00011.html" }, { "name": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00012.html", "refsource": "MISC", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00012.html" }, { "name": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00013.html", "refsource": "MISC", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00013.html" }, { "name": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00021.html", "refsource": "MISC", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00021.html" }, { "name": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00029.html", "refsource": "MISC", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00029.html" }, { "name": "http://lists.opensuse.org/opensuse-security-announce/2017-01/msg00068.html", "refsource": "MISC", "url": "http://lists.opensuse.org/opensuse-security-announce/2017-01/msg00068.html" }, { "name": "http://lists.opensuse.org/opensuse-security-announce/2017-02/msg00003.html", "refsource": "MISC", "url": "http://lists.opensuse.org/opensuse-security-announce/2017-02/msg00003.html" }, { "name": "http://lists.opensuse.org/opensuse-security-announce/2017-02/msg00023.html", "refsource": "MISC", "url": "http://lists.opensuse.org/opensuse-security-announce/2017-02/msg00023.html" }, { "name": "http://lists.opensuse.org/opensuse-security-announce/2017-02/msg00028.html", "refsource": "MISC", "url": "http://lists.opensuse.org/opensuse-security-announce/2017-02/msg00028.html" }, { "name": "http://lists.opensuse.org/opensuse-security-announce/2017-02/msg00032.html", "refsource": "MISC", "url": "http://lists.opensuse.org/opensuse-security-announce/2017-02/msg00032.html" }, { "name": "http://lists.opensuse.org/opensuse-security-announce/2017-05/msg00076.html", "refsource": "MISC", "url": "http://lists.opensuse.org/opensuse-security-announce/2017-05/msg00076.html" }, { "name": "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00010.html", "refsource": "MISC", "url": "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00010.html" }, { "name": "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00011.html", "refsource": "MISC", "url": "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00011.html" }, { "name": "http://lists.opensuse.org/opensuse-security-announce/2018-02/msg00032.html", "refsource": "MISC", "url": "http://lists.opensuse.org/opensuse-security-announce/2018-02/msg00032.html" }, { "name": "http://packetstormsecurity.com/files/142756/IBM-Informix-Dynamic-Server-DLL-Injection-Code-Execution.html", "refsource": "MISC", "url": "http://packetstormsecurity.com/files/142756/IBM-Informix-Dynamic-Server-DLL-Injection-Code-Execution.html" }, { "name": "http://rhn.redhat.com/errata/RHSA-2017-0336.html", "refsource": "MISC", "url": "http://rhn.redhat.com/errata/RHSA-2017-0336.html" }, { "name": "http://rhn.redhat.com/errata/RHSA-2017-0337.html", "refsource": "MISC", "url": "http://rhn.redhat.com/errata/RHSA-2017-0337.html" }, { "name": "http://rhn.redhat.com/errata/RHSA-2017-0338.html", "refsource": "MISC", "url": "http://rhn.redhat.com/errata/RHSA-2017-0338.html" }, { "name": "http://rhn.redhat.com/errata/RHSA-2017-0462.html", "refsource": "MISC", "url": "http://rhn.redhat.com/errata/RHSA-2017-0462.html" }, { "name": "http://seclists.org/fulldisclosure/2017/Jul/31", "refsource": "MISC", "url": "http://seclists.org/fulldisclosure/2017/Jul/31" }, { "name": "http://seclists.org/fulldisclosure/2017/May/105", "refsource": "MISC", "url": "http://seclists.org/fulldisclosure/2017/May/105" }, { "name": "http://www-01.ibm.com/support/docview.wss?uid=nas8N1021697", "refsource": "MISC", "url": "http://www-01.ibm.com/support/docview.wss?uid=nas8N1021697" }, { "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21991482", "refsource": "MISC", "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21991482" }, { "name": "http://www.debian.org/security/2016/dsa-3673", "refsource": "MISC", "url": "http://www.debian.org/security/2016/dsa-3673" }, { "name": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20170322-01-openssl-en", "refsource": "MISC", "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20170322-01-openssl-en" }, { "name": "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html", "refsource": "MISC", "url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html" }, { "name": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2016-3090545.html", "refsource": "MISC", "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2016-3090545.html" }, { "name": "http://www.securityfocus.com/archive/1/539885/100/0/threaded", "refsource": "MISC", "url": "http://www.securityfocus.com/archive/1/539885/100/0/threaded" }, { "name": "http://www.securityfocus.com/archive/1/540341/100/0/threaded", "refsource": "MISC", "url": "http://www.securityfocus.com/archive/1/540341/100/0/threaded" }, { "name": "http://www.securityfocus.com/archive/1/541104/100/0/threaded", "refsource": "MISC", "url": "http://www.securityfocus.com/archive/1/541104/100/0/threaded" }, { "name": "http://www.securityfocus.com/archive/1/542005/100/0/threaded", "refsource": "MISC", "url": "http://www.securityfocus.com/archive/1/542005/100/0/threaded" }, { "name": "http://www.securityfocus.com/archive/1/archive/1/539885/100/0/threaded", "refsource": "MISC", "url": "http://www.securityfocus.com/archive/1/archive/1/539885/100/0/threaded" }, { "name": "http://www.securityfocus.com/archive/1/archive/1/540129/100/0/threaded", "refsource": "MISC", "url": "http://www.securityfocus.com/archive/1/archive/1/540129/100/0/threaded" }, { "name": "http://www.securityfocus.com/archive/1/archive/1/540341/100/0/threaded", "refsource": "MISC", "url": "http://www.securityfocus.com/archive/1/archive/1/540341/100/0/threaded" }, { "name": "http://www.securityfocus.com/archive/1/archive/1/541104/100/0/threaded", "refsource": "MISC", "url": "http://www.securityfocus.com/archive/1/archive/1/541104/100/0/threaded" }, { "name": "http://www.securityfocus.com/archive/1/archive/1/542005/100/0/threaded", "refsource": "MISC", "url": "http://www.securityfocus.com/archive/1/archive/1/542005/100/0/threaded" }, { "name": "http://www.securityfocus.com/bid/92630", "refsource": "MISC", "url": "http://www.securityfocus.com/bid/92630" }, { "name": "http://www.securityfocus.com/bid/95568", "refsource": "MISC", "url": "http://www.securityfocus.com/bid/95568" }, { "name": "http://www.securitytracker.com/id/1036696", "refsource": "MISC", "url": "http://www.securitytracker.com/id/1036696" }, { "name": "http://www.ubuntu.com/usn/USN-3087-1", "refsource": "MISC", "url": "http://www.ubuntu.com/usn/USN-3087-1" }, { "name": "http://www.ubuntu.com/usn/USN-3087-2", "refsource": "MISC", "url": "http://www.ubuntu.com/usn/USN-3087-2" }, { "name": "http://www.ubuntu.com/usn/USN-3179-1", "refsource": "MISC", "url": "http://www.ubuntu.com/usn/USN-3179-1" }, { "name": "http://www.ubuntu.com/usn/USN-3194-1", "refsource": "MISC", "url": "http://www.ubuntu.com/usn/USN-3194-1" }, { "name": "http://www.ubuntu.com/usn/USN-3198-1", "refsource": "MISC", "url": "http://www.ubuntu.com/usn/USN-3198-1" }, { "name": "http://www.ubuntu.com/usn/USN-3270-1", "refsource": "MISC", "url": "http://www.ubuntu.com/usn/USN-3270-1" }, { "name": "http://www.ubuntu.com/usn/USN-3372-1", "refsource": "MISC", "url": "http://www.ubuntu.com/usn/USN-3372-1" }, { "name": "https://access.redhat.com/articles/2548661", "refsource": "MISC", "url": "https://access.redhat.com/articles/2548661" }, { "name": "https://access.redhat.com/errata/RHSA-2017:1216", "refsource": "MISC", "url": "https://access.redhat.com/errata/RHSA-2017:1216" }, { "name": "https://access.redhat.com/errata/RHSA-2017:2708", "refsource": "MISC", "url": "https://access.redhat.com/errata/RHSA-2017:2708" }, { "name": "https://access.redhat.com/errata/RHSA-2017:2709", "refsource": "MISC", "url": "https://access.redhat.com/errata/RHSA-2017:2709" }, { "name": "https://access.redhat.com/errata/RHSA-2017:2710", "refsource": "MISC", "url": "https://access.redhat.com/errata/RHSA-2017:2710" }, { "name": "https://access.redhat.com/errata/RHSA-2017:3113", "refsource": "MISC", "url": "https://access.redhat.com/errata/RHSA-2017:3113" }, { "name": "https://access.redhat.com/errata/RHSA-2017:3114", "refsource": "MISC", "url": "https://access.redhat.com/errata/RHSA-2017:3114" }, { "name": "https://access.redhat.com/errata/RHSA-2017:3239", "refsource": "MISC", "url": "https://access.redhat.com/errata/RHSA-2017:3239" }, { "name": "https://access.redhat.com/errata/RHSA-2017:3240", "refsource": "MISC", "url": "https://access.redhat.com/errata/RHSA-2017:3240" }, { "name": "https://access.redhat.com/errata/RHSA-2018:2123", "refsource": "MISC", "url": "https://access.redhat.com/errata/RHSA-2018:2123" }, { "name": "https://access.redhat.com/errata/RHSA-2019:1245", "refsource": "MISC", "url": "https://access.redhat.com/errata/RHSA-2019:1245" }, { "name": "https://access.redhat.com/errata/RHSA-2019:2859", "refsource": "MISC", "url": "https://access.redhat.com/errata/RHSA-2019:2859" }, { "name": "https://access.redhat.com/errata/RHSA-2020:0451", "refsource": "MISC", "url": "https://access.redhat.com/errata/RHSA-2020:0451" }, { "name": "https://access.redhat.com/security/cve/cve-2016-2183", "refsource": "MISC", "url": "https://access.redhat.com/security/cve/cve-2016-2183" }, { "name": "https://bto.bluecoat.com/security-advisory/sa133", "refsource": "MISC", "url": "https://bto.bluecoat.com/security-advisory/sa133" }, { "name": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-c05302448", "refsource": "MISC", "url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-c05302448" }, { "name": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-c05369403", "refsource": "MISC", "url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-c05369403" }, { "name": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-c05369415", "refsource": "MISC", "url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-c05369415" }, { "name": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-c05385680", "refsource": "MISC", "url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-c05385680" }, { "name": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-c05390722", "refsource": "MISC", "url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-c05390722" }, { "name": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-c05390849", "refsource": "MISC", "url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-c05390849" }, { "name": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbgn03765en_us", "refsource": "MISC", "url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbgn03765en_us" }, { "name": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbux03725en_us", "refsource": "MISC", "url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbux03725en_us" }, { "name": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05302448", "refsource": "MISC", "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05302448" }, { "name": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05309984", "refsource": "MISC", "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05309984" }, { "name": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05323116", "refsource": "MISC", "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05323116" }, { "name": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05349499", "refsource": "MISC", "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05349499" }, { "name": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05356388", "refsource": "MISC", "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05356388" }, { "name": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05369403", "refsource": "MISC", "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05369403" }, { "name": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05369415", "refsource": "MISC", "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05369415" }, { "name": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390849", "refsource": "MISC", "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390849" }, { "name": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA40312", "refsource": "MISC", "url": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA40312" }, { "name": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10171", "refsource": "MISC", "url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10171" }, { "name": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10186", "refsource": "MISC", "url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10186" }, { "name": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10197", "refsource": "MISC", "url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10197" }, { "name": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10215", "refsource": "MISC", "url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10215" }, { "name": "https://nodejs.org/en/blog/vulnerability/september-2016-security-releases/", "refsource": "MISC", "url": "https://nodejs.org/en/blog/vulnerability/september-2016-security-releases/" }, { "name": "https://seclists.org/bugtraq/2018/Nov/21", "refsource": "MISC", "url": "https://seclists.org/bugtraq/2018/Nov/21" }, { "name": "https://security.gentoo.org/glsa/201612-16", "refsource": "MISC", "url": "https://security.gentoo.org/glsa/201612-16" }, { "name": "https://security.gentoo.org/glsa/201701-65", "refsource": "MISC", "url": "https://security.gentoo.org/glsa/201701-65" }, { "name": "https://security.gentoo.org/glsa/201707-01", "refsource": "MISC", "url": "https://security.gentoo.org/glsa/201707-01" }, { "name": "https://security.netapp.com/advisory/ntap-20160915-0001/", "refsource": "MISC", "url": "https://security.netapp.com/advisory/ntap-20160915-0001/" }, { "name": "https://security.netapp.com/advisory/ntap-20170119-0001/", "refsource": "MISC", "url": "https://security.netapp.com/advisory/ntap-20170119-0001/" }, { "name": "https://softwaresupport.softwaregrp.com/document/-/facetsearch/document/KM03158613", "refsource": "MISC", "url": "https://softwaresupport.softwaregrp.com/document/-/facetsearch/document/KM03158613" }, { "name": "https://softwaresupport.softwaregrp.com/document/-/facetsearch/document/KM03286178", "refsource": "MISC", "url": "https://softwaresupport.softwaregrp.com/document/-/facetsearch/document/KM03286178" }, { "name": "https://support.f5.com/csp/article/K13167034", "refsource": "MISC", "url": "https://support.f5.com/csp/article/K13167034" }, { "name": "https://wiki.opendaylight.org/view/Security_Advisories", "refsource": "MISC", "url": "https://wiki.opendaylight.org/view/Security_Advisories" }, { "name": "https://www.arista.com/en/support/advisories-notices/security-advisories/1749-security-advisory-24", "refsource": "MISC", "url": "https://www.arista.com/en/support/advisories-notices/security-advisories/1749-security-advisory-24" }, { "name": "https://www.exploit-db.com/exploits/42091/", "refsource": "MISC", "url": "https://www.exploit-db.com/exploits/42091/" }, { "name": "https://www.ietf.org/mail-archive/web/tls/current/msg04560.html", "refsource": "MISC", "url": "https://www.ietf.org/mail-archive/web/tls/current/msg04560.html" }, { "name": "https://www.mitel.com/en-ca/support/security-advisories/mitel-product-security-advisory-17-0008", "refsource": "MISC", "url": "https://www.mitel.com/en-ca/support/security-advisories/mitel-product-security-advisory-17-0008" }, { "name": "https://www.openssl.org/blog/blog/2016/08/24/sweet32/", "refsource": "MISC", "url": "https://www.openssl.org/blog/blog/2016/08/24/sweet32/" }, { "name": "https://www.tenable.com/security/tns-2016-16", "refsource": "MISC", "url": "https://www.tenable.com/security/tns-2016-16" }, { "name": "https://www.tenable.com/security/tns-2016-21", "refsource": "MISC", "url": "https://www.tenable.com/security/tns-2016-21" }, { "name": "https://www.tenable.com/security/tns-2017-09", "refsource": "MISC", "url": "https://www.tenable.com/security/tns-2017-09" }, { "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1369383", "refsource": "MISC", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1369383" } ] } }, "nvd.nist.gov": { "configurations": { "CVE_data_version": "4.0", "nodes": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:redhat:jboss_enterprise_application_platform:6.0.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:redhat:jboss_enterprise_web_server:2.0.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:redhat:jboss_enterprise_web_server:1.0.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:redhat:jboss_web_server:3.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:a:python:python:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "3.4.7", "versionStartIncluding": "3.4.0", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:python:python:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "3.5.3", "versionStartIncluding": "3.5.0", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:python:python:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "2.7.13", "versionStartIncluding": "2.7.0", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:a:cisco:content_security_management_appliance:9.7.0-006:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:cisco:content_security_management_appliance:9.6.6-068:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1m:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.2a:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1j:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1h:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.2e:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1r:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.2b:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1c:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1g:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1a:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.2h:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1d:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1t:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.2c:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1p:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1k:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1b:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1n:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1q:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1e:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1l:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1f:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1o:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.2f:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1i:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.2d:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:a:oracle:database:12.1.0.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:database:11.2.0.4:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:a:nodejs:node.js:*:*:*:*:-:*:*:*", "cpe_name": [], "versionEndExcluding": "6.7.0", "versionStartIncluding": "6.0.0", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:nodejs:node.js:*:*:*:*:-:*:*:*", "cpe_name": [], "versionEndExcluding": "4.1.2", "versionStartIncluding": "4.0.0", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:nodejs:node.js:*:*:*:*:lts:*:*:*", "cpe_name": [], "versionEndExcluding": "4.6.0", "versionStartIncluding": "4.2.0", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "0.12.16", "versionStartIncluding": "0.12.0", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "0.10.47", "versionStartIncluding": "0.10.0", "vulnerable": true } ], "operator": "OR" } ] }, "cve": { "CVE_data_meta": { "ASSIGNER": "secalert@redhat.com", "ID": "CVE-2016-2183" }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "en", "value": "The DES and Triple DES ciphers, as used in the TLS, SSH, and IPSec protocols and other protocols and products, have a birthday bound of approximately four billion blocks, which makes it easier for remote attackers to obtain cleartext data via a birthday attack against a long-duration encrypted session, as demonstrated by an HTTPS session using Triple DES in CBC mode, aka a \"Sweet32\" attack." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "en", "value": "CWE-200" } ] } ] }, "references": { "reference_data": [ { "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1369383", "refsource": "CONFIRM", "tags": [ "Issue Tracking", "Third Party Advisory" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1369383" }, { "name": "https://www.openssl.org/blog/blog/2016/08/24/sweet32/", "refsource": "CONFIRM", "tags": [ "Mitigation", "Press/Media Coverage", "Third Party Advisory" ], "url": "https://www.openssl.org/blog/blog/2016/08/24/sweet32/" }, { "name": "https://access.redhat.com/articles/2548661", "refsource": "CONFIRM", "tags": [ "Mitigation", "Third Party Advisory" ], "url": "https://access.redhat.com/articles/2548661" }, { "name": "[tls] 20091120 RC4+3DES rekeying - long-lived TLS connections", "refsource": "MLIST", "tags": [ "Mailing List", "Third Party Advisory" ], "url": "https://www.ietf.org/mail-archive/web/tls/current/msg04560.html" }, { "name": "https://www.nccgroup.trust/us/about-us/newsroom-and-events/blog/2016/august/new-practical-attacks-on-64-bit-block-ciphers-3des-blowfish/", "refsource": "MISC", "tags": [ "Press/Media Coverage", "Technical Description", "Third Party Advisory" ], "url": "https://www.nccgroup.trust/us/about-us/newsroom-and-events/blog/2016/august/new-practical-attacks-on-64-bit-block-ciphers-3des-blowfish/" }, { "name": "https://github.com/ssllabs/ssllabs-scan/issues/387#issuecomment-242514633", "refsource": "MISC", "tags": [ "Third Party Advisory" ], "url": "https://github.com/ssllabs/ssllabs-scan/issues/387#issuecomment-242514633" }, { "name": "https://blog.cryptographyengineering.com/2016/08/24/attack-of-week-64-bit-ciphers-in-tls/", "refsource": "MISC", "tags": [ "Press/Media Coverage", "Technical Description", "Third Party Advisory" ], "url": "https://blog.cryptographyengineering.com/2016/08/24/attack-of-week-64-bit-ciphers-in-tls/" }, { "name": "https://www.sigsac.org/ccs/CCS2016/accepted-papers/", "refsource": "MISC", "tags": [ "Third Party Advisory" ], "url": "https://www.sigsac.org/ccs/CCS2016/accepted-papers/" }, { "name": "https://www.teskalabs.com/blog/teskalabs-bulletin-160826-seacat-sweet32-issue", "refsource": "MISC", "tags": [ "Third Party Advisory" ], "url": "https://www.teskalabs.com/blog/teskalabs-bulletin-160826-seacat-sweet32-issue" }, { "name": "https://access.redhat.com/security/cve/cve-2016-2183", "refsource": "CONFIRM", "tags": [ "Third Party Advisory" ], "url": "https://access.redhat.com/security/cve/cve-2016-2183" }, { "name": "https://nakedsecurity.sophos.com/2016/08/25/anatomy-of-a-cryptographic-collision-the-sweet32-attack/", "refsource": "MISC", "tags": [ "Press/Media Coverage", "Technical Description", "Third Party Advisory" ], "url": "https://nakedsecurity.sophos.com/2016/08/25/anatomy-of-a-cryptographic-collision-the-sweet32-attack/" }, { "name": "https://sweet32.info/", "refsource": "MISC", "tags": [ "Technical Description", "Third Party Advisory" ], "url": "https://sweet32.info/" }, { "name": "SUSE-SU-2016:2470", "refsource": "SUSE", "tags": [ "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00013.html" }, { "name": "https://nodejs.org/en/blog/vulnerability/september-2016-security-releases/", "refsource": "CONFIRM", "tags": [ "Third Party Advisory" ], "url": "https://nodejs.org/en/blog/vulnerability/september-2016-security-releases/" }, { "name": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05302448", "refsource": "CONFIRM", "tags": [ "Third Party Advisory" ], "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05302448" }, { "name": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05309984", "refsource": "CONFIRM", "tags": [ "Third Party Advisory" ], "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05309984" }, { "name": "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html", "refsource": "CONFIRM", "tags": [ "Patch", "Third Party Advisory" ], "url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html" }, { "name": "http://www.oracle.com/technetwork/topics/security/ovmbulletinoct2016-3090547.html", "refsource": "CONFIRM", "tags": [ "Third Party Advisory" ], "url": "http://www.oracle.com/technetwork/topics/security/ovmbulletinoct2016-3090547.html" }, { "name": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2016-3090545.html", "refsource": "CONFIRM", "tags": [ "Third Party Advisory" ], "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2016-3090545.html" }, { "name": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05323116", "refsource": "CONFIRM", "tags": [ "Third Party Advisory" ], "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05323116" }, { "name": "92630", "refsource": "BID", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/92630" }, { "name": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05349499", "refsource": "CONFIRM", "tags": [ "Third Party Advisory" ], "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05349499" }, { "name": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05356388", "refsource": "CONFIRM", "tags": [ "Third Party Advisory" ], "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05356388" }, { "name": "http://www.splunk.com/view/SP-CAAAPUE", "refsource": "CONFIRM", "tags": [ "Third Party Advisory" ], "url": "http://www.splunk.com/view/SP-CAAAPUE" }, { "name": "http://www.splunk.com/view/SP-CAAAPSV", "refsource": "CONFIRM", "tags": [ "Third Party Advisory" ], "url": "http://www.splunk.com/view/SP-CAAAPSV" }, { "name": "GLSA-201612-16", "refsource": "GENTOO", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201612-16" }, { "name": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10171", "refsource": "CONFIRM", "tags": [ "Third Party Advisory" ], "url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10171" }, { "name": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA40312", "refsource": "CONFIRM", "tags": [ "Third Party Advisory" ], "url": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA40312" }, { "name": "https://bto.bluecoat.com/security-advisory/sa133", "refsource": "CONFIRM", "tags": [ "Third Party Advisory" ], "url": "https://bto.bluecoat.com/security-advisory/sa133" }, { "name": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10759", "refsource": "CONFIRM", "tags": [ "Third Party Advisory" ], "url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10759" }, { "name": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05369403", "refsource": "CONFIRM", "tags": [ "Third Party Advisory" ], "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05369403" }, { "name": "95568", "refsource": "BID", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/95568" }, { "name": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05369415", "refsource": "CONFIRM", "tags": [ "Third Party Advisory" ], "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05369415" }, { "name": "https://www.tenable.com/security/tns-2016-16", "refsource": "CONFIRM", "tags": [ "Third Party Advisory" ], "url": "https://www.tenable.com/security/tns-2016-16" }, { "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21995039", "refsource": "CONFIRM", "tags": [ "Third Party Advisory" ], "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21995039" }, { "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21991482", "refsource": "CONFIRM", "tags": [ "Third Party Advisory" ], "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21991482" }, { "name": "http://www-01.ibm.com/support/docview.wss?uid=nas8N1021697", "refsource": "CONFIRM", "tags": [ "Third Party Advisory" ], "url": "http://www-01.ibm.com/support/docview.wss?uid=nas8N1021697" }, { "name": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05385680", "refsource": "CONFIRM", "tags": [ "Third Party Advisory" ], "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05385680" }, { "name": "GLSA-201701-65", "refsource": "GENTOO", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201701-65" }, { "name": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722", "refsource": "CONFIRM", "tags": [ "Third Party Advisory" ], "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722" }, { "name": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390849", "refsource": "CONFIRM", "tags": [ "Third Party Advisory" ], "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390849" }, { "name": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbux03725en_us", "refsource": "CONFIRM", "tags": [ "Third Party Advisory" ], "url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbux03725en_us" }, { "name": "GLSA-201707-01", "refsource": "GENTOO", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201707-01" }, { "name": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html", "refsource": "CONFIRM", "tags": [ "Patch", "Third Party Advisory" ], "url": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html" }, { "name": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbgn03765en_us", "refsource": "CONFIRM", "tags": [ "Third Party Advisory" ], "url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbgn03765en_us" }, { "name": "1036696", "refsource": "SECTRACK", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1036696" }, { "name": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html", "refsource": "CONFIRM", "tags": [ "Patch", "Third Party Advisory" ], "url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html" }, { "name": "https://www.tenable.com/security/tns-2017-09", "refsource": "CONFIRM", "tags": [ "Third Party Advisory" ], "url": "https://www.tenable.com/security/tns-2017-09" }, { "name": "https://www.tenable.com/security/tns-2016-21", "refsource": "CONFIRM", "tags": [ "Third Party Advisory" ], "url": "https://www.tenable.com/security/tns-2016-21" }, { "name": "https://www.tenable.com/security/tns-2016-20", "refsource": "CONFIRM", "tags": [ "Third Party Advisory" ], "url": "https://www.tenable.com/security/tns-2016-20" }, { "name": "https://security.netapp.com/advisory/ntap-20170119-0001/", "refsource": "CONFIRM", "tags": [ "Third Party Advisory" ], "url": "https://security.netapp.com/advisory/ntap-20170119-0001/" }, { "name": "https://security.netapp.com/advisory/ntap-20160915-0001/", "refsource": "CONFIRM", "tags": [ "Third Party Advisory" ], "url": "https://security.netapp.com/advisory/ntap-20160915-0001/" }, { "name": "RHSA-2017:3240", "refsource": "REDHAT", "tags": [ "Third Party Advisory" ], "url": "https://access.redhat.com/errata/RHSA-2017:3240" }, { "name": "RHSA-2017:3239", "refsource": "REDHAT", "tags": [ "Third Party Advisory" ], "url": "https://access.redhat.com/errata/RHSA-2017:3239" }, { "name": "RHSA-2017:3114", "refsource": "REDHAT", "tags": [ "Third Party Advisory" ], "url": "https://access.redhat.com/errata/RHSA-2017:3114" }, { "name": "RHSA-2017:3113", "refsource": "REDHAT", "tags": [ "Third Party Advisory" ], "url": "https://access.redhat.com/errata/RHSA-2017:3113" }, { "name": "RHSA-2017:2710", "refsource": "REDHAT", "tags": [ "Third Party Advisory" ], "url": "https://access.redhat.com/errata/RHSA-2017:2710" }, { "name": "RHSA-2017:2709", "refsource": "REDHAT", "tags": [ "Third Party Advisory" ], "url": "https://access.redhat.com/errata/RHSA-2017:2709" }, { "name": "RHSA-2017:2708", "refsource": "REDHAT", "tags": [ "Third Party Advisory" ], "url": "https://access.redhat.com/errata/RHSA-2017:2708" }, { "name": "RHSA-2017:1216", "refsource": "REDHAT", "tags": [ "Third Party Advisory" ], "url": "https://access.redhat.com/errata/RHSA-2017:1216" }, { "name": "RHSA-2017:0462", "refsource": "REDHAT", "tags": [ "Third Party Advisory" ], "url": "http://rhn.redhat.com/errata/RHSA-2017-0462.html" }, { "name": "RHSA-2017:0338", "refsource": "REDHAT", "tags": [ "Third Party Advisory" ], "url": "http://rhn.redhat.com/errata/RHSA-2017-0338.html" }, { "name": "RHSA-2017:0337", "refsource": "REDHAT", "tags": [ "Third Party Advisory" ], "url": "http://rhn.redhat.com/errata/RHSA-2017-0337.html" }, { "name": "RHSA-2017:0336", "refsource": "REDHAT", "tags": [ "Third Party Advisory" ], "url": "http://rhn.redhat.com/errata/RHSA-2017-0336.html" }, { "name": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html", "refsource": "CONFIRM", "tags": [ "Patch", "Third Party Advisory" ], "url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html" }, { "name": "https://ics-cert.us-cert.gov/advisories/ICSMA-18-058-02", "refsource": "MISC", "tags": [ "Third Party Advisory", "US Government Resource" ], "url": "https://ics-cert.us-cert.gov/advisories/ICSMA-18-058-02" }, { "name": "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html", "refsource": "CONFIRM", "tags": [ "Patch", "Third Party Advisory" ], "url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html" }, { "name": "RHSA-2018:2123", "refsource": "REDHAT", "tags": [ "Third Party Advisory" ], "url": "https://access.redhat.com/errata/RHSA-2018:2123" }, { "name": "https://www.mitel.com/en-ca/support/security-advisories/mitel-product-security-advisory-17-0008", "refsource": "CONFIRM", "tags": [ "Third Party Advisory" ], "url": "https://www.mitel.com/en-ca/support/security-advisories/mitel-product-security-advisory-17-0008" }, { "name": "RHSA-2019:1245", "refsource": "REDHAT", "tags": [ "Third Party Advisory" ], "url": "https://access.redhat.com/errata/RHSA-2019:1245" }, { "name": "https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html", "refsource": "MISC", "tags": [ "Patch", "Third Party Advisory" ], "url": "https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html" }, { "name": "RHSA-2019:2859", "refsource": "REDHAT", "tags": [ "Third Party Advisory" ], "url": "https://access.redhat.com/errata/RHSA-2019:2859" }, { "name": "https://www.oracle.com/security-alerts/cpujan2020.html", "refsource": "MISC", "tags": [ "Third Party Advisory" ], "url": "https://www.oracle.com/security-alerts/cpujan2020.html" }, { "name": "RHSA-2020:0451", "refsource": "REDHAT", "tags": [ "Third Party Advisory" ], "url": "https://access.redhat.com/errata/RHSA-2020:0451" }, { "name": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10310", "refsource": "CONFIRM", "tags": [ "Third Party Advisory" ], "url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10310" }, { "name": "N/A", "refsource": "N/A", "tags": [ "Third Party Advisory" ], "url": "https://www.oracle.com/security-alerts/cpuapr2020.html" }, { "name": "https://www.oracle.com/security-alerts/cpujul2020.html", "refsource": "MISC", "tags": [ "Third Party Advisory" ], "url": "https://www.oracle.com/security-alerts/cpujul2020.html" }, { "name": "https://www.oracle.com/security-alerts/cpuoct2020.html", "refsource": "MISC", "tags": [ "Third Party Advisory" ], "url": "https://www.oracle.com/security-alerts/cpuoct2020.html" }, { "name": "https://www.oracle.com/security-alerts/cpuoct2021.html", "refsource": "MISC", "tags": [ "Third Party Advisory" ], "url": "https://www.oracle.com/security-alerts/cpuoct2021.html" }, { "name": "USN-3270-1", "refsource": "UBUNTU", "tags": [ "Third Party Advisory" ], "url": "http://www.ubuntu.com/usn/USN-3270-1" }, { "name": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-c05369415", "refsource": "CONFIRM", "tags": [ "Third Party Advisory" ], "url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-c05369415" }, { "name": "SUSE-SU-2017:0490", "refsource": "SUSE", "tags": [ "Mailing List", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2017-02/msg00028.html" }, { "name": "20170329 [security bulletin] HPESBUX03725 rev.1 - HPE HP-UX Web Server Suite running Apache, Multiple Vulnerabilities", "refsource": "BUGTRAQ", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/archive/1/archive/1/540341/100/0/threaded" }, { "name": "SUSE-SU-2017:0346", "refsource": "SUSE", "tags": [ "Mailing List", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2017-01/msg00068.html" }, { "name": "20181113 [security bulletin] MFSBGN03831 rev. - Service Management Automation, remote disclosure of information", "refsource": "BUGTRAQ", "tags": [ "Mailing List", "Third Party Advisory" ], "url": "https://seclists.org/bugtraq/2018/Nov/21" }, { "name": "SUSE-SU-2017:2699", "refsource": "SUSE", "tags": [ "Mailing List", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00010.html" }, { "name": "openSUSE-SU-2016:2537", "refsource": "SUSE", "tags": [ "Mailing List", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00029.html" }, { "name": "https://www.arista.com/en/support/advisories-notices/security-advisories/1749-security-advisory-24", "refsource": "MISC", "tags": [ "Third Party Advisory" ], "url": "https://www.arista.com/en/support/advisories-notices/security-advisories/1749-security-advisory-24" }, { "name": "USN-3372-1", "refsource": "UBUNTU", "tags": [ "Third Party Advisory" ], "url": "http://www.ubuntu.com/usn/USN-3372-1" }, { "name": "SUSE-SU-2016:2469", "refsource": "SUSE", "tags": [ "Mailing List", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00012.html" }, { "name": "20170529 SSD Advisory - IBM Informix Dynamic Server and Informix Open Admin Tool Multiple Vulnerabilities", "refsource": "FULLDISC", "tags": [ "Mailing List", "Third Party Advisory" ], "url": "http://seclists.org/fulldisclosure/2017/May/105" }, { "name": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-c05385680", "refsource": "CONFIRM", "tags": [ "Third Party Advisory" ], "url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-c05385680" }, { "name": "https://softwaresupport.softwaregrp.com/document/-/facetsearch/document/KM03158613", "refsource": "CONFIRM", "tags": [ "Third Party Advisory" ], "url": "https://softwaresupport.softwaregrp.com/document/-/facetsearch/document/KM03158613" }, { "name": "https://wiki.opendaylight.org/view/Security_Advisories", "refsource": "CONFIRM", "tags": [ "Third Party Advisory" ], "url": "https://wiki.opendaylight.org/view/Security_Advisories" }, { "name": "USN-3087-2", "refsource": "UBUNTU", "tags": [ "Third Party Advisory" ], "url": "http://www.ubuntu.com/usn/USN-3087-2" }, { "name": "20180510 [security bulletin] MFSBGN03805 - HP Service Manager, Remote Disclosure of Information", "refsource": "BUGTRAQ", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/archive/1/archive/1/542005/100/0/threaded" }, { "name": "openSUSE-SU-2017:0374", "refsource": "SUSE", "tags": [ "Mailing List", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2017-02/msg00003.html" }, { "name": "SUSE-SU-2016:2468", "refsource": "SUSE", "tags": [ "Mailing List", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00011.html" }, { "name": "USN-3087-1", "refsource": "UBUNTU", "tags": [ "Third Party Advisory" ], "url": "http://www.ubuntu.com/usn/USN-3087-1" }, { "name": "openSUSE-SU-2016:2407", "refsource": "SUSE", "tags": [ "Mailing List", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-09/msg00031.html" }, { "name": "USN-3194-1", "refsource": "UBUNTU", "tags": [ "Third Party Advisory" ], "url": "http://www.ubuntu.com/usn/USN-3194-1" }, { "name": "USN-3179-1", "refsource": "UBUNTU", "tags": [ "Third Party Advisory" ], "url": "http://www.ubuntu.com/usn/USN-3179-1" }, { "name": "USN-3198-1", "refsource": "UBUNTU", "tags": [ "Third Party Advisory" ], "url": "http://www.ubuntu.com/usn/USN-3198-1" }, { "name": "20170717 Orion Elite Hidden IP Browser Pro - All Versions - Multiple Known Vulnerabilities", "refsource": "FULLDISC", "tags": [ "Mailing List", "Third Party Advisory" ], "url": "http://seclists.org/fulldisclosure/2017/Jul/31" }, { "name": "openSUSE-SU-2016:2496", "refsource": "SUSE", "tags": [ "Mailing List", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00021.html" }, { "name": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-c05369403", "refsource": "CONFIRM", "tags": [ "Third Party Advisory" ], "url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-c05369403" }, { "name": "openSUSE-SU-2017:0513", "refsource": "SUSE", "tags": [ "Mailing List", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2017-02/msg00032.html" }, { "name": "SUSE-SU-2016:2387", "refsource": "SUSE", "tags": [ "Mailing List", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-09/msg00022.html" }, { "name": "20170831 [security bulletin] HPESBGN03765 rev.2 - HPE LoadRunner and HPE Performance Center, Remote Disclosure of Information", "refsource": "BUGTRAQ", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/archive/1/archive/1/541104/100/0/threaded" }, { "name": "20161207 [security bulletin] HPSBHF03674 rev.1 HPE Comware 5 and Comware 7 Network Products using SSL/TLS, Remote Disclosure of Information", "refsource": "BUGTRAQ", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/archive/1/archive/1/539885/100/0/threaded" }, { "name": "SUSE-SU-2017:0460", "refsource": "SUSE", "tags": [ "Mailing List", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2017-02/msg00023.html" }, { "name": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10215", "refsource": "CONFIRM", "tags": [ "Third Party Advisory" ], "url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10215" }, { "name": "20161207 [security bulletin] HPSBHF03674 rev.1 HPE Comware 5 and Comware 7 Network Products using SSL/TLS, Remote Disclosure of Information", "refsource": "BUGTRAQ", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/archive/1/539885/100/0/threaded" }, { "name": "SUSE-SU-2016:2458", "refsource": "SUSE", "tags": [ "Mailing List", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00005.html" }, { "name": "20180510 [security bulletin] MFSBGN03805 - HP Service Manager, Remote Disclosure of Information", "refsource": "BUGTRAQ", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/archive/1/542005/100/0/threaded" }, { "name": "https://support.f5.com/csp/article/K13167034", "refsource": "CONFIRM", "tags": [ "Third Party Advisory" ], "url": "https://support.f5.com/csp/article/K13167034" }, { "name": "42091", "refsource": "EXPLOIT-DB", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "https://www.exploit-db.com/exploits/42091/" }, { "name": "20170214 [security bulletin] HPESBGN03697 rev.1 - HPE Business Service Management (BSM), Remote Disclosure of Information", "refsource": "BUGTRAQ", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/archive/1/archive/1/540129/100/0/threaded" }, { "name": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-c05390849", "refsource": "CONFIRM", "tags": [ "Third Party Advisory" ], "url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-c05390849" }, { "name": "DSA-3673", "refsource": "DEBIAN", "tags": [ "Third Party Advisory" ], "url": "http://www.debian.org/security/2016/dsa-3673" }, { "name": "SUSE-SU-2016:2394", "refsource": "SUSE", "tags": [ "Mailing List", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-09/msg00024.html" }, { "name": "20170831 [security bulletin] HPESBGN03765 rev.2 - HPE LoadRunner and HPE Performance Center, Remote Disclosure of Information", "refsource": "BUGTRAQ", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/archive/1/541104/100/0/threaded" }, { "name": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-c05390722", "refsource": "CONFIRM", "tags": [ "Third Party Advisory" ], "url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-c05390722" }, { "name": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10186", "refsource": "CONFIRM", "tags": [ "Third Party Advisory" ], "url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10186" }, { "name": "http://packetstormsecurity.com/files/142756/IBM-Informix-Dynamic-Server-DLL-Injection-Code-Execution.html", "refsource": "MISC", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "http://packetstormsecurity.com/files/142756/IBM-Informix-Dynamic-Server-DLL-Injection-Code-Execution.html" }, { "name": "openSUSE-SU-2018:0458", "refsource": "SUSE", "tags": [ "Mailing List", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2018-02/msg00032.html" }, { "name": "https://softwaresupport.softwaregrp.com/document/-/facetsearch/document/KM03286178", "refsource": "CONFIRM", "tags": [ "Third Party Advisory" ], "url": "https://softwaresupport.softwaregrp.com/document/-/facetsearch/document/KM03286178" }, { "name": "openSUSE-SU-2016:2391", "refsource": "SUSE", "tags": [ "Mailing List", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-09/msg00023.html" }, { "name": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20170322-01-openssl-en", "refsource": "CONFIRM", "tags": [ "Third Party Advisory" ], "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20170322-01-openssl-en" }, { "name": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10197", "refsource": "CONFIRM", "tags": [ "Third Party Advisory" ], "url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10197" }, { "name": "SUSE-SU-2017:1444", "refsource": "SUSE", "tags": [ "Mailing List", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2017-05/msg00076.html" }, { "name": "SUSE-SU-2017:2700", "refsource": "SUSE", "tags": [ "Mailing List", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00011.html" }, { "name": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-c05302448", "refsource": "CONFIRM", "tags": [ "Third Party Advisory" ], "url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-c05302448" }, { "name": "20170329 [security bulletin] HPESBUX03725 rev.1 - HPE HP-UX Web Server Suite running Apache, Multiple Vulnerabilities", "refsource": "BUGTRAQ", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/archive/1/540341/100/0/threaded" }, { "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-412672.pdf", "refsource": "CONFIRM", "tags": [], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-412672.pdf" } ] } }, "impact": { "baseMetricV2": { "acInsufInfo": false, "cvssV2": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0" }, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "MEDIUM", "userInteractionRequired": false }, "baseMetricV3": { "cvssV3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1" }, "exploitabilityScore": 3.9, "impactScore": 3.6 } }, "lastModifiedDate": "2023-02-12T23:17Z", "publishedDate": "2016-09-01T00:59Z" } } }
CVE-2016-2183
Vulnerability from jvndb
{ "@rdf:about": "https://jvndb.jvn.jp/en/contents/2023/JVNDB-2023-000029.html", "dc:date": "2024-05-27T17:08+09:00", "dcterms:issued": "2023-03-31T15:54+09:00", "dcterms:modified": "2024-05-27T17:08+09:00", "description": "SkyBridge MB-A100/A110/A200/A130 SkySpider MB-R210 provided by Seiko Solutions Inc. contain multiple vulnerabilities listed below.\r\n\u003cul\u003e\r\n\u003cli\u003eExposure of sensitive information to an unauthorized actor (CWE-200) - CVE-2016-2183\r\n\u003cli\u003eCommand injection (CWE-77) - CVE-2022-36556\r\n\u003cli\u003eUnrestricted upload of file with dangerous type (CWE-434) - CVE-2022-36557\r\n\u003cli\u003eUse of hard-coded credentials (CWE-798) - CVE-2022-36558\r\n\u003cli\u003eCommand injection (CWE-77) - CVE-2022-36559\r\n\u003cli\u003eUse of hard-coded credentials (CWE-798) - CVE-2022-36560\r\n\u003cli\u003eImproper privilege management (CWE-269) - CVE-2023-22361\r\n\u003cli\u003eMissing authentication for critical function (CWE-306) - CVE-2023-22441\r\n\u003cli\u003eImproper access control (CWE-284) - CVE-2023-23578\r\n\u003cli\u003eImproper following of a certificate\u0027s chain of trust (CWE-296) - CVE-2023-23901\r\n\u003cli\u003eMissing authentication for critical function (CWE-306) - CVE-2023-23906\r\n\u003cli\u003eCleartext storage of sensitive information (CWE-312) - CVE-2023-24586\r\n\u003cli\u003eCleartext transmission of sensitive information (CWE-319) - CVE-2023-25070\r\n\u003cli\u003eUse of weak credentials (CWE-1391) - CVE-2023-25072\r\n\u003cli\u003eUse of weak credentials (CWE-1391) - CVE-2023-25184\r\n\u003c/ul\u003e\r\nThe developer states that attacks exploiting CVE-2022-36556 have been observed.\r\n\r\n\r\nCVE-2023-22441\r\nMASAHIRO IIDA of LAC Co., Ltd. reported this vulnerability to IPA.\r\nJPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.\r\n\r\nCVE-2016-2183, CVE-2022-36556, CVE-2022-36557, CVE-2022-36558, CVE-2022-36559, CVE-2022-36560, CVE-2023-22361, CVE-2023-23578, CVE-2023-23901, CVE-2023-23906, CVE-2023-24586, CVE-2023-25070, CVE-2023-25072, CVE-2023-25184\r\nThomas J. Knudsen and Samy Younsi of NeroTeam Security Labs reported these vulnerabilities to JPCERT/CC.\r\nJPCERT/CC coordinated with the developer.", "link": "https://jvndb.jvn.jp/en/contents/2023/JVNDB-2023-000029.html", "sec:cpe": [ { "#text": "cpe:/o:seiko-sol:skybridge_basic_mb-a130_firmware", "@product": "SkyBridge BASIC MB-A130 firmware", "@vendor": "Seiko Solutions Inc.", "@version": "2.2" }, { "#text": "cpe:/o:seiko-sol:skybridge_mb-a100_firmware", "@product": "SkyBridge MB-A100 firmware", "@vendor": "Seiko Solutions Inc.", "@version": "2.2" }, { "#text": "cpe:/o:seiko-sol:skybridge_mb-a110_firmware", "@product": "SkyBridge MB-A110 firmware", "@vendor": "Seiko Solutions Inc.", "@version": "2.2" }, { "#text": "cpe:/o:seiko-sol:skybridge_mb-a200_firmware", "@product": "SkyBridge MB-A200 firmware", "@vendor": "Seiko Solutions Inc.", "@version": "2.2" }, { "#text": "cpe:/o:seiko-sol:skyspider_mb-r210_firmware", "@product": "SkySpider MB-R210 firmware", "@vendor": "Seiko Solutions Inc.", "@version": "2.2" } ], "sec:cvss": [ { "@score": "9.0", "@severity": "High", "@type": "Base", "@vector": "AV:N/AC:L/Au:N/C:P/I:P/A:C", "@version": "2.0" }, { "@score": "8.6", "@severity": "High", "@type": "Base", "@vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H", "@version": "3.0" } ], "sec:identifier": "JVNDB-2023-000029", "sec:references": [ { "#text": "http://jvn.jp/en/jp/JVN40604023/index.html", "@id": "JVN#40604023", "@source": "JVN" }, { "#text": "https://www.cve.org/CVERecord?id=CVE-2023-22361", "@id": "CVE-2023-22361", "@source": "CVE" }, { "#text": "https://www.cve.org/CVERecord?id=CVE-2023-22441", "@id": "CVE-2023-22441", "@source": "CVE" }, { "#text": "https://www.cve.org/CVERecord?id=CVE-2023-23578", "@id": "CVE-2023-23578", "@source": "CVE" }, { "#text": "https://www.cve.org/CVERecord?id=CVE-2023-23901", "@id": "CVE-2023-23901", "@source": "CVE" }, { "#text": "https://www.cve.org/CVERecord?id=CVE-2023-23906", "@id": "CVE-2023-23906", "@source": "CVE" }, { "#text": "https://www.cve.org/CVERecord?id=CVE-2023-24586", "@id": "CVE-2023-24586", "@source": "CVE" }, { "#text": "https://www.cve.org/CVERecord?id=CVE-2023-25070", "@id": "CVE-2023-25070", "@source": "CVE" }, { "#text": "https://www.cve.org/CVERecord?id=CVE-2023-25072", "@id": "CVE-2023-25072", "@source": "CVE" }, { "#text": "https://www.cve.org/CVERecord?id=CVE-2023-25184", "@id": "CVE-2023-25184", "@source": "CVE" }, { "#text": "https://www.cve.org/CVERecord?id=CVE-2016-2183", "@id": "CVE-2016-2183", "@source": "CVE" }, { "#text": "https://www.cve.org/CVERecord?id=CVE-2022-36556", "@id": "CVE-2022-36556", "@source": "CVE" }, { "#text": "https://www.cve.org/CVERecord?id=CVE-2022-36557", "@id": "CVE-2022-36557", "@source": "CVE" }, { "#text": "https://www.cve.org/CVERecord?id=CVE-2022-36558", "@id": "CVE-2022-36558", "@source": "CVE" }, { "#text": "https://www.cve.org/CVERecord?id=CVE-2022-36559", "@id": "CVE-2022-36559", "@source": "CVE" }, { "#text": "https://www.cve.org/CVERecord?id=CVE-2022-36560", "@id": "CVE-2022-36560", "@source": "CVE" }, { "#text": "https://nvd.nist.gov/vuln/detail/CVE-2016-2183", "@id": "CVE-2016-2183", "@source": "NVD" }, { "#text": "https://nvd.nist.gov/vuln/detail/CVE-2022-36556", "@id": "CVE-2022-36556", "@source": "NVD" }, { "#text": "https://nvd.nist.gov/vuln/detail/CVE-2022-36557", "@id": "CVE-2022-36557", "@source": "NVD" }, { "#text": "https://nvd.nist.gov/vuln/detail/CVE-2022-36558", "@id": "CVE-2022-36558", "@source": "NVD" }, { "#text": "https://nvd.nist.gov/vuln/detail/CVE-2022-36559", "@id": "CVE-2022-36559", "@source": "NVD" }, { "#text": "https://nvd.nist.gov/vuln/detail/CVE-2022-36560", "@id": "CVE-2022-36560", "@source": "NVD" }, { "#text": "https://nvd.nist.gov/vuln/detail/CVE-2023-22361", "@id": "CVE-2023-22361", "@source": "NVD" }, { "#text": "https://nvd.nist.gov/vuln/detail/CVE-2023-22441", "@id": "CVE-2023-22441", "@source": "NVD" }, { "#text": "https://nvd.nist.gov/vuln/detail/CVE-2023-23578", "@id": "CVE-2023-23578", "@source": "NVD" }, { "#text": "https://nvd.nist.gov/vuln/detail/CVE-2023-23901", "@id": "CVE-2023-23901", "@source": "NVD" }, { "#text": "https://nvd.nist.gov/vuln/detail/CVE-2023-23906", "@id": "CVE-2023-23906", "@source": "NVD" }, { "#text": "https://nvd.nist.gov/vuln/detail/CVE-2023-24586", "@id": "CVE-2023-24586", "@source": "NVD" }, { "#text": "https://nvd.nist.gov/vuln/detail/CVE-2023-25070", "@id": "CVE-2023-25070", "@source": "NVD" }, { "#text": "https://nvd.nist.gov/vuln/detail/CVE-2023-25072", "@id": "CVE-2023-25072", "@source": "NVD" }, { "#text": "https://nvd.nist.gov/vuln/detail/CVE-2023-25184", "@id": "CVE-2023-25184", "@source": "NVD" }, { "#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html", "@id": "CWE-200", "@title": "Information Exposure(CWE-200)" }, { "#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html", "@id": "CWE-264", "@title": "Permissions(CWE-264)" }, { "#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html", "@id": "CWE-287", "@title": "Improper Authentication(CWE-287)" }, { "#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html", "@id": "CWE-Other", "@title": "No Mapping(CWE-Other)" } ], "title": "Multiple vulnerabilities in Seiko Solutions SkyBridge MB-A100/A110/A200/A130 SkySpider MB-R210" }
ghsa-w2rw-pv8p-h9c8
Vulnerability from github
The DES and Triple DES ciphers, as used in the TLS, SSH, and IPSec protocols and other protocols and products, have a birthday bound of approximately four billion blocks, which makes it easier for remote attackers to obtain cleartext data via a birthday attack against a long-duration encrypted session, as demonstrated by an HTTPS session using Triple DES in CBC mode, aka a "Sweet32" attack.
{ "affected": [], "aliases": [ "CVE-2016-2183" ], "database_specific": { "cwe_ids": [ "CWE-200" ], "github_reviewed": false, "github_reviewed_at": null, "nvd_published_at": "2016-09-01T00:59:00Z", "severity": "HIGH" }, "details": "The DES and Triple DES ciphers, as used in the TLS, SSH, and IPSec protocols and other protocols and products, have a birthday bound of approximately four billion blocks, which makes it easier for remote attackers to obtain cleartext data via a birthday attack against a long-duration encrypted session, as demonstrated by an HTTPS session using Triple DES in CBC mode, aka a \"Sweet32\" attack.", "id": "GHSA-w2rw-pv8p-h9c8", "modified": "2022-05-13T01:05:08Z", "published": "2022-05-13T01:05:08Z", "references": [ { "type": "ADVISORY", "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-2183" }, { "type": "WEB", "url": "https://github.com/ssllabs/ssllabs-scan/issues/387#issuecomment-242514633" }, { "type": "WEB", "url": "https://www.teskalabs.com/blog/teskalabs-bulletin-160826-seacat-sweet32-issue" }, { "type": "WEB", "url": "https://softwaresupport.softwaregrp.com/document/-/facetsearch/document/KM03158613" }, { "type": "WEB", "url": "https://security.netapp.com/advisory/ntap-20170119-0001" }, { "type": "WEB", "url": "https://security.netapp.com/advisory/ntap-20160915-0001" }, { "type": "WEB", "url": "https://security.gentoo.org/glsa/201707-01" }, { "type": "WEB", "url": "https://security.gentoo.org/glsa/201701-65" }, { "type": "WEB", "url": "https://security.gentoo.org/glsa/201612-16" }, { "type": "WEB", "url": "https://seclists.org/bugtraq/2018/Nov/21" }, { "type": "WEB", "url": "https://nodejs.org/en/blog/vulnerability/september-2016-security-releases" }, { "type": "WEB", "url": "https://nakedsecurity.sophos.com/2016/08/25/anatomy-of-a-cryptographic-collision-the-sweet32-attack" }, { "type": "WEB", "url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10310" }, { "type": "WEB", "url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10215" }, { "type": "WEB", "url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10197" }, { "type": "WEB", "url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10186" }, { "type": "WEB", "url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10171" }, { "type": "WEB", "url": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA40312" }, { "type": "WEB", "url": "https://ics-cert.us-cert.gov/advisories/ICSMA-18-058-02" }, { "type": "WEB", "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390849" }, { "type": "WEB", "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722" }, { "type": "WEB", "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05385680" }, { "type": "WEB", "url": "https://www.tenable.com/security/tns-2017-09" }, { "type": "WEB", "url": "https://www.tenable.com/security/tns-2016-21" }, { "type": "WEB", "url": "https://www.tenable.com/security/tns-2016-20" }, { "type": "WEB", "url": "https://www.tenable.com/security/tns-2016-16" }, { "type": "WEB", "url": "https://www.sigsac.org/ccs/CCS2016/accepted-papers" }, { "type": "WEB", "url": "https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html" }, { "type": "WEB", "url": "https://www.oracle.com/security-alerts/cpuoct2021.html" }, { "type": "WEB", "url": "https://www.oracle.com/security-alerts/cpuoct2020.html" }, { "type": "WEB", "url": "https://www.oracle.com/security-alerts/cpujul2020.html" }, { "type": "WEB", "url": "https://www.oracle.com/security-alerts/cpujan2020.html" }, { "type": "WEB", "url": "https://www.oracle.com/security-alerts/cpuapr2020.html" }, { "type": "WEB", "url": "https://www.openssl.org/blog/blog/2016/08/24/sweet32" }, { "type": "WEB", "url": "https://www.nccgroup.trust/us/about-us/newsroom-and-events/blog/2016/august/new-practical-attacks-on-64-bit-block-ciphers-3des-blowfish" }, { "type": "WEB", "url": "https://www.mitel.com/en-ca/support/security-advisories/mitel-product-security-advisory-17-0008" }, { "type": "WEB", "url": "https://www.ietf.org/mail-archive/web/tls/current/msg04560.html" }, { "type": "WEB", "url": "https://www.exploit-db.com/exploits/42091" }, { "type": "WEB", "url": "https://www.arista.com/en/support/advisories-notices/security-advisories/1749-security-advisory-24" }, { "type": "WEB", "url": "https://wiki.opendaylight.org/view/Security_Advisories" }, { "type": "WEB", "url": "https://sweet32.info" }, { "type": "WEB", "url": "https://support.f5.com/csp/article/K13167034" }, { "type": "WEB", "url": "https://softwaresupport.softwaregrp.com/document/-/facetsearch/document/KM03286178" }, { "type": "WEB", "url": "https://access.redhat.com/errata/RHSA-2021:0308" }, { "type": "WEB", "url": "https://access.redhat.com/errata/RHSA-2020:3842" }, { "type": "WEB", "url": "https://access.redhat.com/errata/RHSA-2020:0451" }, { "type": "WEB", "url": "https://access.redhat.com/errata/RHSA-2019:2859" }, { "type": "WEB", "url": "https://access.redhat.com/errata/RHSA-2019:1245" }, { "type": "WEB", "url": "https://access.redhat.com/errata/RHSA-2018:2123" }, { "type": "WEB", "url": "https://access.redhat.com/errata/RHSA-2017:3240" }, { "type": "WEB", "url": "https://access.redhat.com/errata/RHSA-2017:3239" }, { "type": "WEB", "url": "https://access.redhat.com/errata/RHSA-2017:3114" }, { "type": "WEB", "url": "https://access.redhat.com/errata/RHSA-2017:3113" }, { "type": "WEB", "url": "https://access.redhat.com/errata/RHSA-2017:2710" }, { "type": "WEB", "url": "https://access.redhat.com/errata/RHSA-2017:2709" }, { "type": "WEB", "url": "https://access.redhat.com/errata/RHSA-2017:2708" }, { "type": "WEB", "url": "https://access.redhat.com/errata/RHSA-2017:1216" }, { "type": "WEB", "url": "https://access.redhat.com/errata/RHSA-2017:0462" }, { "type": "WEB", "url": "https://access.redhat.com/errata/RHSA-2017:0338" }, { "type": "WEB", "url": "https://access.redhat.com/errata/RHSA-2017:0337" }, { "type": "WEB", "url": "https://access.redhat.com/errata/RHSA-2017:0336" }, { "type": "WEB", "url": "https://access.redhat.com/errata/RHSA-2016:1940" }, { "type": "WEB", "url": "https://access.redhat.com/errata/RHBA-2019:2581" }, { "type": "WEB", "url": "https://access.redhat.com/articles/2548661" }, { "type": "WEB", "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05369415" }, { "type": "WEB", "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05369403" }, { "type": "WEB", "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05356388" }, { "type": "WEB", "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05349499" }, { "type": "WEB", "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05323116" }, { "type": "WEB", "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05309984" }, { "type": "WEB", "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05302448" }, { "type": "WEB", "url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbux03725en_us" }, { "type": "WEB", "url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbgn03765en_us" }, { "type": "WEB", "url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-c05390849" }, { "type": "WEB", "url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-c05390722" }, { "type": "WEB", "url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-c05385680" }, { "type": "WEB", "url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-c05369415" }, { "type": "WEB", "url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-c05369403" }, { "type": "WEB", "url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-c05302448" }, { "type": "WEB", "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-412672.pdf" }, { "type": "WEB", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1369383" }, { "type": "WEB", "url": "https://bto.bluecoat.com/security-advisory/sa133" }, { "type": "WEB", "url": "https://blog.cryptographyengineering.com/2016/08/24/attack-of-week-64-bit-ciphers-in-tls" }, { "type": "WEB", "url": "https://access.redhat.com/security/cve/cve-2016-2183" }, { "type": "WEB", "url": "https://access.redhat.com/errata/RHSA-2021:2438" }, { "type": "WEB", "url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10759" }, { "type": "WEB", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-09/msg00022.html" }, { "type": "WEB", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-09/msg00023.html" }, { "type": "WEB", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-09/msg00024.html" }, { "type": "WEB", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-09/msg00031.html" }, { "type": "WEB", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00005.html" }, { "type": "WEB", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00011.html" }, { "type": "WEB", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00012.html" }, { "type": "WEB", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00013.html" }, { "type": "WEB", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00021.html" }, { "type": "WEB", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00029.html" }, { "type": "WEB", "url": "http://lists.opensuse.org/opensuse-security-announce/2017-01/msg00068.html" }, { "type": "WEB", "url": "http://lists.opensuse.org/opensuse-security-announce/2017-02/msg00003.html" }, { "type": "WEB", "url": "http://lists.opensuse.org/opensuse-security-announce/2017-02/msg00023.html" }, { "type": "WEB", "url": "http://lists.opensuse.org/opensuse-security-announce/2017-02/msg00028.html" }, { "type": "WEB", "url": "http://lists.opensuse.org/opensuse-security-announce/2017-02/msg00032.html" }, { "type": "WEB", "url": "http://lists.opensuse.org/opensuse-security-announce/2017-05/msg00076.html" }, { "type": "WEB", "url": "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00010.html" }, { "type": "WEB", "url": "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00011.html" }, { "type": "WEB", "url": "http://lists.opensuse.org/opensuse-security-announce/2018-02/msg00032.html" }, { "type": "WEB", "url": "http://packetstormsecurity.com/files/142756/IBM-Informix-Dynamic-Server-DLL-Injection-Code-Execution.html" }, { "type": "WEB", "url": "http://rhn.redhat.com/errata/RHSA-2017-0336.html" }, { "type": "WEB", "url": "http://rhn.redhat.com/errata/RHSA-2017-0337.html" }, { "type": "WEB", "url": "http://rhn.redhat.com/errata/RHSA-2017-0338.html" }, { "type": "WEB", "url": "http://rhn.redhat.com/errata/RHSA-2017-0462.html" }, { "type": "WEB", "url": "http://seclists.org/fulldisclosure/2017/Jul/31" }, { "type": "WEB", "url": "http://seclists.org/fulldisclosure/2017/May/105" }, { "type": "WEB", "url": "http://www-01.ibm.com/support/docview.wss?uid=nas8N1021697" }, { "type": "WEB", "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21991482" }, { "type": "WEB", "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21995039" }, { "type": "WEB", "url": "http://www.debian.org/security/2016/dsa-3673" }, { "type": "WEB", "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20170322-01-openssl-en" }, { "type": "WEB", "url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html" }, { "type": "WEB", "url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html" }, { "type": "WEB", "url": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html" }, { "type": "WEB", "url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html" }, { "type": "WEB", "url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html" }, { "type": "WEB", "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2016-3090545.html" }, { "type": "WEB", "url": "http://www.oracle.com/technetwork/topics/security/ovmbulletinoct2016-3090547.html" }, { "type": "WEB", "url": "http://www.securityfocus.com/archive/1/539885/100/0/threaded" }, { "type": "WEB", "url": "http://www.securityfocus.com/archive/1/540341/100/0/threaded" }, { "type": "WEB", "url": "http://www.securityfocus.com/archive/1/541104/100/0/threaded" }, { "type": "WEB", "url": "http://www.securityfocus.com/archive/1/542005/100/0/threaded" }, { "type": "WEB", "url": "http://www.securityfocus.com/archive/1/archive/1/539885/100/0/threaded" }, { "type": "WEB", "url": "http://www.securityfocus.com/archive/1/archive/1/540129/100/0/threaded" }, { "type": "WEB", "url": "http://www.securityfocus.com/archive/1/archive/1/540341/100/0/threaded" }, { "type": "WEB", "url": "http://www.securityfocus.com/archive/1/archive/1/541104/100/0/threaded" }, { "type": "WEB", "url": "http://www.securityfocus.com/archive/1/archive/1/542005/100/0/threaded" }, { "type": "WEB", "url": "http://www.securityfocus.com/bid/92630" }, { "type": "WEB", "url": "http://www.securityfocus.com/bid/95568" }, { "type": "WEB", "url": "http://www.securitytracker.com/id/1036696" }, { "type": "WEB", "url": "http://www.splunk.com/view/SP-CAAAPSV" }, { "type": "WEB", "url": "http://www.splunk.com/view/SP-CAAAPUE" }, { "type": "WEB", "url": "http://www.ubuntu.com/usn/USN-3087-1" }, { "type": "WEB", "url": "http://www.ubuntu.com/usn/USN-3087-2" }, { "type": "WEB", "url": "http://www.ubuntu.com/usn/USN-3179-1" }, { "type": "WEB", "url": "http://www.ubuntu.com/usn/USN-3194-1" }, { "type": "WEB", "url": "http://www.ubuntu.com/usn/USN-3198-1" }, { "type": "WEB", "url": "http://www.ubuntu.com/usn/USN-3270-1" }, { "type": "WEB", "url": "http://www.ubuntu.com/usn/USN-3372-1" } ], "schema_version": "1.4.0", "severity": [ { "score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "type": "CVSS_V3" } ] }
var-201609-0597
Vulnerability from variot
The DES and Triple DES ciphers, as used in the TLS, SSH, and IPSec protocols and other protocols and products, have a birthday bound of approximately four billion blocks, which makes it easier for remote attackers to obtain cleartext data via a birthday attack against a long-duration encrypted session, as demonstrated by an HTTPS session using Triple DES in CBC mode, aka a "Sweet32" attack. TLS (Transport Layer Security) is a set of protocols used to provide confidentiality and data integrity between two communication applications. SSH (full name Secure Shell) is a set of security protocols based on the application layer and transport layer developed by the Network Working Group of the Internet Engineering Task Force (IETF). IPSec (full name Internet Protocol Security) is a set of IP security protocols established by the IPSec group of the Internet Engineering Task Force (IETF). Both DES and Triple DES are encryption algorithms. There are information leakage vulnerabilities in the DES and Triple DES encryption algorithms used in the TLS, SSH, and IPSec protocols and other protocols and products. This vulnerability stems from configuration errors in network systems or products during operation. An unauthorized attacker could exploit the vulnerability to obtain sensitive information of the affected components. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256
===================================================================== Red Hat Security Advisory
Synopsis: Moderate: python security update Advisory ID: RHSA-2018:2123-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2018:2123 Issue date: 2018-07-03 CVE Names: CVE-2016-2183 =====================================================================
- Summary:
An update for python is now available for Red Hat Enterprise Linux 7.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
- Relevant releases/architectures:
Red Hat Enterprise Linux Client (v. 7) - x86_64 Red Hat Enterprise Linux Client Optional (v. 7) - x86_64 Red Hat Enterprise Linux ComputeNode (v. 7) - x86_64 Red Hat Enterprise Linux ComputeNode Optional (v. 7) - x86_64 Red Hat Enterprise Linux Server (v. 7) - ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Server Optional (v. 7) - ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Workstation (v. 7) - x86_64 Red Hat Enterprise Linux Workstation Optional (v. 7) - x86_64 Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7) - aarch64, ppc64le, s390x Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7) - aarch64, ppc64le, s390x
- Description:
Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems.
Security Fix(es):
- A flaw was found in the way the DES/3DES cipher was used as part of the TLS/SSL protocol. A man-in-the-middle attacker could use this flaw to recover some plaintext data by capturing large amounts of encrypted traffic between TLS/SSL server and client if the communication used a DES/3DES based ciphersuite. (CVE-2016-2183)
Note: This update modifies the Python ssl module to disable 3DES cipher suites by default.
Red Hat would like to thank OpenVPN for reporting this issue. Upstream acknowledges Karthikeyan Bhargavan (Inria) and GaA<<tan Leurent (Inria) as the original reporters.
- Solution:
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
- Bugs fixed (https://bugzilla.redhat.com/):
1369383 - CVE-2016-2183 SSL/TLS: Birthday attack against 64-bit block ciphers (SWEET32)
- Package List:
Red Hat Enterprise Linux Client (v. 7):
Source: python-2.7.5-69.el7_5.src.rpm
x86_64: python-2.7.5-69.el7_5.x86_64.rpm python-debuginfo-2.7.5-69.el7_5.i686.rpm python-debuginfo-2.7.5-69.el7_5.x86_64.rpm python-libs-2.7.5-69.el7_5.i686.rpm python-libs-2.7.5-69.el7_5.x86_64.rpm
Red Hat Enterprise Linux Client Optional (v. 7):
x86_64: python-debug-2.7.5-69.el7_5.x86_64.rpm python-debuginfo-2.7.5-69.el7_5.x86_64.rpm python-devel-2.7.5-69.el7_5.x86_64.rpm python-test-2.7.5-69.el7_5.x86_64.rpm python-tools-2.7.5-69.el7_5.x86_64.rpm tkinter-2.7.5-69.el7_5.x86_64.rpm
Red Hat Enterprise Linux ComputeNode (v. 7):
Source: python-2.7.5-69.el7_5.src.rpm
x86_64: python-2.7.5-69.el7_5.x86_64.rpm python-debuginfo-2.7.5-69.el7_5.i686.rpm python-debuginfo-2.7.5-69.el7_5.x86_64.rpm python-devel-2.7.5-69.el7_5.x86_64.rpm python-libs-2.7.5-69.el7_5.i686.rpm python-libs-2.7.5-69.el7_5.x86_64.rpm
Red Hat Enterprise Linux ComputeNode Optional (v. 7):
x86_64: python-debug-2.7.5-69.el7_5.x86_64.rpm python-debuginfo-2.7.5-69.el7_5.x86_64.rpm python-test-2.7.5-69.el7_5.x86_64.rpm python-tools-2.7.5-69.el7_5.x86_64.rpm tkinter-2.7.5-69.el7_5.x86_64.rpm
Red Hat Enterprise Linux Server (v. 7):
Source: python-2.7.5-69.el7_5.src.rpm
ppc64: python-2.7.5-69.el7_5.ppc64.rpm python-debuginfo-2.7.5-69.el7_5.ppc.rpm python-debuginfo-2.7.5-69.el7_5.ppc64.rpm python-devel-2.7.5-69.el7_5.ppc64.rpm python-libs-2.7.5-69.el7_5.ppc.rpm python-libs-2.7.5-69.el7_5.ppc64.rpm
ppc64le: python-2.7.5-69.el7_5.ppc64le.rpm python-debuginfo-2.7.5-69.el7_5.ppc64le.rpm python-devel-2.7.5-69.el7_5.ppc64le.rpm python-libs-2.7.5-69.el7_5.ppc64le.rpm
s390x: python-2.7.5-69.el7_5.s390x.rpm python-debuginfo-2.7.5-69.el7_5.s390.rpm python-debuginfo-2.7.5-69.el7_5.s390x.rpm python-devel-2.7.5-69.el7_5.s390x.rpm python-libs-2.7.5-69.el7_5.s390.rpm python-libs-2.7.5-69.el7_5.s390x.rpm
x86_64: python-2.7.5-69.el7_5.x86_64.rpm python-debuginfo-2.7.5-69.el7_5.i686.rpm python-debuginfo-2.7.5-69.el7_5.x86_64.rpm python-devel-2.7.5-69.el7_5.x86_64.rpm python-libs-2.7.5-69.el7_5.i686.rpm python-libs-2.7.5-69.el7_5.x86_64.rpm
Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7):
Source: python-2.7.5-69.el7_5.src.rpm
aarch64: python-2.7.5-69.el7_5.aarch64.rpm python-debuginfo-2.7.5-69.el7_5.aarch64.rpm python-devel-2.7.5-69.el7_5.aarch64.rpm python-libs-2.7.5-69.el7_5.aarch64.rpm
ppc64le: python-2.7.5-69.el7_5.ppc64le.rpm python-debuginfo-2.7.5-69.el7_5.ppc64le.rpm python-devel-2.7.5-69.el7_5.ppc64le.rpm python-libs-2.7.5-69.el7_5.ppc64le.rpm
s390x: python-2.7.5-69.el7_5.s390x.rpm python-debuginfo-2.7.5-69.el7_5.s390.rpm python-debuginfo-2.7.5-69.el7_5.s390x.rpm python-devel-2.7.5-69.el7_5.s390x.rpm python-libs-2.7.5-69.el7_5.s390.rpm python-libs-2.7.5-69.el7_5.s390x.rpm
Red Hat Enterprise Linux Server Optional (v. 7):
ppc64: python-debug-2.7.5-69.el7_5.ppc64.rpm python-debuginfo-2.7.5-69.el7_5.ppc64.rpm python-test-2.7.5-69.el7_5.ppc64.rpm python-tools-2.7.5-69.el7_5.ppc64.rpm tkinter-2.7.5-69.el7_5.ppc64.rpm
ppc64le: python-debug-2.7.5-69.el7_5.ppc64le.rpm python-debuginfo-2.7.5-69.el7_5.ppc64le.rpm python-test-2.7.5-69.el7_5.ppc64le.rpm python-tools-2.7.5-69.el7_5.ppc64le.rpm tkinter-2.7.5-69.el7_5.ppc64le.rpm
s390x: python-debug-2.7.5-69.el7_5.s390x.rpm python-debuginfo-2.7.5-69.el7_5.s390x.rpm python-test-2.7.5-69.el7_5.s390x.rpm python-tools-2.7.5-69.el7_5.s390x.rpm tkinter-2.7.5-69.el7_5.s390x.rpm
x86_64: python-debug-2.7.5-69.el7_5.x86_64.rpm python-debuginfo-2.7.5-69.el7_5.x86_64.rpm python-test-2.7.5-69.el7_5.x86_64.rpm python-tools-2.7.5-69.el7_5.x86_64.rpm tkinter-2.7.5-69.el7_5.x86_64.rpm
Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7):
aarch64: python-debug-2.7.5-69.el7_5.aarch64.rpm python-debuginfo-2.7.5-69.el7_5.aarch64.rpm python-test-2.7.5-69.el7_5.aarch64.rpm python-tools-2.7.5-69.el7_5.aarch64.rpm tkinter-2.7.5-69.el7_5.aarch64.rpm
ppc64le: python-debug-2.7.5-69.el7_5.ppc64le.rpm python-debuginfo-2.7.5-69.el7_5.ppc64le.rpm python-test-2.7.5-69.el7_5.ppc64le.rpm python-tools-2.7.5-69.el7_5.ppc64le.rpm tkinter-2.7.5-69.el7_5.ppc64le.rpm
s390x: python-debug-2.7.5-69.el7_5.s390x.rpm python-debuginfo-2.7.5-69.el7_5.s390x.rpm python-test-2.7.5-69.el7_5.s390x.rpm python-tools-2.7.5-69.el7_5.s390x.rpm tkinter-2.7.5-69.el7_5.s390x.rpm
Red Hat Enterprise Linux Workstation (v. 7):
Source: python-2.7.5-69.el7_5.src.rpm
x86_64: python-2.7.5-69.el7_5.x86_64.rpm python-debuginfo-2.7.5-69.el7_5.i686.rpm python-debuginfo-2.7.5-69.el7_5.x86_64.rpm python-devel-2.7.5-69.el7_5.x86_64.rpm python-libs-2.7.5-69.el7_5.i686.rpm python-libs-2.7.5-69.el7_5.x86_64.rpm
Red Hat Enterprise Linux Workstation Optional (v. 7):
x86_64: python-debug-2.7.5-69.el7_5.x86_64.rpm python-debuginfo-2.7.5-69.el7_5.x86_64.rpm python-test-2.7.5-69.el7_5.x86_64.rpm python-tools-2.7.5-69.el7_5.x86_64.rpm tkinter-2.7.5-69.el7_5.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/
- References:
https://access.redhat.com/security/cve/CVE-2016-2183 https://access.redhat.com/security/updates/classification/#moderate
- Contact:
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/
Copyright 2018 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1
iQIVAwUBWzuDSdzjgjWX9erEAQgETg/9HevQ3tUvI8plP6DSgN1Es+jArUKVGct5 cIlHbLXCGIcy1D2NAndEznF+6LSWo/Ynd2C5esSdD9R+KvJrmbNJ7s+XN4Uys4ea FyBlHvw56yuSiAcGvUCF+rjg2IaN9QCkH9oGKUNIHpfOdxNnHu3Yk8muNa5H2mXh v2yomcfl6voFIMxvxlVKO7ENkESH/vYYnXFS7S+pnBoEZb4/HTp000ASovjewroq xGBLDUKzTp9nOVWVWECA6La1o+nDi4wOZVDgF7Ks2kaYdAYSa3vkoAI1hN6XtZ3O T3Fv7iF1BqQt+B//tCeT3Fa5SsDulob3K5H2TqnMRlZSr0mst/89RePsbz2wFM+p 1wcklX9gVBI66y5XPfst/sNyLgWMkYgvUsYJTJHeYT0vAN+N54lcwjK1vxKCMFso 2ltd63+E5ql26E1pp//cAqAo7JhWqsaqNV8uY4oKzAHRRfQ9kdz/yq2DfA8aswDL 8nb1rjQ2tIRL/GtWL9ofhKey136qePvF5IwqF+jlO+N7wpG685KZF9zarNZqODxo p93VTJQ6+J0oXktvyJ8RS1XqkFvznocfEThgrhdmsWW4G6bjA2GyAoTWpDy3NUUv 6TxyeUjc6NvKb7t6wgrRuSBKkSRCaln+aBSakq012A50PNssvx7hNzVVl9zBgOv1 6NvSNmqGIdM= =AUgF -----END PGP SIGNATURE-----
-- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce . Solution:
Before applying this update, ensure all previously released errata relevant to your system is applied. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256
Note: the current version of the following document is available here: https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c05369415
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c05369415 Version: 1
HPSBGN03690 rev.1 - HPE Real User Monitor (RUM), Remote Disclosure of Information
NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.
Release Date: 2017-01-18 Last Updated: 2017-01-18
Potential Security Impact: Remote: Disclosure of Information
Source: Hewlett Packard Enterprise, Product Security Response Team
VULNERABILITY SUMMARY A security vulnerability in DES/3DES block ciphers used in the TLS protocol, could potentially impact HPE Real User Monitor (RUM) resulting in remote disclosure of information also known as the SWEET32 attack.
References:
- CVE-2016-2183 - SWEET32
SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed.
- HP Real User Monitor Software Series v9.2x, v9.30
BACKGROUND
CVSS Base Metrics ================= Reference, CVSS V3 Score/Vector, CVSS V2 Score/Vector
CVE-2016-2183
5.3 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
5.0 (AV:N/AC:L/Au:N/C:P/I:N/A:N)
Information on CVSS is documented in
HPE Customer Notice HPSN-2008-002 here:
https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c01345499
RESOLUTION
HPE has provided the following mitigation information to resolve the vulnerability for impacted versions of HPE Real User Monitor (RUM):
HISTORY Version:1 (rev.1) - 18 January 2017 Initial release
Third Party Security Patches: Third party security patches that are to be installed on systems running Hewlett Packard Enterprise (HPE) software products should be applied in accordance with the customer's patch management policy.
Support: For issues about implementing the recommendations of this Security Bulletin, contact normal HPE Services support channel. For other issues about the content of this Security Bulletin, send e-mail to security-alert@hpe.com.
Report: To report a potential security vulnerability for any HPE supported product: Web form: https://www.hpe.com/info/report-security-vulnerability Email: security-alert@hpe.com
Subscribe: To initiate a subscription to receive future HPE Security Bulletin alerts via Email: http://www.hpe.com/support/Subscriber_Choice
Security Bulletin Archive: A list of recently released Security Bulletins is available here: http://www.hpe.com/support/Security_Bulletin_Archive
Software Product Category: The Software Product Category is represented in the title by the two characters following HPSB.
3C = 3COM 3P = 3rd Party Software GN = HPE General Software HF = HPE Hardware and Firmware MU = Multi-Platform Software NS = NonStop Servers OV = OpenVMS PV = ProCurve ST = Storage Software UX = HP-UX
Copyright 2016 Hewlett Packard Enterprise
Hewlett Packard Enterprise shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided "as is" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental,special or consequential damages including downtime cost; lost profits; damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett Packard Enterprise and the names of Hewlett Packard Enterprise products referenced herein are trademarks of Hewlett Packard Enterprise in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners. ========================================================================== Ubuntu Security Notice USN-3087-1 September 22, 2016
openssl vulnerabilities
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 16.04 LTS
- Ubuntu 14.04 LTS
- Ubuntu 12.04 LTS
Summary:
Several security issues were fixed in OpenSSL.
Software Description: - openssl: Secure Socket Layer (SSL) cryptographic library and tools
Details:
Shi Lei discovered that OpenSSL incorrectly handled the OCSP Status Request extension. (CVE-2016-6304)
Guido Vranken discovered that OpenSSL used undefined behaviour when performing pointer arithmetic. This issue has only been addressed in Ubuntu 16.04 LTS in this update. (CVE-2016-2178)
Quan Luo discovered that OpenSSL did not properly restrict the lifetime of queue entries in the DTLS implementation. (CVE-2016-2179)
Shi Lei discovered that OpenSSL incorrectly handled memory in the TS_OBJ_print_bio() function. (CVE-2016-2180)
It was discovered that the OpenSSL incorrectly handled the DTLS anti-replay feature. (CVE-2016-2181)
Shi Lei discovered that OpenSSL incorrectly validated division results. (CVE-2016-2182)
Karthik Bhargavan and Gaetan Leurent discovered that the DES and Triple DES ciphers were vulnerable to birthday attacks. This update moves DES from the HIGH cipher list to MEDIUM. (CVE-2016-2183)
Shi Lei discovered that OpenSSL incorrectly handled certain ticket lengths. (CVE-2016-6302)
Shi Lei discovered that OpenSSL incorrectly handled memory in the MDC2_Update() function. (CVE-2016-6303)
Shi Lei discovered that OpenSSL incorrectly performed certain message length checks. (CVE-2016-6306)
Update instructions:
The problem can be corrected by updating your system to the following package versions:
Ubuntu 16.04 LTS: libssl1.0.0 1.0.2g-1ubuntu4.4
Ubuntu 14.04 LTS: libssl1.0.0 1.0.1f-1ubuntu2.20
Ubuntu 12.04 LTS: libssl1.0.0 1.0.1-4ubuntu5.37
After a standard system update you need to reboot your computer to make all the necessary changes. This update causes NSS to limit use of the same symmetric key. (CVE-2017-5461)
This update refreshes the NSS package to version 3.28.4 which includes the latest CA certificate bundle. After a standard system update you need to restart any applications that use NSS, such as Evolution and Chromium, to make all the necessary changes. Description:
Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments.
This advisory contains the container images for Red Hat OpenShift Container Platform 4.6.16. See the following advisory for the RPM packages for this release:
https://access.redhat.com/errata/RHBA-2021:0309
Space precludes documenting all of the container images in this advisory. See the following Release Notes documentation, which will be updated shortly for this release, for details about these changes:
https://docs.openshift.com/container-platform/4.6/release_notes/ocp-4-6-rel ease-notes.html
You may download the oc tool and use it to inspect release image metadata as follows:
(For x86_64 architecture)
$ oc adm release info quay.io/openshift-release-dev/ocp-release:4.6.16-x86_64
The image digest is sha256:3e855ad88f46ad1b7f56c312f078ca6adaba623c5d4b360143f9f82d2f349741
(For s390x architecture)
$ oc adm release info quay.io/openshift-release-dev/ocp-release:4.6.16-s390x
The image digest is sha256:2335685cda334ecf9e12c056b148c483fb81412fbfc96c885dc669d775e1f1ee
(For ppc64le architecture)
$ oc adm release info quay.io/openshift-release-dev/ocp-release:4.6.16-ppc64le
The image digest is sha256:953ccacf79467b3e8ebfb8def92013f1574d75e24b3ea9a455aa8931f7f17b88
All OpenShift Container Platform 4.6 users are advised to upgrade to these updated packages and images when they are available in the appropriate release channel. To check for available updates, use the OpenShift Console or the CLI oc command. Instructions for upgrading a cluster are available at https://docs.openshift.com/container-platform/4.6/updating/updating-cluster - -between-minor.html#understanding-upgrade-channels_updating-cluster-between - -minor.
Security Fix(es):
-
SSL/TLS: Birthday attack against 64-bit block ciphers (SWEET32) (CVE-2016-2183)
-
openshift/builder: privilege escalation during container image builds via mounted secrets (CVE-2021-3344)
-
openshift/installer: Bootstrap nodes allow anonymous authentication on kubelet port 10250 (CVE-2021-20198)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Solution:
For OpenShift Container Platform 4.6 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:
https://docs.openshift.com/container-platform/4.6/release_notes/ocp-4-6-rel ease-notes.html
Details on how to access this content are available at https://docs.openshift.com/container-platform/4.6/updating/updating-cluster - -cli.html. Bugs fixed (https://bugzilla.redhat.com/):
1369383 - CVE-2016-2183 SSL/TLS: Birthday attack against 64-bit block ciphers (SWEET32)
1873004 - [downstream] Should indicate the version info instead of the commit info
1887759 - [release 4.6] Gather MachineConfigPools
1889676 - [release 4.6] Gather top installplans and their count
1889865 - operator-registry image needs clean up in /tmp
1890274 - [4.6] External IP doesn't work if the IP address is not assigned to a node
1890452 - Adding BYOK disk encryption through DES
1891697 - Handle missing labels as empty.
1891892 - The windows oc.exe binary does not have version metadata
1893409 - [release-4.6] MCDPivotError alert/metric missing
1893738 - Examining agones helm chart resources results in "Oh no!"
1894916 - [4.6] Panic output due to timeouts in openshift-apiserver
1896919 - start creating new-style Secrets for AWS
1898672 - Pod gets stuck in ContainerCreating state with exhausted Whereabouts IPAM range with a daemonset
1899107 - [4.6] ironic-api used by metal3 is over provisioned and consumes a lot of RAM
1899535 - ds/machine-config-daemon takes 100+ minutes to rollout on 250 node cluster
1901602 - Extra reboot during 4.5 -> 4.6 upgrade
1901605 - CNO blocks editing Kuryr options
1903649 - Automated cleaning is disabled by default
1903887 - dns daemonset rolls out slowly in large clusters
1904091 - Missing registry v1 protocol usage metric on telemetry
1904577 - [4.6] Local storage operator doesn't include correctly populate LocalVolumeDiscoveryResult in console
1905031 - (release-4.6) Collect spec config for clusteroperator resources
1905195 - [release-4.6] Detecting broken connections to the Kube API takes up to 15 minutes
1905573 - [4.6] Changing the bound token service account issuer invalids previously issued bound tokens
1905788 - Role name missing on create role binding form
1906332 - update discovery burst to reflect lots of CRDs on openshift clusters
1906741 - KeyError: 'nodeName' on NP deletion
1906796 - [SA] verify-image-signature using service account does not work
1907827 - Kn resources are not showing in Topology if triggers has KSVC and IMC as subscriber
1907830 - "Evaluating rule failed" for "record: cluster:kube_persistentvolumeclaim_resource_requests_storage_bytes:provisioner:sum" and "record: cluster:kubelet_volume_stats_used_bytes:provisioner:sum"
1909673 - scale up / down buttons available on pod details side panel
1912388 - [OVN]: make check
broken on 4.6
1912430 - thanosRuler.resources.requests does not take effect in user-workload-monitoring-config confimap
1913109 - oc debug of an init container no longer works
1913645 - Improved Red Hat image and crashlooping OpenShift pod collection
1915560 - OCP 4.4.9: EtcdMemberIPMigratorDegraded: rpc error: code = Canceled desc = grpc: the client connection is closing
1916096 - [oVirt] csi operator panics if ovirt-engine suddenly becomes unavailable.
1916100 - [oVirt] Consume 23-10 ovirt sdk - csi operator
1916347 - Updating scheduling component builder & base images to be consistent with ART
1916857 - configs.imageregistry.operator.openshift.io cluster does not update its status fields after URL change
1916907 - dns-node-resolver corrupts /etc/hosts if internal registry is not in use
1917240 - [4.6] Network Policies are not working as expected with OVN-Kubernetes when traffic hairpins back to the same source through a service
1917498 - Regression OLM uses scoped client for CRD installation
1917547 - oc adm catalog mirror does not mirror the index image itself
1917548 - [4.6] Cannot filter the platform/arch of the index image
1917549 - Failed to mirror operator catalog - error: destination registry required
1917550 - oc adm catalog mirror command attempts to pull from registry.redhat.io when using --from-dir option
1917609 - [4.6z] Deleting an exgw causes pods to no longer route to other exgws
1918194 - with sharded ingresscontrollers, all shards reload when any endpoint changes
1918202 - Grafana - The resulting dataset is too large to graph (OCS RBD volumes being counted as disks)
1918525 - OLM enters infinite loop if Pending CSV replaces itself
1918779 - [Negative Test] After deleting metal3 pod, scaling worker stuck on provisioning state
1918792 - [BUG] Thanos having possible memory leak consuming huge amounts of node's memory and killing them
1918961 - [IPI on vsphere] Executing 'openshift-installer destroy cluster' leaves installer tag categories in vsphere
1920764 - CVE-2021-20198 openshift/installer: Bootstrap nodes allow anonymous authentication on kubelet port 10250
1920873 - Failure to upgrade operator when a Service is included in a Bundle
1920995 - kuryr-cni pods using unreasonable amount of CPU
1921450 - CVE-2021-3344 openshift/builder: privilege escalation during container image builds via mounted secrets
1921473 - test-cmd is failing on volumes.sh pretty consistently
1921599 - OCP 4.5 to 4.6 upgrade for "aws-ebs-csi-driver-operator" fails when "defaultNodeSelector" is set
-
OpenSSL Security Advisory [22 Sep 2016]
OCSP Status Request extension unbounded memory growth (CVE-2016-6304)
Severity: High
A malicious client can send an excessively large OCSP Status Request extension. If that client continually requests renegotiation, sending a large OCSP Status Request extension each time, then there will be unbounded memory growth on the server. This will eventually lead to a Denial Of Service attack through memory exhaustion. Servers with a default configuration are vulnerable even if they do not support OCSP. Builds using the "no-ocsp" build time option are not affected.
Servers using OpenSSL versions prior to 1.0.1g are not vulnerable in a default configuration, instead only if an application explicitly enables OCSP stapling support.
OpenSSL 1.1.0 users should upgrade to 1.1.0a OpenSSL 1.0.2 users should upgrade to 1.0.2i OpenSSL 1.0.1 users should upgrade to 1.0.1u
This issue was reported to OpenSSL on 29th August 2016 by Shi Lei (Gear Team, Qihoo 360 Inc.). The fix was developed by Matt Caswell of the OpenSSL development team.
SSL_peek() hang on empty record (CVE-2016-6305)
Severity: Moderate
OpenSSL 1.1.0 SSL/TLS will hang during a call to SSL_peek() if the peer sends an empty record. This could be exploited by a malicious peer in a Denial Of Service attack.
OpenSSL 1.1.0 users should upgrade to 1.1.0a
This issue was reported to OpenSSL on 10th September 2016 by Alex Gaynor. The fix was developed by Matt Caswell of the OpenSSL development team.
SWEET32 Mitigation (CVE-2016-2183)
Severity: Low
SWEET32 (https://sweet32.info) is an attack on older block cipher algorithms that use a block size of 64 bits. In mitigation for the SWEET32 attack DES based ciphersuites have been moved from the HIGH cipherstring group to MEDIUM in OpenSSL 1.0.1 and OpenSSL 1.0.2. OpenSSL 1.1.0 since release has had these ciphersuites disabled by default.
OpenSSL 1.0.2 users should upgrade to 1.0.2i OpenSSL 1.0.1 users should upgrade to 1.0.1u
This issue was reported to OpenSSL on 16th August 2016 by Karthikeyan Bhargavan and Gaetan Leurent (INRIA). The fix was developed by Rich Salz of the OpenSSL development team.
OOB write in MDC2_Update() (CVE-2016-6303)
Severity: Low
An overflow can occur in MDC2_Update() either if called directly or through the EVP_DigestUpdate() function using MDC2. If an attacker is able to supply very large amounts of input data after a previous call to EVP_EncryptUpdate() with a partial block then a length check can overflow resulting in a heap corruption.
The amount of data needed is comparable to SIZE_MAX which is impractical on most platforms.
OpenSSL 1.0.2 users should upgrade to 1.0.2i OpenSSL 1.0.1 users should upgrade to 1.0.1u
This issue was reported to OpenSSL on 11th August 2016 by Shi Lei (Gear Team, Qihoo 360 Inc.). The fix was developed by Stephen Henson of the OpenSSL development team.
Malformed SHA512 ticket DoS (CVE-2016-6302)
Severity: Low
If a server uses SHA512 for TLS session ticket HMAC it is vulnerable to a DoS attack where a malformed ticket will result in an OOB read which will ultimately crash.
The use of SHA512 in TLS session tickets is comparatively rare as it requires a custom server callback and ticket lookup mechanism.
OpenSSL 1.0.2 users should upgrade to 1.0.2i OpenSSL 1.0.1 users should upgrade to 1.0.1u
This issue was reported to OpenSSL on 19th August 2016 by Shi Lei (Gear Team, Qihoo 360 Inc.). The fix was developed by Stephen Henson of the OpenSSL development team.
OOB write in BN_bn2dec() (CVE-2016-2182)
Severity: Low
The function BN_bn2dec() does not check the return value of BN_div_word(). This can cause an OOB write if an application uses this function with an overly large BIGNUM. This could be a problem if an overly large certificate or CRL is printed out from an untrusted source. TLS is not affected because record limits will reject an oversized certificate before it is parsed.
OpenSSL 1.0.2 users should upgrade to 1.0.2i OpenSSL 1.0.1 users should upgrade to 1.0.1u
This issue was reported to OpenSSL on 2nd August 2016 by Shi Lei (Gear Team, Qihoo 360 Inc.). The fix was developed by Stephen Henson of the OpenSSL development team.
OOB read in TS_OBJ_print_bio() (CVE-2016-2180)
Severity: Low
The function TS_OBJ_print_bio() misuses OBJ_obj2txt(): the return value is the total length the OID text representation would use and not the amount of data written. This will result in OOB reads when large OIDs are presented.
OpenSSL 1.0.2 users should upgrade to 1.0.2i OpenSSL 1.0.1 users should upgrade to 1.0.1u
This issue was reported to OpenSSL on 21st July 2016 by Shi Lei (Gear Team, Qihoo 360 Inc.). The fix was developed by Stephen Henson of the OpenSSL development team.
Pointer arithmetic undefined behaviour (CVE-2016-2177)
Severity: Low
Avoid some undefined pointer arithmetic
A common idiom in the codebase is to check limits in the following manner: "p + len > limit"
Where "p" points to some malloc'd data of SIZE bytes and limit == p + SIZE
"len" here could be from some externally supplied data (e.g. from a TLS message).
The rules of C pointer arithmetic are such that "p + len" is only well defined where len <= SIZE. Therefore the above idiom is actually undefined behaviour.
For example this could cause problems if some malloc implementation provides an address for "p" such that "p + len" actually overflows for values of len that are too big and therefore p + len < limit.
OpenSSL 1.0.2 users should upgrade to 1.0.2i OpenSSL 1.0.1 users should upgrade to 1.0.1u
This issue was reported to OpenSSL on 4th May 2016 by Guido Vranken. The fix was developed by Matt Caswell of the OpenSSL development team.
Constant time flag not preserved in DSA signing (CVE-2016-2178)
Severity: Low
Operations in the DSA signing algorithm should run in constant time in order to avoid side channel attacks. A flaw in the OpenSSL DSA implementation means that a non-constant time codepath is followed for certain operations. This has been demonstrated through a cache-timing attack to be sufficient for an attacker to recover the private DSA key.
OpenSSL 1.0.2 users should upgrade to 1.0.2i OpenSSL 1.0.1 users should upgrade to 1.0.1u
This issue was reported to OpenSSL on 23rd May 2016 by César Pereida (Aalto University), Billy Brumley (Tampere University of Technology), and Yuval Yarom (The University of Adelaide and NICTA). The fix was developed by César Pereida.
DTLS buffered message DoS (CVE-2016-2179)
Severity: Low
In a DTLS connection where handshake messages are delivered out-of-order those messages that OpenSSL is not yet ready to process will be buffered for later use. Under certain circumstances, a flaw in the logic means that those messages do not get removed from the buffer even though the handshake has been completed. An attacker could force up to approx. 15 messages to remain in the buffer when they are no longer required. These messages will be cleared when the DTLS connection is closed. The default maximum size for a message is 100k. Therefore the attacker could force an additional 1500k to be consumed per connection. By opening many simulataneous connections an attacker could cause a DoS attack through memory exhaustion.
OpenSSL 1.0.2 DTLS users should upgrade to 1.0.2i OpenSSL 1.0.1 DTLS users should upgrade to 1.0.1u
This issue was reported to OpenSSL on 22nd June 2016 by Quan Luo. The fix was developed by Matt Caswell of the OpenSSL development team.
DTLS replay protection DoS (CVE-2016-2181)
Severity: Low
A flaw in the DTLS replay attack protection mechanism means that records that arrive for future epochs update the replay protection "window" before the MAC for the record has been validated. This could be exploited by an attacker by sending a record for the next epoch (which does not have to decrypt or have a valid MAC), with a very large sequence number. This means that all subsequent legitimate packets are dropped causing a denial of service for a specific DTLS connection.
OpenSSL 1.0.2 DTLS users should upgrade to 1.0.2i OpenSSL 1.0.1 DTLS users should upgrade to 1.0.1u
This issue was reported to OpenSSL on 21st November 2015 by the OCAP audit team. The fix was developed by Matt Caswell of the OpenSSL development team.
Certificate message OOB reads (CVE-2016-6306)
Severity: Low
In OpenSSL 1.0.2 and earlier some missing message length checks can result in OOB reads of up to 2 bytes beyond an allocated buffer. There is a theoretical DoS risk but this has not been observed in practice on common platforms.
The messages affected are client certificate, client certificate request and server certificate. As a result the attack can only be performed against a client or a server which enables client authentication.
OpenSSL 1.1.0 is not affected.
OpenSSL 1.0.2 users should upgrade to 1.0.2i OpenSSL 1.0.1 users should upgrade to 1.0.1u
This issue was reported to OpenSSL on 22nd August 2016 by Shi Lei (Gear Team, Qihoo 360 Inc.). The fix was developed by Stephen Henson of the OpenSSL development team.
Excessive allocation of memory in tls_get_message_header() (CVE-2016-6307)
Severity: Low
A TLS message includes 3 bytes for its length in the header for the message. This would allow for messages up to 16Mb in length. Messages of this length are excessive and OpenSSL includes a check to ensure that a peer is sending reasonably sized messages in order to avoid too much memory being consumed to service a connection. A flaw in the logic of version 1.1.0 means that memory for the message is allocated too early, prior to the excessive message length check. Due to way memory is allocated in OpenSSL this could mean an attacker could force up to 21Mb to be allocated to service a connection. This could lead to a Denial of Service through memory exhaustion. However, the excessive message length check still takes place, and this would cause the connection to immediately fail. Assuming that the application calls SSL_free() on the failed conneciton in a timely manner then the 21Mb of allocated memory will then be immediately freed again. Therefore the excessive memory allocation will be transitory in nature. This then means that there is only a security impact if:
1) The application does not call SSL_free() in a timely manner in the event that the connection fails or 2) The application is working in a constrained environment where there is very little free memory or 3) The attacker initiates multiple connection attempts such that there are multiple connections in a state where memory has been allocated for the connection; SSL_free() has not yet been called; and there is insufficient memory to service the multiple requests.
Except in the instance of (1) above any Denial Of Service is likely to be transitory because as soon as the connection fails the memory is subsequently freed again in the SSL_free() call. However there is an increased risk during this period of application crashes due to the lack of memory - which would then mean a more serious Denial of Service.
This issue does not affect DTLS users.
OpenSSL 1.1.0 TLS users should upgrade to 1.1.0a
This issue was reported to OpenSSL on 18th September 2016 by Shi Lei (Gear Team, Qihoo 360 Inc.). The fix was developed by Matt Caswell of the OpenSSL development team.
Excessive allocation of memory in dtls1_preprocess_fragment() (CVE-2016-6308)
Severity: Low
This issue is very similar to CVE-2016-6307. The underlying defect is different but the security analysis and impacts are the same except that it impacts DTLS.
A DTLS message includes 3 bytes for its length in the header for the message. This would allow for messages up to 16Mb in length. Messages of this length are excessive and OpenSSL includes a check to ensure that a peer is sending reasonably sized messages in order to avoid too much memory being consumed to service a connection. A flaw in the logic of version 1.1.0 means that memory for the message is allocated too early, prior to the excessive message length check. Due to way memory is allocated in OpenSSL this could mean an attacker could force up to 21Mb to be allocated to service a connection. This could lead to a Denial of Service through memory exhaustion. However, the excessive message length check still takes place, and this would cause the connection to immediately fail. Assuming that the application calls SSL_free() on the failed conneciton in a timely manner then the 21Mb of allocated memory will then be immediately freed again. Therefore the excessive memory allocation will be transitory in nature. This then means that there is only a security impact if:
1) The application does not call SSL_free() in a timely manner in the event that the connection fails or 2) The application is working in a constrained environment where there is very little free memory or 3) The attacker initiates multiple connection attempts such that there are multiple connections in a state where memory has been allocated for the connection; SSL_free() has not yet been called; and there is insufficient memory to service the multiple requests.
Except in the instance of (1) above any Denial Of Service is likely to be transitory because as soon as the connection fails the memory is subsequently freed again in the SSL_free() call. However there is an increased risk during this period of application crashes due to the lack of memory - which would then mean a more serious Denial of Service.
This issue does not affect TLS users.
OpenSSL 1.1.0 DTLS users should upgrade to 1.1.0a
This issue was reported to OpenSSL on 18th September 2016 by Shi Lei (Gear Team, Qihoo 360 Inc.). The fix was developed by Matt Caswell of the OpenSSL development team.
Note
As per our previous announcements and our Release Strategy (https://www.openssl.org/policies/releasestrat.html), support for OpenSSL version 1.0.1 will cease on 31st December 2016. No security updates for that version will be provided after that date. Users of 1.0.1 are advised to upgrade.
Support for versions 0.9.8 and 1.0.0 ended on 31st December 2015. Those versions are no longer receiving security updates.
References
URL for this Security Advisory: https://www.openssl.org/news/secadv/20160922.txt
Note: the online version of the advisory may be updated with additional details over time.
For details of OpenSSL severity classifications please see: https://www.openssl.org/policies/secpolicy.html
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", "affected_products": { "@id": "https://www.variotdbs.pl/ref/affected_products" }, "configurations": { "@id": "https://www.variotdbs.pl/ref/configurations" }, "credits": { "@id": "https://www.variotdbs.pl/ref/credits" }, "cvss": { "@id": "https://www.variotdbs.pl/ref/cvss/" }, "description": { "@id": "https://www.variotdbs.pl/ref/description/" }, "exploit_availability": { "@id": "https://www.variotdbs.pl/ref/exploit_availability/" }, "external_ids": { "@id": "https://www.variotdbs.pl/ref/external_ids/" }, "iot": { "@id": "https://www.variotdbs.pl/ref/iot/" }, "iot_taxonomy": { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/" }, "patch": { "@id": "https://www.variotdbs.pl/ref/patch/" }, "problemtype_data": { "@id": "https://www.variotdbs.pl/ref/problemtype_data/" }, "references": { "@id": "https://www.variotdbs.pl/ref/references/" }, "sources": { "@id": "https://www.variotdbs.pl/ref/sources/" }, "sources_release_date": { "@id": "https://www.variotdbs.pl/ref/sources_release_date/" }, "sources_update_date": { "@id": "https://www.variotdbs.pl/ref/sources_update_date/" }, "threat_type": { "@id": "https://www.variotdbs.pl/ref/threat_type/" }, "title": { "@id": "https://www.variotdbs.pl/ref/title/" }, "type": { "@id": "https://www.variotdbs.pl/ref/type/" } }, "@id": "https://www.variotdbs.pl/vuln/VAR-201609-0597", "affected_products": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "model": "openssl", "scope": "eq", "trust": 1.0, "vendor": "openssl", "version": "1.0.1j" }, { "model": "openssl", "scope": "eq", "trust": 1.0, "vendor": "openssl", "version": "1.0.1q" }, { "model": "enterprise linux", "scope": "eq", "trust": 1.0, "vendor": "redhat", "version": "7.0" }, { "model": "openssl", "scope": "eq", "trust": 1.0, "vendor": "openssl", "version": "1.0.2a" }, { "model": "openssl", "scope": "eq", "trust": 1.0, "vendor": "openssl", "version": "1.0.1m" }, { "model": "node.js", "scope": "lt", "trust": 1.0, "vendor": "nodejs", "version": "6.7.0" }, { "model": "openssl", "scope": "eq", "trust": 1.0, "vendor": "openssl", "version": "1.0.1i" }, { "model": "node.js", "scope": "lt", "trust": 1.0, "vendor": "nodejs", "version": "4.1.2" }, { "model": "openssl", "scope": "eq", "trust": 1.0, "vendor": "openssl", "version": "1.0.1b" }, { "model": "jboss enterprise web server", "scope": "eq", "trust": 1.0, "vendor": "redhat", "version": "2.0.0" }, { "model": "content security management appliance", "scope": "eq", "trust": 1.0, "vendor": "cisco", "version": "9.7.0-006" }, { "model": "content security management appliance", "scope": "eq", "trust": 1.0, "vendor": "cisco", "version": "9.6.6-068" }, { "model": "openssl", "scope": "eq", "trust": 1.0, "vendor": "openssl", "version": "1.0.2c" }, { "model": "openssl", "scope": "eq", "trust": 1.0, "vendor": "openssl", "version": "1.0.2h" }, { "model": "python", "scope": "gte", "trust": 1.0, "vendor": "python", "version": "3.5.0" }, { "model": "database", "scope": "eq", "trust": 1.0, "vendor": "oracle", "version": "12.1.0.2" }, { "model": "node.js", "scope": "gte", "trust": 1.0, "vendor": "nodejs", "version": "6.0.0" }, { "model": "openssl", "scope": "eq", "trust": 1.0, "vendor": "openssl", "version": "1.0.1r" }, { "model": "openssl", "scope": "eq", "trust": 1.0, "vendor": "openssl", "version": "1.0.1p" }, { "model": "openssl", "scope": "eq", "trust": 1.0, "vendor": "openssl", "version": "1.0.1a" }, { "model": "node.js", "scope": "gte", "trust": 1.0, "vendor": "nodejs", "version": "0.10.0" }, { "model": "openssl", "scope": "eq", "trust": 1.0, "vendor": "openssl", "version": "1.0.1k" }, { "model": "openssl", "scope": "eq", "trust": 1.0, "vendor": "openssl", "version": "1.0.1o" }, { "model": "openssl", "scope": "eq", "trust": 1.0, "vendor": "openssl", "version": "1.0.1d" }, { "model": "openssl", "scope": "eq", "trust": 1.0, "vendor": "openssl", "version": "1.0.1h" }, { "model": "openssl", "scope": "eq", "trust": 1.0, "vendor": "openssl", "version": "1.0.1n" }, { "model": "python", "scope": "gte", "trust": 1.0, "vendor": "python", "version": "2.7.0" }, { "model": "openssl", "scope": "eq", "trust": 1.0, "vendor": "openssl", "version": "1.0.1f" }, { "model": "openssl", "scope": "eq", "trust": 1.0, "vendor": "openssl", "version": "1.0.2d" }, { "model": "node.js", "scope": "lt", "trust": 1.0, "vendor": "nodejs", "version": "0.12.16" }, { "model": "jboss enterprise application platform", "scope": "eq", "trust": 1.0, "vendor": "redhat", "version": "6.0.0" }, { "model": "enterprise linux", "scope": "eq", "trust": 1.0, "vendor": "redhat", "version": "6.0" }, { "model": "node.js", "scope": "gte", "trust": 1.0, "vendor": "nodejs", "version": "4.0.0" }, { "model": "openssl", "scope": "eq", "trust": 1.0, "vendor": "openssl", "version": "1.0.2f" }, { "model": "node.js", "scope": "gte", "trust": 1.0, "vendor": "nodejs", "version": "4.2.0" }, { "model": "jboss web server", "scope": "eq", "trust": 1.0, "vendor": "redhat", "version": "3.0" }, { "model": "jboss enterprise web server", "scope": "eq", "trust": 1.0, "vendor": "redhat", "version": "1.0.0" }, { "model": "openssl", "scope": "eq", "trust": 1.0, "vendor": "openssl", "version": "1.0.1e" }, { "model": "node.js", "scope": "lt", "trust": 1.0, "vendor": "nodejs", "version": "4.6.0" }, { "model": "python", "scope": "lt", "trust": 1.0, "vendor": "python", "version": "2.7.13" }, { "model": "openssl", "scope": "eq", "trust": 1.0, "vendor": "openssl", "version": "1.0.2e" }, { "model": "openssl", "scope": "eq", "trust": 1.0, "vendor": "openssl", "version": "1.0.1g" }, { "model": "openssl", "scope": "eq", "trust": 1.0, "vendor": "openssl", "version": "1.0.1l" }, { "model": "openssl", "scope": "eq", "trust": 1.0, "vendor": "openssl", "version": "1.0.1c" }, { "model": "openssl", "scope": "eq", "trust": 1.0, "vendor": "openssl", "version": "1.0.1t" }, { "model": "python", "scope": "gte", "trust": 1.0, "vendor": "python", "version": "3.4.0" }, { "model": "node.js", "scope": "lt", "trust": 1.0, "vendor": "nodejs", "version": "0.10.47" }, { "model": "openssl", "scope": "eq", "trust": 1.0, "vendor": "openssl", "version": "1.0.2b" }, { "model": "python", "scope": "lt", "trust": 1.0, "vendor": "python", "version": "3.5.3" }, { "model": "node.js", "scope": "gte", "trust": 1.0, "vendor": "nodejs", "version": "0.12.0" }, { "model": "database", "scope": "eq", "trust": 1.0, "vendor": "oracle", "version": "11.2.0.4" }, { "model": "enterprise linux", "scope": "eq", "trust": 1.0, "vendor": "redhat", "version": "5.0" }, { "model": "python", "scope": "lt", "trust": 1.0, "vendor": "python", "version": "3.4.7" } ], "sources": [ { "db": "NVD", "id": "CVE-2016-2183" } ] }, "configurations": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", "children": { "@container": "@list" }, "cpe_match": { "@container": "@list" }, "data": { "@container": "@list" }, "nodes": { "@container": "@list" } }, "data": [ { "CVE_data_version": "4.0", "nodes": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:redhat:jboss_enterprise_application_platform:6.0.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:redhat:jboss_enterprise_web_server:2.0.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:redhat:jboss_enterprise_web_server:1.0.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:redhat:jboss_web_server:3.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:a:python:python:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "3.4.7", "versionStartIncluding": "3.4.0", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:python:python:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "3.5.3", "versionStartIncluding": "3.5.0", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:python:python:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "2.7.13", "versionStartIncluding": "2.7.0", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:a:cisco:content_security_management_appliance:9.7.0-006:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:cisco:content_security_management_appliance:9.6.6-068:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1m:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.2a:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1j:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1h:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.2e:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1r:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.2b:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1c:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1g:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1a:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.2h:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1d:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1t:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.2c:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1p:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1k:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1b:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1n:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1q:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1e:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1l:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1f:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1o:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.2f:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1i:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.2d:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:a:oracle:database:12.1.0.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:database:11.2.0.4:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:a:nodejs:node.js:*:*:*:*:-:*:*:*", "cpe_name": [], "versionEndExcluding": "6.7.0", "versionStartIncluding": "6.0.0", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:nodejs:node.js:*:*:*:*:-:*:*:*", "cpe_name": [], "versionEndExcluding": "4.1.2", "versionStartIncluding": "4.0.0", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:nodejs:node.js:*:*:*:*:lts:*:*:*", "cpe_name": [], "versionEndExcluding": "4.6.0", "versionStartIncluding": "4.2.0", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "0.12.16", "versionStartIncluding": "0.12.0", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "0.10.47", "versionStartIncluding": "0.10.0", "vulnerable": true } ], "operator": "OR" } ] } ], "sources": [ { "db": "NVD", "id": "CVE-2016-2183" } ] }, "credits": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/credits#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Red Hat", "sources": [ { "db": "PACKETSTORM", "id": "148410" }, { "db": "PACKETSTORM", "id": "159431" }, { "db": "PACKETSTORM", "id": "156451" }, { "db": "PACKETSTORM", "id": "161320" } ], "trust": 0.4 }, "cve": "CVE-2016-2183", "cvss": { "@context": { "cvssV2": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2" }, "cvssV3": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/" }, "severity": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#" }, "@id": "https://www.variotdbs.pl/ref/cvss/severity" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "cvssV2": [ { "acInsufInfo": false, "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "author": "NVD", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "PARTIAL", "exploitabilityScore": 10.0, "impactScore": 2.9, "integrityImpact": "NONE", "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "MEDIUM", "trust": 1.0, "userInteractionRequired": false, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0" }, { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "author": "VULHUB", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "PARTIAL", "exploitabilityScore": 10.0, "id": "VHN-91002", "impactScore": 2.9, "integrityImpact": "NONE", "severity": "MEDIUM", "trust": 0.1, "vectorString": "AV:N/AC:L/AU:N/C:P/I:N/A:N", "version": "2.0" } ], "cvssV3": [ { "attackComplexity": "LOW", "attackVector": "NETWORK", "author": "NVD", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "exploitabilityScore": 3.9, "impactScore": 3.6, "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "trust": 1.0, "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1" } ], "severity": [ { "author": "NVD", "id": "CVE-2016-2183", "trust": 1.0, "value": "HIGH" }, { "author": "VULHUB", "id": "VHN-91002", "trust": 0.1, "value": "MEDIUM" } ] } ], "sources": [ { "db": "VULHUB", "id": "VHN-91002" }, { "db": "NVD", "id": "CVE-2016-2183" } ] }, "description": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "The DES and Triple DES ciphers, as used in the TLS, SSH, and IPSec protocols and other protocols and products, have a birthday bound of approximately four billion blocks, which makes it easier for remote attackers to obtain cleartext data via a birthday attack against a long-duration encrypted session, as demonstrated by an HTTPS session using Triple DES in CBC mode, aka a \"Sweet32\" attack. TLS (Transport Layer Security) is a set of protocols used to provide confidentiality and data integrity between two communication applications. SSH (full name Secure Shell) is a set of security protocols based on the application layer and transport layer developed by the Network Working Group of the Internet Engineering Task Force (IETF). IPSec (full name Internet Protocol Security) is a set of IP security protocols established by the IPSec group of the Internet Engineering Task Force (IETF). Both DES and Triple DES are encryption algorithms. There are information leakage vulnerabilities in the DES and Triple DES encryption algorithms used in the TLS, SSH, and IPSec protocols and other protocols and products. This vulnerability stems from configuration errors in network systems or products during operation. An unauthorized attacker could exploit the vulnerability to obtain sensitive information of the affected components. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA256\n\n=====================================================================\n Red Hat Security Advisory\n\nSynopsis: Moderate: python security update\nAdvisory ID: RHSA-2018:2123-01\nProduct: Red Hat Enterprise Linux\nAdvisory URL: https://access.redhat.com/errata/RHSA-2018:2123\nIssue date: 2018-07-03\nCVE Names: CVE-2016-2183 \n=====================================================================\n\n1. Summary:\n\nAn update for python is now available for Red Hat Enterprise Linux 7. \n\nRed Hat Product Security has rated this update as having a security impact\nof Moderate. A Common Vulnerability Scoring System (CVSS) base score, which\ngives a detailed severity rating, is available for each vulnerability from\nthe CVE link(s) in the References section. \n\n2. Relevant releases/architectures:\n\nRed Hat Enterprise Linux Client (v. 7) - x86_64\nRed Hat Enterprise Linux Client Optional (v. 7) - x86_64\nRed Hat Enterprise Linux ComputeNode (v. 7) - x86_64\nRed Hat Enterprise Linux ComputeNode Optional (v. 7) - x86_64\nRed Hat Enterprise Linux Server (v. 7) - ppc64, ppc64le, s390x, x86_64\nRed Hat Enterprise Linux Server Optional (v. 7) - ppc64, ppc64le, s390x, x86_64\nRed Hat Enterprise Linux Workstation (v. 7) - x86_64\nRed Hat Enterprise Linux Workstation Optional (v. 7) - x86_64\nRed Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7) - aarch64, ppc64le, s390x\nRed Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7) - aarch64, ppc64le, s390x\n\n3. Description:\n\nPython is an interpreted, interactive, object-oriented programming\nlanguage, which includes modules, classes, exceptions, very high level\ndynamic data types and dynamic typing. Python supports interfaces to many\nsystem calls and libraries, as well as to various windowing systems. \n\nSecurity Fix(es):\n\n* A flaw was found in the way the DES/3DES cipher was used as part of the\nTLS/SSL protocol. A man-in-the-middle attacker could use this flaw to\nrecover some plaintext data by capturing large amounts of encrypted traffic\nbetween TLS/SSL server and client if the communication used a DES/3DES\nbased ciphersuite. (CVE-2016-2183)\n\nNote: This update modifies the Python ssl module to disable 3DES cipher\nsuites by default. \n\nRed Hat would like to thank OpenVPN for reporting this issue. Upstream\nacknowledges Karthikeyan Bhargavan (Inria) and GaA\u003c\u003ctan Leurent (Inria) as\nthe original reporters. \n\n4. Solution:\n\nFor details on how to apply this update, which includes the changes\ndescribed in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\n5. Bugs fixed (https://bugzilla.redhat.com/):\n\n1369383 - CVE-2016-2183 SSL/TLS: Birthday attack against 64-bit block ciphers (SWEET32)\n\n6. Package List:\n\nRed Hat Enterprise Linux Client (v. 7):\n\nSource:\npython-2.7.5-69.el7_5.src.rpm\n\nx86_64:\npython-2.7.5-69.el7_5.x86_64.rpm\npython-debuginfo-2.7.5-69.el7_5.i686.rpm\npython-debuginfo-2.7.5-69.el7_5.x86_64.rpm\npython-libs-2.7.5-69.el7_5.i686.rpm\npython-libs-2.7.5-69.el7_5.x86_64.rpm\n\nRed Hat Enterprise Linux Client Optional (v. 7):\n\nx86_64:\npython-debug-2.7.5-69.el7_5.x86_64.rpm\npython-debuginfo-2.7.5-69.el7_5.x86_64.rpm\npython-devel-2.7.5-69.el7_5.x86_64.rpm\npython-test-2.7.5-69.el7_5.x86_64.rpm\npython-tools-2.7.5-69.el7_5.x86_64.rpm\ntkinter-2.7.5-69.el7_5.x86_64.rpm\n\nRed Hat Enterprise Linux ComputeNode (v. 7):\n\nSource:\npython-2.7.5-69.el7_5.src.rpm\n\nx86_64:\npython-2.7.5-69.el7_5.x86_64.rpm\npython-debuginfo-2.7.5-69.el7_5.i686.rpm\npython-debuginfo-2.7.5-69.el7_5.x86_64.rpm\npython-devel-2.7.5-69.el7_5.x86_64.rpm\npython-libs-2.7.5-69.el7_5.i686.rpm\npython-libs-2.7.5-69.el7_5.x86_64.rpm\n\nRed Hat Enterprise Linux ComputeNode Optional (v. 7):\n\nx86_64:\npython-debug-2.7.5-69.el7_5.x86_64.rpm\npython-debuginfo-2.7.5-69.el7_5.x86_64.rpm\npython-test-2.7.5-69.el7_5.x86_64.rpm\npython-tools-2.7.5-69.el7_5.x86_64.rpm\ntkinter-2.7.5-69.el7_5.x86_64.rpm\n\nRed Hat Enterprise Linux Server (v. 7):\n\nSource:\npython-2.7.5-69.el7_5.src.rpm\n\nppc64:\npython-2.7.5-69.el7_5.ppc64.rpm\npython-debuginfo-2.7.5-69.el7_5.ppc.rpm\npython-debuginfo-2.7.5-69.el7_5.ppc64.rpm\npython-devel-2.7.5-69.el7_5.ppc64.rpm\npython-libs-2.7.5-69.el7_5.ppc.rpm\npython-libs-2.7.5-69.el7_5.ppc64.rpm\n\nppc64le:\npython-2.7.5-69.el7_5.ppc64le.rpm\npython-debuginfo-2.7.5-69.el7_5.ppc64le.rpm\npython-devel-2.7.5-69.el7_5.ppc64le.rpm\npython-libs-2.7.5-69.el7_5.ppc64le.rpm\n\ns390x:\npython-2.7.5-69.el7_5.s390x.rpm\npython-debuginfo-2.7.5-69.el7_5.s390.rpm\npython-debuginfo-2.7.5-69.el7_5.s390x.rpm\npython-devel-2.7.5-69.el7_5.s390x.rpm\npython-libs-2.7.5-69.el7_5.s390.rpm\npython-libs-2.7.5-69.el7_5.s390x.rpm\n\nx86_64:\npython-2.7.5-69.el7_5.x86_64.rpm\npython-debuginfo-2.7.5-69.el7_5.i686.rpm\npython-debuginfo-2.7.5-69.el7_5.x86_64.rpm\npython-devel-2.7.5-69.el7_5.x86_64.rpm\npython-libs-2.7.5-69.el7_5.i686.rpm\npython-libs-2.7.5-69.el7_5.x86_64.rpm\n\nRed Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7):\n\nSource:\npython-2.7.5-69.el7_5.src.rpm\n\naarch64:\npython-2.7.5-69.el7_5.aarch64.rpm\npython-debuginfo-2.7.5-69.el7_5.aarch64.rpm\npython-devel-2.7.5-69.el7_5.aarch64.rpm\npython-libs-2.7.5-69.el7_5.aarch64.rpm\n\nppc64le:\npython-2.7.5-69.el7_5.ppc64le.rpm\npython-debuginfo-2.7.5-69.el7_5.ppc64le.rpm\npython-devel-2.7.5-69.el7_5.ppc64le.rpm\npython-libs-2.7.5-69.el7_5.ppc64le.rpm\n\ns390x:\npython-2.7.5-69.el7_5.s390x.rpm\npython-debuginfo-2.7.5-69.el7_5.s390.rpm\npython-debuginfo-2.7.5-69.el7_5.s390x.rpm\npython-devel-2.7.5-69.el7_5.s390x.rpm\npython-libs-2.7.5-69.el7_5.s390.rpm\npython-libs-2.7.5-69.el7_5.s390x.rpm\n\nRed Hat Enterprise Linux Server Optional (v. 7):\n\nppc64:\npython-debug-2.7.5-69.el7_5.ppc64.rpm\npython-debuginfo-2.7.5-69.el7_5.ppc64.rpm\npython-test-2.7.5-69.el7_5.ppc64.rpm\npython-tools-2.7.5-69.el7_5.ppc64.rpm\ntkinter-2.7.5-69.el7_5.ppc64.rpm\n\nppc64le:\npython-debug-2.7.5-69.el7_5.ppc64le.rpm\npython-debuginfo-2.7.5-69.el7_5.ppc64le.rpm\npython-test-2.7.5-69.el7_5.ppc64le.rpm\npython-tools-2.7.5-69.el7_5.ppc64le.rpm\ntkinter-2.7.5-69.el7_5.ppc64le.rpm\n\ns390x:\npython-debug-2.7.5-69.el7_5.s390x.rpm\npython-debuginfo-2.7.5-69.el7_5.s390x.rpm\npython-test-2.7.5-69.el7_5.s390x.rpm\npython-tools-2.7.5-69.el7_5.s390x.rpm\ntkinter-2.7.5-69.el7_5.s390x.rpm\n\nx86_64:\npython-debug-2.7.5-69.el7_5.x86_64.rpm\npython-debuginfo-2.7.5-69.el7_5.x86_64.rpm\npython-test-2.7.5-69.el7_5.x86_64.rpm\npython-tools-2.7.5-69.el7_5.x86_64.rpm\ntkinter-2.7.5-69.el7_5.x86_64.rpm\n\nRed Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7):\n\naarch64:\npython-debug-2.7.5-69.el7_5.aarch64.rpm\npython-debuginfo-2.7.5-69.el7_5.aarch64.rpm\npython-test-2.7.5-69.el7_5.aarch64.rpm\npython-tools-2.7.5-69.el7_5.aarch64.rpm\ntkinter-2.7.5-69.el7_5.aarch64.rpm\n\nppc64le:\npython-debug-2.7.5-69.el7_5.ppc64le.rpm\npython-debuginfo-2.7.5-69.el7_5.ppc64le.rpm\npython-test-2.7.5-69.el7_5.ppc64le.rpm\npython-tools-2.7.5-69.el7_5.ppc64le.rpm\ntkinter-2.7.5-69.el7_5.ppc64le.rpm\n\ns390x:\npython-debug-2.7.5-69.el7_5.s390x.rpm\npython-debuginfo-2.7.5-69.el7_5.s390x.rpm\npython-test-2.7.5-69.el7_5.s390x.rpm\npython-tools-2.7.5-69.el7_5.s390x.rpm\ntkinter-2.7.5-69.el7_5.s390x.rpm\n\nRed Hat Enterprise Linux Workstation (v. 7):\n\nSource:\npython-2.7.5-69.el7_5.src.rpm\n\nx86_64:\npython-2.7.5-69.el7_5.x86_64.rpm\npython-debuginfo-2.7.5-69.el7_5.i686.rpm\npython-debuginfo-2.7.5-69.el7_5.x86_64.rpm\npython-devel-2.7.5-69.el7_5.x86_64.rpm\npython-libs-2.7.5-69.el7_5.i686.rpm\npython-libs-2.7.5-69.el7_5.x86_64.rpm\n\nRed Hat Enterprise Linux Workstation Optional (v. 7):\n\nx86_64:\npython-debug-2.7.5-69.el7_5.x86_64.rpm\npython-debuginfo-2.7.5-69.el7_5.x86_64.rpm\npython-test-2.7.5-69.el7_5.x86_64.rpm\npython-tools-2.7.5-69.el7_5.x86_64.rpm\ntkinter-2.7.5-69.el7_5.x86_64.rpm\n\nThese packages are GPG signed by Red Hat for security. Our key and\ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/\n\n7. References:\n\nhttps://access.redhat.com/security/cve/CVE-2016-2183\nhttps://access.redhat.com/security/updates/classification/#moderate\n\n8. Contact:\n\nThe Red Hat security contact is \u003csecalert@redhat.com\u003e. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2018 Red Hat, Inc. \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1\n\niQIVAwUBWzuDSdzjgjWX9erEAQgETg/9HevQ3tUvI8plP6DSgN1Es+jArUKVGct5\ncIlHbLXCGIcy1D2NAndEznF+6LSWo/Ynd2C5esSdD9R+KvJrmbNJ7s+XN4Uys4ea\nFyBlHvw56yuSiAcGvUCF+rjg2IaN9QCkH9oGKUNIHpfOdxNnHu3Yk8muNa5H2mXh\nv2yomcfl6voFIMxvxlVKO7ENkESH/vYYnXFS7S+pnBoEZb4/HTp000ASovjewroq\nxGBLDUKzTp9nOVWVWECA6La1o+nDi4wOZVDgF7Ks2kaYdAYSa3vkoAI1hN6XtZ3O\nT3Fv7iF1BqQt+B//tCeT3Fa5SsDulob3K5H2TqnMRlZSr0mst/89RePsbz2wFM+p\n1wcklX9gVBI66y5XPfst/sNyLgWMkYgvUsYJTJHeYT0vAN+N54lcwjK1vxKCMFso\n2ltd63+E5ql26E1pp//cAqAo7JhWqsaqNV8uY4oKzAHRRfQ9kdz/yq2DfA8aswDL\n8nb1rjQ2tIRL/GtWL9ofhKey136qePvF5IwqF+jlO+N7wpG685KZF9zarNZqODxo\np93VTJQ6+J0oXktvyJ8RS1XqkFvznocfEThgrhdmsWW4G6bjA2GyAoTWpDy3NUUv\n6TxyeUjc6NvKb7t6wgrRuSBKkSRCaln+aBSakq012A50PNssvx7hNzVVl9zBgOv1\n6NvSNmqGIdM=\n=AUgF\n-----END PGP SIGNATURE-----\n\n--\nRHSA-announce mailing list\nRHSA-announce@redhat.com\nhttps://www.redhat.com/mailman/listinfo/rhsa-announce\n. Solution:\n\nBefore applying this update, ensure all previously released errata relevant\nto your system is applied. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA256\n\nNote: the current version of the following document is available here:\nhttps://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c05369415\n\nSUPPORT COMMUNICATION - SECURITY BULLETIN\n\nDocument ID: c05369415\nVersion: 1\n\nHPSBGN03690 rev.1 - HPE Real User Monitor (RUM), Remote Disclosure of\nInformation\n\nNOTICE: The information in this Security Bulletin should be acted upon as\nsoon as possible. \n\nRelease Date: 2017-01-18\nLast Updated: 2017-01-18\n\nPotential Security Impact: Remote: Disclosure of Information\n\nSource: Hewlett Packard Enterprise, Product Security Response Team\n\nVULNERABILITY SUMMARY\nA security vulnerability in DES/3DES block ciphers used in the TLS protocol,\ncould potentially impact HPE Real User Monitor (RUM) resulting in remote\ndisclosure of information also known as the SWEET32 attack. \n\nReferences:\n\n - CVE-2016-2183 - SWEET32\n\nSUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. \n\n - HP Real User Monitor Software Series v9.2x, v9.30\n\nBACKGROUND\n\n CVSS Base Metrics\n =================\n Reference, CVSS V3 Score/Vector, CVSS V2 Score/Vector\n\n CVE-2016-2183\n 5.3 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N\n 5.0 (AV:N/AC:L/Au:N/C:P/I:N/A:N)\n\n Information on CVSS is documented in\n HPE Customer Notice HPSN-2008-002 here:\n\nhttps://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c01345499\n\nRESOLUTION\n\nHPE has provided the following mitigation information to resolve the\nvulnerability for impacted versions of HPE Real User Monitor (RUM): \n\n *\n\u003chttps://softwaresupport.hpe.com/group/softwaresupport/search-result/-/facets\narch/document/KM02683527\u003e\n\nHISTORY\nVersion:1 (rev.1) - 18 January 2017 Initial release\n\nThird Party Security Patches: Third party security patches that are to be\ninstalled on systems running Hewlett Packard Enterprise (HPE) software\nproducts should be applied in accordance with the customer\u0027s patch management\npolicy. \n\nSupport: For issues about implementing the recommendations of this Security\nBulletin, contact normal HPE Services support channel. For other issues about\nthe content of this Security Bulletin, send e-mail to security-alert@hpe.com. \n\nReport: To report a potential security vulnerability for any HPE supported\nproduct:\n Web form: https://www.hpe.com/info/report-security-vulnerability\n Email: security-alert@hpe.com\n\nSubscribe: To initiate a subscription to receive future HPE Security Bulletin\nalerts via Email: http://www.hpe.com/support/Subscriber_Choice\n\nSecurity Bulletin Archive: A list of recently released Security Bulletins is\navailable here: http://www.hpe.com/support/Security_Bulletin_Archive\n\nSoftware Product Category: The Software Product Category is represented in\nthe title by the two characters following HPSB. \n\n3C = 3COM\n3P = 3rd Party Software\nGN = HPE General Software\nHF = HPE Hardware and Firmware\nMU = Multi-Platform Software\nNS = NonStop Servers\nOV = OpenVMS\nPV = ProCurve\nST = Storage Software\nUX = HP-UX\n\nCopyright 2016 Hewlett Packard Enterprise\n\nHewlett Packard Enterprise shall not be liable for technical or editorial\nerrors or omissions contained herein. The information provided is provided\n\"as is\" without warranty of any kind. To the extent permitted by law, neither\nHP or its affiliates, subcontractors or suppliers will be liable for\nincidental,special or consequential damages including downtime cost; lost\nprofits; damages relating to the procurement of substitute products or\nservices; or damages for loss of data, or software restoration. The\ninformation in this document is subject to change without notice. Hewlett\nPackard Enterprise and the names of Hewlett Packard Enterprise products\nreferenced herein are trademarks of Hewlett Packard Enterprise in the United\nStates and other countries. Other product and company names mentioned herein\nmay be trademarks of their respective owners. ==========================================================================\nUbuntu Security Notice USN-3087-1\nSeptember 22, 2016\n\nopenssl vulnerabilities\n==========================================================================\n\nA security issue affects these releases of Ubuntu and its derivatives:\n\n- Ubuntu 16.04 LTS\n- Ubuntu 14.04 LTS\n- Ubuntu 12.04 LTS\n\nSummary:\n\nSeveral security issues were fixed in OpenSSL. \n\nSoftware Description:\n- openssl: Secure Socket Layer (SSL) cryptographic library and tools\n\nDetails:\n\nShi Lei discovered that OpenSSL incorrectly handled the OCSP Status Request\nextension. (CVE-2016-6304)\n\nGuido Vranken discovered that OpenSSL used undefined behaviour when\nperforming pointer arithmetic. This\nissue has only been addressed in Ubuntu 16.04 LTS in this update. (CVE-2016-2178)\n\nQuan Luo discovered that OpenSSL did not properly restrict the lifetime\nof queue entries in the DTLS implementation. (CVE-2016-2179)\n\nShi Lei discovered that OpenSSL incorrectly handled memory in the\nTS_OBJ_print_bio() function. (CVE-2016-2180)\n\nIt was discovered that the OpenSSL incorrectly handled the DTLS anti-replay\nfeature. (CVE-2016-2181)\n\nShi Lei discovered that OpenSSL incorrectly validated division results. \n(CVE-2016-2182)\n\nKarthik Bhargavan and Gaetan Leurent discovered that the DES and Triple DES\nciphers were vulnerable to birthday attacks. This update moves DES from the HIGH cipher list to MEDIUM. \n(CVE-2016-2183)\n\nShi Lei discovered that OpenSSL incorrectly handled certain ticket lengths. \n(CVE-2016-6302)\n\nShi Lei discovered that OpenSSL incorrectly handled memory in the\nMDC2_Update() function. (CVE-2016-6303)\n\nShi Lei discovered that OpenSSL incorrectly performed certain message\nlength checks. (CVE-2016-6306)\n\nUpdate instructions:\n\nThe problem can be corrected by updating your system to the following\npackage versions:\n\nUbuntu 16.04 LTS:\n libssl1.0.0 1.0.2g-1ubuntu4.4\n\nUbuntu 14.04 LTS:\n libssl1.0.0 1.0.1f-1ubuntu2.20\n\nUbuntu 12.04 LTS:\n libssl1.0.0 1.0.1-4ubuntu5.37\n\nAfter a standard system update you need to reboot your computer to make\nall the necessary changes. This update causes NSS to limit use of the same symmetric key. (CVE-2017-5461)\n\nThis update refreshes the NSS package to version 3.28.4 which includes\nthe latest CA certificate bundle. After a standard system update you need to restart any applications\nthat use NSS, such as Evolution and Chromium, to make all the necessary\nchanges. Description:\n\nRed Hat OpenShift Container Platform is Red Hat\u0027s cloud computing\nKubernetes application platform solution designed for on-premise or private\ncloud deployments. \n\nThis advisory contains the container images for Red Hat OpenShift Container\nPlatform 4.6.16. See the following advisory for the RPM packages for this\nrelease:\n\nhttps://access.redhat.com/errata/RHBA-2021:0309\n\nSpace precludes documenting all of the container images in this advisory. \nSee the following Release Notes documentation, which will be updated\nshortly for this release, for details about these changes:\n\nhttps://docs.openshift.com/container-platform/4.6/release_notes/ocp-4-6-rel\nease-notes.html\n\nYou may download the oc tool and use it to inspect release image metadata\nas follows:\n\n(For x86_64 architecture)\n\n $ oc adm release info\nquay.io/openshift-release-dev/ocp-release:4.6.16-x86_64\n\nThe image digest is\nsha256:3e855ad88f46ad1b7f56c312f078ca6adaba623c5d4b360143f9f82d2f349741\n\n(For s390x architecture)\n\n $ oc adm release info\nquay.io/openshift-release-dev/ocp-release:4.6.16-s390x\n\nThe image digest is\nsha256:2335685cda334ecf9e12c056b148c483fb81412fbfc96c885dc669d775e1f1ee\n\n(For ppc64le architecture)\n\n $ oc adm release info\nquay.io/openshift-release-dev/ocp-release:4.6.16-ppc64le\n\nThe image digest is\nsha256:953ccacf79467b3e8ebfb8def92013f1574d75e24b3ea9a455aa8931f7f17b88\n\nAll OpenShift Container Platform 4.6 users are advised to upgrade to these\nupdated packages and images when they are available in the appropriate\nrelease channel. To check for available updates, use the OpenShift Console\nor the CLI oc command. Instructions for upgrading a cluster are available\nat\nhttps://docs.openshift.com/container-platform/4.6/updating/updating-cluster\n- -between-minor.html#understanding-upgrade-channels_updating-cluster-between\n- -minor. \n\nSecurity Fix(es):\n\n* SSL/TLS: Birthday attack against 64-bit block ciphers (SWEET32)\n(CVE-2016-2183)\n\n* openshift/builder: privilege escalation during container image builds via\nmounted secrets (CVE-2021-3344)\n\n* openshift/installer: Bootstrap nodes allow anonymous authentication on\nkubelet port 10250 (CVE-2021-20198)\n\nFor more details about the security issue(s), including the impact, a CVSS\nscore, acknowledgments, and other related information, refer to the CVE\npage(s) listed in the References section. Solution:\n\nFor OpenShift Container Platform 4.6 see the following documentation, which\nwill be updated shortly for this release, for important instructions on how\nto upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.6/release_notes/ocp-4-6-rel\nease-notes.html\n\nDetails on how to access this content are available at\nhttps://docs.openshift.com/container-platform/4.6/updating/updating-cluster\n- -cli.html. Bugs fixed (https://bugzilla.redhat.com/):\n\n1369383 - CVE-2016-2183 SSL/TLS: Birthday attack against 64-bit block ciphers (SWEET32)\n1873004 - [downstream] Should indicate the version info instead of the commit info\n1887759 - [release 4.6] Gather MachineConfigPools\n1889676 - [release 4.6] Gather top installplans and their count\n1889865 - operator-registry image needs clean up in /tmp\n1890274 - [4.6] External IP doesn\u0027t work if the IP address is not assigned to a node\n1890452 - Adding BYOK disk encryption through DES\n1891697 - Handle missing labels as empty. \n1891892 - The windows oc.exe binary does not have version metadata\n1893409 - [release-4.6] MCDPivotError alert/metric missing\n1893738 - Examining agones helm chart resources results in \"Oh no!\"\n1894916 - [4.6] Panic output due to timeouts in openshift-apiserver\n1896919 - start creating new-style Secrets for AWS\n1898672 - Pod gets stuck in ContainerCreating state with exhausted Whereabouts IPAM range with a daemonset\n1899107 - [4.6] ironic-api used by metal3 is over provisioned and consumes a lot of RAM\n1899535 - ds/machine-config-daemon takes 100+ minutes to rollout on 250 node cluster\n1901602 - Extra reboot during 4.5 -\u003e 4.6 upgrade\n1901605 - CNO blocks editing Kuryr options\n1903649 - Automated cleaning is disabled by default\n1903887 - dns daemonset rolls out slowly in large clusters\n1904091 - Missing registry v1 protocol usage metric on telemetry\n1904577 - [4.6] Local storage operator doesn\u0027t include correctly populate LocalVolumeDiscoveryResult in console\n1905031 - (release-4.6) Collect spec config for clusteroperator resources\n1905195 - [release-4.6] Detecting broken connections to the Kube API takes up to 15 minutes\n1905573 - [4.6] Changing the bound token service account issuer invalids previously issued bound tokens\n1905788 - Role name missing on create role binding form\n1906332 - update discovery burst to reflect lots of CRDs on openshift clusters\n1906741 - KeyError: \u0027nodeName\u0027 on NP deletion\n1906796 - [SA] verify-image-signature using service account does not work\n1907827 - Kn resources are not showing in Topology if triggers has KSVC and IMC as subscriber\n1907830 - \"Evaluating rule failed\" for \"record: cluster:kube_persistentvolumeclaim_resource_requests_storage_bytes:provisioner:sum\" and \"record: cluster:kubelet_volume_stats_used_bytes:provisioner:sum\"\n1909673 - scale up / down buttons available on pod details side panel\n1912388 - [OVN]: `make check` broken on 4.6\n1912430 - thanosRuler.resources.requests does not take effect in user-workload-monitoring-config confimap\n1913109 - oc debug of an init container no longer works\n1913645 - Improved Red Hat image and crashlooping OpenShift pod collection\n1915560 - OCP 4.4.9: EtcdMemberIPMigratorDegraded: rpc error: code = Canceled desc = grpc: the client connection is closing\n1916096 - [oVirt] csi operator panics if ovirt-engine suddenly becomes unavailable. \n1916100 - [oVirt] Consume 23-10 ovirt sdk - csi operator\n1916347 - Updating scheduling component builder \u0026 base images to be consistent with ART\n1916857 - configs.imageregistry.operator.openshift.io cluster does not update its status fields after URL change\n1916907 - dns-node-resolver corrupts /etc/hosts if internal registry is not in use\n1917240 - [4.6] Network Policies are not working as expected with OVN-Kubernetes when traffic hairpins back to the same source through a service\n1917498 - Regression OLM uses scoped client for CRD installation\n1917547 - oc adm catalog mirror does not mirror the index image itself\n1917548 - [4.6] Cannot filter the platform/arch of the index image\n1917549 - Failed to mirror operator catalog - error: destination registry required\n1917550 - oc adm catalog mirror command attempts to pull from registry.redhat.io when using --from-dir option\n1917609 - [4.6z] Deleting an exgw causes pods to no longer route to other exgws\n1918194 - with sharded ingresscontrollers, all shards reload when any endpoint changes\n1918202 - Grafana - The resulting dataset is too large to graph (OCS RBD volumes being counted as disks)\n1918525 - OLM enters infinite loop if Pending CSV replaces itself\n1918779 - [Negative Test] After deleting metal3 pod, scaling worker stuck on provisioning state\n1918792 - [BUG] Thanos having possible memory leak consuming huge amounts of node\u0027s memory and killing them\n1918961 - [IPI on vsphere] Executing \u0027openshift-installer destroy cluster\u0027 leaves installer tag categories in vsphere\n1920764 - CVE-2021-20198 openshift/installer: Bootstrap nodes allow anonymous authentication on kubelet port 10250\n1920873 - Failure to upgrade operator when a Service is included in a Bundle\n1920995 - kuryr-cni pods using unreasonable amount of CPU\n1921450 - CVE-2021-3344 openshift/builder: privilege escalation during container image builds via mounted secrets\n1921473 - test-cmd is failing on volumes.sh pretty consistently\n1921599 - OCP 4.5 to 4.6 upgrade for \"aws-ebs-csi-driver-operator\" fails when \"defaultNodeSelector\" is set\n\n5. \nOpenSSL Security Advisory [22 Sep 2016]\n========================================\n\nOCSP Status Request extension unbounded memory growth (CVE-2016-6304)\n=====================================================================\n\nSeverity: High\n\nA malicious client can send an excessively large OCSP Status Request extension. \nIf that client continually requests renegotiation, sending a large OCSP Status\nRequest extension each time, then there will be unbounded memory growth on the\nserver. This will eventually lead to a Denial Of Service attack through memory\nexhaustion. Servers with a default configuration are vulnerable even if they do\nnot support OCSP. Builds using the \"no-ocsp\" build time option are not affected. \n\nServers using OpenSSL versions prior to 1.0.1g are not vulnerable in a default\nconfiguration, instead only if an application explicitly enables OCSP stapling\nsupport. \n\nOpenSSL 1.1.0 users should upgrade to 1.1.0a\nOpenSSL 1.0.2 users should upgrade to 1.0.2i\nOpenSSL 1.0.1 users should upgrade to 1.0.1u\n\nThis issue was reported to OpenSSL on 29th August 2016 by Shi Lei (Gear Team,\nQihoo 360 Inc.). The fix was developed by Matt Caswell of the OpenSSL\ndevelopment team. \n\nSSL_peek() hang on empty record (CVE-2016-6305)\n===============================================\n\nSeverity: Moderate\n\nOpenSSL 1.1.0 SSL/TLS will hang during a call to SSL_peek() if the peer sends an\nempty record. This could be exploited by a malicious peer in a Denial Of Service\nattack. \n\nOpenSSL 1.1.0 users should upgrade to 1.1.0a\n\nThis issue was reported to OpenSSL on 10th September 2016 by Alex Gaynor. The\nfix was developed by Matt Caswell of the OpenSSL development team. \n\nSWEET32 Mitigation (CVE-2016-2183)\n==================================\n\nSeverity: Low\n\nSWEET32 (https://sweet32.info) is an attack on older block cipher algorithms\nthat use a block size of 64 bits. In mitigation for the SWEET32 attack DES based\nciphersuites have been moved from the HIGH cipherstring group to MEDIUM in\nOpenSSL 1.0.1 and OpenSSL 1.0.2. OpenSSL 1.1.0 since release has had these\nciphersuites disabled by default. \n\nOpenSSL 1.0.2 users should upgrade to 1.0.2i\nOpenSSL 1.0.1 users should upgrade to 1.0.1u\n\nThis issue was reported to OpenSSL on 16th August 2016 by Karthikeyan\nBhargavan and Gaetan Leurent (INRIA). The fix was developed by Rich Salz of the\nOpenSSL development team. \n\nOOB write in MDC2_Update() (CVE-2016-6303)\n==========================================\n\nSeverity: Low\n\nAn overflow can occur in MDC2_Update() either if called directly or\nthrough the EVP_DigestUpdate() function using MDC2. If an attacker\nis able to supply very large amounts of input data after a previous\ncall to EVP_EncryptUpdate() with a partial block then a length check\ncan overflow resulting in a heap corruption. \n\nThe amount of data needed is comparable to SIZE_MAX which is impractical\non most platforms. \n\nOpenSSL 1.0.2 users should upgrade to 1.0.2i\nOpenSSL 1.0.1 users should upgrade to 1.0.1u\n\nThis issue was reported to OpenSSL on 11th August 2016 by Shi Lei (Gear Team,\nQihoo 360 Inc.). The fix was developed by Stephen Henson of the OpenSSL\ndevelopment team. \n\nMalformed SHA512 ticket DoS (CVE-2016-6302)\n===========================================\n\nSeverity: Low\n\nIf a server uses SHA512 for TLS session ticket HMAC it is vulnerable to a\nDoS attack where a malformed ticket will result in an OOB read which will\nultimately crash. \n\nThe use of SHA512 in TLS session tickets is comparatively rare as it requires\na custom server callback and ticket lookup mechanism. \n\nOpenSSL 1.0.2 users should upgrade to 1.0.2i\nOpenSSL 1.0.1 users should upgrade to 1.0.1u\n\nThis issue was reported to OpenSSL on 19th August 2016 by Shi Lei (Gear Team,\nQihoo 360 Inc.). The fix was developed by Stephen Henson of the OpenSSL\ndevelopment team. \n\nOOB write in BN_bn2dec() (CVE-2016-2182)\n========================================\n\nSeverity: Low\n\nThe function BN_bn2dec() does not check the return value of BN_div_word(). \nThis can cause an OOB write if an application uses this function with an\noverly large BIGNUM. This could be a problem if an overly large certificate\nor CRL is printed out from an untrusted source. TLS is not affected because\nrecord limits will reject an oversized certificate before it is parsed. \n\nOpenSSL 1.0.2 users should upgrade to 1.0.2i\nOpenSSL 1.0.1 users should upgrade to 1.0.1u\n\nThis issue was reported to OpenSSL on 2nd August 2016 by Shi Lei (Gear Team,\nQihoo 360 Inc.). The fix was developed by Stephen Henson of the OpenSSL\ndevelopment team. \n\nOOB read in TS_OBJ_print_bio() (CVE-2016-2180)\n==============================================\n\nSeverity: Low\n\nThe function TS_OBJ_print_bio() misuses OBJ_obj2txt(): the return value is\nthe total length the OID text representation would use and not the amount\nof data written. This will result in OOB reads when large OIDs are presented. \n\nOpenSSL 1.0.2 users should upgrade to 1.0.2i\nOpenSSL 1.0.1 users should upgrade to 1.0.1u\n\nThis issue was reported to OpenSSL on 21st July 2016 by Shi Lei (Gear Team,\nQihoo 360 Inc.). The fix was developed by Stephen Henson of the OpenSSL\ndevelopment team. \n\nPointer arithmetic undefined behaviour (CVE-2016-2177)\n======================================================\n\nSeverity: Low\n\nAvoid some undefined pointer arithmetic\n\nA common idiom in the codebase is to check limits in the following manner:\n\"p + len \u003e limit\"\n\nWhere \"p\" points to some malloc\u0027d data of SIZE bytes and\nlimit == p + SIZE\n\n\"len\" here could be from some externally supplied data (e.g. from a TLS\nmessage). \n\nThe rules of C pointer arithmetic are such that \"p + len\" is only well\ndefined where len \u003c= SIZE. Therefore the above idiom is actually\nundefined behaviour. \n\nFor example this could cause problems if some malloc implementation\nprovides an address for \"p\" such that \"p + len\" actually overflows for\nvalues of len that are too big and therefore p + len \u003c limit. \n\nOpenSSL 1.0.2 users should upgrade to 1.0.2i\nOpenSSL 1.0.1 users should upgrade to 1.0.1u\n\nThis issue was reported to OpenSSL on 4th May 2016 by Guido Vranken. The\nfix was developed by Matt Caswell of the OpenSSL development team. \n\nConstant time flag not preserved in DSA signing (CVE-2016-2178)\n===============================================================\n\nSeverity: Low\n\nOperations in the DSA signing algorithm should run in constant time in order to\navoid side channel attacks. A flaw in the OpenSSL DSA implementation means that\na non-constant time codepath is followed for certain operations. This has been\ndemonstrated through a cache-timing attack to be sufficient for an attacker to\nrecover the private DSA key. \n\nOpenSSL 1.0.2 users should upgrade to 1.0.2i\nOpenSSL 1.0.1 users should upgrade to 1.0.1u\n\nThis issue was reported to OpenSSL on 23rd May 2016 by C\u00e9sar Pereida (Aalto\nUniversity), Billy Brumley (Tampere University of Technology), and Yuval Yarom\n(The University of Adelaide and NICTA). The fix was developed by C\u00e9sar Pereida. \n\nDTLS buffered message DoS (CVE-2016-2179)\n=========================================\n\nSeverity: Low\n\nIn a DTLS connection where handshake messages are delivered out-of-order those\nmessages that OpenSSL is not yet ready to process will be buffered for later\nuse. Under certain circumstances, a flaw in the logic means that those messages\ndo not get removed from the buffer even though the handshake has been completed. \nAn attacker could force up to approx. 15 messages to remain in the buffer when\nthey are no longer required. These messages will be cleared when the DTLS\nconnection is closed. The default maximum size for a message is 100k. Therefore\nthe attacker could force an additional 1500k to be consumed per connection. By\nopening many simulataneous connections an attacker could cause a DoS attack\nthrough memory exhaustion. \n\nOpenSSL 1.0.2 DTLS users should upgrade to 1.0.2i\nOpenSSL 1.0.1 DTLS users should upgrade to 1.0.1u\n\nThis issue was reported to OpenSSL on 22nd June 2016 by Quan Luo. The fix was\ndeveloped by Matt Caswell of the OpenSSL development team. \n\nDTLS replay protection DoS (CVE-2016-2181)\n==========================================\n\nSeverity: Low\n\nA flaw in the DTLS replay attack protection mechanism means that records that\narrive for future epochs update the replay protection \"window\" before the MAC\nfor the record has been validated. This could be exploited by an attacker by\nsending a record for the next epoch (which does not have to decrypt or have a\nvalid MAC), with a very large sequence number. This means that all subsequent\nlegitimate packets are dropped causing a denial of service for a specific\nDTLS connection. \n\nOpenSSL 1.0.2 DTLS users should upgrade to 1.0.2i\nOpenSSL 1.0.1 DTLS users should upgrade to 1.0.1u\n\nThis issue was reported to OpenSSL on 21st November 2015 by the OCAP audit team. \nThe fix was developed by Matt Caswell of the OpenSSL development team. \n\nCertificate message OOB reads (CVE-2016-6306)\n=============================================\n\nSeverity: Low\n\nIn OpenSSL 1.0.2 and earlier some missing message length checks can result in\nOOB reads of up to 2 bytes beyond an allocated buffer. There is a theoretical\nDoS risk but this has not been observed in practice on common platforms. \n\nThe messages affected are client certificate, client certificate request and\nserver certificate. As a result the attack can only be performed against\na client or a server which enables client authentication. \n\nOpenSSL 1.1.0 is not affected. \n\nOpenSSL 1.0.2 users should upgrade to 1.0.2i\nOpenSSL 1.0.1 users should upgrade to 1.0.1u\n\nThis issue was reported to OpenSSL on 22nd August 2016 by Shi Lei (Gear Team,\nQihoo 360 Inc.). The fix was developed by Stephen Henson of the OpenSSL\ndevelopment team. \n\nExcessive allocation of memory in tls_get_message_header() (CVE-2016-6307)\n==========================================================================\n\nSeverity: Low\n\nA TLS message includes 3 bytes for its length in the header for the message. \nThis would allow for messages up to 16Mb in length. Messages of this length are\nexcessive and OpenSSL includes a check to ensure that a peer is sending\nreasonably sized messages in order to avoid too much memory being consumed to\nservice a connection. A flaw in the logic of version 1.1.0 means that memory for\nthe message is allocated too early, prior to the excessive message length\ncheck. Due to way memory is allocated in OpenSSL this could mean an attacker\ncould force up to 21Mb to be allocated to service a connection. This could lead\nto a Denial of Service through memory exhaustion. However, the excessive message\nlength check still takes place, and this would cause the connection to\nimmediately fail. Assuming that the application calls SSL_free() on the failed\nconneciton in a timely manner then the 21Mb of allocated memory will then be\nimmediately freed again. Therefore the excessive memory allocation will be\ntransitory in nature. This then means that there is only a security impact if:\n\n1) The application does not call SSL_free() in a timely manner in the\nevent that the connection fails\nor\n2) The application is working in a constrained environment where there\nis very little free memory\nor\n3) The attacker initiates multiple connection attempts such that there\nare multiple connections in a state where memory has been allocated for\nthe connection; SSL_free() has not yet been called; and there is\ninsufficient memory to service the multiple requests. \n\nExcept in the instance of (1) above any Denial Of Service is likely to\nbe transitory because as soon as the connection fails the memory is\nsubsequently freed again in the SSL_free() call. However there is an\nincreased risk during this period of application crashes due to the lack\nof memory - which would then mean a more serious Denial of Service. \n\nThis issue does not affect DTLS users. \n\nOpenSSL 1.1.0 TLS users should upgrade to 1.1.0a\n\nThis issue was reported to OpenSSL on 18th September 2016 by Shi Lei (Gear Team,\nQihoo 360 Inc.). The fix was developed by Matt Caswell of the OpenSSL\ndevelopment team. \n\nExcessive allocation of memory in dtls1_preprocess_fragment() (CVE-2016-6308)\n=============================================================================\n\nSeverity: Low\n\nThis issue is very similar to CVE-2016-6307. The underlying defect is different\nbut the security analysis and impacts are the same except that it impacts DTLS. \n\nA DTLS message includes 3 bytes for its length in the header for the message. \nThis would allow for messages up to 16Mb in length. Messages of this length are\nexcessive and OpenSSL includes a check to ensure that a peer is sending\nreasonably sized messages in order to avoid too much memory being consumed to\nservice a connection. A flaw in the logic of version 1.1.0 means that memory for\nthe message is allocated too early, prior to the excessive message length\ncheck. Due to way memory is allocated in OpenSSL this could mean an attacker\ncould force up to 21Mb to be allocated to service a connection. This could lead\nto a Denial of Service through memory exhaustion. However, the excessive message\nlength check still takes place, and this would cause the connection to\nimmediately fail. Assuming that the application calls SSL_free() on the failed\nconneciton in a timely manner then the 21Mb of allocated memory will then be\nimmediately freed again. Therefore the excessive memory allocation will be\ntransitory in nature. This then means that there is only a security impact if:\n\n1) The application does not call SSL_free() in a timely manner in the\nevent that the connection fails\nor\n2) The application is working in a constrained environment where there\nis very little free memory\nor\n3) The attacker initiates multiple connection attempts such that there\nare multiple connections in a state where memory has been allocated for\nthe connection; SSL_free() has not yet been called; and there is\ninsufficient memory to service the multiple requests. \n\nExcept in the instance of (1) above any Denial Of Service is likely to\nbe transitory because as soon as the connection fails the memory is\nsubsequently freed again in the SSL_free() call. However there is an\nincreased risk during this period of application crashes due to the lack\nof memory - which would then mean a more serious Denial of Service. \n\nThis issue does not affect TLS users. \n\nOpenSSL 1.1.0 DTLS users should upgrade to 1.1.0a\n\nThis issue was reported to OpenSSL on 18th September 2016 by Shi Lei (Gear Team,\nQihoo 360 Inc.). The fix was developed by Matt Caswell of the OpenSSL\ndevelopment team. \n\nNote\n====\n\nAs per our previous announcements and our Release Strategy\n(https://www.openssl.org/policies/releasestrat.html), support for OpenSSL\nversion 1.0.1 will cease on 31st December 2016. No security updates for that\nversion will be provided after that date. Users of 1.0.1 are advised to\nupgrade. \n\nSupport for versions 0.9.8 and 1.0.0 ended on 31st December 2015. Those\nversions are no longer receiving security updates. \n\nReferences\n==========\n\nURL for this Security Advisory:\nhttps://www.openssl.org/news/secadv/20160922.txt\n\nNote: the online version of the advisory may be updated with additional details\nover time. \n\nFor details of OpenSSL severity classifications please see:\nhttps://www.openssl.org/policies/secpolicy.html\n", "sources": [ { "db": "NVD", "id": "CVE-2016-2183" }, { "db": "VULHUB", "id": "VHN-91002" }, { "db": "PACKETSTORM", "id": "148410" }, { "db": "PACKETSTORM", "id": "159431" }, { "db": "PACKETSTORM", "id": "156451" }, { "db": "PACKETSTORM", "id": "140708" }, { "db": "PACKETSTORM", "id": "138820" }, { "db": "PACKETSTORM", "id": "142340" }, { "db": "PACKETSTORM", "id": "161320" }, { "db": "PACKETSTORM", "id": "169633" } ], "trust": 1.71 }, "exploit_availability": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/exploit_availability#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "reference": "https://www.scap.org.cn/vuln/vhn-91002", "trust": 0.1, "type": "unknown" } ], "sources": [ { "db": "VULHUB", "id": "VHN-91002" } ] }, "external_ids": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "db": "NVD", "id": "CVE-2016-2183", "trust": 1.9 }, { "db": "PACKETSTORM", "id": "142756", "trust": 1.1 }, { "db": "ICS CERT", "id": "ICSMA-18-058-02", "trust": 1.1 }, { "db": "SECTRACK", "id": "1036696", "trust": 1.1 }, { "db": "PULSESECURE", "id": "SA40312", "trust": 1.1 }, { "db": "BID", "id": "92630", "trust": 1.1 }, { "db": "BID", "id": "95568", "trust": 1.1 }, { "db": "TENABLE", "id": "TNS-2017-09", "trust": 1.1 }, { "db": "TENABLE", "id": "TNS-2016-21", "trust": 1.1 }, { "db": "TENABLE", "id": "TNS-2016-20", "trust": 1.1 }, { "db": "TENABLE", "id": "TNS-2016-16", "trust": 1.1 }, { "db": "MCAFEE", "id": "SB10197", "trust": 1.1 }, { "db": "MCAFEE", "id": "SB10310", "trust": 1.1 }, { "db": "MCAFEE", "id": "SB10186", "trust": 1.1 }, { "db": "MCAFEE", "id": "SB10215", "trust": 1.1 }, { "db": "MCAFEE", "id": "SB10171", "trust": 1.1 }, { "db": "SIEMENS", "id": "SSA-412672", "trust": 1.1 }, { "db": "JUNIPER", "id": "JSA10759", "trust": 1.1 }, { "db": "EXPLOIT-DB", "id": "42091", "trust": 1.1 }, { "db": "PACKETSTORM", "id": "161320", "trust": 0.2 }, { "db": "PACKETSTORM", "id": "148410", "trust": 0.2 }, { "db": "PACKETSTORM", "id": "140708", "trust": 0.2 }, { "db": "PACKETSTORM", "id": "142340", "trust": 0.2 }, { "db": "PACKETSTORM", "id": "156451", "trust": 0.2 }, { "db": "PACKETSTORM", "id": "159431", "trust": 0.2 }, { "db": "PACKETSTORM", "id": "141352", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "143970", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "150303", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "140718", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "143244", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "141100", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "140473", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "141111", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "141354", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "144865", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "143549", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "141555", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "140725", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "144869", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "145017", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "140084", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "147581", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "152978", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "140977", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "154650", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "145018", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "141353", "trust": 0.1 }, { "db": "CNNVD", "id": "CNNVD-201608-448", "trust": 0.1 }, { "db": "VULHUB", "id": "VHN-91002", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "138820", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "169633", "trust": 0.1 } ], "sources": [ { "db": "VULHUB", "id": "VHN-91002" }, { "db": "PACKETSTORM", "id": "148410" }, { "db": "PACKETSTORM", "id": "159431" }, { "db": "PACKETSTORM", "id": "156451" }, { "db": "PACKETSTORM", "id": "140708" }, { "db": "PACKETSTORM", "id": "138820" }, { "db": "PACKETSTORM", "id": "142340" }, { "db": "PACKETSTORM", "id": "161320" }, { "db": "PACKETSTORM", "id": "169633" }, { "db": "NVD", "id": "CVE-2016-2183" } ] }, "id": "VAR-201609-0597", "iot": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": true, "sources": [ { "db": "VULHUB", "id": "VHN-91002" } ], "trust": 0.01 }, "last_update_date": "2024-07-23T20:50:53.381000Z", "problemtype_data": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "problemtype": "CWE-200", "trust": 1.1 } ], "sources": [ { "db": "VULHUB", "id": "VHN-91002" }, { "db": "NVD", "id": "CVE-2016-2183" } ] }, "references": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "trust": 1.5, "url": "https://access.redhat.com/security/cve/cve-2016-2183" }, { "trust": 1.4, "url": "https://access.redhat.com/articles/2548661" }, { "trust": 1.2, "url": "https://access.redhat.com/errata/rhsa-2018:2123" }, { "trust": 1.2, "url": "https://access.redhat.com/errata/rhsa-2020:0451" }, { "trust": 1.2, "url": "http://www.ubuntu.com/usn/usn-3087-1" }, { "trust": 1.2, "url": "http://www.ubuntu.com/usn/usn-3270-1" }, { "trust": 1.1, "url": "http://www.securitytracker.com/id/1036696" }, { "trust": 1.1, "url": "http://www.securityfocus.com/archive/1/539885/100/0/threaded" }, { "trust": 1.1, "url": "http://www.securityfocus.com/archive/1/archive/1/539885/100/0/threaded" }, { "trust": 1.1, "url": "http://www.securityfocus.com/archive/1/archive/1/540129/100/0/threaded" }, { "trust": 1.1, "url": "http://www.securityfocus.com/archive/1/540341/100/0/threaded" }, { "trust": 1.1, "url": "http://www.securityfocus.com/archive/1/archive/1/540341/100/0/threaded" }, { "trust": 1.1, "url": "http://seclists.org/fulldisclosure/2017/may/105" }, { "trust": 1.1, "url": "http://seclists.org/fulldisclosure/2017/jul/31" }, { "trust": 1.1, "url": "http://www.securityfocus.com/archive/1/541104/100/0/threaded" }, { "trust": 1.1, "url": "http://www.securityfocus.com/archive/1/archive/1/541104/100/0/threaded" }, { "trust": 1.1, "url": "http://www.securityfocus.com/archive/1/542005/100/0/threaded" }, { "trust": 1.1, "url": "http://www.securityfocus.com/archive/1/archive/1/542005/100/0/threaded" }, { "trust": 1.1, "url": "https://seclists.org/bugtraq/2018/nov/21" }, { "trust": 1.1, "url": "https://www.exploit-db.com/exploits/42091/" }, { "trust": 1.1, "url": "http://www.securityfocus.com/bid/92630" }, { "trust": 1.1, "url": "http://www.securityfocus.com/bid/95568" }, { "trust": 1.1, "url": "http://www.debian.org/security/2016/dsa-3673" }, { "trust": 1.1, "url": "https://security.gentoo.org/glsa/201612-16" }, { "trust": 1.1, "url": "https://security.gentoo.org/glsa/201701-65" }, { "trust": 1.1, "url": "https://security.gentoo.org/glsa/201707-01" }, { "trust": 1.1, "url": "http://rhn.redhat.com/errata/rhsa-2017-0336.html" }, { "trust": 1.1, "url": "http://rhn.redhat.com/errata/rhsa-2017-0337.html" }, { "trust": 1.1, "url": "http://rhn.redhat.com/errata/rhsa-2017-0338.html" }, { "trust": 1.1, "url": "http://rhn.redhat.com/errata/rhsa-2017-0462.html" }, { "trust": 1.1, "url": "https://access.redhat.com/errata/rhsa-2017:1216" }, { "trust": 1.1, "url": "https://access.redhat.com/errata/rhsa-2017:2708" }, { "trust": 1.1, "url": "https://access.redhat.com/errata/rhsa-2017:2709" }, { "trust": 1.1, "url": "https://access.redhat.com/errata/rhsa-2017:2710" }, { "trust": 1.1, "url": "https://access.redhat.com/errata/rhsa-2017:3113" }, { "trust": 1.1, "url": "https://access.redhat.com/errata/rhsa-2017:3114" }, { "trust": 1.1, "url": "https://access.redhat.com/errata/rhsa-2017:3239" }, { "trust": 1.1, "url": "https://access.redhat.com/errata/rhsa-2017:3240" }, { "trust": 1.1, "url": "https://access.redhat.com/errata/rhsa-2019:1245" }, { "trust": 1.1, "url": "https://access.redhat.com/errata/rhsa-2019:2859" }, { "trust": 1.1, "url": "http://lists.opensuse.org/opensuse-security-announce/2016-09/msg00022.html" }, { "trust": 1.1, "url": "http://lists.opensuse.org/opensuse-security-announce/2016-09/msg00024.html" }, { "trust": 1.1, "url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00005.html" }, { "trust": 1.1, "url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00011.html" }, { "trust": 1.1, "url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00012.html" }, { "trust": 1.1, "url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00013.html" }, { "trust": 1.1, "url": "http://lists.opensuse.org/opensuse-security-announce/2017-01/msg00068.html" }, { "trust": 1.1, "url": "http://lists.opensuse.org/opensuse-security-announce/2017-02/msg00023.html" }, { "trust": 1.1, "url": "http://lists.opensuse.org/opensuse-security-announce/2017-02/msg00028.html" }, { "trust": 1.1, "url": "http://lists.opensuse.org/opensuse-security-announce/2017-05/msg00076.html" }, { "trust": 1.1, "url": "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00010.html" }, { "trust": 1.1, "url": "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00011.html" }, { "trust": 1.1, "url": "http://www.ubuntu.com/usn/usn-3087-2" }, { "trust": 1.1, "url": "http://www.ubuntu.com/usn/usn-3179-1" }, { "trust": 1.1, "url": "http://www.ubuntu.com/usn/usn-3194-1" }, { "trust": 1.1, "url": "http://www.ubuntu.com/usn/usn-3198-1" }, { "trust": 1.1, "url": "http://www.ubuntu.com/usn/usn-3372-1" }, { "trust": 1.1, "url": "https://www.ietf.org/mail-archive/web/tls/current/msg04560.html" }, { "trust": 1.1, "url": "http://packetstormsecurity.com/files/142756/ibm-informix-dynamic-server-dll-injection-code-execution.html" }, { "trust": 1.1, "url": "http://www-01.ibm.com/support/docview.wss?uid=nas8n1021697" }, { "trust": 1.1, "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21991482" }, { "trust": 1.1, "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21995039" }, { "trust": 1.1, "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20170322-01-openssl-en" }, { "trust": 1.1, "url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html" }, { "trust": 1.1, "url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html" }, { "trust": 1.1, "url": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html" }, { "trust": 1.1, "url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html" }, { "trust": 1.1, "url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html" }, { "trust": 1.1, "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2016-3090545.html" }, { "trust": 1.1, "url": "http://www.oracle.com/technetwork/topics/security/ovmbulletinoct2016-3090547.html" }, { "trust": 1.1, "url": "http://www.splunk.com/view/sp-caaapsv" }, { "trust": 1.1, "url": "http://www.splunk.com/view/sp-caaapue" }, { "trust": 1.1, "url": "https://blog.cryptographyengineering.com/2016/08/24/attack-of-week-64-bit-ciphers-in-tls/" }, { "trust": 1.1, "url": "https://bto.bluecoat.com/security-advisory/sa133" }, { "trust": 1.1, "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1369383" }, { "trust": 1.1, "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-412672.pdf" }, { "trust": 1.1, "url": "https://github.com/ssllabs/ssllabs-scan/issues/387#issuecomment-242514633" }, { "trust": 1.1, "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c05302448" }, { "trust": 1.1, "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c05309984" }, { "trust": 1.1, "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c05323116" }, { "trust": 1.1, "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c05349499" }, { "trust": 1.1, "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c05356388" }, { "trust": 1.1, "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c05369403" }, { "trust": 1.1, "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c05369415" }, { "trust": 1.1, "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c05385680" }, { "trust": 1.1, "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c05390722" }, { "trust": 1.1, "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c05390849" }, { "trust": 1.1, "url": "https://ics-cert.us-cert.gov/advisories/icsma-18-058-02" }, { "trust": 1.1, "url": "https://kb.pulsesecure.net/articles/pulse_security_advisories/sa40312" }, { "trust": 1.1, "url": "https://nakedsecurity.sophos.com/2016/08/25/anatomy-of-a-cryptographic-collision-the-sweet32-attack/" }, { "trust": 1.1, "url": "https://nodejs.org/en/blog/vulnerability/september-2016-security-releases/" }, { "trust": 1.1, "url": "https://security.netapp.com/advisory/ntap-20160915-0001/" }, { "trust": 1.1, "url": "https://security.netapp.com/advisory/ntap-20170119-0001/" }, { "trust": 1.1, "url": "https://softwaresupport.softwaregrp.com/document/-/facetsearch/document/km03158613" }, { "trust": 1.1, "url": "https://softwaresupport.softwaregrp.com/document/-/facetsearch/document/km03286178" }, { "trust": 1.1, "url": "https://support.f5.com/csp/article/k13167034" }, { "trust": 1.1, "url": "https://sweet32.info/" }, { "trust": 1.1, "url": "https://wiki.opendaylight.org/view/security_advisories" }, { "trust": 1.1, "url": "https://www.arista.com/en/support/advisories-notices/security-advisories/1749-security-advisory-24" }, { "trust": 1.1, "url": "https://www.mitel.com/en-ca/support/security-advisories/mitel-product-security-advisory-17-0008" }, { "trust": 1.1, "url": "https://www.nccgroup.trust/us/about-us/newsroom-and-events/blog/2016/august/new-practical-attacks-on-64-bit-block-ciphers-3des-blowfish/" }, { "trust": 1.1, "url": "https://www.openssl.org/blog/blog/2016/08/24/sweet32/" }, { "trust": 1.1, "url": "https://www.oracle.com/security-alerts/cpuapr2020.html" }, { "trust": 1.1, "url": "https://www.oracle.com/security-alerts/cpujan2020.html" }, { "trust": 1.1, "url": "https://www.oracle.com/security-alerts/cpujul2020.html" }, { "trust": 1.1, "url": "https://www.oracle.com/security-alerts/cpuoct2020.html" }, { "trust": 1.1, "url": "https://www.oracle.com/security-alerts/cpuoct2021.html" }, { "trust": 1.1, "url": "https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html" }, { "trust": 1.1, "url": "https://www.sigsac.org/ccs/ccs2016/accepted-papers/" }, { "trust": 1.1, "url": "https://www.tenable.com/security/tns-2016-16" }, { "trust": 1.1, "url": "https://www.tenable.com/security/tns-2016-20" }, { "trust": 1.1, "url": "https://www.tenable.com/security/tns-2016-21" }, { "trust": 1.1, "url": "https://www.tenable.com/security/tns-2017-09" }, { "trust": 1.1, "url": "https://www.teskalabs.com/blog/teskalabs-bulletin-160826-seacat-sweet32-issue" }, { "trust": 1.1, "url": "http://lists.opensuse.org/opensuse-security-announce/2016-09/msg00023.html" }, { "trust": 1.1, "url": "http://lists.opensuse.org/opensuse-security-announce/2016-09/msg00031.html" }, { "trust": 1.1, "url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00021.html" }, { "trust": 1.1, "url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00029.html" }, { "trust": 1.1, "url": "http://lists.opensuse.org/opensuse-security-announce/2017-02/msg00003.html" }, { "trust": 1.1, "url": "http://lists.opensuse.org/opensuse-security-announce/2017-02/msg00032.html" }, { "trust": 1.1, "url": "http://lists.opensuse.org/opensuse-security-announce/2018-02/msg00032.html" }, { "trust": 1.0, "url": "http://kb.juniper.net/infocenter/index?page=content\u0026id=jsa10759" }, { "trust": 1.0, "url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?doclocale=en_us\u0026docid=emr_na-c05302448" }, { "trust": 1.0, "url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?doclocale=en_us\u0026docid=emr_na-c05369403" }, { "trust": 1.0, "url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?doclocale=en_us\u0026docid=emr_na-c05369415" }, { "trust": 1.0, "url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?doclocale=en_us\u0026docid=emr_na-c05385680" }, { "trust": 1.0, "url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?doclocale=en_us\u0026docid=emr_na-c05390722" }, { "trust": 1.0, "url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?doclocale=en_us\u0026docid=emr_na-c05390849" }, { "trust": 1.0, "url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?doclocale=en_us\u0026docid=emr_na-hpesbgn03765en_us" }, { "trust": 1.0, "url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?doclocale=en_us\u0026docid=emr_na-hpesbux03725en_us" }, { "trust": 1.0, "url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=sb10171" }, { "trust": 1.0, "url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=sb10186" }, { "trust": 1.0, "url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=sb10197" }, { "trust": 1.0, "url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=sb10215" }, { "trust": 1.0, "url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=sb10310" }, { "trust": 0.8, "url": "https://nvd.nist.gov/vuln/detail/cve-2016-2183" }, { "trust": 0.4, "url": "https://www.redhat.com/mailman/listinfo/rhsa-announce" }, { "trust": 0.4, "url": "https://bugzilla.redhat.com/):" }, { "trust": 0.4, "url": "https://access.redhat.com/security/team/contact/" }, { "trust": 0.3, "url": "https://access.redhat.com/security/updates/classification/#moderate" }, { "trust": 0.2, "url": "https://nvd.nist.gov/vuln/detail/cve-2016-6302" }, { "trust": 0.2, "url": "https://nvd.nist.gov/vuln/detail/cve-2016-2181" }, { "trust": 0.2, "url": "https://nvd.nist.gov/vuln/detail/cve-2016-2182" }, { "trust": 0.2, "url": "https://nvd.nist.gov/vuln/detail/cve-2016-6303" }, { "trust": 0.2, "url": "https://nvd.nist.gov/vuln/detail/cve-2016-2179" }, { "trust": 0.2, "url": "https://nvd.nist.gov/vuln/detail/cve-2016-6304" }, { "trust": 0.2, "url": "https://nvd.nist.gov/vuln/detail/cve-2016-2177" }, { "trust": 0.2, "url": "https://nvd.nist.gov/vuln/detail/cve-2016-2178" }, { "trust": 0.2, "url": "https://nvd.nist.gov/vuln/detail/cve-2016-6306" }, { "trust": 0.2, "url": "https://nvd.nist.gov/vuln/detail/cve-2016-2180" }, { "trust": 0.1, "url": "http://kb.juniper.net/infocenter/index?page=content\u0026amp;id=jsa10759" }, { "trust": 0.1, "url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?doclocale=en_us\u0026amp;docid=emr_na-c05302448" }, { "trust": 0.1, "url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?doclocale=en_us\u0026amp;docid=emr_na-c05369403" }, { "trust": 0.1, "url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?doclocale=en_us\u0026amp;docid=emr_na-c05369415" }, { "trust": 0.1, "url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?doclocale=en_us\u0026amp;docid=emr_na-c05385680" }, { "trust": 0.1, "url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?doclocale=en_us\u0026amp;docid=emr_na-c05390722" }, { "trust": 0.1, "url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?doclocale=en_us\u0026amp;docid=emr_na-c05390849" }, { "trust": 0.1, "url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?doclocale=en_us\u0026amp;docid=emr_na-hpesbgn03765en_us" }, { "trust": 0.1, "url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?doclocale=en_us\u0026amp;docid=emr_na-hpesbux03725en_us" }, { "trust": 0.1, "url": "https://kc.mcafee.com/corporate/index?page=content\u0026amp;id=sb10171" }, { "trust": 0.1, "url": "https://kc.mcafee.com/corporate/index?page=content\u0026amp;id=sb10186" }, { "trust": 0.1, "url": "https://kc.mcafee.com/corporate/index?page=content\u0026amp;id=sb10197" }, { "trust": 0.1, "url": "https://kc.mcafee.com/corporate/index?page=content\u0026amp;id=sb10215" }, { "trust": 0.1, "url": "https://kc.mcafee.com/corporate/index?page=content\u0026amp;id=sb10310" }, { "trust": 0.1, "url": "https://access.redhat.com/security/team/key/" }, { "trust": 0.1, "url": "https://access.redhat.com/articles/11258" }, { "trust": 0.1, "url": "https://access.redhat.com/errata/rhsa-2020:3842" }, { "trust": 0.1, "url": "https://docs.openshift.com/container-platform/4.5/updating/updating-cluster" }, { "trust": 0.1, "url": "https://docs.openshift.com/container-platform/4.5/release_notes/ocp-4-5-rel" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2019-13734" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2019-13734" }, { "trust": 0.1, "url": "https://access.redhat.com/articles/11258." }, { "trust": 0.1, "url": "https://docs.openshift.com/container-platform/3.11/release_notes/ocp_3_11_r" }, { "trust": 0.1, "url": "https://softwaresupport.hpe.com/group/softwaresupport/search-result/-/facets" }, { "trust": 0.1, "url": "https://h20564.www2.hpe.com/hpsc/doc/public/display?docid=emr_na-c05369415" }, { "trust": 0.1, "url": "http://www.hpe.com/support/security_bulletin_archive" }, { "trust": 0.1, "url": "https://www.hpe.com/info/report-security-vulnerability" }, { "trust": 0.1, "url": "https://h20564.www2.hpe.com/hpsc/doc/public/display?docid=emr_na-c01345499" }, { "trust": 0.1, "url": "http://www.hpe.com/support/subscriber_choice" }, { "trust": 0.1, "url": "https://launchpad.net/ubuntu/+source/openssl/1.0.1-4ubuntu5.37" }, { "trust": 0.1, "url": "https://launchpad.net/ubuntu/+source/openssl/1.0.1f-1ubuntu2.20" }, { "trust": 0.1, "url": "https://launchpad.net/ubuntu/+source/openssl/1.0.2g-1ubuntu4.4" }, { "trust": 0.1, "url": "https://launchpad.net/ubuntu/+source/nss/2:3.28.4-0ubuntu0.17.04.1" }, { "trust": 0.1, "url": "https://launchpad.net/ubuntu/+source/nss/2:3.28.4-0ubuntu0.14.04.1" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2017-5461" }, { "trust": 0.1, "url": "https://launchpad.net/ubuntu/+source/nss/2:3.28.4-0ubuntu0.16.10.1" }, { "trust": 0.1, "url": "https://launchpad.net/ubuntu/+source/nss/2:3.28.4-0ubuntu0.16.04.1" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2015-8011" }, { "trust": 0.1, "url": "https://access.redhat.com/errata/rhsa-2021:0308" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2021-3344" }, { "trust": 0.1, "url": "https://access.redhat.com/errata/rhba-2021:0309" }, { "trust": 0.1, "url": "https://access.redhat.com/security/updates/classification/#important" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2015-8011" }, { "trust": 0.1, "url": "https://docs.openshift.com/container-platform/4.6/updating/updating-cluster" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2020-14382" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2021-20198" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2021-20198" }, { "trust": 0.1, "url": "https://docs.openshift.com/container-platform/4.6/release_notes/ocp-4-6-rel" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2021-3344" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2020-14382" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2016-6308" }, { "trust": 0.1, "url": "https://www.openssl.org/news/secadv/20160922.txt" }, { "trust": 0.1, "url": "https://www.openssl.org/policies/secpolicy.html" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2016-6305" }, { "trust": 0.1, "url": "https://sweet32.info)" }, { "trust": 0.1, "url": "https://www.openssl.org/policies/releasestrat.html)," }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2016-6307" } ], "sources": [ { "db": "VULHUB", "id": "VHN-91002" }, { "db": "PACKETSTORM", "id": "148410" }, { "db": "PACKETSTORM", "id": "159431" }, { "db": "PACKETSTORM", "id": "156451" }, { "db": "PACKETSTORM", "id": "140708" }, { "db": "PACKETSTORM", "id": "138820" }, { "db": "PACKETSTORM", "id": "142340" }, { "db": "PACKETSTORM", "id": "161320" }, { "db": "PACKETSTORM", "id": "169633" }, { "db": "NVD", "id": "CVE-2016-2183" } ] }, "sources": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", "data": { "@container": "@list" } }, "data": [ { "db": "VULHUB", "id": "VHN-91002" }, { "db": "PACKETSTORM", "id": "148410" }, { "db": "PACKETSTORM", "id": "159431" }, { "db": "PACKETSTORM", "id": "156451" }, { "db": "PACKETSTORM", "id": "140708" }, { "db": "PACKETSTORM", "id": "138820" }, { "db": "PACKETSTORM", "id": "142340" }, { "db": "PACKETSTORM", "id": "161320" }, { "db": "PACKETSTORM", "id": "169633" }, { "db": "NVD", "id": "CVE-2016-2183" } ] }, "sources_release_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2016-09-01T00:00:00", "db": "VULHUB", "id": "VHN-91002" }, { "date": "2018-07-03T14:44:44", "db": "PACKETSTORM", "id": "148410" }, { "date": "2020-10-01T14:47:21", "db": "PACKETSTORM", "id": "159431" }, { "date": "2020-02-20T21:09:43", "db": "PACKETSTORM", "id": "156451" }, { "date": "2017-01-24T19:13:55", "db": "PACKETSTORM", "id": "140708" }, { "date": "2016-09-22T22:25:00", "db": "PACKETSTORM", "id": "138820" }, { "date": "2017-04-27T23:47:18", "db": "PACKETSTORM", "id": "142340" }, { "date": "2021-02-08T16:28:20", "db": "PACKETSTORM", "id": "161320" }, { "date": "2016-09-22T12:12:12", "db": "PACKETSTORM", "id": "169633" }, { "date": "2016-09-01T00:59:00.137000", "db": "NVD", "id": "CVE-2016-2183" } ] }, "sources_update_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2023-02-12T00:00:00", "db": "VULHUB", "id": "VHN-91002" }, { "date": "2023-02-12T23:17:38.140000", "db": "NVD", "id": "CVE-2016-2183" } ] }, "threat_type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "remote", "sources": [ { "db": "PACKETSTORM", "id": "140708" }, { "db": "PACKETSTORM", "id": "138820" }, { "db": "PACKETSTORM", "id": "142340" } ], "trust": 0.3 }, "title": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Red Hat Security Advisory 2018-2123-01", "sources": [ { "db": "PACKETSTORM", "id": "148410" } ], "trust": 0.1 }, "type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "arbitrary", "sources": [ { "db": "PACKETSTORM", "id": "142340" } ], "trust": 0.1 } }